diff --git a/.buildkite/ftr_platform_stateful_configs.yml b/.buildkite/ftr_platform_stateful_configs.yml index 6958ec4530ae83..244f04257ef924 100644 --- a/.buildkite/ftr_platform_stateful_configs.yml +++ b/.buildkite/ftr_platform_stateful_configs.yml @@ -344,7 +344,7 @@ enabled: - x-pack/test/task_manager_claimer_mget/config.ts - x-pack/test/ui_capabilities/security_and_spaces/config.ts - x-pack/test/ui_capabilities/spaces_only/config.ts - - x-pack/test/upgrade_assistant_integration/config.js + - x-pack/test/upgrade_assistant_integration/config.ts - x-pack/test/usage_collection/config.ts - x-pack/performance/journeys_e2e/aiops_log_rate_analysis.ts - x-pack/performance/journeys_e2e/ecommerce_dashboard.ts diff --git a/.buildkite/ftr_security_serverless_configs.yml b/.buildkite/ftr_security_serverless_configs.yml index eb2b8e3a06873e..22d13910348223 100644 --- a/.buildkite/ftr_security_serverless_configs.yml +++ b/.buildkite/ftr_security_serverless_configs.yml @@ -1,17 +1,17 @@ disabled: # Base config files, only necessary to inform config finding script - - x-pack/test_serverless/functional/test_suites/security/cypress/security_config.base.ts - - x-pack/test_serverless/functional/test_suites/security/cypress/cypress.config.ts - x-pack/test/security_solution_api_integration/config/serverless/config.base.ts - x-pack/test/security_solution_api_integration/config/serverless/config.base.essentials.ts - x-pack/test/security_solution_api_integration/config/serverless/config.base.edr_workflows.ts + - x-pack/test/defend_workflows_cypress/serverless_config.base.ts + - x-pack/test/osquery_cypress/serverless_config.base.ts # Cypress configs, for now these are still run manually - x-pack/test/defend_workflows_cypress/serverless_config.ts - x-pack/test/osquery_cypress/serverless_cli_config.ts - - x-pack/test_serverless/functional/test_suites/security/cypress/security_config.ts - x-pack/test/security_solution_cypress/serverless_config.ts + # Playwright - x-pack/test/security_solution_playwright/serverless_config.ts diff --git a/.buildkite/pipeline-resource-definitions/kibana-es-snapshots.yml b/.buildkite/pipeline-resource-definitions/kibana-es-snapshots.yml index 7146363bcc552c..5a2521bb230269 100644 --- a/.buildkite/pipeline-resource-definitions/kibana-es-snapshots.yml +++ b/.buildkite/pipeline-resource-definitions/kibana-es-snapshots.yml @@ -53,6 +53,10 @@ spec: cronline: 0 22 * * * America/New_York message: Daily build branch: '8.x' + Daily build (8.16): + cronline: 0 22 * * * America/New_York + message: Daily build + branch: '8.16' Daily build (8.15): cronline: 0 22 * * * America/New_York message: Daily build diff --git a/.buildkite/pipelines/chrome_forward_testing.yml b/.buildkite/pipelines/chrome_forward_testing.yml index 6dafddd8b2c5c4..daf928cf2c162d 100644 --- a/.buildkite/pipelines/chrome_forward_testing.yml +++ b/.buildkite/pipelines/chrome_forward_testing.yml @@ -300,7 +300,7 @@ steps: limit: 1 - command: .buildkite/scripts/steps/functional/security_serverless_osquery.sh - label: 'Serverless Osquery Cypress Tests' + label: 'Osquery Cypress Tests on Serverless' agents: machineType: n2-standard-4 preemptible: true diff --git a/.buildkite/pipelines/es_serverless/verify_es_serverless_image.yml b/.buildkite/pipelines/es_serverless/verify_es_serverless_image.yml index ae500827262893..6b72b5af240d24 100644 --- a/.buildkite/pipelines/es_serverless/verify_es_serverless_image.yml +++ b/.buildkite/pipelines/es_serverless/verify_es_serverless_image.yml @@ -218,7 +218,7 @@ steps: limit: 1 - command: .buildkite/scripts/steps/functional/security_serverless_osquery.sh - label: "Serverless Osquery Cypress Tests" + label: "Osquery Cypress Tests on Serverless" if: "build.env('SKIP_CYPRESS') != '1' && build.env('SKIP_CYPRESS') != 'true'" agents: image: family/kibana-ubuntu-2004 diff --git a/.buildkite/pipelines/on_merge.yml b/.buildkite/pipelines/on_merge.yml index 0e87d401c196eb..64067ec52a4d38 100644 --- a/.buildkite/pipelines/on_merge.yml +++ b/.buildkite/pipelines/on_merge.yml @@ -405,7 +405,7 @@ steps: limit: 1 - command: .buildkite/scripts/steps/functional/security_serverless_osquery.sh - label: 'Serverless Osquery Cypress Tests' + label: 'Osquery Cypress Tests on Serverless' agents: image: family/kibana-ubuntu-2004 imageProject: elastic-images-prod diff --git a/.buildkite/pipelines/pointer_compression.yml b/.buildkite/pipelines/pointer_compression.yml index b36871d6d9634a..41598b3faed1ff 100644 --- a/.buildkite/pipelines/pointer_compression.yml +++ b/.buildkite/pipelines/pointer_compression.yml @@ -339,7 +339,7 @@ steps: limit: 1 - command: .buildkite/scripts/steps/functional/security_serverless_osquery.sh - label: 'Serverless Osquery Cypress Tests' + label: 'Osquery Cypress Tests on Serverless' agents: image: family/kibana-ubuntu-2004 imageProject: elastic-images-prod diff --git a/.buildkite/pipelines/pull_request/security_solution/defend_workflows.yml b/.buildkite/pipelines/pull_request/security_solution/defend_workflows.yml index 47f0e672a8d5ab..fc5e601adad61d 100644 --- a/.buildkite/pipelines/pull_request/security_solution/defend_workflows.yml +++ b/.buildkite/pipelines/pull_request/security_solution/defend_workflows.yml @@ -31,16 +31,4 @@ steps: retry: automatic: - exit_status: '-1' - limit: 1 -# status_exception: Native role management is not enabled in this Elasticsearch instance -# - command: .buildkite/scripts/steps/functional/security_serverless_defend_workflows.sh -# label: 'Serverless Security Defend Workflows Cypress Tests' -# agents: -# machineType: n2-standard-4 -# preemptible: true -# depends_on: build -# timeout_in_minutes: 60 -# retry: -# automatic: -# - exit_status: '-1' -# limit: 1 + limit: 1 \ No newline at end of file diff --git a/.buildkite/pipelines/pull_request/security_solution/osquery_cypress.yml b/.buildkite/pipelines/pull_request/security_solution/osquery_cypress.yml index 26faa344371c90..5fa8fe359ada60 100644 --- a/.buildkite/pipelines/pull_request/security_solution/osquery_cypress.yml +++ b/.buildkite/pipelines/pull_request/security_solution/osquery_cypress.yml @@ -15,7 +15,7 @@ steps: limit: 1 - command: .buildkite/scripts/steps/functional/security_serverless_osquery.sh - label: 'Serverless Osquery Cypress Tests' + label: 'Osquery Cypress Tests on Serverless' agents: machineType: n2-standard-4 preemptible: true diff --git a/.buildkite/scripts/common/env.sh b/.buildkite/scripts/common/env.sh index 2704f894cf2b68..511f6ead2d43c2 100755 --- a/.buildkite/scripts/common/env.sh +++ b/.buildkite/scripts/common/env.sh @@ -8,7 +8,6 @@ KIBANA_DIR=$(pwd) export KIBANA_DIR export XPACK_DIR="$KIBANA_DIR/x-pack" -export XDG_CACHE_HOME="$HOME/.cache" export CACHE_DIR="$HOME/.kibana" export ES_CACHE_DIR="$HOME/.es-snapshot-cache" PARENT_DIR="$(cd "$KIBANA_DIR/.."; pwd)" @@ -111,6 +110,7 @@ export TEST_CORS_SERVER_PORT=6105 if [[ "$(which google-chrome-stable)" || "$(which google-chrome)" ]]; then echo "Chrome detected, setting DETECT_CHROMEDRIVER_VERSION=true" export DETECT_CHROMEDRIVER_VERSION=true + export CHROMEDRIVER_FORCE_DOWNLOAD=true else echo "Chrome not detected, installing default chromedriver binary for the package version" fi diff --git a/.buildkite/scripts/steps/checks.sh b/.buildkite/scripts/steps/checks.sh index d6c4f1b80569fa..8d62a305dd5359 100755 --- a/.buildkite/scripts/steps/checks.sh +++ b/.buildkite/scripts/steps/checks.sh @@ -12,6 +12,4 @@ fi .buildkite/scripts/steps/checks/saved_objects_definition_change.sh .buildkite/scripts/steps/code_generation/elastic_assistant_codegen.sh .buildkite/scripts/steps/code_generation/security_solution_codegen.sh -.buildkite/scripts/steps/openapi_bundling/security_solution_openapi_bundling.sh .buildkite/scripts/steps/code_generation/osquery_codegen.sh -.buildkite/scripts/steps/openapi_bundling/final_merge.sh diff --git a/.buildkite/scripts/steps/checks/capture_oas_snapshot.sh b/.buildkite/scripts/steps/checks/capture_oas_snapshot.sh index 98a825919f0777..0c0f7ac996bba3 100755 --- a/.buildkite/scripts/steps/checks/capture_oas_snapshot.sh +++ b/.buildkite/scripts/steps/checks/capture_oas_snapshot.sh @@ -23,3 +23,6 @@ run_check() { retry 5 15 run_check check_for_changed_files "$cmd" true + +.buildkite/scripts/steps/openapi_bundling/security_solution_openapi_bundling.sh +.buildkite/scripts/steps/openapi_bundling/final_merge.sh diff --git a/.buildkite/scripts/steps/functional/security_serverless_defend_workflows.sh b/.buildkite/scripts/steps/functional/security_serverless_defend_workflows.sh deleted file mode 100644 index 7b16afa214fed9..00000000000000 --- a/.buildkite/scripts/steps/functional/security_serverless_defend_workflows.sh +++ /dev/null @@ -1,12 +0,0 @@ -#!/usr/bin/env bash - -set -euo pipefail - -source .buildkite/scripts/steps/functional/common.sh - -export JOB=kibana-serverless-security-cypress -export KIBANA_INSTALL_DIR=${KIBANA_BUILD_LOCATION} - -echo "--- Security Defend Workflows Serverless Cypress" - -yarn --cwd x-pack/test_serverless/functional/test_suites/security/cypress cypress:run diff --git a/.buildkite/scripts/steps/openapi_bundling/final_merge.sh b/.buildkite/scripts/steps/openapi_bundling/final_merge.sh index bd9de3c966d8d9..83dba04c350d21 100755 --- a/.buildkite/scripts/steps/openapi_bundling/final_merge.sh +++ b/.buildkite/scripts/steps/openapi_bundling/final_merge.sh @@ -7,6 +7,5 @@ source .buildkite/scripts/common/util.sh echo --- Merge Kibana OpenAPI specs (cd oas_docs && make api-docs && make api-docs-lint) -(cd oas_docs && make api-docs-staging && make api-docs-lint) -check_for_changed_files "make api-docs && make api-docs-staging" true +check_for_changed_files "make api-docs" true diff --git a/.eslintrc.js b/.eslintrc.js index 006f39ce1026cc..3c67594513c0e7 100644 --- a/.eslintrc.js +++ b/.eslintrc.js @@ -643,6 +643,7 @@ module.exports = { 'x-pack/test/*/*config.*ts', 'x-pack/test/saved_object_api_integration/*/apis/**/*', 'x-pack/test/ui_capabilities/*/tests/**/*', + 'x-pack/test/upgrade_assistant_integration/**/*', 'x-pack/test/performance/**/*.ts', '**/cypress.config.{js,ts}', 'x-pack/test_serverless/**/config*.ts', diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index c000628cf9c527..e9ee699925a08d 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -385,6 +385,7 @@ packages/kbn-dev-proc-runner @elastic/kibana-operations src/plugins/dev_tools @elastic/kibana-management packages/kbn-dev-utils @elastic/kibana-operations examples/developer_examples @elastic/appex-sharedux +packages/kbn-discover-contextual-components @elastic/obs-ux-logs-team @elastic/kibana-data-discovery examples/discover_customization_examples @elastic/kibana-data-discovery x-pack/plugins/discover_enhanced @elastic/kibana-data-discovery src/plugins/discover @elastic/kibana-data-discovery @@ -729,6 +730,7 @@ packages/kbn-resizable-layout @elastic/kibana-data-discovery examples/resizable_layout_examples @elastic/kibana-data-discovery x-pack/test/plugin_functional/plugins/resolver_test @elastic/security-solution packages/response-ops/feature_flag_service @elastic/response-ops +packages/response-ops/rule_params @elastic/response-ops examples/response_stream @elastic/ml-ui packages/kbn-rison @elastic/kibana-operations x-pack/packages/rollup @elastic/kibana-management @@ -1020,6 +1022,7 @@ packages/kbn-zod-helpers @elastic/security-detection-rule-management # The #CC# prefix delineates Code Coverage, # used for the 'team' designator within Kibana Stats +/x-pack/test/api_integration/apis/metrics_ui @elastic/obs-ux-logs-team @elastic/obs-ux-infra_services-team x-pack/test_serverless/api_integration/test_suites/common/platform_security @elastic/kibana-security # Observability Entities Team (@elastic/obs-entities) @@ -1088,6 +1091,8 @@ src/plugins/discover/public/context_awareness/profile_providers/security @elasti /x-pack/test_serverless/functional/test_suites/security/config.screenshots.ts @elastic/platform-docs # Visualizations +/x-pack/test/accessibility/apps/group3/graph.ts @elastic/kibana-visualizations +/x-pack/test/accessibility/apps/group2/lens.ts @elastic/kibana-visualizations /src/plugins/visualize/ @elastic/kibana-visualizations /x-pack/test/functional/apps/lens @elastic/kibana-visualizations /x-pack/test/api_integration/apis/lens/ @elastic/kibana-visualizations @@ -1115,6 +1120,7 @@ packages/kbn-monaco/src/esql @elastic/kibana-esql /docs/settings/reporting-settings.asciidoc @elastic/appex-sharedux /docs/setup/configuring-reporting.asciidoc @elastic/appex-sharedux /x-pack/test_serverless/**/test_suites/common/reporting/ @elastic/appex-sharedux +/x-pack/test/accessibility/apps/group3/reporting.ts @elastic/appex-sharedux ### Global Experience Tagging /x-pack/test/saved_object_tagging/ @elastic/appex-sharedux @@ -1201,6 +1207,9 @@ x-pack/test_serverless/**/test_suites/observability/ai_assistant @elastic/obs-ai /x-pack/test/functional/apps/infra/logs @elastic/obs-ux-logs-team # Observability UX management team +/x-pack/test/api_integration/apis/slos @elastic/obs-ux-management-team +/x-pack/test/accessibility/apps/group1/uptime.ts @elastic/obs-ux-management-team +/x-pack/test/accessibility/apps/group3/observability.ts @elastic/obs-ux-management-team /x-pack/packages/observability/alert_details @elastic/obs-ux-management-team /x-pack/test/observability_functional @elastic/obs-ux-management-team /x-pack/plugins/observability_solution/infra/public/alerting @elastic/obs-ux-management-team @@ -1217,6 +1226,8 @@ x-pack/test_serverless/**/test_suites/observability/ai_assistant @elastic/obs-ai /x-pack/test/functional/apps/monitoring @elastic/stack-monitoring /x-pack/test/api_integration/apis/monitoring @elastic/stack-monitoring /x-pack/test/api_integration/apis/monitoring_collection @elastic/stack-monitoring +/x-pack/test/accessibility/apps/group1/kibana_overview.ts @elastic/stack-monitoring +/x-pack/test/accessibility/apps/group3/stack_monitoring.ts @elastic/stack-monitoring # Fleet /x-pack/test/fleet_api_integration @elastic/fleet @@ -1247,7 +1258,7 @@ x-pack/test_serverless/**/test_suites/observability/ai_assistant @elastic/obs-ai /x-pack/test/alerting_api_integration/observability/index.ts @elastic/obs-ux-management-team /x-pack/test_serverless/api_integration/test_suites/observability/synthetics @elastic/obs-ux-management-team -# Logs +# obs-ux-logs-team /x-pack/test_serverless/api_integration/test_suites/observability/index.feature_flags.ts @elastic/obs-ux-logs-team /x-pack/test/api_integration/apis/logs_ui @elastic/obs-ux-logs-team /x-pack/test/dataset_quality_api_integration @elastic/obs-ux-logs-team @@ -1258,6 +1269,7 @@ x-pack/test_serverless/**/test_suites/observability/ai_assistant @elastic/obs-ai /x-pack/test_serverless/functional/test_suites/observability/dataset_quality @elastic/obs-ux-logs-team /x-pack/test_serverless/functional/test_suites/observability/ @elastic/obs-ux-logs-team /src/plugins/unified_doc_viewer/public/components/doc_viewer_logs_overview @elastic/obs-ux-logs-team +/x-pack/test/api_integration/apis/logs_shared @elastic/obs-ux-logs-team # Observability onboarding tour /x-pack/plugins/observability_solution/observability_shared/public/components/tour @elastic/appex-sharedux @@ -1269,6 +1281,11 @@ x-pack/test_serverless/**/test_suites/observability/ai_assistant @elastic/obs-ai ### END Observability Plugins # Presentation +/x-pack/test/functional/apps/dashboard @elastic/kibana-presentation +/x-pack/test/accessibility/apps/group3/maps.ts @elastic/kibana-presentation +/x-pack/test/accessibility/apps/group1/dashboard_panel_options.ts @elastic/kibana-presentation +/x-pack/test/accessibility/apps/group1/dashboard_links.ts @elastic/kibana-presentation +/x-pack/test/accessibility/apps/group1/dashboard_controls.ts @elastic/kibana-presentation /test/functional/apps/dashboard/ @elastic/kibana-presentation /test/functional/apps/dashboard_elements/ @elastic/kibana-presentation /test/functional/services/dashboard/ @elastic/kibana-presentation @@ -1342,6 +1359,11 @@ x-pack/test_serverless/**/test_suites/observability/ai_assistant @elastic/obs-ai /.eslintignore @elastic/kibana-operations # Appex QA +/x-pack/test/functional/config.*.* @elastic/appex-qa +/x-pack/test/api_integration/ftr_provider_context.d.ts @elastic/appex-qa # Maybe this should be a glob? +/x-pack/test/accessibility/services.ts @elastic/appex-qa +/x-pack/test/accessibility/page_objects.ts @elastic/appex-qa +/x-pack/test/accessibility/ftr_provider_context.d.ts @elastic/appex-qa /x-pack/test_serverless/tsconfig.json @elastic/appex-qa /x-pack/test_serverless/kibana.jsonc @elastic/appex-qa /x-pack/test_serverless/functional/test_suites/common/README.md @elastic/appex-qa @@ -1375,6 +1397,9 @@ x-pack/test/api_integration/deployment_agnostic/services/ @elastic/appex-qa x-pack/test/**/deployment_agnostic/ @elastic/appex-qa #temporarily to monitor tests migration # Core +/x-pack/test/api_integration/apis/telemetry @elastic/kibana-core +/x-pack/test/api_integration/apis/status @elastic/kibana-core +/x-pack/test/api_integration/apis/stats @elastic/kibana-core /x-pack/test/api_integration/apis/kibana/stats @elastic/kibana-core /x-pack/test_serverless/functional/test_suites/security/config.saved_objects_management.ts @elastic/kibana-core /config/ @elastic/kibana-core @@ -1458,6 +1483,7 @@ x-pack/plugins/cloud_integrations/cloud_full_story/server/config.ts @elastic/kib #CC# /x-pack/plugins/security/ @elastic/kibana-security # Response Ops team +/x-pack/test/accessibility/apps/group3/rules_connectors.ts @elastic/response-ops /x-pack/test/functional/es_archives/cases/default @elastic/response-ops /x-pack/test_serverless/api_integration/test_suites/observability/config.ts @elastic/response-ops /x-pack/test_serverless/api_integration/test_suites/observability/index.ts @elastic/response-ops @@ -1514,6 +1540,16 @@ x-pack/test/api_integration/apis/management/index_management/inference_endpoints /x-pack/test/functional_search/ @elastic/search-kibana # Management Experience - Deployment Management +/x-pack/test/api_integration/services/index_management.ts @elastic/kibana-management +/x-pack/test/functional/services/grok_debugger.js @elastic/kibana-management +/x-pack/test/functional/apps/grok_debugger @elastic/kibana-management +/x-pack/test/functional/apps/index_lifecycle_management @elastic/kibana-management +/x-pack/test/functional/apps/index_management @elastic/kibana-management +/x-pack/test/api_integration/services/ingest_pipelines @elastic/kibana-management +/x-pack/test/functional/apps/watcher @elastic/kibana-management +/x-pack/test/api_integration/apis/watcher @elastic/kibana-management +/x-pack/test/api_integration/apis/upgrade_assistant @elastic/kibana-management +/x-pack/test/api_integration/apis/searchprofiler @elastic/kibana-management /x-pack/test/api_integration/apis/console @elastic/kibana-management /x-pack/test_serverless/**/test_suites/common/index_management/ @elastic/kibana-management /x-pack/test_serverless/**/test_suites/common/management/index_management/ @elastic/kibana-management @@ -1530,10 +1566,28 @@ x-pack/test/api_integration/apis/management/index_management/inference_endpoints /x-pack/test/api_integration/apis/management/ @elastic/kibana-management /x-pack/test/functional/apps/rollup_job/ @elastic/kibana-management /x-pack/test/api_integration/apis/grok_debugger @elastic/kibana-management +/x-pack/test/accessibility/apps/group1/advanced_settings.ts @elastic/kibana-management +/x-pack/test/accessibility/apps/**/grok_debugger.ts @elastic/kibana-management +/x-pack/test/accessibility/apps/group1/helpers.ts @elastic/kibana-management +/x-pack/test/accessibility/apps/group1/home.ts @elastic/kibana-management +/x-pack/test/accessibility/apps/group1/index_lifecycle_management.ts @elastic/kibana-management +/x-pack/test/accessibility/apps/group1/ingest_node_pipelines.ts @elastic/kibana-management +/x-pack/test/accessibility/apps/group1/management.ts @elastic/kibana-management +/x-pack/test/accessibility/apps/group1/painless_lab.ts @elastic/kibana-management +/x-pack/test/accessibility/apps/group1/search_profiler.ts @elastic/kibana-management +/x-pack/test/accessibility/apps/group3/cross_cluster_replication.ts @elastic/kibana-management +/x-pack/test/accessibility/apps/group3/license_management.ts @elastic/kibana-management +/x-pack/test/accessibility/apps/group3/remote_clusters.ts @elastic/kibana-management +/x-pack/test/accessibility/apps/group3/rollup_jobs.ts @elastic/kibana-management +/x-pack/test/accessibility/apps/group3/upgrade_assistant.ts @elastic/kibana-management +/x-pack/test/accessibility/apps/group3/watcher.ts @elastic/kibana-management #CC# /x-pack/plugins/cross_cluster_replication/ @elastic/kibana-management # Security Solution +/x-pack/test/common/services/security_solution @elastic/security-solution +/x-pack/test/api_integration/services/security_solution_*.gen.ts @elastic/security-solution +/x-pack/test/accessibility/apps/group3/security_solution.ts @elastic/security-solution /x-pack/test_serverless/functional/test_suites/security/config.ts @elastic/security-solution @elastic/appex-qa /x-pack/test_serverless/functional/test_suites/security/config.feature_flags.ts @elastic/security-solution /x-pack/test_serverless/api_integration/test_suites/observability/config.feature_flags.ts @elastic/security-solution @@ -1546,9 +1600,7 @@ x-pack/test/api_integration/apis/management/index_management/inference_endpoints /x-pack/test/functional/es_archives/auditbeat/hosts @elastic/security-solution /x-pack/test_serverless/functional/page_objects/svl_management_page.ts @elastic/security-solution /x-pack/test_serverless/api_integration/test_suites/security @elastic/security-solution -/x-pack/test_serverless/functional/page_objects/svl_sec_landing_page.ts @elastic/security-solution -/x-pack/test_serverless/functional/test_suites/security/cypress @elastic/security-solution /x-pack/test_serverless/functional/test_suites/security/index.feature_flags.ts @elastic/security-solution /x-pack/test_serverless/functional/test_suites/security/index.ts @elastic/security-solution #CC# /x-pack/plugins/security_solution/ @elastic/security-solution @@ -1597,6 +1649,7 @@ x-pack/test/security_solution_api_integration/test_suites/detections_response/us x-pack/test/security_solution_api_integration/test_suites/explore @elastic/security-threat-hunting-explore x-pack/test/security_solution_api_integration/test_suites/investigations @elastic/security-threat-hunting-investigations x-pack/test/security_solution_api_integration/test_suites/sources @elastic/security-detections-response +/x-pack/test/common/utils/security_solution/detections_response @elastic/security-detections-response # Security Solution sub teams @@ -1610,7 +1663,12 @@ x-pack/test/security_solution_api_integration/test_suites/sources @elastic/secur /x-pack/test/security_solution_playwright @elastic/security-engineering-productivity /x-pack/plugins/security_solution/scripts/run_cypress @MadameSheema @patrykkopycinski @maximpn @banderror -## Security Solution sub teams - Threat Hunting Investigations +## Security Solution sub teams - Threat Hunting + +/x-pack/plugins/security_solution/server/lib/siem_migrations @elastic/security-threat-hunting +/x-pack/plugins/security_solution/common/siem_migrations @elastic/security-threat-hunting + +## Security Solution Threat Hunting areas - Threat Hunting Investigations /x-pack/plugins/security_solution/common/api/timeline @elastic/security-threat-hunting-investigations /x-pack/plugins/security_solution/common/search_strategy/timeline @elastic/security-threat-hunting-investigations @@ -1640,7 +1698,7 @@ x-pack/test/security_solution_cypress/cypress/tasks/expandable_flyout @elastic/ /x-pack/plugins/security_solution/server/lib/timeline @elastic/security-threat-hunting-investigations -## Security Solution sub teams - Threat Hunting Explore +## Security Solution Threat Hunting areas - Threat Hunting Explore /x-pack/plugins/security_solution/common/api/tags @elastic/security-threat-hunting-explore /x-pack/plugins/security_solution/common/search_strategy/security_solution/hosts @elastic/security-threat-hunting-explore /x-pack/plugins/security_solution/common/search_strategy/security_solution/matrix_histogram @elastic/security-threat-hunting-explore @@ -1771,6 +1829,7 @@ x-pack/test/security_solution_cypress/cypress/tasks/expandable_flyout @elastic/ /x-pack/plugins/security_solution/common/field_maps @elastic/security-detection-engine /x-pack/test/functional/es_archives/entity/risks @elastic/security-detection-engine /x-pack/test/functional/es_archives/entity/host_risk @elastic/security-detection-engine +/x-pack/test/api_integration/apis/lists @elastic/security-detection-engine /x-pack/plugins/security_solution/public/sourcerer @elastic/security-threat-hunting-investigations /x-pack/plugins/security_solution/public/detection_engine/rule_creation @elastic/security-detection-engine @@ -1800,6 +1859,7 @@ x-pack/test/security_solution_cypress/cypress/tasks/expandable_flyout @elastic/ /x-pack/plugins/security_solution/public/common/components/threat_match @elastic/security-detection-engine ## Security Solution sub teams - security-defend-workflows +/x-pack/test/api_integration/apis/osquery @elastic/security-defend-workflows /x-pack/plugins/security_solution/public/management/ @elastic/security-defend-workflows /x-pack/plugins/security_solution/public/common/lib/endpoint/ @elastic/security-defend-workflows /x-pack/plugins/security_solution/public/common/components/endpoint/ @elastic/security-defend-workflows @@ -1890,6 +1950,7 @@ x-pack/plugins/security_solution/server/lib/security_integrations @elastic/secur # Ent. Search design /x-pack/plugins/enterprise_search/**/*.scss @elastic/search-design +/x-pack/test/accessibility/apps/group3/enterprise_search.ts @elastic/search-kibana # Security design /x-pack/plugins/endpoint/**/*.scss @elastic/security-design @@ -1898,6 +1959,7 @@ x-pack/plugins/security_solution/server/lib/security_integrations @elastic/secur /x-pack/plugins/security_solution_serverless/**/*.scss @elastic/security-design # Logstash +/x-pack/test/api_integration/apis/logstash @elastic/logstash #CC# /x-pack/plugins/logstash/ @elastic/logstash # EUI team @@ -1917,12 +1979,16 @@ x-pack/plugins/observability_solution/observability_shared/public/components/pro # Shared UX /x-pack/test/api_integration/apis/content_management @elastic/appex-sharedux +/x-pack/test/accessibility/apps/group3/tags.ts @elastic/appex-sharedux +/x-pack/test/accessibility/apps/group3/snapshot_and_restore.ts @elastic/appex-sharedux /x-pack/test_serverless/functional/test_suites/common/spaces/spaces_selection.ts @elastic/appex-sharedux /x-pack/test_serverless/functional/test_suites/common/spaces/index.ts @elastic/appex-sharedux packages/react @elastic/appex-sharedux test/functional/page_objects/solution_navigation.ts @elastic/appex-sharedux /x-pack/test_serverless/functional/page_objects/svl_common_navigation.ts @elastic/appex-sharedux /x-pack/test_serverless/functional/fixtures/kbn_archiver/reporting @elastic/appex-sharedux +/x-pack/test_serverless/functional/page_objects/svl_sec_landing_page.ts @elastic/appex-sharedux +/x-pack/test_serverless/functional/test_suites/security/ftr/navigation.ts @elastic/appex-sharedux # OpenAPI spec files oas_docs/.spectral.yaml @elastic/platform-docs diff --git a/.i18nrc.json b/.i18nrc.json index 036be597ac9696..5c7642e6283eb8 100644 --- a/.i18nrc.json +++ b/.i18nrc.json @@ -27,7 +27,7 @@ "dataViews": "src/plugins/data_views", "defaultNavigation": "packages/default-nav", "devTools": "src/plugins/dev_tools", - "discover": ["src/plugins/discover", "packages/kbn-discover-utils"], + "discover": ["src/plugins/discover", "packages/kbn-discover-utils", "packages/kbn-discover-contextual-components"], "savedSearch": "src/plugins/saved_search", "embeddableApi": "src/plugins/embeddable", "presentationPanel": "src/plugins/presentation_panel", diff --git a/api_docs/actions.devdocs.json b/api_docs/actions.devdocs.json index f3a3f95a0ad772..d93ecea54b8494 100644 --- a/api_docs/actions.devdocs.json +++ b/api_docs/actions.devdocs.json @@ -3804,9 +3804,9 @@ "section": "def-common.ActionTypeExecutorResult", "text": "ActionTypeExecutorResult" }, - ">; create: ({ action: { actionTypeId, name, config, secrets }, options, }: ", - "CreateOptions", - ") => Promise<", + ">; create: ({ action, options, }: Omit<", + "ConnectorCreateParams", + ", \"context\">) => Promise<", "Connector", ">; update: ({ id, action, }: Pick<", "ConnectorUpdateParams", @@ -5014,6 +5014,39 @@ "returnComment": [], "initialIsOpen": false }, + { + "parentPluginId": "actions", + "id": "def-common.validateEmptyStrings", + "type": "Function", + "tags": [], + "label": "validateEmptyStrings", + "description": [], + "signature": [ + "(value: unknown) => void" + ], + "path": "x-pack/plugins/actions/common/validate_empty_strings.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "actions", + "id": "def-common.validateEmptyStrings.$1", + "type": "Unknown", + "tags": [], + "label": "value", + "description": [], + "signature": [ + "unknown" + ], + "path": "x-pack/plugins/actions/common/validate_empty_strings.ts", + "deprecated": false, + "trackAdoption": false, + "isRequired": true + } + ], + "returnComment": [], + "initialIsOpen": false + }, { "parentPluginId": "actions", "id": "def-common.withoutMustacheTemplate", diff --git a/api_docs/actions.mdx b/api_docs/actions.mdx index cdcb26506e4fb0..a49c423172348e 100644 --- a/api_docs/actions.mdx +++ b/api_docs/actions.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/actions title: "actions" image: https://source.unsplash.com/400x175/?github description: API docs for the actions plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'actions'] --- import actionsObj from './actions.devdocs.json'; @@ -21,7 +21,7 @@ Contact [@elastic/response-ops](https://github.com/orgs/elastic/teams/response-o | Public API count | Any count | Items lacking comments | Missing exports | |-------------------|-----------|------------------------|-----------------| -| 320 | 0 | 314 | 37 | +| 322 | 0 | 316 | 37 | ## Client diff --git a/api_docs/advanced_settings.mdx b/api_docs/advanced_settings.mdx index 6b06570b22c2ed..ff62d1b2a4bbd7 100644 --- a/api_docs/advanced_settings.mdx +++ b/api_docs/advanced_settings.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/advancedSettings title: "advancedSettings" image: https://source.unsplash.com/400x175/?github description: API docs for the advancedSettings plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'advancedSettings'] --- import advancedSettingsObj from './advanced_settings.devdocs.json'; diff --git a/api_docs/ai_assistant_management_selection.mdx b/api_docs/ai_assistant_management_selection.mdx index a36f6ed4c733fc..756105b5a1908f 100644 --- a/api_docs/ai_assistant_management_selection.mdx +++ b/api_docs/ai_assistant_management_selection.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/aiAssistantManagementSelection title: "aiAssistantManagementSelection" image: https://source.unsplash.com/400x175/?github description: API docs for the aiAssistantManagementSelection plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'aiAssistantManagementSelection'] --- import aiAssistantManagementSelectionObj from './ai_assistant_management_selection.devdocs.json'; diff --git a/api_docs/aiops.mdx b/api_docs/aiops.mdx index 79a5cbcf4b668b..48c1e2b19f79b6 100644 --- a/api_docs/aiops.mdx +++ b/api_docs/aiops.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/aiops title: "aiops" image: https://source.unsplash.com/400x175/?github description: API docs for the aiops plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'aiops'] --- import aiopsObj from './aiops.devdocs.json'; diff --git a/api_docs/alerting.mdx b/api_docs/alerting.mdx index b56ce09f5a7c61..47142887fa805c 100644 --- a/api_docs/alerting.mdx +++ b/api_docs/alerting.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/alerting title: "alerting" image: https://source.unsplash.com/400x175/?github description: API docs for the alerting plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'alerting'] --- import alertingObj from './alerting.devdocs.json'; diff --git a/api_docs/apm.mdx b/api_docs/apm.mdx index f9e57f499cc4f5..e75feac606bd1f 100644 --- a/api_docs/apm.mdx +++ b/api_docs/apm.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/apm title: "apm" image: https://source.unsplash.com/400x175/?github description: API docs for the apm plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'apm'] --- import apmObj from './apm.devdocs.json'; diff --git a/api_docs/apm_data_access.mdx b/api_docs/apm_data_access.mdx index 2b4a8680cb79bd..07df3f6fa8c5bc 100644 --- a/api_docs/apm_data_access.mdx +++ b/api_docs/apm_data_access.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/apmDataAccess title: "apmDataAccess" image: https://source.unsplash.com/400x175/?github description: API docs for the apmDataAccess plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'apmDataAccess'] --- import apmDataAccessObj from './apm_data_access.devdocs.json'; diff --git a/api_docs/banners.mdx b/api_docs/banners.mdx index 0a84be10a6cfbe..302118326c78ac 100644 --- a/api_docs/banners.mdx +++ b/api_docs/banners.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/banners title: "banners" image: https://source.unsplash.com/400x175/?github description: API docs for the banners plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'banners'] --- import bannersObj from './banners.devdocs.json'; diff --git a/api_docs/bfetch.mdx b/api_docs/bfetch.mdx index c4c3da3a973e49..09ce66160bfd59 100644 --- a/api_docs/bfetch.mdx +++ b/api_docs/bfetch.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/bfetch title: "bfetch" image: https://source.unsplash.com/400x175/?github description: API docs for the bfetch plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'bfetch'] --- import bfetchObj from './bfetch.devdocs.json'; diff --git a/api_docs/canvas.mdx b/api_docs/canvas.mdx index 6bb842a9205126..36b47bb7f8bcff 100644 --- a/api_docs/canvas.mdx +++ b/api_docs/canvas.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/canvas title: "canvas" image: https://source.unsplash.com/400x175/?github description: API docs for the canvas plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'canvas'] --- import canvasObj from './canvas.devdocs.json'; diff --git a/api_docs/cases.mdx b/api_docs/cases.mdx index 57723fa2f92cce..fa3cac359fc2cf 100644 --- a/api_docs/cases.mdx +++ b/api_docs/cases.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/cases title: "cases" image: https://source.unsplash.com/400x175/?github description: API docs for the cases plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'cases'] --- import casesObj from './cases.devdocs.json'; diff --git a/api_docs/charts.mdx b/api_docs/charts.mdx index b761675d10d879..180097fe56d300 100644 --- a/api_docs/charts.mdx +++ b/api_docs/charts.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/charts title: "charts" image: https://source.unsplash.com/400x175/?github description: API docs for the charts plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'charts'] --- import chartsObj from './charts.devdocs.json'; diff --git a/api_docs/cloud.mdx b/api_docs/cloud.mdx index a8fa73fc07ee32..b7558e9167aa99 100644 --- a/api_docs/cloud.mdx +++ b/api_docs/cloud.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/cloud title: "cloud" image: https://source.unsplash.com/400x175/?github description: API docs for the cloud plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'cloud'] --- import cloudObj from './cloud.devdocs.json'; diff --git a/api_docs/cloud_data_migration.mdx b/api_docs/cloud_data_migration.mdx index 2159bde36f4e82..64aee2e82c03d3 100644 --- a/api_docs/cloud_data_migration.mdx +++ b/api_docs/cloud_data_migration.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/cloudDataMigration title: "cloudDataMigration" image: https://source.unsplash.com/400x175/?github description: API docs for the cloudDataMigration plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'cloudDataMigration'] --- import cloudDataMigrationObj from './cloud_data_migration.devdocs.json'; diff --git a/api_docs/cloud_defend.mdx b/api_docs/cloud_defend.mdx index 56bf635927f817..bc087e97f247c2 100644 --- a/api_docs/cloud_defend.mdx +++ b/api_docs/cloud_defend.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/cloudDefend title: "cloudDefend" image: https://source.unsplash.com/400x175/?github description: API docs for the cloudDefend plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'cloudDefend'] --- import cloudDefendObj from './cloud_defend.devdocs.json'; diff --git a/api_docs/cloud_security_posture.mdx b/api_docs/cloud_security_posture.mdx index eab0a671337bd5..cfb0dde9e416d9 100644 --- a/api_docs/cloud_security_posture.mdx +++ b/api_docs/cloud_security_posture.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/cloudSecurityPosture title: "cloudSecurityPosture" image: https://source.unsplash.com/400x175/?github description: API docs for the cloudSecurityPosture plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'cloudSecurityPosture'] --- import cloudSecurityPostureObj from './cloud_security_posture.devdocs.json'; diff --git a/api_docs/console.mdx b/api_docs/console.mdx index dac1a38ace3294..caff30aa86d4ea 100644 --- a/api_docs/console.mdx +++ b/api_docs/console.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/console title: "console" image: https://source.unsplash.com/400x175/?github description: API docs for the console plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'console'] --- import consoleObj from './console.devdocs.json'; diff --git a/api_docs/content_management.mdx b/api_docs/content_management.mdx index a032e6b89bf004..40017b429d4d3e 100644 --- a/api_docs/content_management.mdx +++ b/api_docs/content_management.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/contentManagement title: "contentManagement" image: https://source.unsplash.com/400x175/?github description: API docs for the contentManagement plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'contentManagement'] --- import contentManagementObj from './content_management.devdocs.json'; diff --git a/api_docs/controls.mdx b/api_docs/controls.mdx index baeee421a368a6..0f9868a9036b12 100644 --- a/api_docs/controls.mdx +++ b/api_docs/controls.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/controls title: "controls" image: https://source.unsplash.com/400x175/?github description: API docs for the controls plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'controls'] --- import controlsObj from './controls.devdocs.json'; diff --git a/api_docs/custom_integrations.mdx b/api_docs/custom_integrations.mdx index 4928618c3c501d..a9bf6349b06415 100644 --- a/api_docs/custom_integrations.mdx +++ b/api_docs/custom_integrations.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/customIntegrations title: "customIntegrations" image: https://source.unsplash.com/400x175/?github description: API docs for the customIntegrations plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'customIntegrations'] --- import customIntegrationsObj from './custom_integrations.devdocs.json'; diff --git a/api_docs/dashboard.mdx b/api_docs/dashboard.mdx index a4a4d5e6a846e5..b2bd33c80faada 100644 --- a/api_docs/dashboard.mdx +++ b/api_docs/dashboard.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/dashboard title: "dashboard" image: https://source.unsplash.com/400x175/?github description: API docs for the dashboard plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'dashboard'] --- import dashboardObj from './dashboard.devdocs.json'; diff --git a/api_docs/dashboard_enhanced.mdx b/api_docs/dashboard_enhanced.mdx index 872e84ea75337d..a65c8143c45b24 100644 --- a/api_docs/dashboard_enhanced.mdx +++ b/api_docs/dashboard_enhanced.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/dashboardEnhanced title: "dashboardEnhanced" image: https://source.unsplash.com/400x175/?github description: API docs for the dashboardEnhanced plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'dashboardEnhanced'] --- import dashboardEnhancedObj from './dashboard_enhanced.devdocs.json'; diff --git a/api_docs/data.mdx b/api_docs/data.mdx index 238bef60b8c929..d873cc7f4efb77 100644 --- a/api_docs/data.mdx +++ b/api_docs/data.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/data title: "data" image: https://source.unsplash.com/400x175/?github description: API docs for the data plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'data'] --- import dataObj from './data.devdocs.json'; diff --git a/api_docs/data_quality.mdx b/api_docs/data_quality.mdx index a95358c831aa4a..0065e2a6f6d5ee 100644 --- a/api_docs/data_quality.mdx +++ b/api_docs/data_quality.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/dataQuality title: "dataQuality" image: https://source.unsplash.com/400x175/?github description: API docs for the dataQuality plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'dataQuality'] --- import dataQualityObj from './data_quality.devdocs.json'; diff --git a/api_docs/data_query.mdx b/api_docs/data_query.mdx index 73ae5db81d263a..ca44d49059d165 100644 --- a/api_docs/data_query.mdx +++ b/api_docs/data_query.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/data-query title: "data.query" image: https://source.unsplash.com/400x175/?github description: API docs for the data.query plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'data.query'] --- import dataQueryObj from './data_query.devdocs.json'; diff --git a/api_docs/data_search.mdx b/api_docs/data_search.mdx index 38683da0ccb658..7e99d3af898368 100644 --- a/api_docs/data_search.mdx +++ b/api_docs/data_search.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/data-search title: "data.search" image: https://source.unsplash.com/400x175/?github description: API docs for the data.search plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'data.search'] --- import dataSearchObj from './data_search.devdocs.json'; diff --git a/api_docs/data_usage.mdx b/api_docs/data_usage.mdx index d46c58a8100810..237ae559cf4d12 100644 --- a/api_docs/data_usage.mdx +++ b/api_docs/data_usage.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/dataUsage title: "dataUsage" image: https://source.unsplash.com/400x175/?github description: API docs for the dataUsage plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'dataUsage'] --- import dataUsageObj from './data_usage.devdocs.json'; diff --git a/api_docs/data_view_editor.mdx b/api_docs/data_view_editor.mdx index 073bc9547507c6..e2453bc3d86da9 100644 --- a/api_docs/data_view_editor.mdx +++ b/api_docs/data_view_editor.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/dataViewEditor title: "dataViewEditor" image: https://source.unsplash.com/400x175/?github description: API docs for the dataViewEditor plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'dataViewEditor'] --- import dataViewEditorObj from './data_view_editor.devdocs.json'; diff --git a/api_docs/data_view_field_editor.mdx b/api_docs/data_view_field_editor.mdx index ebb622497d54e8..8c0a8ed40c5428 100644 --- a/api_docs/data_view_field_editor.mdx +++ b/api_docs/data_view_field_editor.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/dataViewFieldEditor title: "dataViewFieldEditor" image: https://source.unsplash.com/400x175/?github description: API docs for the dataViewFieldEditor plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'dataViewFieldEditor'] --- import dataViewFieldEditorObj from './data_view_field_editor.devdocs.json'; diff --git a/api_docs/data_view_management.mdx b/api_docs/data_view_management.mdx index 7722a4747130a9..284c2e8ee4a18c 100644 --- a/api_docs/data_view_management.mdx +++ b/api_docs/data_view_management.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/dataViewManagement title: "dataViewManagement" image: https://source.unsplash.com/400x175/?github description: API docs for the dataViewManagement plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'dataViewManagement'] --- import dataViewManagementObj from './data_view_management.devdocs.json'; diff --git a/api_docs/data_views.mdx b/api_docs/data_views.mdx index 101a1e3b6347ee..0864197e33ed0e 100644 --- a/api_docs/data_views.mdx +++ b/api_docs/data_views.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/dataViews title: "dataViews" image: https://source.unsplash.com/400x175/?github description: API docs for the dataViews plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'dataViews'] --- import dataViewsObj from './data_views.devdocs.json'; diff --git a/api_docs/data_visualizer.mdx b/api_docs/data_visualizer.mdx index 4a1bce2e873c18..c556ba10fb53d8 100644 --- a/api_docs/data_visualizer.mdx +++ b/api_docs/data_visualizer.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/dataVisualizer title: "dataVisualizer" image: https://source.unsplash.com/400x175/?github description: API docs for the dataVisualizer plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'dataVisualizer'] --- import dataVisualizerObj from './data_visualizer.devdocs.json'; diff --git a/api_docs/dataset_quality.mdx b/api_docs/dataset_quality.mdx index b7106ecd71edbf..7a045e1655b153 100644 --- a/api_docs/dataset_quality.mdx +++ b/api_docs/dataset_quality.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/datasetQuality title: "datasetQuality" image: https://source.unsplash.com/400x175/?github description: API docs for the datasetQuality plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'datasetQuality'] --- import datasetQualityObj from './dataset_quality.devdocs.json'; diff --git a/api_docs/deprecations_by_api.mdx b/api_docs/deprecations_by_api.mdx index 1085444d81bcfa..f40dfe4df40860 100644 --- a/api_docs/deprecations_by_api.mdx +++ b/api_docs/deprecations_by_api.mdx @@ -7,7 +7,7 @@ id: kibDevDocsDeprecationsByApi slug: /kibana-dev-docs/api-meta/deprecated-api-list-by-api title: Deprecated API usage by API description: A list of deprecated APIs, which plugins are still referencing them, and when they need to be removed by. -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana'] --- @@ -48,7 +48,7 @@ tags: ['contributor', 'dev', 'apidocs', 'kibana'] | | securitySolution | - | | | @kbn/core-saved-objects-api-browser, @kbn/core-saved-objects-browser-internal, @kbn/core-saved-objects-api-server-internal, @kbn/core-saved-objects-import-export-server-internal, @kbn/core-saved-objects-server-internal, @kbn/core-saved-objects-browser-mocks, fleet, graph, lists, osquery, securitySolution, alerting | - | | | @kbn/core-saved-objects-common, @kbn/core-saved-objects-server, @kbn/core, @kbn/alerting-types, alerting, actions, savedSearch, canvas, enterpriseSearch, securitySolution, taskManager, @kbn/core-saved-objects-server-internal, @kbn/core-saved-objects-api-server | - | -| | @kbn/core-saved-objects-api-browser, @kbn/core-saved-objects-browser-internal, @kbn/core-saved-objects-api-server, @kbn/core, home, savedObjectsTagging, canvas, savedObjects, savedObjectsTaggingOss, lists, securitySolution, upgradeAssistant, savedObjectsManagement, @kbn/core-saved-objects-import-export-server-internal, @kbn/core-saved-objects-browser-mocks, @kbn/core-ui-settings-server-internal | - | +| | @kbn/core-saved-objects-api-browser, @kbn/core-saved-objects-browser-internal, @kbn/core-saved-objects-api-server, @kbn/core, savedObjectsTagging, home, canvas, savedObjects, savedObjectsTaggingOss, lists, securitySolution, upgradeAssistant, savedObjectsManagement, @kbn/core-saved-objects-import-export-server-internal, @kbn/core-saved-objects-browser-mocks, @kbn/core-ui-settings-server-internal | - | | | @kbn/core-saved-objects-migration-server-internal, dataViews, actions, data, alerting, lens, cases, savedSearch, canvas, savedObjectsTagging, graph, lists, maps, visualizations, securitySolution, dashboard, @kbn/core-test-helpers-so-type-serializer | - | | | @kbn/esql-utils, @kbn/securitysolution-utils, securitySolution | - | | | security, securitySolution, cloudLinks, cases | - | @@ -128,10 +128,10 @@ tags: ['contributor', 'dev', 'apidocs', 'kibana'] | | spaces, savedObjectsManagement | - | | | unifiedSearch | - | | | unifiedSearch | - | -| | dashboard, lens, canvas | - | +| | lens, dashboard, canvas | - | | | lens | - | | | lens | - | -| | dashboard, lens, investigateApp | - | +| | lens, dashboard, investigateApp | - | | | @kbn/core, lens, savedObjects | - | | | canvas | - | | | canvas | - | @@ -180,7 +180,7 @@ tags: ['contributor', 'dev', 'apidocs', 'kibana'] | | fleet, apm, security, securitySolution | 8.8.0 | | | fleet, apm, security, securitySolution | 8.8.0 | | | spaces, @kbn/security-authorization-core, security, alerting, cases, @kbn/security-role-management-model | 8.8.0 | -| | embeddable, presentationUtil, dashboard, lens, discover, graph, links | 8.8.0 | +| | embeddable, presentationUtil, lens, dashboard, discover, graph, links | 8.8.0 | | | security, @kbn/security-role-management-model | 8.8.0 | | | apm | 8.8.0 | | | security | 8.8.0 diff --git a/api_docs/deprecations_by_plugin.mdx b/api_docs/deprecations_by_plugin.mdx index 727ce55666c2d8..fed25b9f32c174 100644 --- a/api_docs/deprecations_by_plugin.mdx +++ b/api_docs/deprecations_by_plugin.mdx @@ -7,7 +7,7 @@ id: kibDevDocsDeprecationsByPlugin slug: /kibana-dev-docs/api-meta/deprecated-api-list-by-plugin title: Deprecated API usage by plugin description: A list of deprecated APIs, which plugins are still referencing them, and when they need to be removed by. -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana'] --- @@ -511,7 +511,7 @@ tags: ['contributor', 'dev', 'apidocs', 'kibana'] | | [plugin.ts](https://github.com/elastic/kibana/tree/main/x-pack/plugins/actions/server/plugin.ts#:~:text=license%24), [license_state.test.ts](https://github.com/elastic/kibana/tree/main/x-pack/plugins/actions/server/lib/license_state.test.ts#:~:text=license%24), [license_state.test.ts](https://github.com/elastic/kibana/tree/main/x-pack/plugins/actions/server/lib/license_state.test.ts#:~:text=license%24) | 8.8.0 | | | [plugin.ts](https://github.com/elastic/kibana/tree/main/x-pack/plugins/actions/server/plugin.ts#:~:text=authz) | - | | | [plugin.ts](https://github.com/elastic/kibana/tree/main/x-pack/plugins/actions/server/plugin.ts#:~:text=index) | - | -| | [types.ts](https://github.com/elastic/kibana/tree/main/x-pack/plugins/actions/server/types.ts#:~:text=SavedObjectAttributes), [types.ts](https://github.com/elastic/kibana/tree/main/x-pack/plugins/actions/server/types.ts#:~:text=SavedObjectAttributes), [types.ts](https://github.com/elastic/kibana/tree/main/x-pack/plugins/actions/server/types.ts#:~:text=SavedObjectAttributes), [types.ts](https://github.com/elastic/kibana/tree/main/x-pack/plugins/actions/server/application/connector/methods/update/types/types.ts#:~:text=SavedObjectAttributes), [types.ts](https://github.com/elastic/kibana/tree/main/x-pack/plugins/actions/server/application/connector/methods/update/types/types.ts#:~:text=SavedObjectAttributes), [types.ts](https://github.com/elastic/kibana/tree/main/x-pack/plugins/actions/server/application/connector/methods/update/types/types.ts#:~:text=SavedObjectAttributes), [update.ts](https://github.com/elastic/kibana/tree/main/x-pack/plugins/actions/server/application/connector/methods/update/update.ts#:~:text=SavedObjectAttributes), [update.ts](https://github.com/elastic/kibana/tree/main/x-pack/plugins/actions/server/application/connector/methods/update/update.ts#:~:text=SavedObjectAttributes), [update.ts](https://github.com/elastic/kibana/tree/main/x-pack/plugins/actions/server/application/connector/methods/update/update.ts#:~:text=SavedObjectAttributes), [actions_client.ts](https://github.com/elastic/kibana/tree/main/x-pack/plugins/actions/server/actions_client/actions_client.ts#:~:text=SavedObjectAttributes)+ 14 more | - | +| | [types.ts](https://github.com/elastic/kibana/tree/main/x-pack/plugins/actions/server/application/connector/methods/create/types/types.ts#:~:text=SavedObjectAttributes), [types.ts](https://github.com/elastic/kibana/tree/main/x-pack/plugins/actions/server/application/connector/methods/create/types/types.ts#:~:text=SavedObjectAttributes), [types.ts](https://github.com/elastic/kibana/tree/main/x-pack/plugins/actions/server/application/connector/methods/create/types/types.ts#:~:text=SavedObjectAttributes), [types.ts](https://github.com/elastic/kibana/tree/main/x-pack/plugins/actions/server/types.ts#:~:text=SavedObjectAttributes), [types.ts](https://github.com/elastic/kibana/tree/main/x-pack/plugins/actions/server/types.ts#:~:text=SavedObjectAttributes), [types.ts](https://github.com/elastic/kibana/tree/main/x-pack/plugins/actions/server/types.ts#:~:text=SavedObjectAttributes), [types.ts](https://github.com/elastic/kibana/tree/main/x-pack/plugins/actions/server/application/connector/methods/update/types/types.ts#:~:text=SavedObjectAttributes), [types.ts](https://github.com/elastic/kibana/tree/main/x-pack/plugins/actions/server/application/connector/methods/update/types/types.ts#:~:text=SavedObjectAttributes), [types.ts](https://github.com/elastic/kibana/tree/main/x-pack/plugins/actions/server/application/connector/methods/update/types/types.ts#:~:text=SavedObjectAttributes), [update.ts](https://github.com/elastic/kibana/tree/main/x-pack/plugins/actions/server/application/connector/methods/update/update.ts#:~:text=SavedObjectAttributes)+ 20 more | - | | | [index.ts](https://github.com/elastic/kibana/tree/main/x-pack/plugins/actions/server/saved_objects/index.ts#:~:text=migrations), [index.ts](https://github.com/elastic/kibana/tree/main/x-pack/plugins/actions/server/saved_objects/index.ts#:~:text=migrations) | - | | | [index.ts](https://github.com/elastic/kibana/tree/main/x-pack/plugins/actions/server/saved_objects/index.ts#:~:text=convertToMultiNamespaceTypeVersion), [index.ts](https://github.com/elastic/kibana/tree/main/x-pack/plugins/actions/server/saved_objects/index.ts#:~:text=convertToMultiNamespaceTypeVersion) | - | | | [plugin.ts](https://github.com/elastic/kibana/tree/main/x-pack/plugins/actions/server/plugin.ts#:~:text=audit), [plugin.ts](https://github.com/elastic/kibana/tree/main/x-pack/plugins/actions/server/plugin.ts#:~:text=audit) | - | diff --git a/api_docs/deprecations_by_team.mdx b/api_docs/deprecations_by_team.mdx index e8bd07c2ff736e..ac584066eadcc0 100644 --- a/api_docs/deprecations_by_team.mdx +++ b/api_docs/deprecations_by_team.mdx @@ -7,7 +7,7 @@ id: kibDevDocsDeprecationsDueByTeam slug: /kibana-dev-docs/api-meta/deprecations-due-by-team title: Deprecated APIs due to be removed, by team description: Lists the teams that are referencing deprecated APIs with a remove by date. -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana'] --- diff --git a/api_docs/dev_tools.mdx b/api_docs/dev_tools.mdx index d4df722270435c..85dd600914163c 100644 --- a/api_docs/dev_tools.mdx +++ b/api_docs/dev_tools.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/devTools title: "devTools" image: https://source.unsplash.com/400x175/?github description: API docs for the devTools plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'devTools'] --- import devToolsObj from './dev_tools.devdocs.json'; diff --git a/api_docs/discover.mdx b/api_docs/discover.mdx index 5c74f175bd3e95..62abae585dbd10 100644 --- a/api_docs/discover.mdx +++ b/api_docs/discover.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/discover title: "discover" image: https://source.unsplash.com/400x175/?github description: API docs for the discover plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'discover'] --- import discoverObj from './discover.devdocs.json'; diff --git a/api_docs/discover_enhanced.mdx b/api_docs/discover_enhanced.mdx index 4620c4b367f3c0..833bdf48190047 100644 --- a/api_docs/discover_enhanced.mdx +++ b/api_docs/discover_enhanced.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/discoverEnhanced title: "discoverEnhanced" image: https://source.unsplash.com/400x175/?github description: API docs for the discoverEnhanced plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'discoverEnhanced'] --- import discoverEnhancedObj from './discover_enhanced.devdocs.json'; diff --git a/api_docs/discover_shared.mdx b/api_docs/discover_shared.mdx index 52005b9a652bf0..813a3771168b85 100644 --- a/api_docs/discover_shared.mdx +++ b/api_docs/discover_shared.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/discoverShared title: "discoverShared" image: https://source.unsplash.com/400x175/?github description: API docs for the discoverShared plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'discoverShared'] --- import discoverSharedObj from './discover_shared.devdocs.json'; diff --git a/api_docs/ecs_data_quality_dashboard.mdx b/api_docs/ecs_data_quality_dashboard.mdx index 52b286022e97ad..2fe07075f57bda 100644 --- a/api_docs/ecs_data_quality_dashboard.mdx +++ b/api_docs/ecs_data_quality_dashboard.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/ecsDataQualityDashboard title: "ecsDataQualityDashboard" image: https://source.unsplash.com/400x175/?github description: API docs for the ecsDataQualityDashboard plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'ecsDataQualityDashboard'] --- import ecsDataQualityDashboardObj from './ecs_data_quality_dashboard.devdocs.json'; diff --git a/api_docs/elastic_assistant.mdx b/api_docs/elastic_assistant.mdx index a46083b568577c..53aa63bb34677f 100644 --- a/api_docs/elastic_assistant.mdx +++ b/api_docs/elastic_assistant.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/elasticAssistant title: "elasticAssistant" image: https://source.unsplash.com/400x175/?github description: API docs for the elasticAssistant plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'elasticAssistant'] --- import elasticAssistantObj from './elastic_assistant.devdocs.json'; diff --git a/api_docs/embeddable.devdocs.json b/api_docs/embeddable.devdocs.json index 6632c89f164081..07af1a6da01b05 100644 --- a/api_docs/embeddable.devdocs.json +++ b/api_docs/embeddable.devdocs.json @@ -7998,14 +7998,6 @@ "deprecated": true, "trackAdoption": false, "references": [ - { - "plugin": "dashboard", - "path": "src/plugins/dashboard/public/dashboard_container/component/grid/dashboard_grid_item.tsx" - }, - { - "plugin": "dashboard", - "path": "src/plugins/dashboard/public/dashboard_container/component/grid/dashboard_grid_item.tsx" - }, { "plugin": "lens", "path": "x-pack/plugins/lens/public/embeddable/embeddable_component.tsx" @@ -8014,6 +8006,14 @@ "plugin": "lens", "path": "x-pack/plugins/lens/public/embeddable/embeddable_component.tsx" }, + { + "plugin": "dashboard", + "path": "src/plugins/dashboard/public/dashboard_container/component/grid/dashboard_grid_item.tsx" + }, + { + "plugin": "dashboard", + "path": "src/plugins/dashboard/public/dashboard_container/component/grid/dashboard_grid_item.tsx" + }, { "plugin": "canvas", "path": "x-pack/plugins/canvas/canvas_plugin_src/renderers/embeddable/embeddable.tsx" @@ -14866,6 +14866,10 @@ "deprecated": true, "trackAdoption": false, "references": [ + { + "plugin": "lens", + "path": "x-pack/plugins/lens/public/embeddable/embeddable_component.tsx" + }, { "plugin": "dashboard", "path": "src/plugins/dashboard/public/services/dashboard_content_management_service/lib/migrate_dashboard_input.ts" @@ -14878,10 +14882,6 @@ "plugin": "dashboard", "path": "src/plugins/dashboard/public/dashboard_container/embeddable/dashboard_container.tsx" }, - { - "plugin": "lens", - "path": "x-pack/plugins/lens/public/embeddable/embeddable_component.tsx" - }, { "plugin": "investigateApp", "path": "x-pack/plugins/observability_solution/investigate_app/public/items/embeddable_item/register_embeddable_item.tsx" diff --git a/api_docs/embeddable.mdx b/api_docs/embeddable.mdx index 9badbdbbd73ab7..ebb7bf2aea1fd1 100644 --- a/api_docs/embeddable.mdx +++ b/api_docs/embeddable.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/embeddable title: "embeddable" image: https://source.unsplash.com/400x175/?github description: API docs for the embeddable plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'embeddable'] --- import embeddableObj from './embeddable.devdocs.json'; diff --git a/api_docs/embeddable_enhanced.mdx b/api_docs/embeddable_enhanced.mdx index e7aeb494115bf5..dacf9c33bd9d49 100644 --- a/api_docs/embeddable_enhanced.mdx +++ b/api_docs/embeddable_enhanced.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/embeddableEnhanced title: "embeddableEnhanced" image: https://source.unsplash.com/400x175/?github description: API docs for the embeddableEnhanced plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'embeddableEnhanced'] --- import embeddableEnhancedObj from './embeddable_enhanced.devdocs.json'; diff --git a/api_docs/encrypted_saved_objects.mdx b/api_docs/encrypted_saved_objects.mdx index 9d5833e4930abb..ef6ee7db8bd301 100644 --- a/api_docs/encrypted_saved_objects.mdx +++ b/api_docs/encrypted_saved_objects.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/encryptedSavedObjects title: "encryptedSavedObjects" image: https://source.unsplash.com/400x175/?github description: API docs for the encryptedSavedObjects plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'encryptedSavedObjects'] --- import encryptedSavedObjectsObj from './encrypted_saved_objects.devdocs.json'; diff --git a/api_docs/enterprise_search.mdx b/api_docs/enterprise_search.mdx index ab7c01c8baba58..a76e8f8e4c008f 100644 --- a/api_docs/enterprise_search.mdx +++ b/api_docs/enterprise_search.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/enterpriseSearch title: "enterpriseSearch" image: https://source.unsplash.com/400x175/?github description: API docs for the enterpriseSearch plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'enterpriseSearch'] --- import enterpriseSearchObj from './enterprise_search.devdocs.json'; diff --git a/api_docs/entities_data_access.mdx b/api_docs/entities_data_access.mdx index 269f9e486f8eb3..a5d3c06a5d3bbc 100644 --- a/api_docs/entities_data_access.mdx +++ b/api_docs/entities_data_access.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/entitiesDataAccess title: "entitiesDataAccess" image: https://source.unsplash.com/400x175/?github description: API docs for the entitiesDataAccess plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'entitiesDataAccess'] --- import entitiesDataAccessObj from './entities_data_access.devdocs.json'; diff --git a/api_docs/entity_manager.devdocs.json b/api_docs/entity_manager.devdocs.json index 9a3cf733daedf9..a3f5fff48eb994 100644 --- a/api_docs/entity_manager.devdocs.json +++ b/api_docs/entity_manager.devdocs.json @@ -251,7 +251,7 @@ "section": "def-common.ServerRoute", "text": "ServerRoute" }, - "<\"PATCH /internal/entities/definition/{id}\", Zod.ZodObject<{ path: Zod.ZodObject<{ id: Zod.ZodString; }, \"strip\", Zod.ZodTypeAny, { id: string; }, { id: string; }>; query: Zod.ZodObject<{ installOnly: Zod.ZodDefault, Zod.ZodBoolean]>, boolean, boolean | \"true\" | \"false\">>>; }, \"strip\", Zod.ZodTypeAny, { installOnly: boolean; }, { installOnly?: boolean | \"true\" | \"false\" | undefined; }>; body: Zod.ZodObject; filter: Zod.ZodOptional>; version: Zod.ZodOptional>; name: Zod.ZodOptional; description: Zod.ZodOptional>; metrics: Zod.ZodOptional; body: Zod.ZodObject; filter: Zod.ZodOptional>; version: Zod.ZodOptional>; name: Zod.ZodOptional; description: Zod.ZodOptional>; metrics: Zod.ZodOptional; lookbackPeriod?: string | undefined; } | undefined; })[] | undefined; identityFields?: (string | { field: string; optional: false; })[] | undefined; displayNameTemplate?: string | undefined; staticFields?: Record | undefined; latest?: { settings?: { frequency?: string | undefined; syncField?: string | undefined; syncDelay?: string | undefined; } | undefined; lookbackPeriod?: string | undefined; timestampField?: string | undefined; } | undefined; installedComponents?: { id: string; type: \"transform\" | \"template\" | \"ingest_pipeline\"; }[] | undefined; }>; }, \"strip\", Zod.ZodTypeAny, { query: { installOnly: boolean; }; path: { id: string; }; body: { version: string; type?: string | undefined; filter?: string | undefined; name?: string | undefined; description?: string | undefined; metrics?: { name: string; metrics: ({ name: string; field: string; aggregation: ", + "; filter?: string | undefined; } | { name: string; aggregation: \"doc_count\"; filter?: string | undefined; } | { name: string; field: string; percentile: number; aggregation: \"percentile\"; filter?: string | undefined; })[]; equation: string; }[] | undefined; indexPatterns?: string[] | undefined; metadata?: (string | { source: string; destination?: string | undefined; aggregation?: { type: \"terms\"; limit?: number | undefined; lookbackPeriod?: string | undefined; } | { type: \"top_value\"; sort: Record; lookbackPeriod?: string | undefined; } | undefined; })[] | undefined; identityFields?: (string | { field: string; optional: false; })[] | undefined; displayNameTemplate?: string | undefined; staticFields?: Record | undefined; latest?: { settings?: { frequency?: string | undefined; syncField?: string | undefined; syncDelay?: string | undefined; } | undefined; lookbackPeriod?: string | undefined; timestampField?: string | undefined; } | undefined; installedComponents?: { id: string; type: \"transform\" | \"template\" | \"ingest_pipeline\"; }[] | undefined; }>; }, \"strip\", Zod.ZodTypeAny, { path: { id: string; }; body: { version: string; type?: string | undefined; filter?: string | undefined; name?: string | undefined; description?: string | undefined; metrics?: { name: string; metrics: ({ name: string; field: string; aggregation: ", { "pluginId": "@kbn/entities-schema", "scope": "common", @@ -315,7 +315,7 @@ "section": "def-common.BasicAggregations", "text": "BasicAggregations" }, - "; filter?: string | undefined; } | { name: string; aggregation: \"doc_count\"; filter?: string | undefined; } | { name: string; field: string; percentile: number; aggregation: \"percentile\"; filter?: string | undefined; })[]; equation: string; }[] | undefined; indexPatterns?: string[] | undefined; metadata?: ({ destination: string; source: string; aggregation: { type: \"terms\"; limit: number; lookbackPeriod?: string | undefined; } | { type: \"top_value\"; sort: Record; lookbackPeriod?: string | undefined; }; } | { destination: string; source: string; aggregation: { type: \"terms\"; limit: number; lookbackPeriod: undefined; }; })[] | undefined; identityFields?: ({ field: string; optional: false; } | { field: string; optional: boolean; })[] | undefined; displayNameTemplate?: string | undefined; staticFields?: Record | undefined; latest?: { settings?: { frequency?: string | undefined; syncField?: string | undefined; syncDelay?: string | undefined; } | undefined; lookbackPeriod?: string | undefined; timestampField?: string | undefined; } | undefined; installedComponents?: { id: string; type: \"transform\" | \"template\" | \"ingest_pipeline\"; }[] | undefined; }; }, { query: { installOnly?: boolean | \"true\" | \"false\" | undefined; }; path: { id: string; }; body: { version: string; type?: string | undefined; filter?: string | undefined; name?: string | undefined; description?: string | undefined; metrics?: { name: string; metrics: ({ name: string; field: string; aggregation: ", + "; filter?: string | undefined; } | { name: string; aggregation: \"doc_count\"; filter?: string | undefined; } | { name: string; field: string; percentile: number; aggregation: \"percentile\"; filter?: string | undefined; })[]; equation: string; }[] | undefined; indexPatterns?: string[] | undefined; metadata?: ({ destination: string; source: string; aggregation: { type: \"terms\"; limit: number; lookbackPeriod?: string | undefined; } | { type: \"top_value\"; sort: Record; lookbackPeriod?: string | undefined; }; } | { destination: string; source: string; aggregation: { type: \"terms\"; limit: number; lookbackPeriod: undefined; }; })[] | undefined; identityFields?: ({ field: string; optional: false; } | { field: string; optional: boolean; })[] | undefined; displayNameTemplate?: string | undefined; staticFields?: Record | undefined; latest?: { settings?: { frequency?: string | undefined; syncField?: string | undefined; syncDelay?: string | undefined; } | undefined; lookbackPeriod?: string | undefined; timestampField?: string | undefined; } | undefined; installedComponents?: { id: string; type: \"transform\" | \"template\" | \"ingest_pipeline\"; }[] | undefined; }; }, { path: { id: string; }; body: { version: string; type?: string | undefined; filter?: string | undefined; name?: string | undefined; description?: string | undefined; metrics?: { name: string; metrics: ({ name: string; field: string; aggregation: ", { "pluginId": "@kbn/entities-schema", "scope": "common", diff --git a/api_docs/entity_manager.mdx b/api_docs/entity_manager.mdx index 3efb017b88d5db..c36740b3571331 100644 --- a/api_docs/entity_manager.mdx +++ b/api_docs/entity_manager.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/entityManager title: "entityManager" image: https://source.unsplash.com/400x175/?github description: API docs for the entityManager plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'entityManager'] --- import entityManagerObj from './entity_manager.devdocs.json'; diff --git a/api_docs/es_ui_shared.mdx b/api_docs/es_ui_shared.mdx index 7a8139c5084b66..4e1de1a29784cc 100644 --- a/api_docs/es_ui_shared.mdx +++ b/api_docs/es_ui_shared.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/esUiShared title: "esUiShared" image: https://source.unsplash.com/400x175/?github description: API docs for the esUiShared plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'esUiShared'] --- import esUiSharedObj from './es_ui_shared.devdocs.json'; diff --git a/api_docs/esql.mdx b/api_docs/esql.mdx index 0a4e71472551b2..afceea1f7de7c9 100644 --- a/api_docs/esql.mdx +++ b/api_docs/esql.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/esql title: "esql" image: https://source.unsplash.com/400x175/?github description: API docs for the esql plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'esql'] --- import esqlObj from './esql.devdocs.json'; diff --git a/api_docs/esql_data_grid.mdx b/api_docs/esql_data_grid.mdx index dcd3455efaf903..b3087a962c2718 100644 --- a/api_docs/esql_data_grid.mdx +++ b/api_docs/esql_data_grid.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/esqlDataGrid title: "esqlDataGrid" image: https://source.unsplash.com/400x175/?github description: API docs for the esqlDataGrid plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'esqlDataGrid'] --- import esqlDataGridObj from './esql_data_grid.devdocs.json'; diff --git a/api_docs/event_annotation.mdx b/api_docs/event_annotation.mdx index f0bc87481ba54f..54123f4610ba91 100644 --- a/api_docs/event_annotation.mdx +++ b/api_docs/event_annotation.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/eventAnnotation title: "eventAnnotation" image: https://source.unsplash.com/400x175/?github description: API docs for the eventAnnotation plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'eventAnnotation'] --- import eventAnnotationObj from './event_annotation.devdocs.json'; diff --git a/api_docs/event_annotation_listing.mdx b/api_docs/event_annotation_listing.mdx index d5d4e88b21859e..c485b23676e7f6 100644 --- a/api_docs/event_annotation_listing.mdx +++ b/api_docs/event_annotation_listing.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/eventAnnotationListing title: "eventAnnotationListing" image: https://source.unsplash.com/400x175/?github description: API docs for the eventAnnotationListing plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'eventAnnotationListing'] --- import eventAnnotationListingObj from './event_annotation_listing.devdocs.json'; diff --git a/api_docs/event_log.mdx b/api_docs/event_log.mdx index eb985756460755..e2b397d3bb9846 100644 --- a/api_docs/event_log.mdx +++ b/api_docs/event_log.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/eventLog title: "eventLog" image: https://source.unsplash.com/400x175/?github description: API docs for the eventLog plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'eventLog'] --- import eventLogObj from './event_log.devdocs.json'; diff --git a/api_docs/exploratory_view.mdx b/api_docs/exploratory_view.mdx index f2d40e76eea41f..068195e9d3ea68 100644 --- a/api_docs/exploratory_view.mdx +++ b/api_docs/exploratory_view.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/exploratoryView title: "exploratoryView" image: https://source.unsplash.com/400x175/?github description: API docs for the exploratoryView plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'exploratoryView'] --- import exploratoryViewObj from './exploratory_view.devdocs.json'; diff --git a/api_docs/expression_error.mdx b/api_docs/expression_error.mdx index ba925168a7013f..875a1ddc34349e 100644 --- a/api_docs/expression_error.mdx +++ b/api_docs/expression_error.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/expressionError title: "expressionError" image: https://source.unsplash.com/400x175/?github description: API docs for the expressionError plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'expressionError'] --- import expressionErrorObj from './expression_error.devdocs.json'; diff --git a/api_docs/expression_gauge.mdx b/api_docs/expression_gauge.mdx index b24ad46bbc232a..5bc088e9bd8101 100644 --- a/api_docs/expression_gauge.mdx +++ b/api_docs/expression_gauge.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/expressionGauge title: "expressionGauge" image: https://source.unsplash.com/400x175/?github description: API docs for the expressionGauge plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'expressionGauge'] --- import expressionGaugeObj from './expression_gauge.devdocs.json'; diff --git a/api_docs/expression_heatmap.mdx b/api_docs/expression_heatmap.mdx index 0f5ff13bae446e..54d32d9c90919e 100644 --- a/api_docs/expression_heatmap.mdx +++ b/api_docs/expression_heatmap.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/expressionHeatmap title: "expressionHeatmap" image: https://source.unsplash.com/400x175/?github description: API docs for the expressionHeatmap plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'expressionHeatmap'] --- import expressionHeatmapObj from './expression_heatmap.devdocs.json'; diff --git a/api_docs/expression_image.mdx b/api_docs/expression_image.mdx index 73dcaae94ddc02..00b63f0a85d739 100644 --- a/api_docs/expression_image.mdx +++ b/api_docs/expression_image.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/expressionImage title: "expressionImage" image: https://source.unsplash.com/400x175/?github description: API docs for the expressionImage plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'expressionImage'] --- import expressionImageObj from './expression_image.devdocs.json'; diff --git a/api_docs/expression_legacy_metric_vis.mdx b/api_docs/expression_legacy_metric_vis.mdx index 5aaaed7d9a97ae..f7ffe93ecd00cb 100644 --- a/api_docs/expression_legacy_metric_vis.mdx +++ b/api_docs/expression_legacy_metric_vis.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/expressionLegacyMetricVis title: "expressionLegacyMetricVis" image: https://source.unsplash.com/400x175/?github description: API docs for the expressionLegacyMetricVis plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'expressionLegacyMetricVis'] --- import expressionLegacyMetricVisObj from './expression_legacy_metric_vis.devdocs.json'; diff --git a/api_docs/expression_metric.mdx b/api_docs/expression_metric.mdx index e9070cd4f82965..77e0d44399c958 100644 --- a/api_docs/expression_metric.mdx +++ b/api_docs/expression_metric.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/expressionMetric title: "expressionMetric" image: https://source.unsplash.com/400x175/?github description: API docs for the expressionMetric plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'expressionMetric'] --- import expressionMetricObj from './expression_metric.devdocs.json'; diff --git a/api_docs/expression_metric_vis.mdx b/api_docs/expression_metric_vis.mdx index 512e82d8736bb6..df5075a758f479 100644 --- a/api_docs/expression_metric_vis.mdx +++ b/api_docs/expression_metric_vis.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/expressionMetricVis title: "expressionMetricVis" image: https://source.unsplash.com/400x175/?github description: API docs for the expressionMetricVis plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'expressionMetricVis'] --- import expressionMetricVisObj from './expression_metric_vis.devdocs.json'; diff --git a/api_docs/expression_partition_vis.mdx b/api_docs/expression_partition_vis.mdx index 8b38be96a79153..eedf21e3d5a2c1 100644 --- a/api_docs/expression_partition_vis.mdx +++ b/api_docs/expression_partition_vis.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/expressionPartitionVis title: "expressionPartitionVis" image: https://source.unsplash.com/400x175/?github description: API docs for the expressionPartitionVis plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'expressionPartitionVis'] --- import expressionPartitionVisObj from './expression_partition_vis.devdocs.json'; diff --git a/api_docs/expression_repeat_image.mdx b/api_docs/expression_repeat_image.mdx index 4ce3bbb7be629f..5a748cb636b265 100644 --- a/api_docs/expression_repeat_image.mdx +++ b/api_docs/expression_repeat_image.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/expressionRepeatImage title: "expressionRepeatImage" image: https://source.unsplash.com/400x175/?github description: API docs for the expressionRepeatImage plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'expressionRepeatImage'] --- import expressionRepeatImageObj from './expression_repeat_image.devdocs.json'; diff --git a/api_docs/expression_reveal_image.mdx b/api_docs/expression_reveal_image.mdx index 4fbe2f75b37aa3..4edb5f79f1dba3 100644 --- a/api_docs/expression_reveal_image.mdx +++ b/api_docs/expression_reveal_image.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/expressionRevealImage title: "expressionRevealImage" image: https://source.unsplash.com/400x175/?github description: API docs for the expressionRevealImage plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'expressionRevealImage'] --- import expressionRevealImageObj from './expression_reveal_image.devdocs.json'; diff --git a/api_docs/expression_shape.mdx b/api_docs/expression_shape.mdx index 763c056a7e1e89..969b4cf2a35299 100644 --- a/api_docs/expression_shape.mdx +++ b/api_docs/expression_shape.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/expressionShape title: "expressionShape" image: https://source.unsplash.com/400x175/?github description: API docs for the expressionShape plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'expressionShape'] --- import expressionShapeObj from './expression_shape.devdocs.json'; diff --git a/api_docs/expression_tagcloud.mdx b/api_docs/expression_tagcloud.mdx index fa3a012dfa1298..2a1257749a7651 100644 --- a/api_docs/expression_tagcloud.mdx +++ b/api_docs/expression_tagcloud.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/expressionTagcloud title: "expressionTagcloud" image: https://source.unsplash.com/400x175/?github description: API docs for the expressionTagcloud plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'expressionTagcloud'] --- import expressionTagcloudObj from './expression_tagcloud.devdocs.json'; diff --git a/api_docs/expression_x_y.mdx b/api_docs/expression_x_y.mdx index a3e6a871f97b95..f1ba395a431d0a 100644 --- a/api_docs/expression_x_y.mdx +++ b/api_docs/expression_x_y.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/expressionXY title: "expressionXY" image: https://source.unsplash.com/400x175/?github description: API docs for the expressionXY plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'expressionXY'] --- import expressionXYObj from './expression_x_y.devdocs.json'; diff --git a/api_docs/expressions.mdx b/api_docs/expressions.mdx index ee8466d3da9882..bdfc24d1bbe401 100644 --- a/api_docs/expressions.mdx +++ b/api_docs/expressions.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/expressions title: "expressions" image: https://source.unsplash.com/400x175/?github description: API docs for the expressions plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'expressions'] --- import expressionsObj from './expressions.devdocs.json'; diff --git a/api_docs/features.mdx b/api_docs/features.mdx index 1cb8ff75ef0a98..882d8f233a8557 100644 --- a/api_docs/features.mdx +++ b/api_docs/features.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/features title: "features" image: https://source.unsplash.com/400x175/?github description: API docs for the features plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'features'] --- import featuresObj from './features.devdocs.json'; diff --git a/api_docs/field_formats.mdx b/api_docs/field_formats.mdx index 3ab2d788ee27d8..bbcdc5585132ee 100644 --- a/api_docs/field_formats.mdx +++ b/api_docs/field_formats.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/fieldFormats title: "fieldFormats" image: https://source.unsplash.com/400x175/?github description: API docs for the fieldFormats plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'fieldFormats'] --- import fieldFormatsObj from './field_formats.devdocs.json'; diff --git a/api_docs/fields_metadata.mdx b/api_docs/fields_metadata.mdx index 901b430fe1c404..51bfa557f1a062 100644 --- a/api_docs/fields_metadata.mdx +++ b/api_docs/fields_metadata.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/fieldsMetadata title: "fieldsMetadata" image: https://source.unsplash.com/400x175/?github description: API docs for the fieldsMetadata plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'fieldsMetadata'] --- import fieldsMetadataObj from './fields_metadata.devdocs.json'; diff --git a/api_docs/file_upload.mdx b/api_docs/file_upload.mdx index a55fff72efd499..c4b1e5458ccfec 100644 --- a/api_docs/file_upload.mdx +++ b/api_docs/file_upload.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/fileUpload title: "fileUpload" image: https://source.unsplash.com/400x175/?github description: API docs for the fileUpload plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'fileUpload'] --- import fileUploadObj from './file_upload.devdocs.json'; diff --git a/api_docs/files.mdx b/api_docs/files.mdx index e28f6877154205..2e12a3f0969003 100644 --- a/api_docs/files.mdx +++ b/api_docs/files.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/files title: "files" image: https://source.unsplash.com/400x175/?github description: API docs for the files plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'files'] --- import filesObj from './files.devdocs.json'; diff --git a/api_docs/files_management.mdx b/api_docs/files_management.mdx index 7dfc8dad322535..fe460af770aeb7 100644 --- a/api_docs/files_management.mdx +++ b/api_docs/files_management.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/filesManagement title: "filesManagement" image: https://source.unsplash.com/400x175/?github description: API docs for the filesManagement plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'filesManagement'] --- import filesManagementObj from './files_management.devdocs.json'; diff --git a/api_docs/fleet.devdocs.json b/api_docs/fleet.devdocs.json index 277c99364ebfae..3ac36ec52b20b7 100644 --- a/api_docs/fleet.devdocs.json +++ b/api_docs/fleet.devdocs.json @@ -29286,6 +29286,28 @@ "path": "x-pack/plugins/fleet/common/constants/routes.ts", "deprecated": false, "trackAdoption": false + }, + { + "parentPluginId": "fleet", + "id": "def-common.AGENT_POLICY_API_ROUTES.LIST_OUTPUTS_PATTERN", + "type": "string", + "tags": [], + "label": "LIST_OUTPUTS_PATTERN", + "description": [], + "path": "x-pack/plugins/fleet/common/constants/routes.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "fleet", + "id": "def-common.AGENT_POLICY_API_ROUTES.INFO_OUTPUTS_PATTERN", + "type": "string", + "tags": [], + "label": "INFO_OUTPUTS_PATTERN", + "description": [], + "path": "x-pack/plugins/fleet/common/constants/routes.ts", + "deprecated": false, + "trackAdoption": false } ], "initialIsOpen": false @@ -29604,6 +29626,54 @@ "trackAdoption": false, "children": [], "returnComment": [] + }, + { + "parentPluginId": "fleet", + "id": "def-common.agentPolicyRouteService.getInfoOutputsPath", + "type": "Function", + "tags": [], + "label": "getInfoOutputsPath", + "description": [], + "signature": [ + "(agentPolicyId: string) => string" + ], + "path": "x-pack/plugins/fleet/common/services/routes.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "fleet", + "id": "def-common.agentPolicyRouteService.getInfoOutputsPath.$1", + "type": "string", + "tags": [], + "label": "agentPolicyId", + "description": [], + "signature": [ + "string" + ], + "path": "x-pack/plugins/fleet/common/services/routes.ts", + "deprecated": false, + "trackAdoption": false, + "isRequired": true + } + ], + "returnComment": [] + }, + { + "parentPluginId": "fleet", + "id": "def-common.agentPolicyRouteService.getListOutputsPath", + "type": "Function", + "tags": [], + "label": "getListOutputsPath", + "description": [], + "signature": [ + "() => string" + ], + "path": "x-pack/plugins/fleet/common/services/routes.ts", + "deprecated": false, + "trackAdoption": false, + "children": [], + "returnComment": [] } ], "initialIsOpen": false diff --git a/api_docs/fleet.mdx b/api_docs/fleet.mdx index 60381debad871d..5b4fbf3f6469c6 100644 --- a/api_docs/fleet.mdx +++ b/api_docs/fleet.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/fleet title: "fleet" image: https://source.unsplash.com/400x175/?github description: API docs for the fleet plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'fleet'] --- import fleetObj from './fleet.devdocs.json'; @@ -21,7 +21,7 @@ Contact [@elastic/fleet](https://github.com/orgs/elastic/teams/fleet) for questi | Public API count | Any count | Items lacking comments | Missing exports | |-------------------|-----------|------------------------|-----------------| -| 1421 | 5 | 1296 | 76 | +| 1426 | 5 | 1301 | 76 | ## Client diff --git a/api_docs/global_search.mdx b/api_docs/global_search.mdx index a8f60431cb67e1..ecad7e72cd6deb 100644 --- a/api_docs/global_search.mdx +++ b/api_docs/global_search.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/globalSearch title: "globalSearch" image: https://source.unsplash.com/400x175/?github description: API docs for the globalSearch plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'globalSearch'] --- import globalSearchObj from './global_search.devdocs.json'; diff --git a/api_docs/guided_onboarding.mdx b/api_docs/guided_onboarding.mdx index 0ecca0763234a4..7981a41fc3b096 100644 --- a/api_docs/guided_onboarding.mdx +++ b/api_docs/guided_onboarding.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/guidedOnboarding title: "guidedOnboarding" image: https://source.unsplash.com/400x175/?github description: API docs for the guidedOnboarding plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'guidedOnboarding'] --- import guidedOnboardingObj from './guided_onboarding.devdocs.json'; diff --git a/api_docs/home.mdx b/api_docs/home.mdx index 607a4958ace2d9..f482fd5259c78e 100644 --- a/api_docs/home.mdx +++ b/api_docs/home.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/home title: "home" image: https://source.unsplash.com/400x175/?github description: API docs for the home plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'home'] --- import homeObj from './home.devdocs.json'; diff --git a/api_docs/image_embeddable.mdx b/api_docs/image_embeddable.mdx index 432512e2979e45..d29d42d8058543 100644 --- a/api_docs/image_embeddable.mdx +++ b/api_docs/image_embeddable.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/imageEmbeddable title: "imageEmbeddable" image: https://source.unsplash.com/400x175/?github description: API docs for the imageEmbeddable plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'imageEmbeddable'] --- import imageEmbeddableObj from './image_embeddable.devdocs.json'; diff --git a/api_docs/index_lifecycle_management.mdx b/api_docs/index_lifecycle_management.mdx index 125dfbb2cae10e..30d83edddc0563 100644 --- a/api_docs/index_lifecycle_management.mdx +++ b/api_docs/index_lifecycle_management.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/indexLifecycleManagement title: "indexLifecycleManagement" image: https://source.unsplash.com/400x175/?github description: API docs for the indexLifecycleManagement plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'indexLifecycleManagement'] --- import indexLifecycleManagementObj from './index_lifecycle_management.devdocs.json'; diff --git a/api_docs/index_management.mdx b/api_docs/index_management.mdx index 9e7f3e917bc3f3..63f6b10770795d 100644 --- a/api_docs/index_management.mdx +++ b/api_docs/index_management.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/indexManagement title: "indexManagement" image: https://source.unsplash.com/400x175/?github description: API docs for the indexManagement plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'indexManagement'] --- import indexManagementObj from './index_management.devdocs.json'; diff --git a/api_docs/inference.mdx b/api_docs/inference.mdx index 97527d3567dc99..754a3215722105 100644 --- a/api_docs/inference.mdx +++ b/api_docs/inference.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/inference title: "inference" image: https://source.unsplash.com/400x175/?github description: API docs for the inference plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'inference'] --- import inferenceObj from './inference.devdocs.json'; diff --git a/api_docs/infra.mdx b/api_docs/infra.mdx index 72ef37f7f3f9ff..9e24a7145e853e 100644 --- a/api_docs/infra.mdx +++ b/api_docs/infra.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/infra title: "infra" image: https://source.unsplash.com/400x175/?github description: API docs for the infra plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'infra'] --- import infraObj from './infra.devdocs.json'; diff --git a/api_docs/ingest_pipelines.mdx b/api_docs/ingest_pipelines.mdx index 15926a846873ba..699585411c1d8b 100644 --- a/api_docs/ingest_pipelines.mdx +++ b/api_docs/ingest_pipelines.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/ingestPipelines title: "ingestPipelines" image: https://source.unsplash.com/400x175/?github description: API docs for the ingestPipelines plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'ingestPipelines'] --- import ingestPipelinesObj from './ingest_pipelines.devdocs.json'; diff --git a/api_docs/inspector.mdx b/api_docs/inspector.mdx index 6d40b8861ec3be..8befe46833068b 100644 --- a/api_docs/inspector.mdx +++ b/api_docs/inspector.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/inspector title: "inspector" image: https://source.unsplash.com/400x175/?github description: API docs for the inspector plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'inspector'] --- import inspectorObj from './inspector.devdocs.json'; diff --git a/api_docs/integration_assistant.mdx b/api_docs/integration_assistant.mdx index f1a323e938f276..9109da444cff36 100644 --- a/api_docs/integration_assistant.mdx +++ b/api_docs/integration_assistant.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/integrationAssistant title: "integrationAssistant" image: https://source.unsplash.com/400x175/?github description: API docs for the integrationAssistant plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'integrationAssistant'] --- import integrationAssistantObj from './integration_assistant.devdocs.json'; diff --git a/api_docs/interactive_setup.mdx b/api_docs/interactive_setup.mdx index 4148a37c808178..a31939d7a88b08 100644 --- a/api_docs/interactive_setup.mdx +++ b/api_docs/interactive_setup.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/interactiveSetup title: "interactiveSetup" image: https://source.unsplash.com/400x175/?github description: API docs for the interactiveSetup plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'interactiveSetup'] --- import interactiveSetupObj from './interactive_setup.devdocs.json'; diff --git a/api_docs/inventory.devdocs.json b/api_docs/inventory.devdocs.json index 37bd2bb93e2133..8d08d920f33d4b 100644 --- a/api_docs/inventory.devdocs.json +++ b/api_docs/inventory.devdocs.json @@ -92,9 +92,9 @@ "UnionC", "<[", "LiteralC", - "<\"entity.displayName\">, ", + "<\"entity.display_name\">, ", "LiteralC", - "<\"entity.lastSeenTimestamp\">, ", + "<\"entity.last_seen_timestamp\">, ", "LiteralC", "<\"entity.type\">, ", "LiteralC", diff --git a/api_docs/inventory.mdx b/api_docs/inventory.mdx index 539128311167f5..fd9dbc55ad5496 100644 --- a/api_docs/inventory.mdx +++ b/api_docs/inventory.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/inventory title: "inventory" image: https://source.unsplash.com/400x175/?github description: API docs for the inventory plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'inventory'] --- import inventoryObj from './inventory.devdocs.json'; diff --git a/api_docs/investigate.mdx b/api_docs/investigate.mdx index eea11d331cd4cf..013401f0b4763b 100644 --- a/api_docs/investigate.mdx +++ b/api_docs/investigate.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/investigate title: "investigate" image: https://source.unsplash.com/400x175/?github description: API docs for the investigate plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'investigate'] --- import investigateObj from './investigate.devdocs.json'; diff --git a/api_docs/investigate_app.devdocs.json b/api_docs/investigate_app.devdocs.json index ae63e31ddaca76..017a1cf94181c3 100644 --- a/api_docs/investigate_app.devdocs.json +++ b/api_docs/investigate_app.devdocs.json @@ -84,7 +84,7 @@ }, "<\"GET /api/observability/investigation/entities 2023-10-31\", Zod.ZodObject<{ query: Zod.ZodOptional; 'service.environment': Zod.ZodOptional; 'host.name': Zod.ZodOptional; 'container.id': Zod.ZodOptional; }, \"strip\", Zod.ZodTypeAny, { 'container.id'?: string | undefined; 'host.name'?: string | undefined; 'service.environment'?: string | undefined; 'service.name'?: string | undefined; }, { 'container.id'?: string | undefined; 'host.name'?: string | undefined; 'service.environment'?: string | undefined; 'service.name'?: string | undefined; }>>; }, \"strip\", Zod.ZodTypeAny, { query?: { 'container.id'?: string | undefined; 'host.name'?: string | undefined; 'service.environment'?: string | undefined; 'service.name'?: string | undefined; } | undefined; }, { query?: { 'container.id'?: string | undefined; 'host.name'?: string | undefined; 'service.environment'?: string | undefined; 'service.name'?: string | undefined; } | undefined; }>, ", "InvestigateAppRouteHandlerResources", - ", { entities: ({ id: string; type: string; metrics: { latency?: number | undefined; throughput?: number | undefined; failedTransactionRate?: number | undefined; logErrorRate?: number | undefined; logRate?: number | undefined; }; displayName: string; identityFields: string[]; definitionId: string; definitionVersion: string; firstSeenTimestamp: string; lastSeenTimestamp: string; schemaVersion: string; } & { sources: { dataStream?: string | undefined; }[]; })[]; }, ", + ", { entities: ({ id: string; type: string; metrics: { latency?: number | undefined; throughput?: number | undefined; failedTransactionRate?: number | undefined; logErrorRate?: number | undefined; logRate?: number | undefined; }; schema_version: string; definition_id: string; definition_version: string; display_name: string; last_seen_timestamp: string; identity_fields: string[]; } & { sources: { dataStream?: string | undefined; }[]; })[]; }, ", "InvestigateAppRouteCreateOptions", ">; \"GET /api/observability/events 2023-10-31\": ", { diff --git a/api_docs/investigate_app.mdx b/api_docs/investigate_app.mdx index 13a3541529b678..b5b76b18211f1c 100644 --- a/api_docs/investigate_app.mdx +++ b/api_docs/investigate_app.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/investigateApp title: "investigateApp" image: https://source.unsplash.com/400x175/?github description: API docs for the investigateApp plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'investigateApp'] --- import investigateAppObj from './investigate_app.devdocs.json'; diff --git a/api_docs/kbn_actions_types.mdx b/api_docs/kbn_actions_types.mdx index 6802a46bef8f3d..3d2bcc39c84a36 100644 --- a/api_docs/kbn_actions_types.mdx +++ b/api_docs/kbn_actions_types.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-actions-types title: "@kbn/actions-types" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/actions-types plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/actions-types'] --- import kbnActionsTypesObj from './kbn_actions_types.devdocs.json'; diff --git a/api_docs/kbn_ai_assistant.mdx b/api_docs/kbn_ai_assistant.mdx index d8e894109e1192..a450e39335fb9e 100644 --- a/api_docs/kbn_ai_assistant.mdx +++ b/api_docs/kbn_ai_assistant.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ai-assistant title: "@kbn/ai-assistant" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ai-assistant plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ai-assistant'] --- import kbnAiAssistantObj from './kbn_ai_assistant.devdocs.json'; diff --git a/api_docs/kbn_ai_assistant_common.mdx b/api_docs/kbn_ai_assistant_common.mdx index cb85a8ecf83b6f..673b83d0a67ffa 100644 --- a/api_docs/kbn_ai_assistant_common.mdx +++ b/api_docs/kbn_ai_assistant_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ai-assistant-common title: "@kbn/ai-assistant-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ai-assistant-common plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ai-assistant-common'] --- import kbnAiAssistantCommonObj from './kbn_ai_assistant_common.devdocs.json'; diff --git a/api_docs/kbn_aiops_components.mdx b/api_docs/kbn_aiops_components.mdx index 1f1df44ae9e10f..cec917cab02b69 100644 --- a/api_docs/kbn_aiops_components.mdx +++ b/api_docs/kbn_aiops_components.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-aiops-components title: "@kbn/aiops-components" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/aiops-components plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/aiops-components'] --- import kbnAiopsComponentsObj from './kbn_aiops_components.devdocs.json'; diff --git a/api_docs/kbn_aiops_log_pattern_analysis.mdx b/api_docs/kbn_aiops_log_pattern_analysis.mdx index 74e7e66075aa5b..3743b44cf71480 100644 --- a/api_docs/kbn_aiops_log_pattern_analysis.mdx +++ b/api_docs/kbn_aiops_log_pattern_analysis.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-aiops-log-pattern-analysis title: "@kbn/aiops-log-pattern-analysis" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/aiops-log-pattern-analysis plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/aiops-log-pattern-analysis'] --- import kbnAiopsLogPatternAnalysisObj from './kbn_aiops_log_pattern_analysis.devdocs.json'; diff --git a/api_docs/kbn_aiops_log_rate_analysis.mdx b/api_docs/kbn_aiops_log_rate_analysis.mdx index 1742608f46478d..63649411a0bad2 100644 --- a/api_docs/kbn_aiops_log_rate_analysis.mdx +++ b/api_docs/kbn_aiops_log_rate_analysis.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-aiops-log-rate-analysis title: "@kbn/aiops-log-rate-analysis" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/aiops-log-rate-analysis plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/aiops-log-rate-analysis'] --- import kbnAiopsLogRateAnalysisObj from './kbn_aiops_log_rate_analysis.devdocs.json'; diff --git a/api_docs/kbn_alerting_api_integration_helpers.mdx b/api_docs/kbn_alerting_api_integration_helpers.mdx index 1022ceb8bbfac6..5c97c0c607621c 100644 --- a/api_docs/kbn_alerting_api_integration_helpers.mdx +++ b/api_docs/kbn_alerting_api_integration_helpers.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-alerting-api-integration-helpers title: "@kbn/alerting-api-integration-helpers" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/alerting-api-integration-helpers plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/alerting-api-integration-helpers'] --- import kbnAlertingApiIntegrationHelpersObj from './kbn_alerting_api_integration_helpers.devdocs.json'; diff --git a/api_docs/kbn_alerting_comparators.mdx b/api_docs/kbn_alerting_comparators.mdx index 731c90e9d459a3..ff8a51d5c41e5e 100644 --- a/api_docs/kbn_alerting_comparators.mdx +++ b/api_docs/kbn_alerting_comparators.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-alerting-comparators title: "@kbn/alerting-comparators" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/alerting-comparators plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/alerting-comparators'] --- import kbnAlertingComparatorsObj from './kbn_alerting_comparators.devdocs.json'; diff --git a/api_docs/kbn_alerting_state_types.mdx b/api_docs/kbn_alerting_state_types.mdx index 0da0fd93458e7e..68b9f3041a68b3 100644 --- a/api_docs/kbn_alerting_state_types.mdx +++ b/api_docs/kbn_alerting_state_types.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-alerting-state-types title: "@kbn/alerting-state-types" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/alerting-state-types plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/alerting-state-types'] --- import kbnAlertingStateTypesObj from './kbn_alerting_state_types.devdocs.json'; diff --git a/api_docs/kbn_alerting_types.mdx b/api_docs/kbn_alerting_types.mdx index a59fbf87b7e21f..d632d8a2d663f7 100644 --- a/api_docs/kbn_alerting_types.mdx +++ b/api_docs/kbn_alerting_types.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-alerting-types title: "@kbn/alerting-types" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/alerting-types plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/alerting-types'] --- import kbnAlertingTypesObj from './kbn_alerting_types.devdocs.json'; diff --git a/api_docs/kbn_alerts_as_data_utils.mdx b/api_docs/kbn_alerts_as_data_utils.mdx index 575bc13aaeaf77..a0dee4e6be7942 100644 --- a/api_docs/kbn_alerts_as_data_utils.mdx +++ b/api_docs/kbn_alerts_as_data_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-alerts-as-data-utils title: "@kbn/alerts-as-data-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/alerts-as-data-utils plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/alerts-as-data-utils'] --- import kbnAlertsAsDataUtilsObj from './kbn_alerts_as_data_utils.devdocs.json'; diff --git a/api_docs/kbn_alerts_grouping.mdx b/api_docs/kbn_alerts_grouping.mdx index ab9b48818aa541..3c88b31d6a85ca 100644 --- a/api_docs/kbn_alerts_grouping.mdx +++ b/api_docs/kbn_alerts_grouping.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-alerts-grouping title: "@kbn/alerts-grouping" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/alerts-grouping plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/alerts-grouping'] --- import kbnAlertsGroupingObj from './kbn_alerts_grouping.devdocs.json'; diff --git a/api_docs/kbn_alerts_ui_shared.mdx b/api_docs/kbn_alerts_ui_shared.mdx index 57f8a06c4d4c8e..2775cc02a50be1 100644 --- a/api_docs/kbn_alerts_ui_shared.mdx +++ b/api_docs/kbn_alerts_ui_shared.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-alerts-ui-shared title: "@kbn/alerts-ui-shared" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/alerts-ui-shared plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/alerts-ui-shared'] --- import kbnAlertsUiSharedObj from './kbn_alerts_ui_shared.devdocs.json'; diff --git a/api_docs/kbn_analytics.mdx b/api_docs/kbn_analytics.mdx index cbfe9721dc84ba..9316ef73f91258 100644 --- a/api_docs/kbn_analytics.mdx +++ b/api_docs/kbn_analytics.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-analytics title: "@kbn/analytics" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/analytics plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/analytics'] --- import kbnAnalyticsObj from './kbn_analytics.devdocs.json'; diff --git a/api_docs/kbn_analytics_collection_utils.mdx b/api_docs/kbn_analytics_collection_utils.mdx index 1ef361c1b4ed66..9aaee7c0402b06 100644 --- a/api_docs/kbn_analytics_collection_utils.mdx +++ b/api_docs/kbn_analytics_collection_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-analytics-collection-utils title: "@kbn/analytics-collection-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/analytics-collection-utils plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/analytics-collection-utils'] --- import kbnAnalyticsCollectionUtilsObj from './kbn_analytics_collection_utils.devdocs.json'; diff --git a/api_docs/kbn_apm_config_loader.mdx b/api_docs/kbn_apm_config_loader.mdx index 3b545fcf901109..2545e50638c119 100644 --- a/api_docs/kbn_apm_config_loader.mdx +++ b/api_docs/kbn_apm_config_loader.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-apm-config-loader title: "@kbn/apm-config-loader" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/apm-config-loader plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/apm-config-loader'] --- import kbnApmConfigLoaderObj from './kbn_apm_config_loader.devdocs.json'; diff --git a/api_docs/kbn_apm_data_view.mdx b/api_docs/kbn_apm_data_view.mdx index ba4b79b896dc40..723fa74f6b80ac 100644 --- a/api_docs/kbn_apm_data_view.mdx +++ b/api_docs/kbn_apm_data_view.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-apm-data-view title: "@kbn/apm-data-view" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/apm-data-view plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/apm-data-view'] --- import kbnApmDataViewObj from './kbn_apm_data_view.devdocs.json'; diff --git a/api_docs/kbn_apm_synthtrace.mdx b/api_docs/kbn_apm_synthtrace.mdx index 5e7ff3a3a3727a..bbedf41a7a26bf 100644 --- a/api_docs/kbn_apm_synthtrace.mdx +++ b/api_docs/kbn_apm_synthtrace.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-apm-synthtrace title: "@kbn/apm-synthtrace" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/apm-synthtrace plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/apm-synthtrace'] --- import kbnApmSynthtraceObj from './kbn_apm_synthtrace.devdocs.json'; diff --git a/api_docs/kbn_apm_synthtrace_client.devdocs.json b/api_docs/kbn_apm_synthtrace_client.devdocs.json index 31e48f7188cfe7..4f458c6eb82a9c 100644 --- a/api_docs/kbn_apm_synthtrace_client.devdocs.json +++ b/api_docs/kbn_apm_synthtrace_client.devdocs.json @@ -3055,7 +3055,7 @@ "label": "EntityFields", "description": [], "signature": [ - "{ '@timestamp'?: number | undefined; } & Partial<{ [key: string]: any; 'agent.name': string[]; 'source_data_stream.type': string | string[]; 'source_data_stream.dataset': string | string[]; 'event.ingested': string; sourceIndex: string; 'entity.lastSeenTimestamp': string; 'entity.schemaVersion': string; 'entity.definitionVersion': string; 'entity.displayName': string; 'entity.identityFields': string | string[]; 'entity.id': string; 'entity.type': string; 'entity.definitionId': string; }>" + "{ '@timestamp'?: number | undefined; } & Partial<{ [key: string]: any; 'agent.name': string[]; 'source_data_stream.type': string | string[]; 'source_data_stream.dataset': string | string[]; 'event.ingested': string; source_index: string; 'entity.last_seen_timestamp': string; 'entity.schema_version': string; 'entity.definition_version': string; 'entity.display_name': string; 'entity.identity_fields': string | string[]; 'entity.id': string; 'entity.type': string; 'entity.definition_id': string; }>" ], "path": "packages/kbn-apm-synthtrace-client/src/lib/entities/index.ts", "deprecated": false, @@ -3476,6 +3476,379 @@ "trackAdoption": false } ] + }, + { + "parentPluginId": "@kbn/apm-synthtrace-client", + "id": "def-common.entities.k8s", + "type": "Object", + "tags": [], + "label": "k8s", + "description": [], + "path": "packages/kbn-apm-synthtrace-client/src/lib/entities/index.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/apm-synthtrace-client", + "id": "def-common.entities.k8s.k8sClusterJobEntity", + "type": "Function", + "tags": [], + "label": "k8sClusterJobEntity", + "description": [], + "signature": [ + "({ schema, name, entityId, ...others }: { [key: string]: any; schema: ", + "Schema", + "; name: string; entityId: string; }) => ", + "K8sEntity" + ], + "path": "packages/kbn-apm-synthtrace-client/src/lib/entities/index.ts", + "deprecated": false, + "trackAdoption": false, + "returnComment": [], + "children": [ + { + "parentPluginId": "@kbn/apm-synthtrace-client", + "id": "def-common.entities.k8s.k8sClusterJobEntity.$1", + "type": "Object", + "tags": [], + "label": "__0", + "description": [], + "signature": [ + "{ [key: string]: any; schema: ", + "Schema", + "; name: string; entityId: string; }" + ], + "path": "packages/kbn-apm-synthtrace-client/src/lib/entities/kubernetes/cluster_entity.ts", + "deprecated": false, + "trackAdoption": false + } + ] + }, + { + "parentPluginId": "@kbn/apm-synthtrace-client", + "id": "def-common.entities.k8s.k8sCronJobEntity", + "type": "Function", + "tags": [], + "label": "k8sCronJobEntity", + "description": [], + "signature": [ + "({ schema, name, uid, clusterName, entityId, ...others }: { [key: string]: any; schema: ", + "Schema", + "; name: string; uid?: string | undefined; clusterName?: string | undefined; entityId: string; }) => ", + "K8sEntity" + ], + "path": "packages/kbn-apm-synthtrace-client/src/lib/entities/index.ts", + "deprecated": false, + "trackAdoption": false, + "returnComment": [], + "children": [ + { + "parentPluginId": "@kbn/apm-synthtrace-client", + "id": "def-common.entities.k8s.k8sCronJobEntity.$1", + "type": "Object", + "tags": [], + "label": "__0", + "description": [], + "signature": [ + "{ [key: string]: any; schema: ", + "Schema", + "; name: string; uid?: string | undefined; clusterName?: string | undefined; entityId: string; }" + ], + "path": "packages/kbn-apm-synthtrace-client/src/lib/entities/kubernetes/cron_job_entity.ts", + "deprecated": false, + "trackAdoption": false + } + ] + }, + { + "parentPluginId": "@kbn/apm-synthtrace-client", + "id": "def-common.entities.k8s.k8sDaemonSetEntity", + "type": "Function", + "tags": [], + "label": "k8sDaemonSetEntity", + "description": [], + "signature": [ + "({ schema, name, uid, clusterName, entityId, ...others }: { [key: string]: any; schema: ", + "Schema", + "; name: string; uid?: string | undefined; clusterName?: string | undefined; entityId: string; }) => ", + "K8sEntity" + ], + "path": "packages/kbn-apm-synthtrace-client/src/lib/entities/index.ts", + "deprecated": false, + "trackAdoption": false, + "returnComment": [], + "children": [ + { + "parentPluginId": "@kbn/apm-synthtrace-client", + "id": "def-common.entities.k8s.k8sDaemonSetEntity.$1", + "type": "Object", + "tags": [], + "label": "__0", + "description": [], + "signature": [ + "{ [key: string]: any; schema: ", + "Schema", + "; name: string; uid?: string | undefined; clusterName?: string | undefined; entityId: string; }" + ], + "path": "packages/kbn-apm-synthtrace-client/src/lib/entities/kubernetes/daemon_set_entity.ts", + "deprecated": false, + "trackAdoption": false + } + ] + }, + { + "parentPluginId": "@kbn/apm-synthtrace-client", + "id": "def-common.entities.k8s.k8sDeploymentEntity", + "type": "Function", + "tags": [], + "label": "k8sDeploymentEntity", + "description": [], + "signature": [ + "({ schema, name, uid, clusterName, entityId, ...others }: { [key: string]: any; schema: ", + "Schema", + "; name: string; uid?: string | undefined; clusterName?: string | undefined; entityId: string; }) => ", + "K8sEntity" + ], + "path": "packages/kbn-apm-synthtrace-client/src/lib/entities/index.ts", + "deprecated": false, + "trackAdoption": false, + "returnComment": [], + "children": [ + { + "parentPluginId": "@kbn/apm-synthtrace-client", + "id": "def-common.entities.k8s.k8sDeploymentEntity.$1", + "type": "Object", + "tags": [], + "label": "__0", + "description": [], + "signature": [ + "{ [key: string]: any; schema: ", + "Schema", + "; name: string; uid?: string | undefined; clusterName?: string | undefined; entityId: string; }" + ], + "path": "packages/kbn-apm-synthtrace-client/src/lib/entities/kubernetes/deployment_entity.ts", + "deprecated": false, + "trackAdoption": false + } + ] + }, + { + "parentPluginId": "@kbn/apm-synthtrace-client", + "id": "def-common.entities.k8s.k8sJobSetEntity", + "type": "Function", + "tags": [], + "label": "k8sJobSetEntity", + "description": [], + "signature": [ + "({ schema, name, uid, clusterName, entityId, ...others }: { [key: string]: any; schema: ", + "Schema", + "; name: string; uid?: string | undefined; clusterName?: string | undefined; entityId: string; }) => ", + "K8sEntity" + ], + "path": "packages/kbn-apm-synthtrace-client/src/lib/entities/index.ts", + "deprecated": false, + "trackAdoption": false, + "returnComment": [], + "children": [ + { + "parentPluginId": "@kbn/apm-synthtrace-client", + "id": "def-common.entities.k8s.k8sJobSetEntity.$1", + "type": "Object", + "tags": [], + "label": "__0", + "description": [], + "signature": [ + "{ [key: string]: any; schema: ", + "Schema", + "; name: string; uid?: string | undefined; clusterName?: string | undefined; entityId: string; }" + ], + "path": "packages/kbn-apm-synthtrace-client/src/lib/entities/kubernetes/job_set_entity.ts", + "deprecated": false, + "trackAdoption": false + } + ] + }, + { + "parentPluginId": "@kbn/apm-synthtrace-client", + "id": "def-common.entities.k8s.k8sNodeEntity", + "type": "Function", + "tags": [], + "label": "k8sNodeEntity", + "description": [], + "signature": [ + "({ schema, name, uid, clusterName, entityId, ...others }: { [key: string]: any; schema: ", + "Schema", + "; name: string; uid?: string | undefined; clusterName?: string | undefined; entityId: string; }) => ", + "K8sEntity" + ], + "path": "packages/kbn-apm-synthtrace-client/src/lib/entities/index.ts", + "deprecated": false, + "trackAdoption": false, + "returnComment": [], + "children": [ + { + "parentPluginId": "@kbn/apm-synthtrace-client", + "id": "def-common.entities.k8s.k8sNodeEntity.$1", + "type": "Object", + "tags": [], + "label": "__0", + "description": [], + "signature": [ + "{ [key: string]: any; schema: ", + "Schema", + "; name: string; uid?: string | undefined; clusterName?: string | undefined; entityId: string; }" + ], + "path": "packages/kbn-apm-synthtrace-client/src/lib/entities/kubernetes/node_entity.ts", + "deprecated": false, + "trackAdoption": false + } + ] + }, + { + "parentPluginId": "@kbn/apm-synthtrace-client", + "id": "def-common.entities.k8s.k8sPodEntity", + "type": "Function", + "tags": [], + "label": "k8sPodEntity", + "description": [], + "signature": [ + "({ schema, name, uid, clusterName, entityId, ...others }: { [key: string]: any; schema: ", + "Schema", + "; name: string; uid?: string | undefined; clusterName?: string | undefined; entityId: string; }) => ", + "K8sEntity" + ], + "path": "packages/kbn-apm-synthtrace-client/src/lib/entities/index.ts", + "deprecated": false, + "trackAdoption": false, + "returnComment": [], + "children": [ + { + "parentPluginId": "@kbn/apm-synthtrace-client", + "id": "def-common.entities.k8s.k8sPodEntity.$1", + "type": "Object", + "tags": [], + "label": "__0", + "description": [], + "signature": [ + "{ [key: string]: any; schema: ", + "Schema", + "; name: string; uid?: string | undefined; clusterName?: string | undefined; entityId: string; }" + ], + "path": "packages/kbn-apm-synthtrace-client/src/lib/entities/kubernetes/pod_entity.ts", + "deprecated": false, + "trackAdoption": false + } + ] + }, + { + "parentPluginId": "@kbn/apm-synthtrace-client", + "id": "def-common.entities.k8s.k8sReplicaSetEntity", + "type": "Function", + "tags": [], + "label": "k8sReplicaSetEntity", + "description": [], + "signature": [ + "({ schema, name, uid, clusterName, entityId, ...others }: { [key: string]: any; schema: ", + "Schema", + "; name: string; uid?: string | undefined; clusterName?: string | undefined; entityId: string; }) => ", + "K8sEntity" + ], + "path": "packages/kbn-apm-synthtrace-client/src/lib/entities/index.ts", + "deprecated": false, + "trackAdoption": false, + "returnComment": [], + "children": [ + { + "parentPluginId": "@kbn/apm-synthtrace-client", + "id": "def-common.entities.k8s.k8sReplicaSetEntity.$1", + "type": "Object", + "tags": [], + "label": "__0", + "description": [], + "signature": [ + "{ [key: string]: any; schema: ", + "Schema", + "; name: string; uid?: string | undefined; clusterName?: string | undefined; entityId: string; }" + ], + "path": "packages/kbn-apm-synthtrace-client/src/lib/entities/kubernetes/replica_set.ts", + "deprecated": false, + "trackAdoption": false + } + ] + }, + { + "parentPluginId": "@kbn/apm-synthtrace-client", + "id": "def-common.entities.k8s.k8sStatefulSetEntity", + "type": "Function", + "tags": [], + "label": "k8sStatefulSetEntity", + "description": [], + "signature": [ + "({ schema, name, uid, clusterName, entityId, ...others }: { [key: string]: any; schema: ", + "Schema", + "; name: string; uid?: string | undefined; clusterName?: string | undefined; entityId: string; }) => ", + "K8sEntity" + ], + "path": "packages/kbn-apm-synthtrace-client/src/lib/entities/index.ts", + "deprecated": false, + "trackAdoption": false, + "returnComment": [], + "children": [ + { + "parentPluginId": "@kbn/apm-synthtrace-client", + "id": "def-common.entities.k8s.k8sStatefulSetEntity.$1", + "type": "Object", + "tags": [], + "label": "__0", + "description": [], + "signature": [ + "{ [key: string]: any; schema: ", + "Schema", + "; name: string; uid?: string | undefined; clusterName?: string | undefined; entityId: string; }" + ], + "path": "packages/kbn-apm-synthtrace-client/src/lib/entities/kubernetes/stateful_set.ts", + "deprecated": false, + "trackAdoption": false + } + ] + }, + { + "parentPluginId": "@kbn/apm-synthtrace-client", + "id": "def-common.entities.k8s.k8sContainerEntity", + "type": "Function", + "tags": [], + "label": "k8sContainerEntity", + "description": [], + "signature": [ + "({ schema, id, entityId, ...others }: { [key: string]: any; schema: ", + "Schema", + "; id: string; entityId: string; }) => ", + "K8sEntity" + ], + "path": "packages/kbn-apm-synthtrace-client/src/lib/entities/index.ts", + "deprecated": false, + "trackAdoption": false, + "returnComment": [], + "children": [ + { + "parentPluginId": "@kbn/apm-synthtrace-client", + "id": "def-common.entities.k8s.k8sContainerEntity.$1", + "type": "Object", + "tags": [], + "label": "__0", + "description": [], + "signature": [ + "{ [key: string]: any; schema: ", + "Schema", + "; id: string; entityId: string; }" + ], + "path": "packages/kbn-apm-synthtrace-client/src/lib/entities/kubernetes/container_entity.ts", + "deprecated": false, + "trackAdoption": false + } + ] + } + ] } ], "initialIsOpen": false diff --git a/api_docs/kbn_apm_synthtrace_client.mdx b/api_docs/kbn_apm_synthtrace_client.mdx index 3768637aa253b9..d4fce62a15c9a1 100644 --- a/api_docs/kbn_apm_synthtrace_client.mdx +++ b/api_docs/kbn_apm_synthtrace_client.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-apm-synthtrace-client title: "@kbn/apm-synthtrace-client" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/apm-synthtrace-client plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/apm-synthtrace-client'] --- import kbnApmSynthtraceClientObj from './kbn_apm_synthtrace_client.devdocs.json'; @@ -21,7 +21,7 @@ Contact [@elastic/obs-ux-infra_services-team](https://github.com/orgs/elastic/te | Public API count | Any count | Items lacking comments | Missing exports | |-------------------|-----------|------------------------|-----------------| -| 247 | 0 | 247 | 36 | +| 268 | 0 | 268 | 38 | ## Common diff --git a/api_docs/kbn_apm_types.mdx b/api_docs/kbn_apm_types.mdx index eeefb6faa47e92..3c511e689436cb 100644 --- a/api_docs/kbn_apm_types.mdx +++ b/api_docs/kbn_apm_types.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-apm-types title: "@kbn/apm-types" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/apm-types plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/apm-types'] --- import kbnApmTypesObj from './kbn_apm_types.devdocs.json'; diff --git a/api_docs/kbn_apm_utils.mdx b/api_docs/kbn_apm_utils.mdx index 0f6d0fe1c4256d..f1aacb031552c6 100644 --- a/api_docs/kbn_apm_utils.mdx +++ b/api_docs/kbn_apm_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-apm-utils title: "@kbn/apm-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/apm-utils plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/apm-utils'] --- import kbnApmUtilsObj from './kbn_apm_utils.devdocs.json'; diff --git a/api_docs/kbn_avc_banner.mdx b/api_docs/kbn_avc_banner.mdx index 7e55f69fb9362e..7ee64e3c9e5902 100644 --- a/api_docs/kbn_avc_banner.mdx +++ b/api_docs/kbn_avc_banner.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-avc-banner title: "@kbn/avc-banner" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/avc-banner plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/avc-banner'] --- import kbnAvcBannerObj from './kbn_avc_banner.devdocs.json'; diff --git a/api_docs/kbn_axe_config.mdx b/api_docs/kbn_axe_config.mdx index 184ce5588d8b7b..41a64101e52554 100644 --- a/api_docs/kbn_axe_config.mdx +++ b/api_docs/kbn_axe_config.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-axe-config title: "@kbn/axe-config" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/axe-config plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/axe-config'] --- import kbnAxeConfigObj from './kbn_axe_config.devdocs.json'; diff --git a/api_docs/kbn_bfetch_error.mdx b/api_docs/kbn_bfetch_error.mdx index e4d6358678c5f3..1fa1373a2b52f4 100644 --- a/api_docs/kbn_bfetch_error.mdx +++ b/api_docs/kbn_bfetch_error.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-bfetch-error title: "@kbn/bfetch-error" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/bfetch-error plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/bfetch-error'] --- import kbnBfetchErrorObj from './kbn_bfetch_error.devdocs.json'; diff --git a/api_docs/kbn_calculate_auto.mdx b/api_docs/kbn_calculate_auto.mdx index 61b42e2652eb0f..ff1a537302c52b 100644 --- a/api_docs/kbn_calculate_auto.mdx +++ b/api_docs/kbn_calculate_auto.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-calculate-auto title: "@kbn/calculate-auto" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/calculate-auto plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/calculate-auto'] --- import kbnCalculateAutoObj from './kbn_calculate_auto.devdocs.json'; diff --git a/api_docs/kbn_calculate_width_from_char_count.mdx b/api_docs/kbn_calculate_width_from_char_count.mdx index 016286299a20d9..1ace0498107633 100644 --- a/api_docs/kbn_calculate_width_from_char_count.mdx +++ b/api_docs/kbn_calculate_width_from_char_count.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-calculate-width-from-char-count title: "@kbn/calculate-width-from-char-count" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/calculate-width-from-char-count plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/calculate-width-from-char-count'] --- import kbnCalculateWidthFromCharCountObj from './kbn_calculate_width_from_char_count.devdocs.json'; diff --git a/api_docs/kbn_cases_components.mdx b/api_docs/kbn_cases_components.mdx index 66e07a17505646..3c387f7f521776 100644 --- a/api_docs/kbn_cases_components.mdx +++ b/api_docs/kbn_cases_components.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-cases-components title: "@kbn/cases-components" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/cases-components plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/cases-components'] --- import kbnCasesComponentsObj from './kbn_cases_components.devdocs.json'; diff --git a/api_docs/kbn_cbor.mdx b/api_docs/kbn_cbor.mdx index f95013ef9b1f54..2bc6de833621d7 100644 --- a/api_docs/kbn_cbor.mdx +++ b/api_docs/kbn_cbor.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-cbor title: "@kbn/cbor" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/cbor plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/cbor'] --- import kbnCborObj from './kbn_cbor.devdocs.json'; diff --git a/api_docs/kbn_cell_actions.mdx b/api_docs/kbn_cell_actions.mdx index c71328613270a8..3dcd48bf18d22e 100644 --- a/api_docs/kbn_cell_actions.mdx +++ b/api_docs/kbn_cell_actions.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-cell-actions title: "@kbn/cell-actions" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/cell-actions plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/cell-actions'] --- import kbnCellActionsObj from './kbn_cell_actions.devdocs.json'; diff --git a/api_docs/kbn_chart_expressions_common.mdx b/api_docs/kbn_chart_expressions_common.mdx index b5be35e170ce40..845d0ececb4e30 100644 --- a/api_docs/kbn_chart_expressions_common.mdx +++ b/api_docs/kbn_chart_expressions_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-chart-expressions-common title: "@kbn/chart-expressions-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/chart-expressions-common plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/chart-expressions-common'] --- import kbnChartExpressionsCommonObj from './kbn_chart_expressions_common.devdocs.json'; diff --git a/api_docs/kbn_chart_icons.mdx b/api_docs/kbn_chart_icons.mdx index a8f658ecc05429..25408fc82999fe 100644 --- a/api_docs/kbn_chart_icons.mdx +++ b/api_docs/kbn_chart_icons.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-chart-icons title: "@kbn/chart-icons" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/chart-icons plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/chart-icons'] --- import kbnChartIconsObj from './kbn_chart_icons.devdocs.json'; diff --git a/api_docs/kbn_ci_stats_core.mdx b/api_docs/kbn_ci_stats_core.mdx index aa9820ee7afad6..d547adb69416cb 100644 --- a/api_docs/kbn_ci_stats_core.mdx +++ b/api_docs/kbn_ci_stats_core.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ci-stats-core title: "@kbn/ci-stats-core" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ci-stats-core plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ci-stats-core'] --- import kbnCiStatsCoreObj from './kbn_ci_stats_core.devdocs.json'; diff --git a/api_docs/kbn_ci_stats_performance_metrics.mdx b/api_docs/kbn_ci_stats_performance_metrics.mdx index afb84d150bc8f6..108edaf4843283 100644 --- a/api_docs/kbn_ci_stats_performance_metrics.mdx +++ b/api_docs/kbn_ci_stats_performance_metrics.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ci-stats-performance-metrics title: "@kbn/ci-stats-performance-metrics" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ci-stats-performance-metrics plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ci-stats-performance-metrics'] --- import kbnCiStatsPerformanceMetricsObj from './kbn_ci_stats_performance_metrics.devdocs.json'; diff --git a/api_docs/kbn_ci_stats_reporter.mdx b/api_docs/kbn_ci_stats_reporter.mdx index 2a6a5e676395fa..e43f05d8f6c875 100644 --- a/api_docs/kbn_ci_stats_reporter.mdx +++ b/api_docs/kbn_ci_stats_reporter.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ci-stats-reporter title: "@kbn/ci-stats-reporter" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ci-stats-reporter plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ci-stats-reporter'] --- import kbnCiStatsReporterObj from './kbn_ci_stats_reporter.devdocs.json'; diff --git a/api_docs/kbn_cli_dev_mode.mdx b/api_docs/kbn_cli_dev_mode.mdx index ef9416dbd1765f..341f328350bc81 100644 --- a/api_docs/kbn_cli_dev_mode.mdx +++ b/api_docs/kbn_cli_dev_mode.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-cli-dev-mode title: "@kbn/cli-dev-mode" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/cli-dev-mode plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/cli-dev-mode'] --- import kbnCliDevModeObj from './kbn_cli_dev_mode.devdocs.json'; diff --git a/api_docs/kbn_cloud_security_posture.mdx b/api_docs/kbn_cloud_security_posture.mdx index c403086428e280..634cb3aa9c724c 100644 --- a/api_docs/kbn_cloud_security_posture.mdx +++ b/api_docs/kbn_cloud_security_posture.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-cloud-security-posture title: "@kbn/cloud-security-posture" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/cloud-security-posture plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/cloud-security-posture'] --- import kbnCloudSecurityPostureObj from './kbn_cloud_security_posture.devdocs.json'; diff --git a/api_docs/kbn_cloud_security_posture_common.mdx b/api_docs/kbn_cloud_security_posture_common.mdx index caeb5f80d41a39..3e7b82ca25a82d 100644 --- a/api_docs/kbn_cloud_security_posture_common.mdx +++ b/api_docs/kbn_cloud_security_posture_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-cloud-security-posture-common title: "@kbn/cloud-security-posture-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/cloud-security-posture-common plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/cloud-security-posture-common'] --- import kbnCloudSecurityPostureCommonObj from './kbn_cloud_security_posture_common.devdocs.json'; diff --git a/api_docs/kbn_code_editor.mdx b/api_docs/kbn_code_editor.mdx index 5c968fc61d2415..b0daddf5bde170 100644 --- a/api_docs/kbn_code_editor.mdx +++ b/api_docs/kbn_code_editor.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-code-editor title: "@kbn/code-editor" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/code-editor plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/code-editor'] --- import kbnCodeEditorObj from './kbn_code_editor.devdocs.json'; diff --git a/api_docs/kbn_code_editor_mock.mdx b/api_docs/kbn_code_editor_mock.mdx index 395a72ff0c48bc..61e3ac208819f2 100644 --- a/api_docs/kbn_code_editor_mock.mdx +++ b/api_docs/kbn_code_editor_mock.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-code-editor-mock title: "@kbn/code-editor-mock" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/code-editor-mock plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/code-editor-mock'] --- import kbnCodeEditorMockObj from './kbn_code_editor_mock.devdocs.json'; diff --git a/api_docs/kbn_code_owners.mdx b/api_docs/kbn_code_owners.mdx index 3427fbc61f642f..53f01acd73ded1 100644 --- a/api_docs/kbn_code_owners.mdx +++ b/api_docs/kbn_code_owners.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-code-owners title: "@kbn/code-owners" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/code-owners plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/code-owners'] --- import kbnCodeOwnersObj from './kbn_code_owners.devdocs.json'; diff --git a/api_docs/kbn_coloring.mdx b/api_docs/kbn_coloring.mdx index 6c612c075f8512..abd1d9af2b18ae 100644 --- a/api_docs/kbn_coloring.mdx +++ b/api_docs/kbn_coloring.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-coloring title: "@kbn/coloring" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/coloring plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/coloring'] --- import kbnColoringObj from './kbn_coloring.devdocs.json'; diff --git a/api_docs/kbn_config.mdx b/api_docs/kbn_config.mdx index 995979502de6d0..2a859953d0ddea 100644 --- a/api_docs/kbn_config.mdx +++ b/api_docs/kbn_config.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-config title: "@kbn/config" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/config plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/config'] --- import kbnConfigObj from './kbn_config.devdocs.json'; diff --git a/api_docs/kbn_config_mocks.mdx b/api_docs/kbn_config_mocks.mdx index 25f9c6928fd1bb..1695839cf2685b 100644 --- a/api_docs/kbn_config_mocks.mdx +++ b/api_docs/kbn_config_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-config-mocks title: "@kbn/config-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/config-mocks plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/config-mocks'] --- import kbnConfigMocksObj from './kbn_config_mocks.devdocs.json'; diff --git a/api_docs/kbn_config_schema.mdx b/api_docs/kbn_config_schema.mdx index 701ffde784db80..44f4fe29c44d12 100644 --- a/api_docs/kbn_config_schema.mdx +++ b/api_docs/kbn_config_schema.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-config-schema title: "@kbn/config-schema" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/config-schema plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/config-schema'] --- import kbnConfigSchemaObj from './kbn_config_schema.devdocs.json'; diff --git a/api_docs/kbn_content_management_content_editor.mdx b/api_docs/kbn_content_management_content_editor.mdx index 7a8754de39b592..4a29fd9d72923e 100644 --- a/api_docs/kbn_content_management_content_editor.mdx +++ b/api_docs/kbn_content_management_content_editor.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-content-management-content-editor title: "@kbn/content-management-content-editor" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/content-management-content-editor plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/content-management-content-editor'] --- import kbnContentManagementContentEditorObj from './kbn_content_management_content_editor.devdocs.json'; diff --git a/api_docs/kbn_content_management_content_insights_public.mdx b/api_docs/kbn_content_management_content_insights_public.mdx index af30a9f5486cc3..fb065a8a95ce20 100644 --- a/api_docs/kbn_content_management_content_insights_public.mdx +++ b/api_docs/kbn_content_management_content_insights_public.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-content-management-content-insights-public title: "@kbn/content-management-content-insights-public" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/content-management-content-insights-public plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/content-management-content-insights-public'] --- import kbnContentManagementContentInsightsPublicObj from './kbn_content_management_content_insights_public.devdocs.json'; diff --git a/api_docs/kbn_content_management_content_insights_server.mdx b/api_docs/kbn_content_management_content_insights_server.mdx index 4ad3136ce4df6b..eae5ad41d802b9 100644 --- a/api_docs/kbn_content_management_content_insights_server.mdx +++ b/api_docs/kbn_content_management_content_insights_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-content-management-content-insights-server title: "@kbn/content-management-content-insights-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/content-management-content-insights-server plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/content-management-content-insights-server'] --- import kbnContentManagementContentInsightsServerObj from './kbn_content_management_content_insights_server.devdocs.json'; diff --git a/api_docs/kbn_content_management_favorites_public.mdx b/api_docs/kbn_content_management_favorites_public.mdx index efa46aba6cc31a..c39fea67e5a98a 100644 --- a/api_docs/kbn_content_management_favorites_public.mdx +++ b/api_docs/kbn_content_management_favorites_public.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-content-management-favorites-public title: "@kbn/content-management-favorites-public" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/content-management-favorites-public plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/content-management-favorites-public'] --- import kbnContentManagementFavoritesPublicObj from './kbn_content_management_favorites_public.devdocs.json'; diff --git a/api_docs/kbn_content_management_favorites_server.mdx b/api_docs/kbn_content_management_favorites_server.mdx index a1d248760dbdf2..fb419456c17e40 100644 --- a/api_docs/kbn_content_management_favorites_server.mdx +++ b/api_docs/kbn_content_management_favorites_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-content-management-favorites-server title: "@kbn/content-management-favorites-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/content-management-favorites-server plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/content-management-favorites-server'] --- import kbnContentManagementFavoritesServerObj from './kbn_content_management_favorites_server.devdocs.json'; diff --git a/api_docs/kbn_content_management_tabbed_table_list_view.mdx b/api_docs/kbn_content_management_tabbed_table_list_view.mdx index 8713fbffc88814..2944b75bebd21f 100644 --- a/api_docs/kbn_content_management_tabbed_table_list_view.mdx +++ b/api_docs/kbn_content_management_tabbed_table_list_view.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-content-management-tabbed-table-list-view title: "@kbn/content-management-tabbed-table-list-view" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/content-management-tabbed-table-list-view plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/content-management-tabbed-table-list-view'] --- import kbnContentManagementTabbedTableListViewObj from './kbn_content_management_tabbed_table_list_view.devdocs.json'; diff --git a/api_docs/kbn_content_management_table_list_view.mdx b/api_docs/kbn_content_management_table_list_view.mdx index 2175ed159a696a..944f097f2e114a 100644 --- a/api_docs/kbn_content_management_table_list_view.mdx +++ b/api_docs/kbn_content_management_table_list_view.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-content-management-table-list-view title: "@kbn/content-management-table-list-view" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/content-management-table-list-view plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/content-management-table-list-view'] --- import kbnContentManagementTableListViewObj from './kbn_content_management_table_list_view.devdocs.json'; diff --git a/api_docs/kbn_content_management_table_list_view_common.mdx b/api_docs/kbn_content_management_table_list_view_common.mdx index a5c070deb113eb..3e4d41c6c05034 100644 --- a/api_docs/kbn_content_management_table_list_view_common.mdx +++ b/api_docs/kbn_content_management_table_list_view_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-content-management-table-list-view-common title: "@kbn/content-management-table-list-view-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/content-management-table-list-view-common plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/content-management-table-list-view-common'] --- import kbnContentManagementTableListViewCommonObj from './kbn_content_management_table_list_view_common.devdocs.json'; diff --git a/api_docs/kbn_content_management_table_list_view_table.mdx b/api_docs/kbn_content_management_table_list_view_table.mdx index 44b64464e58b3e..e9d7ec36a3b008 100644 --- a/api_docs/kbn_content_management_table_list_view_table.mdx +++ b/api_docs/kbn_content_management_table_list_view_table.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-content-management-table-list-view-table title: "@kbn/content-management-table-list-view-table" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/content-management-table-list-view-table plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/content-management-table-list-view-table'] --- import kbnContentManagementTableListViewTableObj from './kbn_content_management_table_list_view_table.devdocs.json'; diff --git a/api_docs/kbn_content_management_user_profiles.mdx b/api_docs/kbn_content_management_user_profiles.mdx index 2e8cbc9d245af4..8de72090dd9237 100644 --- a/api_docs/kbn_content_management_user_profiles.mdx +++ b/api_docs/kbn_content_management_user_profiles.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-content-management-user-profiles title: "@kbn/content-management-user-profiles" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/content-management-user-profiles plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/content-management-user-profiles'] --- import kbnContentManagementUserProfilesObj from './kbn_content_management_user_profiles.devdocs.json'; diff --git a/api_docs/kbn_content_management_utils.mdx b/api_docs/kbn_content_management_utils.mdx index 37f9380b62124c..0bc3640a3f068d 100644 --- a/api_docs/kbn_content_management_utils.mdx +++ b/api_docs/kbn_content_management_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-content-management-utils title: "@kbn/content-management-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/content-management-utils plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/content-management-utils'] --- import kbnContentManagementUtilsObj from './kbn_content_management_utils.devdocs.json'; diff --git a/api_docs/kbn_core_analytics_browser.mdx b/api_docs/kbn_core_analytics_browser.mdx index 43db44e1f649bd..60fc6205729d74 100644 --- a/api_docs/kbn_core_analytics_browser.mdx +++ b/api_docs/kbn_core_analytics_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-analytics-browser title: "@kbn/core-analytics-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-analytics-browser plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-analytics-browser'] --- import kbnCoreAnalyticsBrowserObj from './kbn_core_analytics_browser.devdocs.json'; diff --git a/api_docs/kbn_core_analytics_browser_internal.mdx b/api_docs/kbn_core_analytics_browser_internal.mdx index 1abe9b01009f62..44bc53d78e7a01 100644 --- a/api_docs/kbn_core_analytics_browser_internal.mdx +++ b/api_docs/kbn_core_analytics_browser_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-analytics-browser-internal title: "@kbn/core-analytics-browser-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-analytics-browser-internal plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-analytics-browser-internal'] --- import kbnCoreAnalyticsBrowserInternalObj from './kbn_core_analytics_browser_internal.devdocs.json'; diff --git a/api_docs/kbn_core_analytics_browser_mocks.mdx b/api_docs/kbn_core_analytics_browser_mocks.mdx index 9f53359ea78f51..969e3b2f6b8176 100644 --- a/api_docs/kbn_core_analytics_browser_mocks.mdx +++ b/api_docs/kbn_core_analytics_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-analytics-browser-mocks title: "@kbn/core-analytics-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-analytics-browser-mocks plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-analytics-browser-mocks'] --- import kbnCoreAnalyticsBrowserMocksObj from './kbn_core_analytics_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_analytics_server.mdx b/api_docs/kbn_core_analytics_server.mdx index 35a45a2c844819..89cf5da8259834 100644 --- a/api_docs/kbn_core_analytics_server.mdx +++ b/api_docs/kbn_core_analytics_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-analytics-server title: "@kbn/core-analytics-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-analytics-server plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-analytics-server'] --- import kbnCoreAnalyticsServerObj from './kbn_core_analytics_server.devdocs.json'; diff --git a/api_docs/kbn_core_analytics_server_internal.mdx b/api_docs/kbn_core_analytics_server_internal.mdx index 2eb93a3e06a336..459b65e42575d5 100644 --- a/api_docs/kbn_core_analytics_server_internal.mdx +++ b/api_docs/kbn_core_analytics_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-analytics-server-internal title: "@kbn/core-analytics-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-analytics-server-internal plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-analytics-server-internal'] --- import kbnCoreAnalyticsServerInternalObj from './kbn_core_analytics_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_analytics_server_mocks.mdx b/api_docs/kbn_core_analytics_server_mocks.mdx index 51734aa3566b35..6d22516fcfa43a 100644 --- a/api_docs/kbn_core_analytics_server_mocks.mdx +++ b/api_docs/kbn_core_analytics_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-analytics-server-mocks title: "@kbn/core-analytics-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-analytics-server-mocks plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-analytics-server-mocks'] --- import kbnCoreAnalyticsServerMocksObj from './kbn_core_analytics_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_application_browser.mdx b/api_docs/kbn_core_application_browser.mdx index 79638243a29d1b..5a92eda078d823 100644 --- a/api_docs/kbn_core_application_browser.mdx +++ b/api_docs/kbn_core_application_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-application-browser title: "@kbn/core-application-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-application-browser plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-application-browser'] --- import kbnCoreApplicationBrowserObj from './kbn_core_application_browser.devdocs.json'; diff --git a/api_docs/kbn_core_application_browser_internal.mdx b/api_docs/kbn_core_application_browser_internal.mdx index ab8e855a6bdf30..ae985fa246a7a4 100644 --- a/api_docs/kbn_core_application_browser_internal.mdx +++ b/api_docs/kbn_core_application_browser_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-application-browser-internal title: "@kbn/core-application-browser-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-application-browser-internal plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-application-browser-internal'] --- import kbnCoreApplicationBrowserInternalObj from './kbn_core_application_browser_internal.devdocs.json'; diff --git a/api_docs/kbn_core_application_browser_mocks.mdx b/api_docs/kbn_core_application_browser_mocks.mdx index 911e0b27dfe010..6423c693cc2d15 100644 --- a/api_docs/kbn_core_application_browser_mocks.mdx +++ b/api_docs/kbn_core_application_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-application-browser-mocks title: "@kbn/core-application-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-application-browser-mocks plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-application-browser-mocks'] --- import kbnCoreApplicationBrowserMocksObj from './kbn_core_application_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_application_common.mdx b/api_docs/kbn_core_application_common.mdx index e82149f1a27870..a68fdf616f5e83 100644 --- a/api_docs/kbn_core_application_common.mdx +++ b/api_docs/kbn_core_application_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-application-common title: "@kbn/core-application-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-application-common plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-application-common'] --- import kbnCoreApplicationCommonObj from './kbn_core_application_common.devdocs.json'; diff --git a/api_docs/kbn_core_apps_browser_internal.mdx b/api_docs/kbn_core_apps_browser_internal.mdx index 87e91d4973293d..15e129897a5575 100644 --- a/api_docs/kbn_core_apps_browser_internal.mdx +++ b/api_docs/kbn_core_apps_browser_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-apps-browser-internal title: "@kbn/core-apps-browser-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-apps-browser-internal plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-apps-browser-internal'] --- import kbnCoreAppsBrowserInternalObj from './kbn_core_apps_browser_internal.devdocs.json'; diff --git a/api_docs/kbn_core_apps_browser_mocks.mdx b/api_docs/kbn_core_apps_browser_mocks.mdx index 3f9f3eb704ac2b..4bfc845d0c8f40 100644 --- a/api_docs/kbn_core_apps_browser_mocks.mdx +++ b/api_docs/kbn_core_apps_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-apps-browser-mocks title: "@kbn/core-apps-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-apps-browser-mocks plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-apps-browser-mocks'] --- import kbnCoreAppsBrowserMocksObj from './kbn_core_apps_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_apps_server_internal.mdx b/api_docs/kbn_core_apps_server_internal.mdx index ea873141493493..6577e12f6ed830 100644 --- a/api_docs/kbn_core_apps_server_internal.mdx +++ b/api_docs/kbn_core_apps_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-apps-server-internal title: "@kbn/core-apps-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-apps-server-internal plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-apps-server-internal'] --- import kbnCoreAppsServerInternalObj from './kbn_core_apps_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_base_browser_mocks.mdx b/api_docs/kbn_core_base_browser_mocks.mdx index 3d168d02eb3c56..d1841bd16f6ad2 100644 --- a/api_docs/kbn_core_base_browser_mocks.mdx +++ b/api_docs/kbn_core_base_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-base-browser-mocks title: "@kbn/core-base-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-base-browser-mocks plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-base-browser-mocks'] --- import kbnCoreBaseBrowserMocksObj from './kbn_core_base_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_base_common.mdx b/api_docs/kbn_core_base_common.mdx index 512ffddcdcdd62..d7883e58893d6c 100644 --- a/api_docs/kbn_core_base_common.mdx +++ b/api_docs/kbn_core_base_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-base-common title: "@kbn/core-base-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-base-common plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-base-common'] --- import kbnCoreBaseCommonObj from './kbn_core_base_common.devdocs.json'; diff --git a/api_docs/kbn_core_base_server_internal.mdx b/api_docs/kbn_core_base_server_internal.mdx index 354edd84e28b51..68d4aa6af3c240 100644 --- a/api_docs/kbn_core_base_server_internal.mdx +++ b/api_docs/kbn_core_base_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-base-server-internal title: "@kbn/core-base-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-base-server-internal plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-base-server-internal'] --- import kbnCoreBaseServerInternalObj from './kbn_core_base_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_base_server_mocks.mdx b/api_docs/kbn_core_base_server_mocks.mdx index 3424a5bd7cc533..3a68fc2cd9742a 100644 --- a/api_docs/kbn_core_base_server_mocks.mdx +++ b/api_docs/kbn_core_base_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-base-server-mocks title: "@kbn/core-base-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-base-server-mocks plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-base-server-mocks'] --- import kbnCoreBaseServerMocksObj from './kbn_core_base_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_capabilities_browser_mocks.mdx b/api_docs/kbn_core_capabilities_browser_mocks.mdx index 3ef5ff91962a11..37274f728f59f1 100644 --- a/api_docs/kbn_core_capabilities_browser_mocks.mdx +++ b/api_docs/kbn_core_capabilities_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-capabilities-browser-mocks title: "@kbn/core-capabilities-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-capabilities-browser-mocks plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-capabilities-browser-mocks'] --- import kbnCoreCapabilitiesBrowserMocksObj from './kbn_core_capabilities_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_capabilities_common.mdx b/api_docs/kbn_core_capabilities_common.mdx index 66d98b16952f6b..fcd629b96c41b9 100644 --- a/api_docs/kbn_core_capabilities_common.mdx +++ b/api_docs/kbn_core_capabilities_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-capabilities-common title: "@kbn/core-capabilities-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-capabilities-common plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-capabilities-common'] --- import kbnCoreCapabilitiesCommonObj from './kbn_core_capabilities_common.devdocs.json'; diff --git a/api_docs/kbn_core_capabilities_server.mdx b/api_docs/kbn_core_capabilities_server.mdx index e1dd867f3447ab..73efcbc61698c3 100644 --- a/api_docs/kbn_core_capabilities_server.mdx +++ b/api_docs/kbn_core_capabilities_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-capabilities-server title: "@kbn/core-capabilities-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-capabilities-server plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-capabilities-server'] --- import kbnCoreCapabilitiesServerObj from './kbn_core_capabilities_server.devdocs.json'; diff --git a/api_docs/kbn_core_capabilities_server_mocks.mdx b/api_docs/kbn_core_capabilities_server_mocks.mdx index 051c89f4ec85e2..cc238b0642ba35 100644 --- a/api_docs/kbn_core_capabilities_server_mocks.mdx +++ b/api_docs/kbn_core_capabilities_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-capabilities-server-mocks title: "@kbn/core-capabilities-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-capabilities-server-mocks plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-capabilities-server-mocks'] --- import kbnCoreCapabilitiesServerMocksObj from './kbn_core_capabilities_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_chrome_browser.devdocs.json b/api_docs/kbn_core_chrome_browser.devdocs.json index f7a208fe6ec456..9a5c873f292270 100644 --- a/api_docs/kbn_core_chrome_browser.devdocs.json +++ b/api_docs/kbn_core_chrome_browser.devdocs.json @@ -3792,7 +3792,7 @@ "label": "AppDeepLinkId", "description": [], "signature": [ - "\"fleet\" | \"graph\" | \"ml\" | \"monitoring\" | \"profiling\" | \"metrics\" | \"management\" | \"apm\" | \"synthetics\" | \"ux\" | \"canvas\" | \"logs\" | \"dashboards\" | \"slo\" | \"observabilityAIAssistant\" | \"home\" | \"integrations\" | \"discover\" | \"observability-overview\" | \"appSearch\" | \"dev_tools\" | \"maps\" | \"visualize\" | \"dev_tools:console\" | \"dev_tools:searchprofiler\" | \"dev_tools:painless_lab\" | \"dev_tools:grokdebugger\" | \"ml:notifications\" | \"ml:nodes\" | \"ml:overview\" | \"ml:memoryUsage\" | \"ml:settings\" | \"ml:dataVisualizer\" | \"ml:logPatternAnalysis\" | \"ml:logRateAnalysis\" | \"ml:singleMetricViewer\" | \"ml:anomalyDetection\" | \"ml:anomalyExplorer\" | \"ml:dataDrift\" | \"ml:dataFrameAnalytics\" | \"ml:resultExplorer\" | \"ml:analyticsMap\" | \"ml:aiOps\" | \"ml:changePointDetections\" | \"ml:modelManagement\" | \"ml:nodesOverview\" | \"ml:esqlDataVisualizer\" | \"ml:fileUpload\" | \"ml:indexDataVisualizer\" | \"ml:calendarSettings\" | \"ml:filterListsSettings\" | \"ml:suppliedConfigurations\" | \"osquery\" | \"management:transform\" | \"management:watcher\" | \"management:cases\" | \"management:tags\" | \"management:maintenanceWindows\" | \"management:cross_cluster_replication\" | \"management:dataViews\" | \"management:spaces\" | \"management:settings\" | \"management:users\" | \"management:migrate_data\" | \"management:search_sessions\" | \"management:data_quality\" | \"management:filesManagement\" | \"management:roles\" | \"management:reporting\" | \"management:aiAssistantManagementSelection\" | \"management:securityAiAssistantManagement\" | \"management:observabilityAiAssistantManagement\" | \"management:api_keys\" | \"management:license_management\" | \"management:index_lifecycle_management\" | \"management:index_management\" | \"management:ingest_pipelines\" | \"management:jobsListLink\" | \"management:objects\" | \"management:pipelines\" | \"management:remote_clusters\" | \"management:role_mappings\" | \"management:rollup_jobs\" | \"management:snapshot_restore\" | \"management:triggersActions\" | \"management:triggersActionsConnectors\" | \"management:upgrade_assistant\" | \"enterpriseSearch\" | \"enterpriseSearchContent\" | \"enterpriseSearchApplications\" | \"enterpriseSearchRelevance\" | \"enterpriseSearchAnalytics\" | \"workplaceSearch\" | \"serverlessElasticsearch\" | \"serverlessConnectors\" | \"searchPlayground\" | \"searchInferenceEndpoints\" | \"searchHomepage\" | \"enterpriseSearchContent:connectors\" | \"enterpriseSearchContent:searchIndices\" | \"enterpriseSearchContent:webCrawlers\" | \"enterpriseSearchApplications:searchApplications\" | \"enterpriseSearchApplications:playground\" | \"appSearch:engines\" | \"enterpriseSearchRelevance:inferenceEndpoints\" | \"elasticsearchStart\" | \"elasticsearchIndices\" | \"observability-logs-explorer\" | \"last-used-logs-viewer\" | \"observabilityOnboarding\" | \"inventory\" | \"logs:settings\" | \"logs:stream\" | \"logs:log-categories\" | \"logs:anomalies\" | \"observability-overview:cases\" | \"observability-overview:alerts\" | \"observability-overview:rules\" | \"observability-overview:cases_create\" | \"observability-overview:cases_configure\" | \"metrics:settings\" | \"metrics:hosts\" | \"metrics:inventory\" | \"metrics:metrics-explorer\" | \"metrics:assetDetails\" | \"apm:services\" | \"apm:traces\" | \"apm:dependencies\" | \"apm:service-map\" | \"apm:settings\" | \"apm:service-groups-list\" | \"apm:storage-explorer\" | \"synthetics:overview\" | \"synthetics:certificates\" | \"profiling:functions\" | \"profiling:stacktraces\" | \"profiling:flamegraphs\" | \"inventory:datastreams\" | \"securitySolutionUI\" | \"securitySolutionUI:\" | \"securitySolutionUI:cases\" | \"securitySolutionUI:alerts\" | \"securitySolutionUI:rules\" | \"securitySolutionUI:policy\" | \"securitySolutionUI:overview\" | \"securitySolutionUI:dashboards\" | \"securitySolutionUI:kubernetes\" | \"securitySolutionUI:cases_create\" | \"securitySolutionUI:cases_configure\" | \"securitySolutionUI:hosts\" | \"securitySolutionUI:users\" | \"securitySolutionUI:cloud_defend-policies\" | \"securitySolutionUI:cloud_security_posture-dashboard\" | \"securitySolutionUI:cloud_security_posture-findings\" | \"securitySolutionUI:cloud_security_posture-benchmarks\" | \"securitySolutionUI:network\" | \"securitySolutionUI:data_quality\" | \"securitySolutionUI:explore\" | \"securitySolutionUI:assets\" | \"securitySolutionUI:cloud_defend\" | \"securitySolutionUI:notes\" | \"securitySolutionUI:administration\" | \"securitySolutionUI:attack_discovery\" | \"securitySolutionUI:blocklist\" | \"securitySolutionUI:cloud_security_posture-rules\" | \"securitySolutionUI:detections\" | \"securitySolutionUI:detection_response\" | \"securitySolutionUI:endpoints\" | \"securitySolutionUI:event_filters\" | \"securitySolutionUI:exceptions\" | \"securitySolutionUI:host_isolation_exceptions\" | \"securitySolutionUI:hosts-all\" | \"securitySolutionUI:hosts-anomalies\" | \"securitySolutionUI:hosts-risk\" | \"securitySolutionUI:hosts-events\" | \"securitySolutionUI:hosts-sessions\" | \"securitySolutionUI:hosts-uncommon_processes\" | \"securitySolutionUI:investigations\" | \"securitySolutionUI:get_started\" | \"securitySolutionUI:machine_learning-landing\" | \"securitySolutionUI:network-anomalies\" | \"securitySolutionUI:network-dns\" | \"securitySolutionUI:network-events\" | \"securitySolutionUI:network-flows\" | \"securitySolutionUI:network-http\" | \"securitySolutionUI:network-tls\" | \"securitySolutionUI:response_actions_history\" | \"securitySolutionUI:rules-add\" | \"securitySolutionUI:rules-create\" | \"securitySolutionUI:rules-landing\" | \"securitySolutionUI:threat_intelligence\" | \"securitySolutionUI:timelines\" | \"securitySolutionUI:timelines-templates\" | \"securitySolutionUI:trusted_apps\" | \"securitySolutionUI:users-all\" | \"securitySolutionUI:users-anomalies\" | \"securitySolutionUI:users-authentications\" | \"securitySolutionUI:users-events\" | \"securitySolutionUI:users-risk\" | \"securitySolutionUI:entity_analytics\" | \"securitySolutionUI:entity_analytics-management\" | \"securitySolutionUI:entity_analytics-asset-classification\" | \"securitySolutionUI:entity_analytics-entity_store_management\" | \"securitySolutionUI:coverage-overview\" | \"fleet:settings\" | \"fleet:agents\" | \"fleet:policies\" | \"fleet:data_streams\" | \"fleet:enrollment_tokens\" | \"fleet:uninstall_tokens\"" + "\"fleet\" | \"graph\" | \"ml\" | \"monitoring\" | \"profiling\" | \"metrics\" | \"management\" | \"apm\" | \"synthetics\" | \"ux\" | \"canvas\" | \"logs\" | \"dashboards\" | \"slo\" | \"observabilityAIAssistant\" | \"home\" | \"integrations\" | \"discover\" | \"observability-overview\" | \"appSearch\" | \"dev_tools\" | \"maps\" | \"visualize\" | \"dev_tools:console\" | \"dev_tools:searchprofiler\" | \"dev_tools:painless_lab\" | \"dev_tools:grokdebugger\" | \"ml:notifications\" | \"ml:nodes\" | \"ml:overview\" | \"ml:memoryUsage\" | \"ml:settings\" | \"ml:dataVisualizer\" | \"ml:logPatternAnalysis\" | \"ml:logRateAnalysis\" | \"ml:singleMetricViewer\" | \"ml:anomalyDetection\" | \"ml:anomalyExplorer\" | \"ml:dataDrift\" | \"ml:dataFrameAnalytics\" | \"ml:resultExplorer\" | \"ml:analyticsMap\" | \"ml:aiOps\" | \"ml:changePointDetections\" | \"ml:modelManagement\" | \"ml:nodesOverview\" | \"ml:esqlDataVisualizer\" | \"ml:fileUpload\" | \"ml:indexDataVisualizer\" | \"ml:calendarSettings\" | \"ml:filterListsSettings\" | \"ml:suppliedConfigurations\" | \"osquery\" | \"management:transform\" | \"management:watcher\" | \"management:cases\" | \"management:tags\" | \"management:maintenanceWindows\" | \"management:cross_cluster_replication\" | \"management:dataViews\" | \"management:spaces\" | \"management:settings\" | \"management:users\" | \"management:migrate_data\" | \"management:search_sessions\" | \"management:data_quality\" | \"management:filesManagement\" | \"management:roles\" | \"management:reporting\" | \"management:aiAssistantManagementSelection\" | \"management:securityAiAssistantManagement\" | \"management:observabilityAiAssistantManagement\" | \"management:api_keys\" | \"management:license_management\" | \"management:index_lifecycle_management\" | \"management:index_management\" | \"management:ingest_pipelines\" | \"management:jobsListLink\" | \"management:objects\" | \"management:pipelines\" | \"management:remote_clusters\" | \"management:role_mappings\" | \"management:rollup_jobs\" | \"management:snapshot_restore\" | \"management:triggersActions\" | \"management:triggersActionsConnectors\" | \"management:upgrade_assistant\" | \"enterpriseSearch\" | \"enterpriseSearchContent\" | \"enterpriseSearchApplications\" | \"searchInferenceEndpoints\" | \"enterpriseSearchAnalytics\" | \"workplaceSearch\" | \"serverlessElasticsearch\" | \"serverlessConnectors\" | \"searchPlayground\" | \"searchHomepage\" | \"enterpriseSearchContent:connectors\" | \"enterpriseSearchContent:searchIndices\" | \"enterpriseSearchContent:webCrawlers\" | \"enterpriseSearchApplications:searchApplications\" | \"enterpriseSearchApplications:playground\" | \"appSearch:engines\" | \"searchInferenceEndpoints:inferenceEndpoints\" | \"elasticsearchStart\" | \"elasticsearchIndices\" | \"observability-logs-explorer\" | \"last-used-logs-viewer\" | \"observabilityOnboarding\" | \"inventory\" | \"logs:settings\" | \"logs:stream\" | \"logs:log-categories\" | \"logs:anomalies\" | \"observability-overview:cases\" | \"observability-overview:alerts\" | \"observability-overview:rules\" | \"observability-overview:cases_create\" | \"observability-overview:cases_configure\" | \"metrics:settings\" | \"metrics:hosts\" | \"metrics:inventory\" | \"metrics:metrics-explorer\" | \"metrics:assetDetails\" | \"apm:services\" | \"apm:traces\" | \"apm:dependencies\" | \"apm:service-map\" | \"apm:settings\" | \"apm:service-groups-list\" | \"apm:storage-explorer\" | \"synthetics:overview\" | \"synthetics:certificates\" | \"profiling:functions\" | \"profiling:stacktraces\" | \"profiling:flamegraphs\" | \"inventory:datastreams\" | \"securitySolutionUI\" | \"securitySolutionUI:\" | \"securitySolutionUI:cases\" | \"securitySolutionUI:alerts\" | \"securitySolutionUI:rules\" | \"securitySolutionUI:policy\" | \"securitySolutionUI:overview\" | \"securitySolutionUI:dashboards\" | \"securitySolutionUI:kubernetes\" | \"securitySolutionUI:cases_create\" | \"securitySolutionUI:cases_configure\" | \"securitySolutionUI:hosts\" | \"securitySolutionUI:users\" | \"securitySolutionUI:cloud_defend-policies\" | \"securitySolutionUI:cloud_security_posture-dashboard\" | \"securitySolutionUI:cloud_security_posture-findings\" | \"securitySolutionUI:cloud_security_posture-benchmarks\" | \"securitySolutionUI:network\" | \"securitySolutionUI:data_quality\" | \"securitySolutionUI:explore\" | \"securitySolutionUI:assets\" | \"securitySolutionUI:cloud_defend\" | \"securitySolutionUI:notes\" | \"securitySolutionUI:administration\" | \"securitySolutionUI:attack_discovery\" | \"securitySolutionUI:blocklist\" | \"securitySolutionUI:cloud_security_posture-rules\" | \"securitySolutionUI:detections\" | \"securitySolutionUI:detection_response\" | \"securitySolutionUI:endpoints\" | \"securitySolutionUI:event_filters\" | \"securitySolutionUI:exceptions\" | \"securitySolutionUI:host_isolation_exceptions\" | \"securitySolutionUI:hosts-all\" | \"securitySolutionUI:hosts-anomalies\" | \"securitySolutionUI:hosts-risk\" | \"securitySolutionUI:hosts-events\" | \"securitySolutionUI:hosts-sessions\" | \"securitySolutionUI:hosts-uncommon_processes\" | \"securitySolutionUI:investigations\" | \"securitySolutionUI:get_started\" | \"securitySolutionUI:machine_learning-landing\" | \"securitySolutionUI:network-anomalies\" | \"securitySolutionUI:network-dns\" | \"securitySolutionUI:network-events\" | \"securitySolutionUI:network-flows\" | \"securitySolutionUI:network-http\" | \"securitySolutionUI:network-tls\" | \"securitySolutionUI:response_actions_history\" | \"securitySolutionUI:rules-add\" | \"securitySolutionUI:rules-create\" | \"securitySolutionUI:rules-landing\" | \"securitySolutionUI:threat_intelligence\" | \"securitySolutionUI:timelines\" | \"securitySolutionUI:timelines-templates\" | \"securitySolutionUI:trusted_apps\" | \"securitySolutionUI:users-all\" | \"securitySolutionUI:users-anomalies\" | \"securitySolutionUI:users-authentications\" | \"securitySolutionUI:users-events\" | \"securitySolutionUI:users-risk\" | \"securitySolutionUI:entity_analytics\" | \"securitySolutionUI:entity_analytics-management\" | \"securitySolutionUI:entity_analytics-asset-classification\" | \"securitySolutionUI:entity_analytics-entity_store_management\" | \"securitySolutionUI:coverage-overview\" | \"fleet:settings\" | \"fleet:agents\" | \"fleet:policies\" | \"fleet:data_streams\" | \"fleet:enrollment_tokens\" | \"fleet:uninstall_tokens\"" ], "path": "packages/core/chrome/core-chrome-browser/src/project_navigation.ts", "deprecated": false, @@ -3923,7 +3923,7 @@ "label": "CloudLinkId", "description": [], "signature": [ - "\"projects\" | \"userAndRoles\" | \"performance\" | \"billingAndSub\" | \"deployment\" | \"deployments\"" + "\"projects\" | \"deployment\" | \"userAndRoles\" | \"performance\" | \"billingAndSub\" | \"deployments\"" ], "path": "packages/core/chrome/core-chrome-browser/src/project_navigation.ts", "deprecated": false, @@ -3946,7 +3946,7 @@ "section": "def-public.CloudLink", "text": "CloudLink" }, - " | undefined; userAndRoles?: ", + " | undefined; deployment?: ", { "pluginId": "@kbn/core-chrome-browser", "scope": "public", @@ -3954,7 +3954,7 @@ "section": "def-public.CloudLink", "text": "CloudLink" }, - " | undefined; performance?: ", + " | undefined; userAndRoles?: ", { "pluginId": "@kbn/core-chrome-browser", "scope": "public", @@ -3962,7 +3962,7 @@ "section": "def-public.CloudLink", "text": "CloudLink" }, - " | undefined; billingAndSub?: ", + " | undefined; performance?: ", { "pluginId": "@kbn/core-chrome-browser", "scope": "public", @@ -3970,7 +3970,7 @@ "section": "def-public.CloudLink", "text": "CloudLink" }, - " | undefined; deployment?: ", + " | undefined; billingAndSub?: ", { "pluginId": "@kbn/core-chrome-browser", "scope": "public", diff --git a/api_docs/kbn_core_chrome_browser.mdx b/api_docs/kbn_core_chrome_browser.mdx index ba4ea662f35a70..40d7be5ddafa1c 100644 --- a/api_docs/kbn_core_chrome_browser.mdx +++ b/api_docs/kbn_core_chrome_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-chrome-browser title: "@kbn/core-chrome-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-chrome-browser plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-chrome-browser'] --- import kbnCoreChromeBrowserObj from './kbn_core_chrome_browser.devdocs.json'; diff --git a/api_docs/kbn_core_chrome_browser_mocks.mdx b/api_docs/kbn_core_chrome_browser_mocks.mdx index 83b62e0d54475b..555fdefd23742c 100644 --- a/api_docs/kbn_core_chrome_browser_mocks.mdx +++ b/api_docs/kbn_core_chrome_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-chrome-browser-mocks title: "@kbn/core-chrome-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-chrome-browser-mocks plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-chrome-browser-mocks'] --- import kbnCoreChromeBrowserMocksObj from './kbn_core_chrome_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_config_server_internal.mdx b/api_docs/kbn_core_config_server_internal.mdx index a031665720fb76..e546363b5dfd30 100644 --- a/api_docs/kbn_core_config_server_internal.mdx +++ b/api_docs/kbn_core_config_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-config-server-internal title: "@kbn/core-config-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-config-server-internal plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-config-server-internal'] --- import kbnCoreConfigServerInternalObj from './kbn_core_config_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_custom_branding_browser.mdx b/api_docs/kbn_core_custom_branding_browser.mdx index f53c8ba3992455..22c30c6b5d5ac2 100644 --- a/api_docs/kbn_core_custom_branding_browser.mdx +++ b/api_docs/kbn_core_custom_branding_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-custom-branding-browser title: "@kbn/core-custom-branding-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-custom-branding-browser plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-custom-branding-browser'] --- import kbnCoreCustomBrandingBrowserObj from './kbn_core_custom_branding_browser.devdocs.json'; diff --git a/api_docs/kbn_core_custom_branding_browser_internal.mdx b/api_docs/kbn_core_custom_branding_browser_internal.mdx index 4d766aaaf0b113..06c26e2d56648c 100644 --- a/api_docs/kbn_core_custom_branding_browser_internal.mdx +++ b/api_docs/kbn_core_custom_branding_browser_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-custom-branding-browser-internal title: "@kbn/core-custom-branding-browser-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-custom-branding-browser-internal plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-custom-branding-browser-internal'] --- import kbnCoreCustomBrandingBrowserInternalObj from './kbn_core_custom_branding_browser_internal.devdocs.json'; diff --git a/api_docs/kbn_core_custom_branding_browser_mocks.mdx b/api_docs/kbn_core_custom_branding_browser_mocks.mdx index 3c25a670f2c7d0..c9d4f33d9e6650 100644 --- a/api_docs/kbn_core_custom_branding_browser_mocks.mdx +++ b/api_docs/kbn_core_custom_branding_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-custom-branding-browser-mocks title: "@kbn/core-custom-branding-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-custom-branding-browser-mocks plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-custom-branding-browser-mocks'] --- import kbnCoreCustomBrandingBrowserMocksObj from './kbn_core_custom_branding_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_custom_branding_common.mdx b/api_docs/kbn_core_custom_branding_common.mdx index 09e0b8013be004..1fd39040f94022 100644 --- a/api_docs/kbn_core_custom_branding_common.mdx +++ b/api_docs/kbn_core_custom_branding_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-custom-branding-common title: "@kbn/core-custom-branding-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-custom-branding-common plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-custom-branding-common'] --- import kbnCoreCustomBrandingCommonObj from './kbn_core_custom_branding_common.devdocs.json'; diff --git a/api_docs/kbn_core_custom_branding_server.mdx b/api_docs/kbn_core_custom_branding_server.mdx index c176fb4f4d133b..483a213bd66ed7 100644 --- a/api_docs/kbn_core_custom_branding_server.mdx +++ b/api_docs/kbn_core_custom_branding_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-custom-branding-server title: "@kbn/core-custom-branding-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-custom-branding-server plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-custom-branding-server'] --- import kbnCoreCustomBrandingServerObj from './kbn_core_custom_branding_server.devdocs.json'; diff --git a/api_docs/kbn_core_custom_branding_server_internal.mdx b/api_docs/kbn_core_custom_branding_server_internal.mdx index de6023b635192c..3dd65b11914f40 100644 --- a/api_docs/kbn_core_custom_branding_server_internal.mdx +++ b/api_docs/kbn_core_custom_branding_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-custom-branding-server-internal title: "@kbn/core-custom-branding-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-custom-branding-server-internal plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-custom-branding-server-internal'] --- import kbnCoreCustomBrandingServerInternalObj from './kbn_core_custom_branding_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_custom_branding_server_mocks.mdx b/api_docs/kbn_core_custom_branding_server_mocks.mdx index 3623061cd4579c..ab72e7bbb1759c 100644 --- a/api_docs/kbn_core_custom_branding_server_mocks.mdx +++ b/api_docs/kbn_core_custom_branding_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-custom-branding-server-mocks title: "@kbn/core-custom-branding-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-custom-branding-server-mocks plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-custom-branding-server-mocks'] --- import kbnCoreCustomBrandingServerMocksObj from './kbn_core_custom_branding_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_deprecations_browser.mdx b/api_docs/kbn_core_deprecations_browser.mdx index 09a830e75fff67..200cb548c56835 100644 --- a/api_docs/kbn_core_deprecations_browser.mdx +++ b/api_docs/kbn_core_deprecations_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-deprecations-browser title: "@kbn/core-deprecations-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-deprecations-browser plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-deprecations-browser'] --- import kbnCoreDeprecationsBrowserObj from './kbn_core_deprecations_browser.devdocs.json'; diff --git a/api_docs/kbn_core_deprecations_browser_internal.mdx b/api_docs/kbn_core_deprecations_browser_internal.mdx index cbfe1648fdfab1..6825081b2c001c 100644 --- a/api_docs/kbn_core_deprecations_browser_internal.mdx +++ b/api_docs/kbn_core_deprecations_browser_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-deprecations-browser-internal title: "@kbn/core-deprecations-browser-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-deprecations-browser-internal plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-deprecations-browser-internal'] --- import kbnCoreDeprecationsBrowserInternalObj from './kbn_core_deprecations_browser_internal.devdocs.json'; diff --git a/api_docs/kbn_core_deprecations_browser_mocks.mdx b/api_docs/kbn_core_deprecations_browser_mocks.mdx index d0ce93bfe82a07..adf31650c73810 100644 --- a/api_docs/kbn_core_deprecations_browser_mocks.mdx +++ b/api_docs/kbn_core_deprecations_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-deprecations-browser-mocks title: "@kbn/core-deprecations-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-deprecations-browser-mocks plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-deprecations-browser-mocks'] --- import kbnCoreDeprecationsBrowserMocksObj from './kbn_core_deprecations_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_deprecations_common.devdocs.json b/api_docs/kbn_core_deprecations_common.devdocs.json index d1055cac144e96..59c42fc7e5ed2f 100644 --- a/api_docs/kbn_core_deprecations_common.devdocs.json +++ b/api_docs/kbn_core_deprecations_common.devdocs.json @@ -49,12 +49,15 @@ { "parentPluginId": "@kbn/core-deprecations-common", "id": "def-common.BaseDeprecationDetails.message", - "type": "string", + "type": "CompoundType", "tags": [], "label": "message", "description": [ "\nThe description message to be displayed for the deprecation.\nCheck the README for writing deprecations in `src/core/server/deprecations/README.mdx`" ], + "signature": [ + "string | string[]" + ], "path": "packages/core/deprecations/core-deprecations-common/src/types.ts", "deprecated": false, "trackAdoption": false @@ -85,7 +88,7 @@ "\n(optional) Used to identify between different deprecation types.\nExample use case: in Upgrade Assistant, we may want to allow the user to sort by\ndeprecation type or show each type in a separate tab.\n\nFeel free to add new types if necessary.\nPredefined types are necessary to reduce having similar definitions with different keywords\nacross kibana deprecations." ], "signature": [ - "\"config\" | \"feature\" | undefined" + "\"config\" | \"api\" | \"feature\" | undefined" ], "path": "packages/core/deprecations/core-deprecations-common/src/types.ts", "deprecated": false, @@ -133,7 +136,7 @@ "corrective action needed to fix this deprecation." ], "signature": [ - "{ api?: { path: string; method: \"POST\" | \"PUT\"; body?: { [key: string]: any; } | undefined; omitContextFromBody?: boolean | undefined; } | undefined; manualSteps: string[]; }" + "{ api?: { path: string; method: \"POST\" | \"PUT\"; body?: { [key: string]: any; } | undefined; omitContextFromBody?: boolean | undefined; } | undefined; manualSteps: string[]; mark_as_resolved_api?: { apiTotalCalls: number; totalMarkedAsResolved: number; timestamp: string | number | Date; routePath: string; routeMethod: string; routeVersion?: string | undefined; } | undefined; }" ], "path": "packages/core/deprecations/core-deprecations-common/src/types.ts", "deprecated": false, @@ -297,6 +300,8 @@ "text": "ConfigDeprecationDetails" }, " | ", + "ApiDeprecationDetails", + " | ", { "pluginId": "@kbn/core-deprecations-common", "scope": "common", diff --git a/api_docs/kbn_core_deprecations_common.mdx b/api_docs/kbn_core_deprecations_common.mdx index e1909389074b1d..0ba68c06ac7c1f 100644 --- a/api_docs/kbn_core_deprecations_common.mdx +++ b/api_docs/kbn_core_deprecations_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-deprecations-common title: "@kbn/core-deprecations-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-deprecations-common plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-deprecations-common'] --- import kbnCoreDeprecationsCommonObj from './kbn_core_deprecations_common.devdocs.json'; @@ -21,7 +21,7 @@ Contact [@elastic/kibana-core](https://github.com/orgs/elastic/teams/kibana-core | Public API count | Any count | Items lacking comments | Missing exports | |-------------------|-----------|------------------------|-----------------| -| 17 | 0 | 9 | 0 | +| 17 | 0 | 9 | 1 | ## Common diff --git a/api_docs/kbn_core_deprecations_server.mdx b/api_docs/kbn_core_deprecations_server.mdx index 1ff73df4f0dbd0..8c901046471c57 100644 --- a/api_docs/kbn_core_deprecations_server.mdx +++ b/api_docs/kbn_core_deprecations_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-deprecations-server title: "@kbn/core-deprecations-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-deprecations-server plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-deprecations-server'] --- import kbnCoreDeprecationsServerObj from './kbn_core_deprecations_server.devdocs.json'; diff --git a/api_docs/kbn_core_deprecations_server_internal.mdx b/api_docs/kbn_core_deprecations_server_internal.mdx index 13e368dd3ff281..630d882e07d315 100644 --- a/api_docs/kbn_core_deprecations_server_internal.mdx +++ b/api_docs/kbn_core_deprecations_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-deprecations-server-internal title: "@kbn/core-deprecations-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-deprecations-server-internal plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-deprecations-server-internal'] --- import kbnCoreDeprecationsServerInternalObj from './kbn_core_deprecations_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_deprecations_server_mocks.mdx b/api_docs/kbn_core_deprecations_server_mocks.mdx index 674406dca02f2a..c9da0e57500b08 100644 --- a/api_docs/kbn_core_deprecations_server_mocks.mdx +++ b/api_docs/kbn_core_deprecations_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-deprecations-server-mocks title: "@kbn/core-deprecations-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-deprecations-server-mocks plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-deprecations-server-mocks'] --- import kbnCoreDeprecationsServerMocksObj from './kbn_core_deprecations_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_doc_links_browser.mdx b/api_docs/kbn_core_doc_links_browser.mdx index a3bab36e39853f..a30458eca17583 100644 --- a/api_docs/kbn_core_doc_links_browser.mdx +++ b/api_docs/kbn_core_doc_links_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-doc-links-browser title: "@kbn/core-doc-links-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-doc-links-browser plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-doc-links-browser'] --- import kbnCoreDocLinksBrowserObj from './kbn_core_doc_links_browser.devdocs.json'; diff --git a/api_docs/kbn_core_doc_links_browser_mocks.mdx b/api_docs/kbn_core_doc_links_browser_mocks.mdx index 01f2db6be8ee75..01ab9040f903de 100644 --- a/api_docs/kbn_core_doc_links_browser_mocks.mdx +++ b/api_docs/kbn_core_doc_links_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-doc-links-browser-mocks title: "@kbn/core-doc-links-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-doc-links-browser-mocks plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-doc-links-browser-mocks'] --- import kbnCoreDocLinksBrowserMocksObj from './kbn_core_doc_links_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_doc_links_server.mdx b/api_docs/kbn_core_doc_links_server.mdx index 3f527319436f60..47ffdc15299f44 100644 --- a/api_docs/kbn_core_doc_links_server.mdx +++ b/api_docs/kbn_core_doc_links_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-doc-links-server title: "@kbn/core-doc-links-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-doc-links-server plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-doc-links-server'] --- import kbnCoreDocLinksServerObj from './kbn_core_doc_links_server.devdocs.json'; diff --git a/api_docs/kbn_core_doc_links_server_mocks.mdx b/api_docs/kbn_core_doc_links_server_mocks.mdx index 01358cc9608618..849fcb6ed3eb00 100644 --- a/api_docs/kbn_core_doc_links_server_mocks.mdx +++ b/api_docs/kbn_core_doc_links_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-doc-links-server-mocks title: "@kbn/core-doc-links-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-doc-links-server-mocks plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-doc-links-server-mocks'] --- import kbnCoreDocLinksServerMocksObj from './kbn_core_doc_links_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_elasticsearch_client_server_internal.mdx b/api_docs/kbn_core_elasticsearch_client_server_internal.mdx index 0a7dbeb28db3e1..9646db76954294 100644 --- a/api_docs/kbn_core_elasticsearch_client_server_internal.mdx +++ b/api_docs/kbn_core_elasticsearch_client_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-elasticsearch-client-server-internal title: "@kbn/core-elasticsearch-client-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-elasticsearch-client-server-internal plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-elasticsearch-client-server-internal'] --- import kbnCoreElasticsearchClientServerInternalObj from './kbn_core_elasticsearch_client_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_elasticsearch_client_server_mocks.mdx b/api_docs/kbn_core_elasticsearch_client_server_mocks.mdx index a2299986a7dd68..fa403612d28f1a 100644 --- a/api_docs/kbn_core_elasticsearch_client_server_mocks.mdx +++ b/api_docs/kbn_core_elasticsearch_client_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-elasticsearch-client-server-mocks title: "@kbn/core-elasticsearch-client-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-elasticsearch-client-server-mocks plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-elasticsearch-client-server-mocks'] --- import kbnCoreElasticsearchClientServerMocksObj from './kbn_core_elasticsearch_client_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_elasticsearch_server.mdx b/api_docs/kbn_core_elasticsearch_server.mdx index 6a1a58ab52ac9d..aa55e46d80b99e 100644 --- a/api_docs/kbn_core_elasticsearch_server.mdx +++ b/api_docs/kbn_core_elasticsearch_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-elasticsearch-server title: "@kbn/core-elasticsearch-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-elasticsearch-server plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-elasticsearch-server'] --- import kbnCoreElasticsearchServerObj from './kbn_core_elasticsearch_server.devdocs.json'; diff --git a/api_docs/kbn_core_elasticsearch_server_internal.mdx b/api_docs/kbn_core_elasticsearch_server_internal.mdx index d7c966eb0723ec..154e7c60ede82f 100644 --- a/api_docs/kbn_core_elasticsearch_server_internal.mdx +++ b/api_docs/kbn_core_elasticsearch_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-elasticsearch-server-internal title: "@kbn/core-elasticsearch-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-elasticsearch-server-internal plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-elasticsearch-server-internal'] --- import kbnCoreElasticsearchServerInternalObj from './kbn_core_elasticsearch_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_elasticsearch_server_mocks.mdx b/api_docs/kbn_core_elasticsearch_server_mocks.mdx index 7ed70888a54217..801356bc14ab95 100644 --- a/api_docs/kbn_core_elasticsearch_server_mocks.mdx +++ b/api_docs/kbn_core_elasticsearch_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-elasticsearch-server-mocks title: "@kbn/core-elasticsearch-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-elasticsearch-server-mocks plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-elasticsearch-server-mocks'] --- import kbnCoreElasticsearchServerMocksObj from './kbn_core_elasticsearch_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_environment_server_internal.mdx b/api_docs/kbn_core_environment_server_internal.mdx index 22fbf62d216916..e65f657d8ef380 100644 --- a/api_docs/kbn_core_environment_server_internal.mdx +++ b/api_docs/kbn_core_environment_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-environment-server-internal title: "@kbn/core-environment-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-environment-server-internal plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-environment-server-internal'] --- import kbnCoreEnvironmentServerInternalObj from './kbn_core_environment_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_environment_server_mocks.mdx b/api_docs/kbn_core_environment_server_mocks.mdx index abd36dd70dbf18..119f16506cfbf5 100644 --- a/api_docs/kbn_core_environment_server_mocks.mdx +++ b/api_docs/kbn_core_environment_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-environment-server-mocks title: "@kbn/core-environment-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-environment-server-mocks plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-environment-server-mocks'] --- import kbnCoreEnvironmentServerMocksObj from './kbn_core_environment_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_execution_context_browser.mdx b/api_docs/kbn_core_execution_context_browser.mdx index 32daa52d330214..f391be847a3ca6 100644 --- a/api_docs/kbn_core_execution_context_browser.mdx +++ b/api_docs/kbn_core_execution_context_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-execution-context-browser title: "@kbn/core-execution-context-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-execution-context-browser plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-execution-context-browser'] --- import kbnCoreExecutionContextBrowserObj from './kbn_core_execution_context_browser.devdocs.json'; diff --git a/api_docs/kbn_core_execution_context_browser_internal.mdx b/api_docs/kbn_core_execution_context_browser_internal.mdx index dbf43b20ee4624..6b012c62c9f9ce 100644 --- a/api_docs/kbn_core_execution_context_browser_internal.mdx +++ b/api_docs/kbn_core_execution_context_browser_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-execution-context-browser-internal title: "@kbn/core-execution-context-browser-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-execution-context-browser-internal plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-execution-context-browser-internal'] --- import kbnCoreExecutionContextBrowserInternalObj from './kbn_core_execution_context_browser_internal.devdocs.json'; diff --git a/api_docs/kbn_core_execution_context_browser_mocks.mdx b/api_docs/kbn_core_execution_context_browser_mocks.mdx index 0e014579b20c9c..86b4ea029bff89 100644 --- a/api_docs/kbn_core_execution_context_browser_mocks.mdx +++ b/api_docs/kbn_core_execution_context_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-execution-context-browser-mocks title: "@kbn/core-execution-context-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-execution-context-browser-mocks plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-execution-context-browser-mocks'] --- import kbnCoreExecutionContextBrowserMocksObj from './kbn_core_execution_context_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_execution_context_common.mdx b/api_docs/kbn_core_execution_context_common.mdx index 327ff550bc2967..4974838eff6af9 100644 --- a/api_docs/kbn_core_execution_context_common.mdx +++ b/api_docs/kbn_core_execution_context_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-execution-context-common title: "@kbn/core-execution-context-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-execution-context-common plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-execution-context-common'] --- import kbnCoreExecutionContextCommonObj from './kbn_core_execution_context_common.devdocs.json'; diff --git a/api_docs/kbn_core_execution_context_server.mdx b/api_docs/kbn_core_execution_context_server.mdx index f9e30573756358..6a5c2fe7f2a6a9 100644 --- a/api_docs/kbn_core_execution_context_server.mdx +++ b/api_docs/kbn_core_execution_context_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-execution-context-server title: "@kbn/core-execution-context-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-execution-context-server plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-execution-context-server'] --- import kbnCoreExecutionContextServerObj from './kbn_core_execution_context_server.devdocs.json'; diff --git a/api_docs/kbn_core_execution_context_server_internal.mdx b/api_docs/kbn_core_execution_context_server_internal.mdx index a7bba3379f32df..4243a5cc3e666c 100644 --- a/api_docs/kbn_core_execution_context_server_internal.mdx +++ b/api_docs/kbn_core_execution_context_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-execution-context-server-internal title: "@kbn/core-execution-context-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-execution-context-server-internal plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-execution-context-server-internal'] --- import kbnCoreExecutionContextServerInternalObj from './kbn_core_execution_context_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_execution_context_server_mocks.mdx b/api_docs/kbn_core_execution_context_server_mocks.mdx index aca0f75a3ec424..98c7534a86b583 100644 --- a/api_docs/kbn_core_execution_context_server_mocks.mdx +++ b/api_docs/kbn_core_execution_context_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-execution-context-server-mocks title: "@kbn/core-execution-context-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-execution-context-server-mocks plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-execution-context-server-mocks'] --- import kbnCoreExecutionContextServerMocksObj from './kbn_core_execution_context_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_fatal_errors_browser.mdx b/api_docs/kbn_core_fatal_errors_browser.mdx index 414bcd8cf54b21..aefdb76ab7449f 100644 --- a/api_docs/kbn_core_fatal_errors_browser.mdx +++ b/api_docs/kbn_core_fatal_errors_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-fatal-errors-browser title: "@kbn/core-fatal-errors-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-fatal-errors-browser plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-fatal-errors-browser'] --- import kbnCoreFatalErrorsBrowserObj from './kbn_core_fatal_errors_browser.devdocs.json'; diff --git a/api_docs/kbn_core_fatal_errors_browser_mocks.mdx b/api_docs/kbn_core_fatal_errors_browser_mocks.mdx index 2cc6bc8f983f12..40b93d1ed29ffc 100644 --- a/api_docs/kbn_core_fatal_errors_browser_mocks.mdx +++ b/api_docs/kbn_core_fatal_errors_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-fatal-errors-browser-mocks title: "@kbn/core-fatal-errors-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-fatal-errors-browser-mocks plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-fatal-errors-browser-mocks'] --- import kbnCoreFatalErrorsBrowserMocksObj from './kbn_core_fatal_errors_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_feature_flags_browser.mdx b/api_docs/kbn_core_feature_flags_browser.mdx index 688c4e11b2e737..3486ea431fd506 100644 --- a/api_docs/kbn_core_feature_flags_browser.mdx +++ b/api_docs/kbn_core_feature_flags_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-feature-flags-browser title: "@kbn/core-feature-flags-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-feature-flags-browser plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-feature-flags-browser'] --- import kbnCoreFeatureFlagsBrowserObj from './kbn_core_feature_flags_browser.devdocs.json'; diff --git a/api_docs/kbn_core_feature_flags_browser_internal.mdx b/api_docs/kbn_core_feature_flags_browser_internal.mdx index fc5d70ab082a44..c030b3f5a4bb14 100644 --- a/api_docs/kbn_core_feature_flags_browser_internal.mdx +++ b/api_docs/kbn_core_feature_flags_browser_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-feature-flags-browser-internal title: "@kbn/core-feature-flags-browser-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-feature-flags-browser-internal plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-feature-flags-browser-internal'] --- import kbnCoreFeatureFlagsBrowserInternalObj from './kbn_core_feature_flags_browser_internal.devdocs.json'; diff --git a/api_docs/kbn_core_feature_flags_browser_mocks.mdx b/api_docs/kbn_core_feature_flags_browser_mocks.mdx index faa012fe14afc8..bc8b90ce02d5f5 100644 --- a/api_docs/kbn_core_feature_flags_browser_mocks.mdx +++ b/api_docs/kbn_core_feature_flags_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-feature-flags-browser-mocks title: "@kbn/core-feature-flags-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-feature-flags-browser-mocks plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-feature-flags-browser-mocks'] --- import kbnCoreFeatureFlagsBrowserMocksObj from './kbn_core_feature_flags_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_feature_flags_server.mdx b/api_docs/kbn_core_feature_flags_server.mdx index f0bf8886ca2c3c..095103578bfc93 100644 --- a/api_docs/kbn_core_feature_flags_server.mdx +++ b/api_docs/kbn_core_feature_flags_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-feature-flags-server title: "@kbn/core-feature-flags-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-feature-flags-server plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-feature-flags-server'] --- import kbnCoreFeatureFlagsServerObj from './kbn_core_feature_flags_server.devdocs.json'; diff --git a/api_docs/kbn_core_feature_flags_server_internal.mdx b/api_docs/kbn_core_feature_flags_server_internal.mdx index 443f693d0e74d7..ba6a13e591617c 100644 --- a/api_docs/kbn_core_feature_flags_server_internal.mdx +++ b/api_docs/kbn_core_feature_flags_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-feature-flags-server-internal title: "@kbn/core-feature-flags-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-feature-flags-server-internal plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-feature-flags-server-internal'] --- import kbnCoreFeatureFlagsServerInternalObj from './kbn_core_feature_flags_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_feature_flags_server_mocks.mdx b/api_docs/kbn_core_feature_flags_server_mocks.mdx index 48bfccd1f63183..6bac003686542d 100644 --- a/api_docs/kbn_core_feature_flags_server_mocks.mdx +++ b/api_docs/kbn_core_feature_flags_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-feature-flags-server-mocks title: "@kbn/core-feature-flags-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-feature-flags-server-mocks plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-feature-flags-server-mocks'] --- import kbnCoreFeatureFlagsServerMocksObj from './kbn_core_feature_flags_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_http_browser.mdx b/api_docs/kbn_core_http_browser.mdx index 1bb960c171989c..e8eac76af7da79 100644 --- a/api_docs/kbn_core_http_browser.mdx +++ b/api_docs/kbn_core_http_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-http-browser title: "@kbn/core-http-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-http-browser plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-http-browser'] --- import kbnCoreHttpBrowserObj from './kbn_core_http_browser.devdocs.json'; diff --git a/api_docs/kbn_core_http_browser_internal.mdx b/api_docs/kbn_core_http_browser_internal.mdx index 75bc19f9b46547..24e0d23cddbe46 100644 --- a/api_docs/kbn_core_http_browser_internal.mdx +++ b/api_docs/kbn_core_http_browser_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-http-browser-internal title: "@kbn/core-http-browser-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-http-browser-internal plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-http-browser-internal'] --- import kbnCoreHttpBrowserInternalObj from './kbn_core_http_browser_internal.devdocs.json'; diff --git a/api_docs/kbn_core_http_browser_mocks.mdx b/api_docs/kbn_core_http_browser_mocks.mdx index fe45fd7889850d..c9604803cd9836 100644 --- a/api_docs/kbn_core_http_browser_mocks.mdx +++ b/api_docs/kbn_core_http_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-http-browser-mocks title: "@kbn/core-http-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-http-browser-mocks plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-http-browser-mocks'] --- import kbnCoreHttpBrowserMocksObj from './kbn_core_http_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_http_common.mdx b/api_docs/kbn_core_http_common.mdx index 6392d240976001..e358bbf7fd0efc 100644 --- a/api_docs/kbn_core_http_common.mdx +++ b/api_docs/kbn_core_http_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-http-common title: "@kbn/core-http-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-http-common plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-http-common'] --- import kbnCoreHttpCommonObj from './kbn_core_http_common.devdocs.json'; diff --git a/api_docs/kbn_core_http_context_server_mocks.mdx b/api_docs/kbn_core_http_context_server_mocks.mdx index 7e548c4c528981..492ba821c1e11d 100644 --- a/api_docs/kbn_core_http_context_server_mocks.mdx +++ b/api_docs/kbn_core_http_context_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-http-context-server-mocks title: "@kbn/core-http-context-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-http-context-server-mocks plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-http-context-server-mocks'] --- import kbnCoreHttpContextServerMocksObj from './kbn_core_http_context_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_http_request_handler_context_server.mdx b/api_docs/kbn_core_http_request_handler_context_server.mdx index f517e7f03aea5d..425e29618cd39d 100644 --- a/api_docs/kbn_core_http_request_handler_context_server.mdx +++ b/api_docs/kbn_core_http_request_handler_context_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-http-request-handler-context-server title: "@kbn/core-http-request-handler-context-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-http-request-handler-context-server plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-http-request-handler-context-server'] --- import kbnCoreHttpRequestHandlerContextServerObj from './kbn_core_http_request_handler_context_server.devdocs.json'; diff --git a/api_docs/kbn_core_http_resources_server.mdx b/api_docs/kbn_core_http_resources_server.mdx index 4212152c2a9407..7019732370a9b6 100644 --- a/api_docs/kbn_core_http_resources_server.mdx +++ b/api_docs/kbn_core_http_resources_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-http-resources-server title: "@kbn/core-http-resources-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-http-resources-server plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-http-resources-server'] --- import kbnCoreHttpResourcesServerObj from './kbn_core_http_resources_server.devdocs.json'; diff --git a/api_docs/kbn_core_http_resources_server_internal.mdx b/api_docs/kbn_core_http_resources_server_internal.mdx index c5f47f6690e4a4..3942b0def84ad0 100644 --- a/api_docs/kbn_core_http_resources_server_internal.mdx +++ b/api_docs/kbn_core_http_resources_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-http-resources-server-internal title: "@kbn/core-http-resources-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-http-resources-server-internal plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-http-resources-server-internal'] --- import kbnCoreHttpResourcesServerInternalObj from './kbn_core_http_resources_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_http_resources_server_mocks.mdx b/api_docs/kbn_core_http_resources_server_mocks.mdx index b1b64dc7efd8b5..d8ce60fe8ac117 100644 --- a/api_docs/kbn_core_http_resources_server_mocks.mdx +++ b/api_docs/kbn_core_http_resources_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-http-resources-server-mocks title: "@kbn/core-http-resources-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-http-resources-server-mocks plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-http-resources-server-mocks'] --- import kbnCoreHttpResourcesServerMocksObj from './kbn_core_http_resources_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_http_router_server_internal.devdocs.json b/api_docs/kbn_core_http_router_server_internal.devdocs.json index 2991ec38b9a5be..219635cec955e4 100644 --- a/api_docs/kbn_core_http_router_server_internal.devdocs.json +++ b/api_docs/kbn_core_http_router_server_internal.devdocs.json @@ -195,7 +195,7 @@ "section": "def-server.RouteSecurity", "text": "RouteSecurity" }, - " | undefined; enableQueryVersion?: boolean | undefined; summary?: string | undefined; description?: string | undefined; deprecated?: boolean | undefined; discontinued?: string | undefined; }" + " | undefined; enableQueryVersion?: boolean | undefined; summary?: string | undefined; description?: string | undefined; discontinued?: string | undefined; }" ], "path": "packages/core/http/core-http-router-server-internal/src/versioned_router/core_versioned_router.ts", "deprecated": false, @@ -282,7 +282,7 @@ "section": "def-server.RouteSecurity", "text": "RouteSecurity" }, - " | undefined; enableQueryVersion?: boolean | undefined; summary?: string | undefined; description?: string | undefined; deprecated?: boolean | undefined; discontinued?: string | undefined; }" + " | undefined; enableQueryVersion?: boolean | undefined; summary?: string | undefined; description?: string | undefined; discontinued?: string | undefined; }" ], "path": "packages/core/http/core-http-router-server-internal/src/versioned_router/core_versioned_router.ts", "deprecated": false, @@ -369,7 +369,7 @@ "section": "def-server.RouteSecurity", "text": "RouteSecurity" }, - " | undefined; enableQueryVersion?: boolean | undefined; summary?: string | undefined; description?: string | undefined; deprecated?: boolean | undefined; discontinued?: string | undefined; }" + " | undefined; enableQueryVersion?: boolean | undefined; summary?: string | undefined; description?: string | undefined; discontinued?: string | undefined; }" ], "path": "packages/core/http/core-http-router-server-internal/src/versioned_router/core_versioned_router.ts", "deprecated": false, @@ -456,7 +456,7 @@ "section": "def-server.RouteSecurity", "text": "RouteSecurity" }, - " | undefined; enableQueryVersion?: boolean | undefined; summary?: string | undefined; description?: string | undefined; deprecated?: boolean | undefined; discontinued?: string | undefined; }" + " | undefined; enableQueryVersion?: boolean | undefined; summary?: string | undefined; description?: string | undefined; discontinued?: string | undefined; }" ], "path": "packages/core/http/core-http-router-server-internal/src/versioned_router/core_versioned_router.ts", "deprecated": false, @@ -543,7 +543,7 @@ "section": "def-server.RouteSecurity", "text": "RouteSecurity" }, - " | undefined; enableQueryVersion?: boolean | undefined; summary?: string | undefined; description?: string | undefined; deprecated?: boolean | undefined; discontinued?: string | undefined; }" + " | undefined; enableQueryVersion?: boolean | undefined; summary?: string | undefined; description?: string | undefined; discontinued?: string | undefined; }" ], "path": "packages/core/http/core-http-router-server-internal/src/versioned_router/core_versioned_router.ts", "deprecated": false, @@ -560,8 +560,14 @@ "description": [], "signature": [ "() => ", - "VersionedRouterRoute", - "[]" + { + "pluginId": "@kbn/core-http-server", + "scope": "server", + "docId": "kibKbnCoreHttpServerPluginApi", + "section": "def-server.VersionedRouterRoute", + "text": "VersionedRouterRoute" + }, + "[]" ], "path": "packages/core/http/core-http-router-server-internal/src/versioned_router/core_versioned_router.ts", "deprecated": false, diff --git a/api_docs/kbn_core_http_router_server_internal.mdx b/api_docs/kbn_core_http_router_server_internal.mdx index bcc2a650576097..838e4ec08e224b 100644 --- a/api_docs/kbn_core_http_router_server_internal.mdx +++ b/api_docs/kbn_core_http_router_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-http-router-server-internal title: "@kbn/core-http-router-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-http-router-server-internal plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-http-router-server-internal'] --- import kbnCoreHttpRouterServerInternalObj from './kbn_core_http_router_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_http_router_server_mocks.devdocs.json b/api_docs/kbn_core_http_router_server_mocks.devdocs.json index 4d07feacb19436..df244e8c6f8c7a 100644 --- a/api_docs/kbn_core_http_router_server_mocks.devdocs.json +++ b/api_docs/kbn_core_http_router_server_mocks.devdocs.json @@ -88,7 +88,7 @@ "section": "def-server.RouteSecurity", "text": "RouteSecurity" }, - " | undefined; enableQueryVersion?: boolean | undefined; summary?: string | undefined; description?: string | undefined; deprecated?: boolean | undefined; discontinued?: string | undefined; }" + " | undefined; enableQueryVersion?: boolean | undefined; summary?: string | undefined; description?: string | undefined; discontinued?: string | undefined; }" ], "path": "packages/core/http/core-http-router-server-mocks/src/versioned_router.mock.ts", "deprecated": false, @@ -337,15 +337,15 @@ "section": "def-server.VersionedRouteConfig", "text": "VersionedRouteConfig" }, - "<\"delete\">], unknown>; } & ", + "<\"delete\">], unknown>; getRoutes: jest.MockInstance<", { "pluginId": "@kbn/core-http-server", "scope": "server", "docId": "kibKbnCoreHttpServerPluginApi", - "section": "def-server.VersionedRouter", - "text": "VersionedRouter" + "section": "def-server.VersionedRouterRoute", + "text": "VersionedRouterRoute" }, - " & { getRoute: (method: keyof ", + "[], [], unknown>; } & ", { "pluginId": "@kbn/core-http-server", "scope": "server", @@ -353,15 +353,7 @@ "section": "def-server.VersionedRouter", "text": "VersionedRouter" }, - "<", - { - "pluginId": "@kbn/core-http-server", - "scope": "server", - "docId": "kibKbnCoreHttpServerPluginApi", - "section": "def-server.RequestHandlerContextBase", - "text": "RequestHandlerContextBase" - }, - ">, path: string) => ", + " & { getRoute: (method: \"get\" | \"delete\" | \"post\" | \"put\" | \"patch\", path: string) => ", { "pluginId": "@kbn/core-http-router-server-mocks", "scope": "server", @@ -576,7 +568,7 @@ "section": "def-server.RouterRoute", "text": "RouterRoute" }, - "[], [], unknown>; versioned: ", + "[], [options?: { excludeVersionedRoutes?: boolean | undefined; } | undefined], unknown>; versioned: ", { "pluginId": "@kbn/core-http-server", "scope": "server", diff --git a/api_docs/kbn_core_http_router_server_mocks.mdx b/api_docs/kbn_core_http_router_server_mocks.mdx index 8dda65eb8661f0..2c8d3974b51900 100644 --- a/api_docs/kbn_core_http_router_server_mocks.mdx +++ b/api_docs/kbn_core_http_router_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-http-router-server-mocks title: "@kbn/core-http-router-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-http-router-server-mocks plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-http-router-server-mocks'] --- import kbnCoreHttpRouterServerMocksObj from './kbn_core_http_router_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_http_server.devdocs.json b/api_docs/kbn_core_http_server.devdocs.json index 176b0ed1953539..795482e76ab5f1 100644 --- a/api_docs/kbn_core_http_server.devdocs.json +++ b/api_docs/kbn_core_http_server.devdocs.json @@ -400,6 +400,22 @@ "path": "packages/core/http/core-http-server/src/versioning/types.ts", "deprecated": false, "trackAdoption": false + }, + { + "parentPluginId": "@kbn/core-http-server", + "id": "def-server.AddVersionOpts.options", + "type": "Object", + "tags": [], + "label": "options", + "description": [], + "signature": [ + "{ deprecated?: ", + "RouteDeprecationInfo", + " | undefined; } | undefined" + ], + "path": "packages/core/http/core-http-server/src/versioning/types.ts", + "deprecated": false, + "trackAdoption": false } ], "initialIsOpen": false @@ -2310,6 +2326,32 @@ "trackAdoption": false, "children": [], "returnComment": [] + }, + { + "parentPluginId": "@kbn/core-http-server", + "id": "def-server.HttpServiceSetup.getDeprecatedRoutes", + "type": "Function", + "tags": [], + "label": "getDeprecatedRoutes", + "description": [ + "\nProvides a list of all registered deprecated routes {{@link RouterDeprecatedRouteDetails | information}}.\nThe routers will be evaluated everytime this function gets called to\naccommodate for any late route registrations" + ], + "signature": [ + "() => ", + { + "pluginId": "@kbn/core-http-server", + "scope": "server", + "docId": "kibKbnCoreHttpServerPluginApi", + "section": "def-server.RouterDeprecatedRouteDetails", + "text": "RouterDeprecatedRouteDetails" + }, + "[]" + ], + "path": "packages/core/http/core-http-server/src/http_contract.ts", + "deprecated": false, + "trackAdoption": false, + "children": [], + "returnComment": [] } ], "initialIsOpen": false @@ -3701,6 +3743,10 @@ "plugin": "licensing", "path": "x-pack/plugins/licensing/server/routes/feature_usage.ts" }, + { + "plugin": "@kbn/content-management-content-insights-server", + "path": "packages/content-management/content_insights/content_insights_server/src/register.ts" + }, { "plugin": "features", "path": "x-pack/plugins/features/server/routes/index.ts" @@ -3989,10 +4035,6 @@ "plugin": "ruleRegistry", "path": "x-pack/plugins/rule_registry/server/routes/get_aad_fields_by_rule_type.ts" }, - { - "plugin": "@kbn/content-management-content-insights-server", - "path": "packages/content-management/content_insights/content_insights_server/src/register.ts" - }, { "plugin": "banners", "path": "x-pack/plugins/banners/server/routes/info.ts" @@ -5797,6 +5839,10 @@ "plugin": "alerting", "path": "x-pack/plugins/alerting/server/routes/rule/apis/find/find_rules_route.test.ts" }, + { + "plugin": "alerting", + "path": "x-pack/plugins/alerting/server/routes/rule/apis/find/find_rules_route.test.ts" + }, { "plugin": "alerting", "path": "x-pack/plugins/alerting/server/routes/rule/apis/get/get_rule_route.test.ts" @@ -6359,6 +6405,10 @@ "plugin": "@kbn/core-ui-settings-server-internal", "path": "packages/core/ui-settings/core-ui-settings-server-internal/src/routes/internal/validate.ts" }, + { + "plugin": "@kbn/core-deprecations-server-internal", + "path": "packages/core/deprecations/core-deprecations-server-internal/src/routes/resolve_deprecated_api.ts" + }, { "plugin": "@kbn/core-capabilities-server-internal", "path": "packages/core/capabilities/core-capabilities-server-internal/src/routes/resolve_capabilities.ts" @@ -6387,6 +6437,10 @@ "plugin": "licensing", "path": "x-pack/plugins/licensing/server/routes/internal/register_feature.ts" }, + { + "plugin": "@kbn/content-management-content-insights-server", + "path": "packages/content-management/content_insights/content_insights_server/src/register.ts" + }, { "plugin": "home", "path": "src/plugins/home/server/services/sample_data/routes/install.ts" @@ -6505,7 +6559,7 @@ }, { "plugin": "actions", - "path": "x-pack/plugins/actions/server/routes/create.ts" + "path": "x-pack/plugins/actions/server/routes/connector/create/create.ts" }, { "plugin": "actions", @@ -6585,7 +6639,7 @@ }, { "plugin": "alerting", - "path": "x-pack/plugins/alerting/server/routes/rule/apis/find/find_rules_route.ts" + "path": "x-pack/plugins/alerting/server/routes/rule/apis/find/find_internal_rules_route.ts" }, { "plugin": "alerting", @@ -6703,10 +6757,6 @@ "plugin": "ruleRegistry", "path": "x-pack/plugins/rule_registry/server/routes/get_alert_summary.ts" }, - { - "plugin": "@kbn/content-management-content-insights-server", - "path": "packages/content-management/content_insights/content_insights_server/src/register.ts" - }, { "plugin": "savedObjectsTagging", "path": "x-pack/plugins/saved_objects_tagging/server/routes/tags/create_tag.ts" @@ -7759,18 +7809,6 @@ "plugin": "@kbn/core-http-router-server-mocks", "path": "packages/core/http/core-http-router-server-mocks/src/router.mock.ts" }, - { - "plugin": "actions", - "path": "x-pack/plugins/actions/server/routes/create.test.ts" - }, - { - "plugin": "actions", - "path": "x-pack/plugins/actions/server/routes/create.test.ts" - }, - { - "plugin": "actions", - "path": "x-pack/plugins/actions/server/routes/create.test.ts" - }, { "plugin": "actions", "path": "x-pack/plugins/actions/server/routes/get_global_execution_kpi.test.ts" @@ -8043,6 +8081,18 @@ "plugin": "remoteClusters", "path": "x-pack/plugins/remote_clusters/server/routes/api/add_route.test.ts" }, + { + "plugin": "actions", + "path": "x-pack/plugins/actions/server/routes/connector/create/create.test.ts" + }, + { + "plugin": "actions", + "path": "x-pack/plugins/actions/server/routes/connector/create/create.test.ts" + }, + { + "plugin": "actions", + "path": "x-pack/plugins/actions/server/routes/connector/create/create.test.ts" + }, { "plugin": "actions", "path": "x-pack/plugins/actions/server/routes/connector/execute/execute.test.ts" @@ -8331,6 +8381,10 @@ "plugin": "alerting", "path": "x-pack/plugins/alerting/server/routes/rule/apis/enable/enable_rule_route.test.ts" }, + { + "plugin": "alerting", + "path": "x-pack/plugins/alerting/server/routes/rule/apis/find/find_internal_rules_route.test.ts" + }, { "plugin": "alerting", "path": "x-pack/plugins/alerting/server/routes/rule/apis/mute_alert/mute_alert.test.ts" @@ -11253,7 +11307,7 @@ "section": "def-server.KibanaRequestRouteOptions", "text": "KibanaRequestRouteOptions" }, - ">; }" + ">; readonly routePath?: string | undefined; }" ], "path": "packages/core/http/core-http-server/src/router/request.ts", "deprecated": false, @@ -11444,6 +11498,22 @@ "deprecated": false, "trackAdoption": false }, + { + "parentPluginId": "@kbn/core-http-server", + "id": "def-server.KibanaRequest.apiVersion", + "type": "string", + "tags": [], + "label": "apiVersion", + "description": [ + "\nThe versioned route API version of this request." + ], + "signature": [ + "string | undefined" + ], + "path": "packages/core/http/core-http-server/src/router/request.ts", + "deprecated": false, + "trackAdoption": false + }, { "parentPluginId": "@kbn/core-http-server", "id": "def-server.KibanaRequest.params", @@ -11651,6 +11721,20 @@ "path": "packages/core/http/core-http-server/src/router/request.ts", "deprecated": false, "trackAdoption": false + }, + { + "parentPluginId": "@kbn/core-http-server", + "id": "def-server.KibanaRequestRoute.routePath", + "type": "string", + "tags": [], + "label": "routePath", + "description": [], + "signature": [ + "string | undefined" + ], + "path": "packages/core/http/core-http-server/src/router/request.ts", + "deprecated": false, + "trackAdoption": false } ], "initialIsOpen": false @@ -11783,6 +11867,21 @@ "deprecated": false, "trackAdoption": false, "children": [ + { + "parentPluginId": "@kbn/core-http-server", + "id": "def-server.KibanaRouteOptions.deprecated", + "type": "Object", + "tags": [], + "label": "deprecated", + "description": [], + "signature": [ + "RouteDeprecationInfo", + " | undefined" + ], + "path": "packages/core/http/core-http-server/src/router/request.ts", + "deprecated": false, + "trackAdoption": false + }, { "parentPluginId": "@kbn/core-http-server", "id": "def-server.KibanaRouteOptions.xsrfRequired", @@ -13323,14 +13422,15 @@ { "parentPluginId": "@kbn/core-http-server", "id": "def-server.RouteConfigOptions.deprecated", - "type": "CompoundType", + "type": "Object", "tags": [], "label": "deprecated", "description": [ - "\nSetting this to `true` declares this route to be deprecated. Consumers SHOULD\nrefrain from usage of this route.\n" + "\nDescription of deprecations for this HTTP API.\n" ], "signature": [ - "boolean | undefined" + "RouteDeprecationInfo", + " | undefined" ], "path": "packages/core/http/core-http-server/src/router/route.ts", "deprecated": false, @@ -13536,6 +13636,87 @@ ], "initialIsOpen": false }, + { + "parentPluginId": "@kbn/core-http-server", + "id": "def-server.RouterDeprecatedRouteDetails", + "type": "Interface", + "tags": [], + "label": "RouterDeprecatedRouteDetails", + "description": [], + "path": "packages/core/http/core-http-server/src/router/router.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/core-http-server", + "id": "def-server.RouterDeprecatedRouteDetails.routeDeprecationOptions", + "type": "Object", + "tags": [], + "label": "routeDeprecationOptions", + "description": [], + "signature": [ + "RouteDeprecationInfo" + ], + "path": "packages/core/http/core-http-server/src/router/router.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/core-http-server", + "id": "def-server.RouterDeprecatedRouteDetails.routeMethod", + "type": "CompoundType", + "tags": [], + "label": "routeMethod", + "description": [], + "signature": [ + { + "pluginId": "@kbn/core-http-server", + "scope": "server", + "docId": "kibKbnCoreHttpServerPluginApi", + "section": "def-server.SafeRouteMethod", + "text": "SafeRouteMethod" + }, + " | ", + { + "pluginId": "@kbn/core-http-server", + "scope": "server", + "docId": "kibKbnCoreHttpServerPluginApi", + "section": "def-server.DestructiveRouteMethod", + "text": "DestructiveRouteMethod" + } + ], + "path": "packages/core/http/core-http-server/src/router/router.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/core-http-server", + "id": "def-server.RouterDeprecatedRouteDetails.routePath", + "type": "string", + "tags": [], + "label": "routePath", + "description": [], + "path": "packages/core/http/core-http-server/src/router/router.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/core-http-server", + "id": "def-server.RouterDeprecatedRouteDetails.routeVersion", + "type": "string", + "tags": [], + "label": "routeVersion", + "description": [], + "signature": [ + "string | undefined" + ], + "path": "packages/core/http/core-http-server/src/router/router.ts", + "deprecated": false, + "trackAdoption": false + } + ], + "initialIsOpen": false + }, { "parentPluginId": "@kbn/core-http-server", "id": "def-server.RouterRoute", @@ -13727,6 +13908,20 @@ } ], "returnComment": [] + }, + { + "parentPluginId": "@kbn/core-http-server", + "id": "def-server.RouterRoute.isVersioned", + "type": "boolean", + "tags": [], + "label": "isVersioned", + "description": [], + "signature": [ + "false" + ], + "path": "packages/core/http/core-http-server/src/router/router.ts", + "deprecated": false, + "trackAdoption": false } ], "initialIsOpen": false @@ -15915,7 +16110,7 @@ "section": "def-server.RouteSecurity", "text": "RouteSecurity" }, - " | undefined; enableQueryVersion?: boolean | undefined; summary?: string | undefined; description?: string | undefined; deprecated?: boolean | undefined; discontinued?: string | undefined; }" + " | undefined; enableQueryVersion?: boolean | undefined; summary?: string | undefined; description?: string | undefined; discontinued?: string | undefined; }" ], "path": "packages/core/http/core-http-server/src/versioning/types.ts", "deprecated": false, @@ -16226,7 +16421,7 @@ "section": "def-server.RouteSecurity", "text": "RouteSecurity" }, - " | undefined; enableQueryVersion?: boolean | undefined; summary?: string | undefined; description?: string | undefined; deprecated?: boolean | undefined; discontinued?: string | undefined; }" + " | undefined; enableQueryVersion?: boolean | undefined; summary?: string | undefined; description?: string | undefined; discontinued?: string | undefined; }" ], "path": "packages/core/http/core-http-server/src/versioning/types.ts", "deprecated": false, @@ -17369,7 +17564,7 @@ "section": "def-server.RouteSecurity", "text": "RouteSecurity" }, - " | undefined; enableQueryVersion?: boolean | undefined; summary?: string | undefined; description?: string | undefined; deprecated?: boolean | undefined; discontinued?: string | undefined; }" + " | undefined; enableQueryVersion?: boolean | undefined; summary?: string | undefined; description?: string | undefined; discontinued?: string | undefined; }" ], "path": "packages/core/http/core-http-server/src/versioning/types.ts", "deprecated": false, @@ -17516,7 +17711,7 @@ "section": "def-server.RouteSecurity", "text": "RouteSecurity" }, - " | undefined; enableQueryVersion?: boolean | undefined; summary?: string | undefined; description?: string | undefined; deprecated?: boolean | undefined; discontinued?: string | undefined; }" + " | undefined; enableQueryVersion?: boolean | undefined; summary?: string | undefined; description?: string | undefined; discontinued?: string | undefined; }" ], "path": "packages/core/http/core-http-server/src/versioning/types.ts", "deprecated": false, @@ -17815,13 +18010,37 @@ "section": "def-server.RouteSecurity", "text": "RouteSecurity" }, - " | undefined; enableQueryVersion?: boolean | undefined; summary?: string | undefined; description?: string | undefined; deprecated?: boolean | undefined; discontinued?: string | undefined; }" + " | undefined; enableQueryVersion?: boolean | undefined; summary?: string | undefined; description?: string | undefined; discontinued?: string | undefined; }" ], "path": "packages/core/http/core-http-server/src/versioning/types.ts", "deprecated": false, "trackAdoption": false } ] + }, + { + "parentPluginId": "@kbn/core-http-server", + "id": "def-server.VersionedRouter.getRoutes", + "type": "Function", + "tags": [], + "label": "getRoutes", + "description": [], + "signature": [ + "() => ", + { + "pluginId": "@kbn/core-http-server", + "scope": "server", + "docId": "kibKbnCoreHttpServerPluginApi", + "section": "def-server.VersionedRouterRoute", + "text": "VersionedRouterRoute" + }, + "[]" + ], + "path": "packages/core/http/core-http-server/src/versioning/types.ts", + "deprecated": false, + "trackAdoption": false, + "children": [], + "returnComment": [] } ], "initialIsOpen": false @@ -17881,6 +18100,158 @@ ], "initialIsOpen": false }, + { + "parentPluginId": "@kbn/core-http-server", + "id": "def-server.VersionedRouterRoute", + "type": "Interface", + "tags": [], + "label": "VersionedRouterRoute", + "description": [], + "signature": [ + { + "pluginId": "@kbn/core-http-server", + "scope": "server", + "docId": "kibKbnCoreHttpServerPluginApi", + "section": "def-server.VersionedRouterRoute", + "text": "VersionedRouterRoute" + }, + "" + ], + "path": "packages/core/http/core-http-server/src/versioning/types.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/core-http-server", + "id": "def-server.VersionedRouterRoute.method", + "type": "string", + "tags": [], + "label": "method", + "description": [], + "path": "packages/core/http/core-http-server/src/versioning/types.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/core-http-server", + "id": "def-server.VersionedRouterRoute.path", + "type": "string", + "tags": [], + "label": "path", + "description": [], + "path": "packages/core/http/core-http-server/src/versioning/types.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/core-http-server", + "id": "def-server.VersionedRouterRoute.options", + "type": "Object", + "tags": [], + "label": "options", + "description": [], + "signature": [ + "{ options?: Omit<", + { + "pluginId": "@kbn/core-http-server", + "scope": "server", + "docId": "kibKbnCoreHttpServerPluginApi", + "section": "def-server.RouteConfigOptions", + "text": "RouteConfigOptions" + }, + "<", + { + "pluginId": "@kbn/core-http-server", + "scope": "server", + "docId": "kibKbnCoreHttpServerPluginApi", + "section": "def-server.RouteMethod", + "text": "RouteMethod" + }, + ">, \"security\" | \"description\" | \"summary\" | \"deprecated\" | \"access\" | \"discontinued\"> | undefined; security?: ", + { + "pluginId": "@kbn/core-http-server", + "scope": "server", + "docId": "kibKbnCoreHttpServerPluginApi", + "section": "def-server.RouteSecurity", + "text": "RouteSecurity" + }, + " | undefined; description?: string | undefined; summary?: string | undefined; access: ", + { + "pluginId": "@kbn/core-http-server", + "scope": "server", + "docId": "kibKbnCoreHttpServerPluginApi", + "section": "def-server.RouteAccess", + "text": "RouteAccess" + }, + "; discontinued?: string | undefined; enableQueryVersion?: boolean | undefined; }" + ], + "path": "packages/core/http/core-http-server/src/versioning/types.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/core-http-server", + "id": "def-server.VersionedRouterRoute.handlers", + "type": "Array", + "tags": [], + "label": "handlers", + "description": [], + "signature": [ + "{ fn: ", + { + "pluginId": "@kbn/core-http-server", + "scope": "server", + "docId": "kibKbnCoreHttpServerPluginApi", + "section": "def-server.RequestHandler", + "text": "RequestHandler" + }, + "; options: ", + { + "pluginId": "@kbn/core-http-server", + "scope": "server", + "docId": "kibKbnCoreHttpServerPluginApi", + "section": "def-server.AddVersionOpts", + "text": "AddVersionOpts" + }, + "; }[]" + ], + "path": "packages/core/http/core-http-server/src/versioning/types.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/core-http-server", + "id": "def-server.VersionedRouterRoute.isVersioned", + "type": "boolean", + "tags": [], + "label": "isVersioned", + "description": [], + "signature": [ + "true" + ], + "path": "packages/core/http/core-http-server/src/versioning/types.ts", + "deprecated": false, + "trackAdoption": false + } + ], + "initialIsOpen": false + }, { "parentPluginId": "@kbn/core-http-server", "id": "def-server.VersionedRouteValidation", @@ -18018,6 +18389,20 @@ "deprecated": false, "trackAdoption": false, "initialIsOpen": false + }, + { + "parentPluginId": "@kbn/core-http-server", + "id": "def-server.ReservedPrivilegesSet", + "type": "Enum", + "tags": [], + "label": "ReservedPrivilegesSet", + "description": [ + "\nA set of reserved privileges that can be used to check access to the route." + ], + "path": "packages/core/http/core-http-server/src/router/route.ts", + "deprecated": false, + "trackAdoption": false, + "initialIsOpen": false } ], "misc": [ @@ -20716,7 +21101,7 @@ "section": "def-server.RouteSecurity", "text": "RouteSecurity" }, - " | undefined; enableQueryVersion?: boolean | undefined; summary?: string | undefined; description?: string | undefined; deprecated?: boolean | undefined; discontinued?: string | undefined; }" + " | undefined; enableQueryVersion?: boolean | undefined; summary?: string | undefined; description?: string | undefined; discontinued?: string | undefined; }" ], "path": "packages/core/http/core-http-server/src/versioning/types.ts", "deprecated": false, @@ -20800,7 +21185,7 @@ "section": "def-server.RouteSecurity", "text": "RouteSecurity" }, - " | undefined; enableQueryVersion?: boolean | undefined; summary?: string | undefined; description?: string | undefined; deprecated?: boolean | undefined; discontinued?: string | undefined; }" + " | undefined; enableQueryVersion?: boolean | undefined; summary?: string | undefined; description?: string | undefined; discontinued?: string | undefined; }" ], "path": "packages/core/http/core-http-server/src/versioning/types.ts", "deprecated": false, diff --git a/api_docs/kbn_core_http_server.mdx b/api_docs/kbn_core_http_server.mdx index 0433311075e5cc..55e0b5382534e6 100644 --- a/api_docs/kbn_core_http_server.mdx +++ b/api_docs/kbn_core_http_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-http-server title: "@kbn/core-http-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-http-server plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-http-server'] --- import kbnCoreHttpServerObj from './kbn_core_http_server.devdocs.json'; @@ -21,7 +21,7 @@ Contact [@elastic/kibana-core](https://github.com/orgs/elastic/teams/kibana-core | Public API count | Any count | Items lacking comments | Missing exports | |-------------------|-----------|------------------------|-----------------| -| 533 | 2 | 216 | 0 | +| 552 | 2 | 232 | 1 | ## Server diff --git a/api_docs/kbn_core_http_server_internal.mdx b/api_docs/kbn_core_http_server_internal.mdx index 256971f6e639c1..a9a23fcb8366ab 100644 --- a/api_docs/kbn_core_http_server_internal.mdx +++ b/api_docs/kbn_core_http_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-http-server-internal title: "@kbn/core-http-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-http-server-internal plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-http-server-internal'] --- import kbnCoreHttpServerInternalObj from './kbn_core_http_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_http_server_mocks.devdocs.json b/api_docs/kbn_core_http_server_mocks.devdocs.json index c395e16fc2bb2b..ec3fe801a56736 100644 --- a/api_docs/kbn_core_http_server_mocks.devdocs.json +++ b/api_docs/kbn_core_http_server_mocks.devdocs.json @@ -332,7 +332,15 @@ "section": "def-server.OnPreResponseHandler", "text": "OnPreResponseHandler" }, - "], unknown>; } & Omit<", + "], unknown>; getDeprecatedRoutes: jest.MockInstance<", + { + "pluginId": "@kbn/core-http-server", + "scope": "server", + "docId": "kibKbnCoreHttpServerPluginApi", + "section": "def-server.RouterDeprecatedRouteDetails", + "text": "RouterDeprecatedRouteDetails" + }, + "[], [], unknown>; } & Omit<", { "pluginId": "@kbn/core-http-server", "scope": "server", @@ -619,7 +627,19 @@ "section": "def-server.OnPreResponseHandler", "text": "OnPreResponseHandler" }, - "], unknown>; registerRouterAfterListening: jest.MockInstance; getDeprecatedRoutes: jest.MockInstance<", + { + "pluginId": "@kbn/core-http-server", + "scope": "server", + "docId": "kibKbnCoreHttpServerPluginApi", + "section": "def-server.RouterDeprecatedRouteDetails", + "text": "RouterDeprecatedRouteDetails" + }, + "[], [], unknown>; registerOnPostValidation: jest.MockInstance, metadata: { deprecated: ", + "RouteDeprecationInfo", + "; }) => void], unknown>; registerRouterAfterListening: jest.MockInstance], unknown>; } & Omit<", + ">], unknown>; getRegisteredDeprecatedApis: jest.MockInstance<", + { + "pluginId": "@kbn/core-http-server", + "scope": "server", + "docId": "kibKbnCoreHttpServerPluginApi", + "section": "def-server.RouterDeprecatedRouteDetails", + "text": "RouterDeprecatedRouteDetails" + }, + "[], [], unknown>; } & Omit<", "InternalHttpServiceSetup", ", \"createRouter\" | \"basePath\" | \"auth\" | \"staticAssets\" | \"authRequestHeaders\"> & { auth: AuthMocked; basePath: BasePathMocked; staticAssets: InternalStaticAssetsMocked; createRouter: jest.MockedFunction<(path: string) => ", { diff --git a/api_docs/kbn_core_http_server_mocks.mdx b/api_docs/kbn_core_http_server_mocks.mdx index 6126d699d3522b..fb026e74d0d3e0 100644 --- a/api_docs/kbn_core_http_server_mocks.mdx +++ b/api_docs/kbn_core_http_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-http-server-mocks title: "@kbn/core-http-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-http-server-mocks plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-http-server-mocks'] --- import kbnCoreHttpServerMocksObj from './kbn_core_http_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_i18n_browser.mdx b/api_docs/kbn_core_i18n_browser.mdx index d8b82a724f1ff7..0f7fdfd7ea29ae 100644 --- a/api_docs/kbn_core_i18n_browser.mdx +++ b/api_docs/kbn_core_i18n_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-i18n-browser title: "@kbn/core-i18n-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-i18n-browser plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-i18n-browser'] --- import kbnCoreI18nBrowserObj from './kbn_core_i18n_browser.devdocs.json'; diff --git a/api_docs/kbn_core_i18n_browser_mocks.mdx b/api_docs/kbn_core_i18n_browser_mocks.mdx index 5e64fe1470f414..e5af6caedfbea2 100644 --- a/api_docs/kbn_core_i18n_browser_mocks.mdx +++ b/api_docs/kbn_core_i18n_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-i18n-browser-mocks title: "@kbn/core-i18n-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-i18n-browser-mocks plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-i18n-browser-mocks'] --- import kbnCoreI18nBrowserMocksObj from './kbn_core_i18n_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_i18n_server.mdx b/api_docs/kbn_core_i18n_server.mdx index 1e75e185cf51df..37a34c5564efd0 100644 --- a/api_docs/kbn_core_i18n_server.mdx +++ b/api_docs/kbn_core_i18n_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-i18n-server title: "@kbn/core-i18n-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-i18n-server plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-i18n-server'] --- import kbnCoreI18nServerObj from './kbn_core_i18n_server.devdocs.json'; diff --git a/api_docs/kbn_core_i18n_server_internal.mdx b/api_docs/kbn_core_i18n_server_internal.mdx index ccf5a2aa506d2f..9721e13103b704 100644 --- a/api_docs/kbn_core_i18n_server_internal.mdx +++ b/api_docs/kbn_core_i18n_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-i18n-server-internal title: "@kbn/core-i18n-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-i18n-server-internal plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-i18n-server-internal'] --- import kbnCoreI18nServerInternalObj from './kbn_core_i18n_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_i18n_server_mocks.mdx b/api_docs/kbn_core_i18n_server_mocks.mdx index 3b2a289c335a89..92e7f560d54431 100644 --- a/api_docs/kbn_core_i18n_server_mocks.mdx +++ b/api_docs/kbn_core_i18n_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-i18n-server-mocks title: "@kbn/core-i18n-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-i18n-server-mocks plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-i18n-server-mocks'] --- import kbnCoreI18nServerMocksObj from './kbn_core_i18n_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_injected_metadata_browser_mocks.mdx b/api_docs/kbn_core_injected_metadata_browser_mocks.mdx index a286571d54a9fb..a8d035339153ea 100644 --- a/api_docs/kbn_core_injected_metadata_browser_mocks.mdx +++ b/api_docs/kbn_core_injected_metadata_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-injected-metadata-browser-mocks title: "@kbn/core-injected-metadata-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-injected-metadata-browser-mocks plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-injected-metadata-browser-mocks'] --- import kbnCoreInjectedMetadataBrowserMocksObj from './kbn_core_injected_metadata_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_integrations_browser_internal.mdx b/api_docs/kbn_core_integrations_browser_internal.mdx index 582d04ca8ee7c3..6f6b41cb037869 100644 --- a/api_docs/kbn_core_integrations_browser_internal.mdx +++ b/api_docs/kbn_core_integrations_browser_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-integrations-browser-internal title: "@kbn/core-integrations-browser-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-integrations-browser-internal plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-integrations-browser-internal'] --- import kbnCoreIntegrationsBrowserInternalObj from './kbn_core_integrations_browser_internal.devdocs.json'; diff --git a/api_docs/kbn_core_integrations_browser_mocks.mdx b/api_docs/kbn_core_integrations_browser_mocks.mdx index 5826a743e640d8..0f88ff1d52e84f 100644 --- a/api_docs/kbn_core_integrations_browser_mocks.mdx +++ b/api_docs/kbn_core_integrations_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-integrations-browser-mocks title: "@kbn/core-integrations-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-integrations-browser-mocks plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-integrations-browser-mocks'] --- import kbnCoreIntegrationsBrowserMocksObj from './kbn_core_integrations_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_lifecycle_browser.mdx b/api_docs/kbn_core_lifecycle_browser.mdx index ba422887ec6399..c263792cbd6579 100644 --- a/api_docs/kbn_core_lifecycle_browser.mdx +++ b/api_docs/kbn_core_lifecycle_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-lifecycle-browser title: "@kbn/core-lifecycle-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-lifecycle-browser plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-lifecycle-browser'] --- import kbnCoreLifecycleBrowserObj from './kbn_core_lifecycle_browser.devdocs.json'; diff --git a/api_docs/kbn_core_lifecycle_browser_mocks.mdx b/api_docs/kbn_core_lifecycle_browser_mocks.mdx index d602e1b532cd2d..7eead333c4d2df 100644 --- a/api_docs/kbn_core_lifecycle_browser_mocks.mdx +++ b/api_docs/kbn_core_lifecycle_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-lifecycle-browser-mocks title: "@kbn/core-lifecycle-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-lifecycle-browser-mocks plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-lifecycle-browser-mocks'] --- import kbnCoreLifecycleBrowserMocksObj from './kbn_core_lifecycle_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_lifecycle_server.mdx b/api_docs/kbn_core_lifecycle_server.mdx index 4e4e9da70eecd3..3ae7d665458621 100644 --- a/api_docs/kbn_core_lifecycle_server.mdx +++ b/api_docs/kbn_core_lifecycle_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-lifecycle-server title: "@kbn/core-lifecycle-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-lifecycle-server plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-lifecycle-server'] --- import kbnCoreLifecycleServerObj from './kbn_core_lifecycle_server.devdocs.json'; diff --git a/api_docs/kbn_core_lifecycle_server_mocks.mdx b/api_docs/kbn_core_lifecycle_server_mocks.mdx index 2c0029cdf28b54..8c1fd5cf052e81 100644 --- a/api_docs/kbn_core_lifecycle_server_mocks.mdx +++ b/api_docs/kbn_core_lifecycle_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-lifecycle-server-mocks title: "@kbn/core-lifecycle-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-lifecycle-server-mocks plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-lifecycle-server-mocks'] --- import kbnCoreLifecycleServerMocksObj from './kbn_core_lifecycle_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_logging_browser_mocks.mdx b/api_docs/kbn_core_logging_browser_mocks.mdx index 3ec570cd0d33e0..2828e25cf32a76 100644 --- a/api_docs/kbn_core_logging_browser_mocks.mdx +++ b/api_docs/kbn_core_logging_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-logging-browser-mocks title: "@kbn/core-logging-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-logging-browser-mocks plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-logging-browser-mocks'] --- import kbnCoreLoggingBrowserMocksObj from './kbn_core_logging_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_logging_common_internal.mdx b/api_docs/kbn_core_logging_common_internal.mdx index 2a7eb6856d6c6b..a0ee9f139d7127 100644 --- a/api_docs/kbn_core_logging_common_internal.mdx +++ b/api_docs/kbn_core_logging_common_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-logging-common-internal title: "@kbn/core-logging-common-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-logging-common-internal plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-logging-common-internal'] --- import kbnCoreLoggingCommonInternalObj from './kbn_core_logging_common_internal.devdocs.json'; diff --git a/api_docs/kbn_core_logging_server.mdx b/api_docs/kbn_core_logging_server.mdx index 02752cd9df26af..e19de2bf95adce 100644 --- a/api_docs/kbn_core_logging_server.mdx +++ b/api_docs/kbn_core_logging_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-logging-server title: "@kbn/core-logging-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-logging-server plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-logging-server'] --- import kbnCoreLoggingServerObj from './kbn_core_logging_server.devdocs.json'; diff --git a/api_docs/kbn_core_logging_server_internal.mdx b/api_docs/kbn_core_logging_server_internal.mdx index 8cc534ef0db85f..c3f9b21788c7ba 100644 --- a/api_docs/kbn_core_logging_server_internal.mdx +++ b/api_docs/kbn_core_logging_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-logging-server-internal title: "@kbn/core-logging-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-logging-server-internal plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-logging-server-internal'] --- import kbnCoreLoggingServerInternalObj from './kbn_core_logging_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_logging_server_mocks.mdx b/api_docs/kbn_core_logging_server_mocks.mdx index 38b5ee5896e75e..9248c7fc323c88 100644 --- a/api_docs/kbn_core_logging_server_mocks.mdx +++ b/api_docs/kbn_core_logging_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-logging-server-mocks title: "@kbn/core-logging-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-logging-server-mocks plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-logging-server-mocks'] --- import kbnCoreLoggingServerMocksObj from './kbn_core_logging_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_metrics_collectors_server_internal.mdx b/api_docs/kbn_core_metrics_collectors_server_internal.mdx index ef07b57d81ab88..ead2e31a518255 100644 --- a/api_docs/kbn_core_metrics_collectors_server_internal.mdx +++ b/api_docs/kbn_core_metrics_collectors_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-metrics-collectors-server-internal title: "@kbn/core-metrics-collectors-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-metrics-collectors-server-internal plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-metrics-collectors-server-internal'] --- import kbnCoreMetricsCollectorsServerInternalObj from './kbn_core_metrics_collectors_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_metrics_collectors_server_mocks.mdx b/api_docs/kbn_core_metrics_collectors_server_mocks.mdx index 39b1e1e27cbcb2..c138435ddd75b3 100644 --- a/api_docs/kbn_core_metrics_collectors_server_mocks.mdx +++ b/api_docs/kbn_core_metrics_collectors_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-metrics-collectors-server-mocks title: "@kbn/core-metrics-collectors-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-metrics-collectors-server-mocks plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-metrics-collectors-server-mocks'] --- import kbnCoreMetricsCollectorsServerMocksObj from './kbn_core_metrics_collectors_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_metrics_server.mdx b/api_docs/kbn_core_metrics_server.mdx index bb0ea69228d4c1..2bb9ae69a0d6a7 100644 --- a/api_docs/kbn_core_metrics_server.mdx +++ b/api_docs/kbn_core_metrics_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-metrics-server title: "@kbn/core-metrics-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-metrics-server plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-metrics-server'] --- import kbnCoreMetricsServerObj from './kbn_core_metrics_server.devdocs.json'; diff --git a/api_docs/kbn_core_metrics_server_internal.mdx b/api_docs/kbn_core_metrics_server_internal.mdx index c8662172aff696..7b46205814f6f8 100644 --- a/api_docs/kbn_core_metrics_server_internal.mdx +++ b/api_docs/kbn_core_metrics_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-metrics-server-internal title: "@kbn/core-metrics-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-metrics-server-internal plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-metrics-server-internal'] --- import kbnCoreMetricsServerInternalObj from './kbn_core_metrics_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_metrics_server_mocks.mdx b/api_docs/kbn_core_metrics_server_mocks.mdx index 236df60f2be94d..20f39e98370ad4 100644 --- a/api_docs/kbn_core_metrics_server_mocks.mdx +++ b/api_docs/kbn_core_metrics_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-metrics-server-mocks title: "@kbn/core-metrics-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-metrics-server-mocks plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-metrics-server-mocks'] --- import kbnCoreMetricsServerMocksObj from './kbn_core_metrics_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_mount_utils_browser.mdx b/api_docs/kbn_core_mount_utils_browser.mdx index 2ed365f88cdd2d..097e0dd7ac5186 100644 --- a/api_docs/kbn_core_mount_utils_browser.mdx +++ b/api_docs/kbn_core_mount_utils_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-mount-utils-browser title: "@kbn/core-mount-utils-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-mount-utils-browser plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-mount-utils-browser'] --- import kbnCoreMountUtilsBrowserObj from './kbn_core_mount_utils_browser.devdocs.json'; diff --git a/api_docs/kbn_core_node_server.mdx b/api_docs/kbn_core_node_server.mdx index 9c5e60b22a87a1..786d843d5c8c46 100644 --- a/api_docs/kbn_core_node_server.mdx +++ b/api_docs/kbn_core_node_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-node-server title: "@kbn/core-node-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-node-server plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-node-server'] --- import kbnCoreNodeServerObj from './kbn_core_node_server.devdocs.json'; diff --git a/api_docs/kbn_core_node_server_internal.mdx b/api_docs/kbn_core_node_server_internal.mdx index a675c4c3710c5a..f035169f6d44f6 100644 --- a/api_docs/kbn_core_node_server_internal.mdx +++ b/api_docs/kbn_core_node_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-node-server-internal title: "@kbn/core-node-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-node-server-internal plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-node-server-internal'] --- import kbnCoreNodeServerInternalObj from './kbn_core_node_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_node_server_mocks.mdx b/api_docs/kbn_core_node_server_mocks.mdx index b1d0ccf13d90c2..9fa9730ad3c399 100644 --- a/api_docs/kbn_core_node_server_mocks.mdx +++ b/api_docs/kbn_core_node_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-node-server-mocks title: "@kbn/core-node-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-node-server-mocks plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-node-server-mocks'] --- import kbnCoreNodeServerMocksObj from './kbn_core_node_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_notifications_browser.mdx b/api_docs/kbn_core_notifications_browser.mdx index ae4b3eb9971886..fadc3fc4166621 100644 --- a/api_docs/kbn_core_notifications_browser.mdx +++ b/api_docs/kbn_core_notifications_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-notifications-browser title: "@kbn/core-notifications-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-notifications-browser plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-notifications-browser'] --- import kbnCoreNotificationsBrowserObj from './kbn_core_notifications_browser.devdocs.json'; diff --git a/api_docs/kbn_core_notifications_browser_internal.mdx b/api_docs/kbn_core_notifications_browser_internal.mdx index 4500160a8c2d9f..19d8caed8dda58 100644 --- a/api_docs/kbn_core_notifications_browser_internal.mdx +++ b/api_docs/kbn_core_notifications_browser_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-notifications-browser-internal title: "@kbn/core-notifications-browser-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-notifications-browser-internal plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-notifications-browser-internal'] --- import kbnCoreNotificationsBrowserInternalObj from './kbn_core_notifications_browser_internal.devdocs.json'; diff --git a/api_docs/kbn_core_notifications_browser_mocks.mdx b/api_docs/kbn_core_notifications_browser_mocks.mdx index 5183a53d3156b3..310e7482a55674 100644 --- a/api_docs/kbn_core_notifications_browser_mocks.mdx +++ b/api_docs/kbn_core_notifications_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-notifications-browser-mocks title: "@kbn/core-notifications-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-notifications-browser-mocks plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-notifications-browser-mocks'] --- import kbnCoreNotificationsBrowserMocksObj from './kbn_core_notifications_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_overlays_browser.mdx b/api_docs/kbn_core_overlays_browser.mdx index bbe78933a932f9..18eb61f6835945 100644 --- a/api_docs/kbn_core_overlays_browser.mdx +++ b/api_docs/kbn_core_overlays_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-overlays-browser title: "@kbn/core-overlays-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-overlays-browser plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-overlays-browser'] --- import kbnCoreOverlaysBrowserObj from './kbn_core_overlays_browser.devdocs.json'; diff --git a/api_docs/kbn_core_overlays_browser_internal.mdx b/api_docs/kbn_core_overlays_browser_internal.mdx index aee8dd4ccb10d5..43a5d16fc08a31 100644 --- a/api_docs/kbn_core_overlays_browser_internal.mdx +++ b/api_docs/kbn_core_overlays_browser_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-overlays-browser-internal title: "@kbn/core-overlays-browser-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-overlays-browser-internal plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-overlays-browser-internal'] --- import kbnCoreOverlaysBrowserInternalObj from './kbn_core_overlays_browser_internal.devdocs.json'; diff --git a/api_docs/kbn_core_overlays_browser_mocks.mdx b/api_docs/kbn_core_overlays_browser_mocks.mdx index 421da01f1b388b..e1492c5b7152bd 100644 --- a/api_docs/kbn_core_overlays_browser_mocks.mdx +++ b/api_docs/kbn_core_overlays_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-overlays-browser-mocks title: "@kbn/core-overlays-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-overlays-browser-mocks plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-overlays-browser-mocks'] --- import kbnCoreOverlaysBrowserMocksObj from './kbn_core_overlays_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_plugins_browser.mdx b/api_docs/kbn_core_plugins_browser.mdx index ff39cd993b4677..5e7e32028defb2 100644 --- a/api_docs/kbn_core_plugins_browser.mdx +++ b/api_docs/kbn_core_plugins_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-plugins-browser title: "@kbn/core-plugins-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-plugins-browser plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-plugins-browser'] --- import kbnCorePluginsBrowserObj from './kbn_core_plugins_browser.devdocs.json'; diff --git a/api_docs/kbn_core_plugins_browser_mocks.mdx b/api_docs/kbn_core_plugins_browser_mocks.mdx index d01f1fe2c57a71..788dd3ce2f74f1 100644 --- a/api_docs/kbn_core_plugins_browser_mocks.mdx +++ b/api_docs/kbn_core_plugins_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-plugins-browser-mocks title: "@kbn/core-plugins-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-plugins-browser-mocks plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-plugins-browser-mocks'] --- import kbnCorePluginsBrowserMocksObj from './kbn_core_plugins_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_plugins_contracts_browser.mdx b/api_docs/kbn_core_plugins_contracts_browser.mdx index 94803d5aa25a87..4f2e40e87a59e7 100644 --- a/api_docs/kbn_core_plugins_contracts_browser.mdx +++ b/api_docs/kbn_core_plugins_contracts_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-plugins-contracts-browser title: "@kbn/core-plugins-contracts-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-plugins-contracts-browser plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-plugins-contracts-browser'] --- import kbnCorePluginsContractsBrowserObj from './kbn_core_plugins_contracts_browser.devdocs.json'; diff --git a/api_docs/kbn_core_plugins_contracts_server.mdx b/api_docs/kbn_core_plugins_contracts_server.mdx index 0799fb2c78e4ef..f5582cb7c8119c 100644 --- a/api_docs/kbn_core_plugins_contracts_server.mdx +++ b/api_docs/kbn_core_plugins_contracts_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-plugins-contracts-server title: "@kbn/core-plugins-contracts-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-plugins-contracts-server plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-plugins-contracts-server'] --- import kbnCorePluginsContractsServerObj from './kbn_core_plugins_contracts_server.devdocs.json'; diff --git a/api_docs/kbn_core_plugins_server.mdx b/api_docs/kbn_core_plugins_server.mdx index 8c3c73a68218db..dfa981163d1ea7 100644 --- a/api_docs/kbn_core_plugins_server.mdx +++ b/api_docs/kbn_core_plugins_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-plugins-server title: "@kbn/core-plugins-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-plugins-server plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-plugins-server'] --- import kbnCorePluginsServerObj from './kbn_core_plugins_server.devdocs.json'; diff --git a/api_docs/kbn_core_plugins_server_mocks.mdx b/api_docs/kbn_core_plugins_server_mocks.mdx index 79daef636ad308..4a7c8d31f9442c 100644 --- a/api_docs/kbn_core_plugins_server_mocks.mdx +++ b/api_docs/kbn_core_plugins_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-plugins-server-mocks title: "@kbn/core-plugins-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-plugins-server-mocks plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-plugins-server-mocks'] --- import kbnCorePluginsServerMocksObj from './kbn_core_plugins_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_preboot_server.mdx b/api_docs/kbn_core_preboot_server.mdx index 3a8d76838e1758..f4be4b4440b11c 100644 --- a/api_docs/kbn_core_preboot_server.mdx +++ b/api_docs/kbn_core_preboot_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-preboot-server title: "@kbn/core-preboot-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-preboot-server plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-preboot-server'] --- import kbnCorePrebootServerObj from './kbn_core_preboot_server.devdocs.json'; diff --git a/api_docs/kbn_core_preboot_server_mocks.mdx b/api_docs/kbn_core_preboot_server_mocks.mdx index 766a8df3b0163c..c90586c0aace3b 100644 --- a/api_docs/kbn_core_preboot_server_mocks.mdx +++ b/api_docs/kbn_core_preboot_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-preboot-server-mocks title: "@kbn/core-preboot-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-preboot-server-mocks plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-preboot-server-mocks'] --- import kbnCorePrebootServerMocksObj from './kbn_core_preboot_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_rendering_browser_mocks.mdx b/api_docs/kbn_core_rendering_browser_mocks.mdx index cc04723f053d3a..2f16d5691d8045 100644 --- a/api_docs/kbn_core_rendering_browser_mocks.mdx +++ b/api_docs/kbn_core_rendering_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-rendering-browser-mocks title: "@kbn/core-rendering-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-rendering-browser-mocks plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-rendering-browser-mocks'] --- import kbnCoreRenderingBrowserMocksObj from './kbn_core_rendering_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_rendering_server_internal.mdx b/api_docs/kbn_core_rendering_server_internal.mdx index 32e56b82299886..2c08ccab6c06d4 100644 --- a/api_docs/kbn_core_rendering_server_internal.mdx +++ b/api_docs/kbn_core_rendering_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-rendering-server-internal title: "@kbn/core-rendering-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-rendering-server-internal plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-rendering-server-internal'] --- import kbnCoreRenderingServerInternalObj from './kbn_core_rendering_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_rendering_server_mocks.mdx b/api_docs/kbn_core_rendering_server_mocks.mdx index 9d4d9d2dfe23a4..28261d14468049 100644 --- a/api_docs/kbn_core_rendering_server_mocks.mdx +++ b/api_docs/kbn_core_rendering_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-rendering-server-mocks title: "@kbn/core-rendering-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-rendering-server-mocks plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-rendering-server-mocks'] --- import kbnCoreRenderingServerMocksObj from './kbn_core_rendering_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_root_server_internal.mdx b/api_docs/kbn_core_root_server_internal.mdx index e15bad49aab44f..907b0f55c71db8 100644 --- a/api_docs/kbn_core_root_server_internal.mdx +++ b/api_docs/kbn_core_root_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-root-server-internal title: "@kbn/core-root-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-root-server-internal plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-root-server-internal'] --- import kbnCoreRootServerInternalObj from './kbn_core_root_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_api_browser.mdx b/api_docs/kbn_core_saved_objects_api_browser.mdx index f9b5e9a6b44cf4..155576f2428193 100644 --- a/api_docs/kbn_core_saved_objects_api_browser.mdx +++ b/api_docs/kbn_core_saved_objects_api_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-api-browser title: "@kbn/core-saved-objects-api-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-api-browser plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-api-browser'] --- import kbnCoreSavedObjectsApiBrowserObj from './kbn_core_saved_objects_api_browser.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_api_server.devdocs.json b/api_docs/kbn_core_saved_objects_api_server.devdocs.json index 1524753c3fb7c8..78c5844109cd29 100644 --- a/api_docs/kbn_core_saved_objects_api_server.devdocs.json +++ b/api_docs/kbn_core_saved_objects_api_server.devdocs.json @@ -2686,6 +2686,18 @@ "plugin": "alerting", "path": "x-pack/plugins/alerting/common/rule.ts" }, + { + "plugin": "actions", + "path": "x-pack/plugins/actions/server/application/connector/methods/create/types/types.ts" + }, + { + "plugin": "actions", + "path": "x-pack/plugins/actions/server/application/connector/methods/create/types/types.ts" + }, + { + "plugin": "actions", + "path": "x-pack/plugins/actions/server/application/connector/methods/create/types/types.ts" + }, { "plugin": "actions", "path": "x-pack/plugins/actions/server/types.ts" @@ -2724,15 +2736,15 @@ }, { "plugin": "actions", - "path": "x-pack/plugins/actions/server/actions_client/actions_client.ts" + "path": "x-pack/plugins/actions/server/application/connector/methods/create/create.ts" }, { "plugin": "actions", - "path": "x-pack/plugins/actions/server/actions_client/actions_client.ts" + "path": "x-pack/plugins/actions/server/application/connector/methods/create/create.ts" }, { "plugin": "actions", - "path": "x-pack/plugins/actions/server/actions_client/actions_client.ts" + "path": "x-pack/plugins/actions/server/application/connector/methods/create/create.ts" }, { "plugin": "alerting", diff --git a/api_docs/kbn_core_saved_objects_api_server.mdx b/api_docs/kbn_core_saved_objects_api_server.mdx index 2af5fc8259e5fc..bd4eb80dcc82a5 100644 --- a/api_docs/kbn_core_saved_objects_api_server.mdx +++ b/api_docs/kbn_core_saved_objects_api_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-api-server title: "@kbn/core-saved-objects-api-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-api-server plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-api-server'] --- import kbnCoreSavedObjectsApiServerObj from './kbn_core_saved_objects_api_server.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_api_server_mocks.mdx b/api_docs/kbn_core_saved_objects_api_server_mocks.mdx index 4822a5a8e33e20..1d6b91c6e46d8d 100644 --- a/api_docs/kbn_core_saved_objects_api_server_mocks.mdx +++ b/api_docs/kbn_core_saved_objects_api_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-api-server-mocks title: "@kbn/core-saved-objects-api-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-api-server-mocks plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-api-server-mocks'] --- import kbnCoreSavedObjectsApiServerMocksObj from './kbn_core_saved_objects_api_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_base_server_internal.mdx b/api_docs/kbn_core_saved_objects_base_server_internal.mdx index 2ce28c38e754c4..edfeb7ca879f2d 100644 --- a/api_docs/kbn_core_saved_objects_base_server_internal.mdx +++ b/api_docs/kbn_core_saved_objects_base_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-base-server-internal title: "@kbn/core-saved-objects-base-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-base-server-internal plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-base-server-internal'] --- import kbnCoreSavedObjectsBaseServerInternalObj from './kbn_core_saved_objects_base_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_base_server_mocks.mdx b/api_docs/kbn_core_saved_objects_base_server_mocks.mdx index 75013aad69a2d3..500bf5766f632b 100644 --- a/api_docs/kbn_core_saved_objects_base_server_mocks.mdx +++ b/api_docs/kbn_core_saved_objects_base_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-base-server-mocks title: "@kbn/core-saved-objects-base-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-base-server-mocks plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-base-server-mocks'] --- import kbnCoreSavedObjectsBaseServerMocksObj from './kbn_core_saved_objects_base_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_browser.mdx b/api_docs/kbn_core_saved_objects_browser.mdx index 4e9638394dde77..a42608134723e0 100644 --- a/api_docs/kbn_core_saved_objects_browser.mdx +++ b/api_docs/kbn_core_saved_objects_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-browser title: "@kbn/core-saved-objects-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-browser plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-browser'] --- import kbnCoreSavedObjectsBrowserObj from './kbn_core_saved_objects_browser.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_browser_internal.mdx b/api_docs/kbn_core_saved_objects_browser_internal.mdx index f0ff5a88c576f4..d3d13cc2c63bfa 100644 --- a/api_docs/kbn_core_saved_objects_browser_internal.mdx +++ b/api_docs/kbn_core_saved_objects_browser_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-browser-internal title: "@kbn/core-saved-objects-browser-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-browser-internal plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-browser-internal'] --- import kbnCoreSavedObjectsBrowserInternalObj from './kbn_core_saved_objects_browser_internal.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_browser_mocks.mdx b/api_docs/kbn_core_saved_objects_browser_mocks.mdx index cb6233e13d02ee..88014da43a931d 100644 --- a/api_docs/kbn_core_saved_objects_browser_mocks.mdx +++ b/api_docs/kbn_core_saved_objects_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-browser-mocks title: "@kbn/core-saved-objects-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-browser-mocks plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-browser-mocks'] --- import kbnCoreSavedObjectsBrowserMocksObj from './kbn_core_saved_objects_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_common.devdocs.json b/api_docs/kbn_core_saved_objects_common.devdocs.json index 3e87ab4f758603..b6c10bc23fbf5a 100644 --- a/api_docs/kbn_core_saved_objects_common.devdocs.json +++ b/api_docs/kbn_core_saved_objects_common.devdocs.json @@ -1217,18 +1217,6 @@ "plugin": "@kbn/core", "path": "src/core/public/index.ts" }, - { - "plugin": "home", - "path": "src/plugins/home/server/services/sample_data/sample_data_registry.ts" - }, - { - "plugin": "home", - "path": "src/plugins/home/server/services/sample_data/sample_data_registry.ts" - }, - { - "plugin": "home", - "path": "src/plugins/home/server/services/sample_data/sample_data_registry.ts" - }, { "plugin": "savedObjectsTagging", "path": "x-pack/plugins/saved_objects_tagging/public/ui_api/get_table_column_definition.tsx" @@ -1241,6 +1229,18 @@ "plugin": "savedObjectsTagging", "path": "x-pack/plugins/saved_objects_tagging/public/ui_api/get_table_column_definition.tsx" }, + { + "plugin": "home", + "path": "src/plugins/home/server/services/sample_data/sample_data_registry.ts" + }, + { + "plugin": "home", + "path": "src/plugins/home/server/services/sample_data/sample_data_registry.ts" + }, + { + "plugin": "home", + "path": "src/plugins/home/server/services/sample_data/sample_data_registry.ts" + }, { "plugin": "canvas", "path": "x-pack/plugins/canvas/shareable_runtime/types.ts" diff --git a/api_docs/kbn_core_saved_objects_common.mdx b/api_docs/kbn_core_saved_objects_common.mdx index d42b2f8028c663..438ece77834ac1 100644 --- a/api_docs/kbn_core_saved_objects_common.mdx +++ b/api_docs/kbn_core_saved_objects_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-common title: "@kbn/core-saved-objects-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-common plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-common'] --- import kbnCoreSavedObjectsCommonObj from './kbn_core_saved_objects_common.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_import_export_server_internal.mdx b/api_docs/kbn_core_saved_objects_import_export_server_internal.mdx index 26e1126b752394..597789bb85c4bd 100644 --- a/api_docs/kbn_core_saved_objects_import_export_server_internal.mdx +++ b/api_docs/kbn_core_saved_objects_import_export_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-import-export-server-internal title: "@kbn/core-saved-objects-import-export-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-import-export-server-internal plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-import-export-server-internal'] --- import kbnCoreSavedObjectsImportExportServerInternalObj from './kbn_core_saved_objects_import_export_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_import_export_server_mocks.mdx b/api_docs/kbn_core_saved_objects_import_export_server_mocks.mdx index 25c00e9a5465b5..a30d7a9fa7c3cb 100644 --- a/api_docs/kbn_core_saved_objects_import_export_server_mocks.mdx +++ b/api_docs/kbn_core_saved_objects_import_export_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-import-export-server-mocks title: "@kbn/core-saved-objects-import-export-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-import-export-server-mocks plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-import-export-server-mocks'] --- import kbnCoreSavedObjectsImportExportServerMocksObj from './kbn_core_saved_objects_import_export_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_migration_server_internal.mdx b/api_docs/kbn_core_saved_objects_migration_server_internal.mdx index ec5c9173ef8f8e..d102e41200eab8 100644 --- a/api_docs/kbn_core_saved_objects_migration_server_internal.mdx +++ b/api_docs/kbn_core_saved_objects_migration_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-migration-server-internal title: "@kbn/core-saved-objects-migration-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-migration-server-internal plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-migration-server-internal'] --- import kbnCoreSavedObjectsMigrationServerInternalObj from './kbn_core_saved_objects_migration_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_migration_server_mocks.mdx b/api_docs/kbn_core_saved_objects_migration_server_mocks.mdx index e3bd6e8ac21775..9d882d20dcf2b9 100644 --- a/api_docs/kbn_core_saved_objects_migration_server_mocks.mdx +++ b/api_docs/kbn_core_saved_objects_migration_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-migration-server-mocks title: "@kbn/core-saved-objects-migration-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-migration-server-mocks plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-migration-server-mocks'] --- import kbnCoreSavedObjectsMigrationServerMocksObj from './kbn_core_saved_objects_migration_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_server.devdocs.json b/api_docs/kbn_core_saved_objects_server.devdocs.json index ff45bcbb7b16cb..fecd38966f116a 100644 --- a/api_docs/kbn_core_saved_objects_server.devdocs.json +++ b/api_docs/kbn_core_saved_objects_server.devdocs.json @@ -6177,6 +6177,18 @@ "plugin": "alerting", "path": "x-pack/plugins/alerting/common/rule.ts" }, + { + "plugin": "actions", + "path": "x-pack/plugins/actions/server/application/connector/methods/create/types/types.ts" + }, + { + "plugin": "actions", + "path": "x-pack/plugins/actions/server/application/connector/methods/create/types/types.ts" + }, + { + "plugin": "actions", + "path": "x-pack/plugins/actions/server/application/connector/methods/create/types/types.ts" + }, { "plugin": "actions", "path": "x-pack/plugins/actions/server/types.ts" @@ -6215,15 +6227,15 @@ }, { "plugin": "actions", - "path": "x-pack/plugins/actions/server/actions_client/actions_client.ts" + "path": "x-pack/plugins/actions/server/application/connector/methods/create/create.ts" }, { "plugin": "actions", - "path": "x-pack/plugins/actions/server/actions_client/actions_client.ts" + "path": "x-pack/plugins/actions/server/application/connector/methods/create/create.ts" }, { "plugin": "actions", - "path": "x-pack/plugins/actions/server/actions_client/actions_client.ts" + "path": "x-pack/plugins/actions/server/application/connector/methods/create/create.ts" }, { "plugin": "alerting", diff --git a/api_docs/kbn_core_saved_objects_server.mdx b/api_docs/kbn_core_saved_objects_server.mdx index 6959ef867d9a61..d2c7e37db72c55 100644 --- a/api_docs/kbn_core_saved_objects_server.mdx +++ b/api_docs/kbn_core_saved_objects_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-server title: "@kbn/core-saved-objects-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-server plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-server'] --- import kbnCoreSavedObjectsServerObj from './kbn_core_saved_objects_server.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_server_internal.mdx b/api_docs/kbn_core_saved_objects_server_internal.mdx index 8b2e1e7ce40afc..8154d4b5d19d9b 100644 --- a/api_docs/kbn_core_saved_objects_server_internal.mdx +++ b/api_docs/kbn_core_saved_objects_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-server-internal title: "@kbn/core-saved-objects-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-server-internal plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-server-internal'] --- import kbnCoreSavedObjectsServerInternalObj from './kbn_core_saved_objects_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_server_mocks.mdx b/api_docs/kbn_core_saved_objects_server_mocks.mdx index 487e492555d10f..0be66d1628cf4e 100644 --- a/api_docs/kbn_core_saved_objects_server_mocks.mdx +++ b/api_docs/kbn_core_saved_objects_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-server-mocks title: "@kbn/core-saved-objects-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-server-mocks plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-server-mocks'] --- import kbnCoreSavedObjectsServerMocksObj from './kbn_core_saved_objects_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_saved_objects_utils_server.mdx b/api_docs/kbn_core_saved_objects_utils_server.mdx index 7ddcd08239c780..4063c9ec892861 100644 --- a/api_docs/kbn_core_saved_objects_utils_server.mdx +++ b/api_docs/kbn_core_saved_objects_utils_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-saved-objects-utils-server title: "@kbn/core-saved-objects-utils-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-saved-objects-utils-server plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-saved-objects-utils-server'] --- import kbnCoreSavedObjectsUtilsServerObj from './kbn_core_saved_objects_utils_server.devdocs.json'; diff --git a/api_docs/kbn_core_security_browser.mdx b/api_docs/kbn_core_security_browser.mdx index 6d2c3325f5bc06..30e225b1fd7313 100644 --- a/api_docs/kbn_core_security_browser.mdx +++ b/api_docs/kbn_core_security_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-security-browser title: "@kbn/core-security-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-security-browser plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-security-browser'] --- import kbnCoreSecurityBrowserObj from './kbn_core_security_browser.devdocs.json'; diff --git a/api_docs/kbn_core_security_browser_internal.mdx b/api_docs/kbn_core_security_browser_internal.mdx index 00e19b23ce05eb..6afc5092a5495d 100644 --- a/api_docs/kbn_core_security_browser_internal.mdx +++ b/api_docs/kbn_core_security_browser_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-security-browser-internal title: "@kbn/core-security-browser-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-security-browser-internal plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-security-browser-internal'] --- import kbnCoreSecurityBrowserInternalObj from './kbn_core_security_browser_internal.devdocs.json'; diff --git a/api_docs/kbn_core_security_browser_mocks.mdx b/api_docs/kbn_core_security_browser_mocks.mdx index 7c2d32647bb601..b1f5390fcd94f2 100644 --- a/api_docs/kbn_core_security_browser_mocks.mdx +++ b/api_docs/kbn_core_security_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-security-browser-mocks title: "@kbn/core-security-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-security-browser-mocks plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-security-browser-mocks'] --- import kbnCoreSecurityBrowserMocksObj from './kbn_core_security_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_security_common.mdx b/api_docs/kbn_core_security_common.mdx index 1c8b2237d6f3a0..6c107efac89970 100644 --- a/api_docs/kbn_core_security_common.mdx +++ b/api_docs/kbn_core_security_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-security-common title: "@kbn/core-security-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-security-common plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-security-common'] --- import kbnCoreSecurityCommonObj from './kbn_core_security_common.devdocs.json'; diff --git a/api_docs/kbn_core_security_server.mdx b/api_docs/kbn_core_security_server.mdx index 95a530380a8de4..8aba7297daaa7c 100644 --- a/api_docs/kbn_core_security_server.mdx +++ b/api_docs/kbn_core_security_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-security-server title: "@kbn/core-security-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-security-server plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-security-server'] --- import kbnCoreSecurityServerObj from './kbn_core_security_server.devdocs.json'; diff --git a/api_docs/kbn_core_security_server_internal.mdx b/api_docs/kbn_core_security_server_internal.mdx index 38e822d9c79cda..84b3b3380b0b7d 100644 --- a/api_docs/kbn_core_security_server_internal.mdx +++ b/api_docs/kbn_core_security_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-security-server-internal title: "@kbn/core-security-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-security-server-internal plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-security-server-internal'] --- import kbnCoreSecurityServerInternalObj from './kbn_core_security_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_security_server_mocks.mdx b/api_docs/kbn_core_security_server_mocks.mdx index 5975730b5df467..162a9ac7c17e22 100644 --- a/api_docs/kbn_core_security_server_mocks.mdx +++ b/api_docs/kbn_core_security_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-security-server-mocks title: "@kbn/core-security-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-security-server-mocks plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-security-server-mocks'] --- import kbnCoreSecurityServerMocksObj from './kbn_core_security_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_status_common.mdx b/api_docs/kbn_core_status_common.mdx index b87f2ff96acc51..33e3087f6b729d 100644 --- a/api_docs/kbn_core_status_common.mdx +++ b/api_docs/kbn_core_status_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-status-common title: "@kbn/core-status-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-status-common plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-status-common'] --- import kbnCoreStatusCommonObj from './kbn_core_status_common.devdocs.json'; diff --git a/api_docs/kbn_core_status_common_internal.mdx b/api_docs/kbn_core_status_common_internal.mdx index c1c8fccd04e47f..db2382e7f81411 100644 --- a/api_docs/kbn_core_status_common_internal.mdx +++ b/api_docs/kbn_core_status_common_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-status-common-internal title: "@kbn/core-status-common-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-status-common-internal plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-status-common-internal'] --- import kbnCoreStatusCommonInternalObj from './kbn_core_status_common_internal.devdocs.json'; diff --git a/api_docs/kbn_core_status_server.mdx b/api_docs/kbn_core_status_server.mdx index 22364f442826a8..eeae84924e3141 100644 --- a/api_docs/kbn_core_status_server.mdx +++ b/api_docs/kbn_core_status_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-status-server title: "@kbn/core-status-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-status-server plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-status-server'] --- import kbnCoreStatusServerObj from './kbn_core_status_server.devdocs.json'; diff --git a/api_docs/kbn_core_status_server_internal.mdx b/api_docs/kbn_core_status_server_internal.mdx index e132b273d83c3d..f20a5d5e8c924f 100644 --- a/api_docs/kbn_core_status_server_internal.mdx +++ b/api_docs/kbn_core_status_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-status-server-internal title: "@kbn/core-status-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-status-server-internal plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-status-server-internal'] --- import kbnCoreStatusServerInternalObj from './kbn_core_status_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_status_server_mocks.mdx b/api_docs/kbn_core_status_server_mocks.mdx index 2aac7d1ce7cc47..7201d3162e3cb7 100644 --- a/api_docs/kbn_core_status_server_mocks.mdx +++ b/api_docs/kbn_core_status_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-status-server-mocks title: "@kbn/core-status-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-status-server-mocks plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-status-server-mocks'] --- import kbnCoreStatusServerMocksObj from './kbn_core_status_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_test_helpers_deprecations_getters.mdx b/api_docs/kbn_core_test_helpers_deprecations_getters.mdx index 5abf29052327cd..d9aa86a7840c80 100644 --- a/api_docs/kbn_core_test_helpers_deprecations_getters.mdx +++ b/api_docs/kbn_core_test_helpers_deprecations_getters.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-test-helpers-deprecations-getters title: "@kbn/core-test-helpers-deprecations-getters" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-test-helpers-deprecations-getters plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-test-helpers-deprecations-getters'] --- import kbnCoreTestHelpersDeprecationsGettersObj from './kbn_core_test_helpers_deprecations_getters.devdocs.json'; diff --git a/api_docs/kbn_core_test_helpers_http_setup_browser.mdx b/api_docs/kbn_core_test_helpers_http_setup_browser.mdx index 9777f11f4b82d7..decd9a92771007 100644 --- a/api_docs/kbn_core_test_helpers_http_setup_browser.mdx +++ b/api_docs/kbn_core_test_helpers_http_setup_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-test-helpers-http-setup-browser title: "@kbn/core-test-helpers-http-setup-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-test-helpers-http-setup-browser plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-test-helpers-http-setup-browser'] --- import kbnCoreTestHelpersHttpSetupBrowserObj from './kbn_core_test_helpers_http_setup_browser.devdocs.json'; diff --git a/api_docs/kbn_core_test_helpers_kbn_server.mdx b/api_docs/kbn_core_test_helpers_kbn_server.mdx index 9311be0e77eddd..eb60062653d32e 100644 --- a/api_docs/kbn_core_test_helpers_kbn_server.mdx +++ b/api_docs/kbn_core_test_helpers_kbn_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-test-helpers-kbn-server title: "@kbn/core-test-helpers-kbn-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-test-helpers-kbn-server plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-test-helpers-kbn-server'] --- import kbnCoreTestHelpersKbnServerObj from './kbn_core_test_helpers_kbn_server.devdocs.json'; diff --git a/api_docs/kbn_core_test_helpers_model_versions.mdx b/api_docs/kbn_core_test_helpers_model_versions.mdx index 9f1f5faf5c722a..deea48a635866a 100644 --- a/api_docs/kbn_core_test_helpers_model_versions.mdx +++ b/api_docs/kbn_core_test_helpers_model_versions.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-test-helpers-model-versions title: "@kbn/core-test-helpers-model-versions" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-test-helpers-model-versions plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-test-helpers-model-versions'] --- import kbnCoreTestHelpersModelVersionsObj from './kbn_core_test_helpers_model_versions.devdocs.json'; diff --git a/api_docs/kbn_core_test_helpers_so_type_serializer.mdx b/api_docs/kbn_core_test_helpers_so_type_serializer.mdx index d2ced9027972f1..c8ba7fd730c553 100644 --- a/api_docs/kbn_core_test_helpers_so_type_serializer.mdx +++ b/api_docs/kbn_core_test_helpers_so_type_serializer.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-test-helpers-so-type-serializer title: "@kbn/core-test-helpers-so-type-serializer" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-test-helpers-so-type-serializer plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-test-helpers-so-type-serializer'] --- import kbnCoreTestHelpersSoTypeSerializerObj from './kbn_core_test_helpers_so_type_serializer.devdocs.json'; diff --git a/api_docs/kbn_core_test_helpers_test_utils.mdx b/api_docs/kbn_core_test_helpers_test_utils.mdx index d6d9671cdf7e42..3d33363e81e9dd 100644 --- a/api_docs/kbn_core_test_helpers_test_utils.mdx +++ b/api_docs/kbn_core_test_helpers_test_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-test-helpers-test-utils title: "@kbn/core-test-helpers-test-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-test-helpers-test-utils plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-test-helpers-test-utils'] --- import kbnCoreTestHelpersTestUtilsObj from './kbn_core_test_helpers_test_utils.devdocs.json'; diff --git a/api_docs/kbn_core_theme_browser.mdx b/api_docs/kbn_core_theme_browser.mdx index 321c3d96785889..8fb29983729969 100644 --- a/api_docs/kbn_core_theme_browser.mdx +++ b/api_docs/kbn_core_theme_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-theme-browser title: "@kbn/core-theme-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-theme-browser plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-theme-browser'] --- import kbnCoreThemeBrowserObj from './kbn_core_theme_browser.devdocs.json'; diff --git a/api_docs/kbn_core_theme_browser_mocks.mdx b/api_docs/kbn_core_theme_browser_mocks.mdx index bbb8155a127caf..ced3e5c8f5d787 100644 --- a/api_docs/kbn_core_theme_browser_mocks.mdx +++ b/api_docs/kbn_core_theme_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-theme-browser-mocks title: "@kbn/core-theme-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-theme-browser-mocks plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-theme-browser-mocks'] --- import kbnCoreThemeBrowserMocksObj from './kbn_core_theme_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_ui_settings_browser.mdx b/api_docs/kbn_core_ui_settings_browser.mdx index 3d64e36c6baf61..12a9c7bc65168d 100644 --- a/api_docs/kbn_core_ui_settings_browser.mdx +++ b/api_docs/kbn_core_ui_settings_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-ui-settings-browser title: "@kbn/core-ui-settings-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-ui-settings-browser plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-ui-settings-browser'] --- import kbnCoreUiSettingsBrowserObj from './kbn_core_ui_settings_browser.devdocs.json'; diff --git a/api_docs/kbn_core_ui_settings_browser_internal.mdx b/api_docs/kbn_core_ui_settings_browser_internal.mdx index a967bf6c29fe28..8e54c9684a2add 100644 --- a/api_docs/kbn_core_ui_settings_browser_internal.mdx +++ b/api_docs/kbn_core_ui_settings_browser_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-ui-settings-browser-internal title: "@kbn/core-ui-settings-browser-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-ui-settings-browser-internal plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-ui-settings-browser-internal'] --- import kbnCoreUiSettingsBrowserInternalObj from './kbn_core_ui_settings_browser_internal.devdocs.json'; diff --git a/api_docs/kbn_core_ui_settings_browser_mocks.mdx b/api_docs/kbn_core_ui_settings_browser_mocks.mdx index 9afb2822199c2d..cd61f99b4b2bd3 100644 --- a/api_docs/kbn_core_ui_settings_browser_mocks.mdx +++ b/api_docs/kbn_core_ui_settings_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-ui-settings-browser-mocks title: "@kbn/core-ui-settings-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-ui-settings-browser-mocks plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-ui-settings-browser-mocks'] --- import kbnCoreUiSettingsBrowserMocksObj from './kbn_core_ui_settings_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_ui_settings_common.mdx b/api_docs/kbn_core_ui_settings_common.mdx index 1ea0575eebccf7..cb80cbedb788f6 100644 --- a/api_docs/kbn_core_ui_settings_common.mdx +++ b/api_docs/kbn_core_ui_settings_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-ui-settings-common title: "@kbn/core-ui-settings-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-ui-settings-common plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-ui-settings-common'] --- import kbnCoreUiSettingsCommonObj from './kbn_core_ui_settings_common.devdocs.json'; diff --git a/api_docs/kbn_core_ui_settings_server.mdx b/api_docs/kbn_core_ui_settings_server.mdx index 4277ecd0036737..17b1af67107008 100644 --- a/api_docs/kbn_core_ui_settings_server.mdx +++ b/api_docs/kbn_core_ui_settings_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-ui-settings-server title: "@kbn/core-ui-settings-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-ui-settings-server plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-ui-settings-server'] --- import kbnCoreUiSettingsServerObj from './kbn_core_ui_settings_server.devdocs.json'; diff --git a/api_docs/kbn_core_ui_settings_server_internal.mdx b/api_docs/kbn_core_ui_settings_server_internal.mdx index 93023a698123fc..789a46d1c5a737 100644 --- a/api_docs/kbn_core_ui_settings_server_internal.mdx +++ b/api_docs/kbn_core_ui_settings_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-ui-settings-server-internal title: "@kbn/core-ui-settings-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-ui-settings-server-internal plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-ui-settings-server-internal'] --- import kbnCoreUiSettingsServerInternalObj from './kbn_core_ui_settings_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_ui_settings_server_mocks.mdx b/api_docs/kbn_core_ui_settings_server_mocks.mdx index 4b85e4c8b6888f..4348a829a7d6ad 100644 --- a/api_docs/kbn_core_ui_settings_server_mocks.mdx +++ b/api_docs/kbn_core_ui_settings_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-ui-settings-server-mocks title: "@kbn/core-ui-settings-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-ui-settings-server-mocks plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-ui-settings-server-mocks'] --- import kbnCoreUiSettingsServerMocksObj from './kbn_core_ui_settings_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_usage_data_server.devdocs.json b/api_docs/kbn_core_usage_data_server.devdocs.json index 4ba0e9204206de..f9604e3bebfc9f 100644 --- a/api_docs/kbn_core_usage_data_server.devdocs.json +++ b/api_docs/kbn_core_usage_data_server.devdocs.json @@ -98,6 +98,75 @@ ], "initialIsOpen": false }, + { + "parentPluginId": "@kbn/core-usage-data-server", + "id": "def-server.CoreDeprecatedApiUsageStats", + "type": "Interface", + "tags": [], + "label": "CoreDeprecatedApiUsageStats", + "description": [], + "path": "packages/core/usage-data/core-usage-data-server/src/core_usage_stats.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/core-usage-data-server", + "id": "def-server.CoreDeprecatedApiUsageStats.apiId", + "type": "string", + "tags": [], + "label": "apiId", + "description": [], + "path": "packages/core/usage-data/core-usage-data-server/src/core_usage_stats.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/core-usage-data-server", + "id": "def-server.CoreDeprecatedApiUsageStats.totalMarkedAsResolved", + "type": "number", + "tags": [], + "label": "totalMarkedAsResolved", + "description": [], + "path": "packages/core/usage-data/core-usage-data-server/src/core_usage_stats.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/core-usage-data-server", + "id": "def-server.CoreDeprecatedApiUsageStats.markedAsResolvedLastCalledAt", + "type": "string", + "tags": [], + "label": "markedAsResolvedLastCalledAt", + "description": [], + "path": "packages/core/usage-data/core-usage-data-server/src/core_usage_stats.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/core-usage-data-server", + "id": "def-server.CoreDeprecatedApiUsageStats.apiTotalCalls", + "type": "number", + "tags": [], + "label": "apiTotalCalls", + "description": [], + "path": "packages/core/usage-data/core-usage-data-server/src/core_usage_stats.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/core-usage-data-server", + "id": "def-server.CoreDeprecatedApiUsageStats.apiLastCalledAt", + "type": "string", + "tags": [], + "label": "apiLastCalledAt", + "description": [], + "path": "packages/core/usage-data/core-usage-data-server/src/core_usage_stats.ts", + "deprecated": false, + "trackAdoption": false + } + ], + "initialIsOpen": false + }, { "parentPluginId": "@kbn/core-usage-data-server", "id": "def-server.CoreEnvironmentUsageData", @@ -327,9 +396,7 @@ "parentPluginId": "@kbn/core-usage-data-server", "id": "def-server.CoreUsageDataSetup", "type": "Interface", - "tags": [ - "note" - ], + "tags": [], "label": "CoreUsageDataSetup", "description": [ "\nInternal API for registering the Usage Tracker used for Core's usage data payload.\n" @@ -385,6 +452,52 @@ } ], "returnComment": [] + }, + { + "parentPluginId": "@kbn/core-usage-data-server", + "id": "def-server.CoreUsageDataSetup.registerDeprecatedUsageFetch", + "type": "Function", + "tags": [], + "label": "registerDeprecatedUsageFetch", + "description": [], + "signature": [ + "(fetchFn: ", + { + "pluginId": "@kbn/core-usage-data-server", + "scope": "server", + "docId": "kibKbnCoreUsageDataServerPluginApi", + "section": "def-server.DeprecatedApiUsageFetcher", + "text": "DeprecatedApiUsageFetcher" + }, + ") => void" + ], + "path": "packages/core/usage-data/core-usage-data-server/src/setup_contract.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/core-usage-data-server", + "id": "def-server.CoreUsageDataSetup.registerDeprecatedUsageFetch.$1", + "type": "Function", + "tags": [], + "label": "fetchFn", + "description": [], + "signature": [ + { + "pluginId": "@kbn/core-usage-data-server", + "scope": "server", + "docId": "kibKbnCoreUsageDataServerPluginApi", + "section": "def-server.DeprecatedApiUsageFetcher", + "text": "DeprecatedApiUsageFetcher" + } + ], + "path": "packages/core/usage-data/core-usage-data-server/src/setup_contract.ts", + "deprecated": false, + "trackAdoption": false, + "isRequired": true + } + ], + "returnComment": [] } ], "initialIsOpen": false @@ -2288,6 +2401,62 @@ } ], "initialIsOpen": false + }, + { + "parentPluginId": "@kbn/core-usage-data-server", + "id": "def-server.DeprecatedApiUsageFetcher", + "type": "Type", + "tags": [], + "label": "DeprecatedApiUsageFetcher", + "description": [], + "signature": [ + "(params: { soClient: ", + { + "pluginId": "@kbn/core-saved-objects-api-server", + "scope": "server", + "docId": "kibKbnCoreSavedObjectsApiServerPluginApi", + "section": "def-server.ISavedObjectsRepository", + "text": "ISavedObjectsRepository" + }, + "; }) => Promise<", + { + "pluginId": "@kbn/core-usage-data-server", + "scope": "server", + "docId": "kibKbnCoreUsageDataServerPluginApi", + "section": "def-server.CoreDeprecatedApiUsageStats", + "text": "CoreDeprecatedApiUsageStats" + }, + "[]>" + ], + "path": "packages/core/usage-data/core-usage-data-server/src/setup_contract.ts", + "deprecated": false, + "trackAdoption": false, + "returnComment": [], + "children": [ + { + "parentPluginId": "@kbn/core-usage-data-server", + "id": "def-server.DeprecatedApiUsageFetcher.$1", + "type": "Object", + "tags": [], + "label": "params", + "description": [], + "signature": [ + "{ soClient: ", + { + "pluginId": "@kbn/core-saved-objects-api-server", + "scope": "server", + "docId": "kibKbnCoreSavedObjectsApiServerPluginApi", + "section": "def-server.ISavedObjectsRepository", + "text": "ISavedObjectsRepository" + }, + "; }" + ], + "path": "packages/core/usage-data/core-usage-data-server/src/setup_contract.ts", + "deprecated": false, + "trackAdoption": false + } + ], + "initialIsOpen": false } ], "objects": [] diff --git a/api_docs/kbn_core_usage_data_server.mdx b/api_docs/kbn_core_usage_data_server.mdx index 8abbc146f4f9c7..0eecc445ff9f84 100644 --- a/api_docs/kbn_core_usage_data_server.mdx +++ b/api_docs/kbn_core_usage_data_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-usage-data-server title: "@kbn/core-usage-data-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-usage-data-server plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-usage-data-server'] --- import kbnCoreUsageDataServerObj from './kbn_core_usage_data_server.devdocs.json'; @@ -21,7 +21,7 @@ Contact [@elastic/kibana-core](https://github.com/orgs/elastic/teams/kibana-core | Public API count | Any count | Items lacking comments | Missing exports | |-------------------|-----------|------------------------|-----------------| -| 155 | 0 | 144 | 0 | +| 165 | 0 | 154 | 0 | ## Server diff --git a/api_docs/kbn_core_usage_data_server_internal.mdx b/api_docs/kbn_core_usage_data_server_internal.mdx index 53d37a422c76e8..61e6ab58e2e9f9 100644 --- a/api_docs/kbn_core_usage_data_server_internal.mdx +++ b/api_docs/kbn_core_usage_data_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-usage-data-server-internal title: "@kbn/core-usage-data-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-usage-data-server-internal plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-usage-data-server-internal'] --- import kbnCoreUsageDataServerInternalObj from './kbn_core_usage_data_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_usage_data_server_mocks.devdocs.json b/api_docs/kbn_core_usage_data_server_mocks.devdocs.json index 7ab368476bc356..d32fdca291d8c2 100644 --- a/api_docs/kbn_core_usage_data_server_mocks.devdocs.json +++ b/api_docs/kbn_core_usage_data_server_mocks.devdocs.json @@ -93,7 +93,15 @@ "section": "def-server.CoreUsageStats", "text": "CoreUsageStats" }, - ">, [], unknown>; incrementSavedObjectsBulkCreate: jest.MockInstance, [options: ", + ">, [], unknown>; getDeprecatedApiUsageStats: jest.MockInstance, [], unknown>; incrementDeprecatedApi: jest.MockInstance, [counterName: string, options: { resolved?: boolean | undefined; incrementBy?: number | undefined; }], unknown>; incrementSavedObjectsBulkCreate: jest.MockInstance, [options: ", "BaseIncrementOptions", "], unknown>; incrementSavedObjectsBulkGet: jest.MockInstance, [options: ", "BaseIncrementOptions", diff --git a/api_docs/kbn_core_usage_data_server_mocks.mdx b/api_docs/kbn_core_usage_data_server_mocks.mdx index 7f9c8f9b6ca93e..ba644258dfd72b 100644 --- a/api_docs/kbn_core_usage_data_server_mocks.mdx +++ b/api_docs/kbn_core_usage_data_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-usage-data-server-mocks title: "@kbn/core-usage-data-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-usage-data-server-mocks plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-usage-data-server-mocks'] --- import kbnCoreUsageDataServerMocksObj from './kbn_core_usage_data_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_user_profile_browser.mdx b/api_docs/kbn_core_user_profile_browser.mdx index 864082a5bcf5d2..567b46bd163091 100644 --- a/api_docs/kbn_core_user_profile_browser.mdx +++ b/api_docs/kbn_core_user_profile_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-user-profile-browser title: "@kbn/core-user-profile-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-user-profile-browser plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-user-profile-browser'] --- import kbnCoreUserProfileBrowserObj from './kbn_core_user_profile_browser.devdocs.json'; diff --git a/api_docs/kbn_core_user_profile_browser_internal.mdx b/api_docs/kbn_core_user_profile_browser_internal.mdx index 7263336f6a0249..6d8d2844fc05f4 100644 --- a/api_docs/kbn_core_user_profile_browser_internal.mdx +++ b/api_docs/kbn_core_user_profile_browser_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-user-profile-browser-internal title: "@kbn/core-user-profile-browser-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-user-profile-browser-internal plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-user-profile-browser-internal'] --- import kbnCoreUserProfileBrowserInternalObj from './kbn_core_user_profile_browser_internal.devdocs.json'; diff --git a/api_docs/kbn_core_user_profile_browser_mocks.mdx b/api_docs/kbn_core_user_profile_browser_mocks.mdx index 73c516372ac16f..a2ffdb5bf9bfd4 100644 --- a/api_docs/kbn_core_user_profile_browser_mocks.mdx +++ b/api_docs/kbn_core_user_profile_browser_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-user-profile-browser-mocks title: "@kbn/core-user-profile-browser-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-user-profile-browser-mocks plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-user-profile-browser-mocks'] --- import kbnCoreUserProfileBrowserMocksObj from './kbn_core_user_profile_browser_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_user_profile_common.mdx b/api_docs/kbn_core_user_profile_common.mdx index c2e52a088c736e..f52ab178cfb345 100644 --- a/api_docs/kbn_core_user_profile_common.mdx +++ b/api_docs/kbn_core_user_profile_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-user-profile-common title: "@kbn/core-user-profile-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-user-profile-common plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-user-profile-common'] --- import kbnCoreUserProfileCommonObj from './kbn_core_user_profile_common.devdocs.json'; diff --git a/api_docs/kbn_core_user_profile_server.mdx b/api_docs/kbn_core_user_profile_server.mdx index d43ab94d09baad..71bcc53fcf1cc9 100644 --- a/api_docs/kbn_core_user_profile_server.mdx +++ b/api_docs/kbn_core_user_profile_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-user-profile-server title: "@kbn/core-user-profile-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-user-profile-server plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-user-profile-server'] --- import kbnCoreUserProfileServerObj from './kbn_core_user_profile_server.devdocs.json'; diff --git a/api_docs/kbn_core_user_profile_server_internal.mdx b/api_docs/kbn_core_user_profile_server_internal.mdx index eda33c00bc49eb..8f02889d3a193f 100644 --- a/api_docs/kbn_core_user_profile_server_internal.mdx +++ b/api_docs/kbn_core_user_profile_server_internal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-user-profile-server-internal title: "@kbn/core-user-profile-server-internal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-user-profile-server-internal plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-user-profile-server-internal'] --- import kbnCoreUserProfileServerInternalObj from './kbn_core_user_profile_server_internal.devdocs.json'; diff --git a/api_docs/kbn_core_user_profile_server_mocks.mdx b/api_docs/kbn_core_user_profile_server_mocks.mdx index 2f29aedf606deb..4d9861f072e6c2 100644 --- a/api_docs/kbn_core_user_profile_server_mocks.mdx +++ b/api_docs/kbn_core_user_profile_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-user-profile-server-mocks title: "@kbn/core-user-profile-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-user-profile-server-mocks plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-user-profile-server-mocks'] --- import kbnCoreUserProfileServerMocksObj from './kbn_core_user_profile_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_core_user_settings_server.mdx b/api_docs/kbn_core_user_settings_server.mdx index 6b45827c78bfd0..d3ef3836f28dad 100644 --- a/api_docs/kbn_core_user_settings_server.mdx +++ b/api_docs/kbn_core_user_settings_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-user-settings-server title: "@kbn/core-user-settings-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-user-settings-server plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-user-settings-server'] --- import kbnCoreUserSettingsServerObj from './kbn_core_user_settings_server.devdocs.json'; diff --git a/api_docs/kbn_core_user_settings_server_mocks.mdx b/api_docs/kbn_core_user_settings_server_mocks.mdx index 4e8b691bb7003f..58efb1632cc156 100644 --- a/api_docs/kbn_core_user_settings_server_mocks.mdx +++ b/api_docs/kbn_core_user_settings_server_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-core-user-settings-server-mocks title: "@kbn/core-user-settings-server-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/core-user-settings-server-mocks plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/core-user-settings-server-mocks'] --- import kbnCoreUserSettingsServerMocksObj from './kbn_core_user_settings_server_mocks.devdocs.json'; diff --git a/api_docs/kbn_crypto.mdx b/api_docs/kbn_crypto.mdx index cffef30fe1ec26..7c1742b2dce332 100644 --- a/api_docs/kbn_crypto.mdx +++ b/api_docs/kbn_crypto.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-crypto title: "@kbn/crypto" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/crypto plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/crypto'] --- import kbnCryptoObj from './kbn_crypto.devdocs.json'; diff --git a/api_docs/kbn_crypto_browser.mdx b/api_docs/kbn_crypto_browser.mdx index 23e17bf2d02dcd..fb41fd4d2f069e 100644 --- a/api_docs/kbn_crypto_browser.mdx +++ b/api_docs/kbn_crypto_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-crypto-browser title: "@kbn/crypto-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/crypto-browser plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/crypto-browser'] --- import kbnCryptoBrowserObj from './kbn_crypto_browser.devdocs.json'; diff --git a/api_docs/kbn_custom_icons.mdx b/api_docs/kbn_custom_icons.mdx index 9bf56811554a76..033be37e25e5ac 100644 --- a/api_docs/kbn_custom_icons.mdx +++ b/api_docs/kbn_custom_icons.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-custom-icons title: "@kbn/custom-icons" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/custom-icons plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/custom-icons'] --- import kbnCustomIconsObj from './kbn_custom_icons.devdocs.json'; diff --git a/api_docs/kbn_custom_integrations.mdx b/api_docs/kbn_custom_integrations.mdx index f6489372ff2e39..66d977adeab1dc 100644 --- a/api_docs/kbn_custom_integrations.mdx +++ b/api_docs/kbn_custom_integrations.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-custom-integrations title: "@kbn/custom-integrations" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/custom-integrations plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/custom-integrations'] --- import kbnCustomIntegrationsObj from './kbn_custom_integrations.devdocs.json'; diff --git a/api_docs/kbn_cypress_config.mdx b/api_docs/kbn_cypress_config.mdx index ebec7510303312..be7daaebfa2bf2 100644 --- a/api_docs/kbn_cypress_config.mdx +++ b/api_docs/kbn_cypress_config.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-cypress-config title: "@kbn/cypress-config" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/cypress-config plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/cypress-config'] --- import kbnCypressConfigObj from './kbn_cypress_config.devdocs.json'; diff --git a/api_docs/kbn_data_forge.mdx b/api_docs/kbn_data_forge.mdx index fa91cfc4d3e8aa..a7d4f3f3b48675 100644 --- a/api_docs/kbn_data_forge.mdx +++ b/api_docs/kbn_data_forge.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-data-forge title: "@kbn/data-forge" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/data-forge plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/data-forge'] --- import kbnDataForgeObj from './kbn_data_forge.devdocs.json'; diff --git a/api_docs/kbn_data_service.mdx b/api_docs/kbn_data_service.mdx index 93693e6e09cf56..b6de0fdb6d3e02 100644 --- a/api_docs/kbn_data_service.mdx +++ b/api_docs/kbn_data_service.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-data-service title: "@kbn/data-service" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/data-service plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/data-service'] --- import kbnDataServiceObj from './kbn_data_service.devdocs.json'; diff --git a/api_docs/kbn_data_stream_adapter.mdx b/api_docs/kbn_data_stream_adapter.mdx index 4132b16f826553..c794a952c8ad33 100644 --- a/api_docs/kbn_data_stream_adapter.mdx +++ b/api_docs/kbn_data_stream_adapter.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-data-stream-adapter title: "@kbn/data-stream-adapter" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/data-stream-adapter plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/data-stream-adapter'] --- import kbnDataStreamAdapterObj from './kbn_data_stream_adapter.devdocs.json'; diff --git a/api_docs/kbn_data_view_utils.mdx b/api_docs/kbn_data_view_utils.mdx index 85972ebbf504a8..5f302da76b92de 100644 --- a/api_docs/kbn_data_view_utils.mdx +++ b/api_docs/kbn_data_view_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-data-view-utils title: "@kbn/data-view-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/data-view-utils plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/data-view-utils'] --- import kbnDataViewUtilsObj from './kbn_data_view_utils.devdocs.json'; diff --git a/api_docs/kbn_datemath.mdx b/api_docs/kbn_datemath.mdx index 2fc12904d763a9..e0b70c8a773f42 100644 --- a/api_docs/kbn_datemath.mdx +++ b/api_docs/kbn_datemath.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-datemath title: "@kbn/datemath" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/datemath plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/datemath'] --- import kbnDatemathObj from './kbn_datemath.devdocs.json'; diff --git a/api_docs/kbn_deeplinks_analytics.mdx b/api_docs/kbn_deeplinks_analytics.mdx index d90f7f70e8ac58..62628740d8d40b 100644 --- a/api_docs/kbn_deeplinks_analytics.mdx +++ b/api_docs/kbn_deeplinks_analytics.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-deeplinks-analytics title: "@kbn/deeplinks-analytics" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/deeplinks-analytics plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/deeplinks-analytics'] --- import kbnDeeplinksAnalyticsObj from './kbn_deeplinks_analytics.devdocs.json'; diff --git a/api_docs/kbn_deeplinks_devtools.mdx b/api_docs/kbn_deeplinks_devtools.mdx index 6f841f6f07bca6..9342bca97c4ee5 100644 --- a/api_docs/kbn_deeplinks_devtools.mdx +++ b/api_docs/kbn_deeplinks_devtools.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-deeplinks-devtools title: "@kbn/deeplinks-devtools" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/deeplinks-devtools plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/deeplinks-devtools'] --- import kbnDeeplinksDevtoolsObj from './kbn_deeplinks_devtools.devdocs.json'; diff --git a/api_docs/kbn_deeplinks_fleet.mdx b/api_docs/kbn_deeplinks_fleet.mdx index 57332f6425e330..160bd4fd7b8d7f 100644 --- a/api_docs/kbn_deeplinks_fleet.mdx +++ b/api_docs/kbn_deeplinks_fleet.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-deeplinks-fleet title: "@kbn/deeplinks-fleet" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/deeplinks-fleet plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/deeplinks-fleet'] --- import kbnDeeplinksFleetObj from './kbn_deeplinks_fleet.devdocs.json'; diff --git a/api_docs/kbn_deeplinks_management.mdx b/api_docs/kbn_deeplinks_management.mdx index ee6a5c94bc1d0a..34b66034ecac41 100644 --- a/api_docs/kbn_deeplinks_management.mdx +++ b/api_docs/kbn_deeplinks_management.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-deeplinks-management title: "@kbn/deeplinks-management" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/deeplinks-management plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/deeplinks-management'] --- import kbnDeeplinksManagementObj from './kbn_deeplinks_management.devdocs.json'; diff --git a/api_docs/kbn_deeplinks_ml.mdx b/api_docs/kbn_deeplinks_ml.mdx index 478ee5b3decec4..5b49dd92db65b9 100644 --- a/api_docs/kbn_deeplinks_ml.mdx +++ b/api_docs/kbn_deeplinks_ml.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-deeplinks-ml title: "@kbn/deeplinks-ml" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/deeplinks-ml plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/deeplinks-ml'] --- import kbnDeeplinksMlObj from './kbn_deeplinks_ml.devdocs.json'; diff --git a/api_docs/kbn_deeplinks_observability.mdx b/api_docs/kbn_deeplinks_observability.mdx index 11426db6e35664..af2b920ef80610 100644 --- a/api_docs/kbn_deeplinks_observability.mdx +++ b/api_docs/kbn_deeplinks_observability.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-deeplinks-observability title: "@kbn/deeplinks-observability" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/deeplinks-observability plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/deeplinks-observability'] --- import kbnDeeplinksObservabilityObj from './kbn_deeplinks_observability.devdocs.json'; diff --git a/api_docs/kbn_deeplinks_search.devdocs.json b/api_docs/kbn_deeplinks_search.devdocs.json index ab97c3e504a2d8..8376c52ebf1ea9 100644 --- a/api_docs/kbn_deeplinks_search.devdocs.json +++ b/api_docs/kbn_deeplinks_search.devdocs.json @@ -30,7 +30,7 @@ "label": "DeepLinkId", "description": [], "signature": [ - "\"appSearch\" | \"enterpriseSearch\" | \"enterpriseSearchContent\" | \"enterpriseSearchApplications\" | \"enterpriseSearchRelevance\" | \"enterpriseSearchAnalytics\" | \"workplaceSearch\" | \"serverlessElasticsearch\" | \"serverlessConnectors\" | \"searchPlayground\" | \"searchInferenceEndpoints\" | \"searchHomepage\" | \"enterpriseSearchContent:connectors\" | \"enterpriseSearchContent:searchIndices\" | \"enterpriseSearchContent:webCrawlers\" | \"enterpriseSearchApplications:searchApplications\" | \"enterpriseSearchApplications:playground\" | \"appSearch:engines\" | \"enterpriseSearchRelevance:inferenceEndpoints\" | \"elasticsearchStart\" | \"elasticsearchIndices\"" + "\"appSearch\" | \"enterpriseSearch\" | \"enterpriseSearchContent\" | \"enterpriseSearchApplications\" | \"searchInferenceEndpoints\" | \"enterpriseSearchAnalytics\" | \"workplaceSearch\" | \"serverlessElasticsearch\" | \"serverlessConnectors\" | \"searchPlayground\" | \"searchHomepage\" | \"enterpriseSearchContent:connectors\" | \"enterpriseSearchContent:searchIndices\" | \"enterpriseSearchContent:webCrawlers\" | \"enterpriseSearchApplications:searchApplications\" | \"enterpriseSearchApplications:playground\" | \"appSearch:engines\" | \"searchInferenceEndpoints:inferenceEndpoints\" | \"elasticsearchStart\" | \"elasticsearchIndices\"" ], "path": "packages/deeplinks/search/deep_links.ts", "deprecated": false, @@ -120,7 +120,7 @@ "label": "ENTERPRISE_SEARCH_RELEVANCE_APP_ID", "description": [], "signature": [ - "\"enterpriseSearchRelevance\"" + "\"searchInferenceEndpoints\"" ], "path": "packages/deeplinks/search/constants.ts", "deprecated": false, diff --git a/api_docs/kbn_deeplinks_search.mdx b/api_docs/kbn_deeplinks_search.mdx index bc17346e31af71..ec37b96d5be614 100644 --- a/api_docs/kbn_deeplinks_search.mdx +++ b/api_docs/kbn_deeplinks_search.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-deeplinks-search title: "@kbn/deeplinks-search" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/deeplinks-search plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/deeplinks-search'] --- import kbnDeeplinksSearchObj from './kbn_deeplinks_search.devdocs.json'; diff --git a/api_docs/kbn_deeplinks_security.mdx b/api_docs/kbn_deeplinks_security.mdx index ded50fb4a51a12..72aa70b3e4c984 100644 --- a/api_docs/kbn_deeplinks_security.mdx +++ b/api_docs/kbn_deeplinks_security.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-deeplinks-security title: "@kbn/deeplinks-security" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/deeplinks-security plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/deeplinks-security'] --- import kbnDeeplinksSecurityObj from './kbn_deeplinks_security.devdocs.json'; diff --git a/api_docs/kbn_deeplinks_shared.mdx b/api_docs/kbn_deeplinks_shared.mdx index 1a65f27abc1e48..1a78647e210661 100644 --- a/api_docs/kbn_deeplinks_shared.mdx +++ b/api_docs/kbn_deeplinks_shared.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-deeplinks-shared title: "@kbn/deeplinks-shared" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/deeplinks-shared plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/deeplinks-shared'] --- import kbnDeeplinksSharedObj from './kbn_deeplinks_shared.devdocs.json'; diff --git a/api_docs/kbn_default_nav_analytics.mdx b/api_docs/kbn_default_nav_analytics.mdx index 9c9d346457c903..380bf52a08b993 100644 --- a/api_docs/kbn_default_nav_analytics.mdx +++ b/api_docs/kbn_default_nav_analytics.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-default-nav-analytics title: "@kbn/default-nav-analytics" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/default-nav-analytics plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/default-nav-analytics'] --- import kbnDefaultNavAnalyticsObj from './kbn_default_nav_analytics.devdocs.json'; diff --git a/api_docs/kbn_default_nav_devtools.mdx b/api_docs/kbn_default_nav_devtools.mdx index 2dd4ae977b2dc1..f7e7adc2901cf2 100644 --- a/api_docs/kbn_default_nav_devtools.mdx +++ b/api_docs/kbn_default_nav_devtools.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-default-nav-devtools title: "@kbn/default-nav-devtools" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/default-nav-devtools plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/default-nav-devtools'] --- import kbnDefaultNavDevtoolsObj from './kbn_default_nav_devtools.devdocs.json'; diff --git a/api_docs/kbn_default_nav_management.mdx b/api_docs/kbn_default_nav_management.mdx index 6491bfd53450eb..92325fe70e6d2b 100644 --- a/api_docs/kbn_default_nav_management.mdx +++ b/api_docs/kbn_default_nav_management.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-default-nav-management title: "@kbn/default-nav-management" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/default-nav-management plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/default-nav-management'] --- import kbnDefaultNavManagementObj from './kbn_default_nav_management.devdocs.json'; diff --git a/api_docs/kbn_default_nav_ml.mdx b/api_docs/kbn_default_nav_ml.mdx index 504283a91abf5c..0ce81dd9df569f 100644 --- a/api_docs/kbn_default_nav_ml.mdx +++ b/api_docs/kbn_default_nav_ml.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-default-nav-ml title: "@kbn/default-nav-ml" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/default-nav-ml plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/default-nav-ml'] --- import kbnDefaultNavMlObj from './kbn_default_nav_ml.devdocs.json'; diff --git a/api_docs/kbn_dev_cli_errors.mdx b/api_docs/kbn_dev_cli_errors.mdx index 1e4f3aaa0e448a..87c8575f56a204 100644 --- a/api_docs/kbn_dev_cli_errors.mdx +++ b/api_docs/kbn_dev_cli_errors.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-dev-cli-errors title: "@kbn/dev-cli-errors" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/dev-cli-errors plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/dev-cli-errors'] --- import kbnDevCliErrorsObj from './kbn_dev_cli_errors.devdocs.json'; diff --git a/api_docs/kbn_dev_cli_runner.mdx b/api_docs/kbn_dev_cli_runner.mdx index 772158edd6af85..35bc5c25adc332 100644 --- a/api_docs/kbn_dev_cli_runner.mdx +++ b/api_docs/kbn_dev_cli_runner.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-dev-cli-runner title: "@kbn/dev-cli-runner" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/dev-cli-runner plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/dev-cli-runner'] --- import kbnDevCliRunnerObj from './kbn_dev_cli_runner.devdocs.json'; diff --git a/api_docs/kbn_dev_proc_runner.mdx b/api_docs/kbn_dev_proc_runner.mdx index 286bb62e808bba..5525ece5bf4160 100644 --- a/api_docs/kbn_dev_proc_runner.mdx +++ b/api_docs/kbn_dev_proc_runner.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-dev-proc-runner title: "@kbn/dev-proc-runner" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/dev-proc-runner plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/dev-proc-runner'] --- import kbnDevProcRunnerObj from './kbn_dev_proc_runner.devdocs.json'; diff --git a/api_docs/kbn_dev_utils.mdx b/api_docs/kbn_dev_utils.mdx index 677a9a154c2f5b..f5b40e64cee7e8 100644 --- a/api_docs/kbn_dev_utils.mdx +++ b/api_docs/kbn_dev_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-dev-utils title: "@kbn/dev-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/dev-utils plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/dev-utils'] --- import kbnDevUtilsObj from './kbn_dev_utils.devdocs.json'; diff --git a/api_docs/kbn_discover_utils.mdx b/api_docs/kbn_discover_utils.mdx index 68e6615e4383fc..10757cf37cb5cd 100644 --- a/api_docs/kbn_discover_utils.mdx +++ b/api_docs/kbn_discover_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-discover-utils title: "@kbn/discover-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/discover-utils plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/discover-utils'] --- import kbnDiscoverUtilsObj from './kbn_discover_utils.devdocs.json'; diff --git a/api_docs/kbn_doc_links.mdx b/api_docs/kbn_doc_links.mdx index 64921d8506edf7..2f60492005fa96 100644 --- a/api_docs/kbn_doc_links.mdx +++ b/api_docs/kbn_doc_links.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-doc-links title: "@kbn/doc-links" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/doc-links plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/doc-links'] --- import kbnDocLinksObj from './kbn_doc_links.devdocs.json'; diff --git a/api_docs/kbn_docs_utils.mdx b/api_docs/kbn_docs_utils.mdx index 8bcc828c8546a2..c29e85f798321b 100644 --- a/api_docs/kbn_docs_utils.mdx +++ b/api_docs/kbn_docs_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-docs-utils title: "@kbn/docs-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/docs-utils plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/docs-utils'] --- import kbnDocsUtilsObj from './kbn_docs_utils.devdocs.json'; diff --git a/api_docs/kbn_dom_drag_drop.mdx b/api_docs/kbn_dom_drag_drop.mdx index 6e7153490fc3f0..78e5e8caa2e1f0 100644 --- a/api_docs/kbn_dom_drag_drop.mdx +++ b/api_docs/kbn_dom_drag_drop.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-dom-drag-drop title: "@kbn/dom-drag-drop" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/dom-drag-drop plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/dom-drag-drop'] --- import kbnDomDragDropObj from './kbn_dom_drag_drop.devdocs.json'; diff --git a/api_docs/kbn_ebt_tools.mdx b/api_docs/kbn_ebt_tools.mdx index 8f5d16bffabe4c..9fb8765438dadf 100644 --- a/api_docs/kbn_ebt_tools.mdx +++ b/api_docs/kbn_ebt_tools.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ebt-tools title: "@kbn/ebt-tools" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ebt-tools plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ebt-tools'] --- import kbnEbtToolsObj from './kbn_ebt_tools.devdocs.json'; diff --git a/api_docs/kbn_ecs_data_quality_dashboard.mdx b/api_docs/kbn_ecs_data_quality_dashboard.mdx index e972044e986b11..eeb202bc59302a 100644 --- a/api_docs/kbn_ecs_data_quality_dashboard.mdx +++ b/api_docs/kbn_ecs_data_quality_dashboard.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ecs-data-quality-dashboard title: "@kbn/ecs-data-quality-dashboard" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ecs-data-quality-dashboard plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ecs-data-quality-dashboard'] --- import kbnEcsDataQualityDashboardObj from './kbn_ecs_data_quality_dashboard.devdocs.json'; diff --git a/api_docs/kbn_elastic_agent_utils.mdx b/api_docs/kbn_elastic_agent_utils.mdx index d290ccfd52ef69..69ec49fb34abba 100644 --- a/api_docs/kbn_elastic_agent_utils.mdx +++ b/api_docs/kbn_elastic_agent_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-elastic-agent-utils title: "@kbn/elastic-agent-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/elastic-agent-utils plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/elastic-agent-utils'] --- import kbnElasticAgentUtilsObj from './kbn_elastic_agent_utils.devdocs.json'; diff --git a/api_docs/kbn_elastic_assistant.mdx b/api_docs/kbn_elastic_assistant.mdx index 494a651e9f18e0..629be95ec3fc72 100644 --- a/api_docs/kbn_elastic_assistant.mdx +++ b/api_docs/kbn_elastic_assistant.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-elastic-assistant title: "@kbn/elastic-assistant" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/elastic-assistant plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/elastic-assistant'] --- import kbnElasticAssistantObj from './kbn_elastic_assistant.devdocs.json'; diff --git a/api_docs/kbn_elastic_assistant_common.mdx b/api_docs/kbn_elastic_assistant_common.mdx index 69b72f7f746145..570a31d6e54340 100644 --- a/api_docs/kbn_elastic_assistant_common.mdx +++ b/api_docs/kbn_elastic_assistant_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-elastic-assistant-common title: "@kbn/elastic-assistant-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/elastic-assistant-common plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/elastic-assistant-common'] --- import kbnElasticAssistantCommonObj from './kbn_elastic_assistant_common.devdocs.json'; diff --git a/api_docs/kbn_entities_schema.devdocs.json b/api_docs/kbn_entities_schema.devdocs.json index 5b590b73bafa8d..c77e0ae7ffeb1b 100644 --- a/api_docs/kbn_entities_schema.devdocs.json +++ b/api_docs/kbn_entities_schema.devdocs.json @@ -515,7 +515,7 @@ "label": "entityBaseSchema", "description": [], "signature": [ - "Zod.ZodObject<{ id: Zod.ZodString; type: Zod.ZodString; identityFields: Zod.ZodArray; displayName: Zod.ZodString; metrics: Zod.ZodRecord; definitionVersion: Zod.ZodString; schemaVersion: Zod.ZodString; definitionId: Zod.ZodString; }, \"strip\", Zod.ZodTypeAny, { id: string; type: string; metrics: Record; displayName: string; identityFields: string[]; definitionId: string; definitionVersion: string; schemaVersion: string; }, { id: string; type: string; metrics: Record; displayName: string; identityFields: string[]; definitionId: string; definitionVersion: string; schemaVersion: string; }>" + "Zod.ZodObject<{ id: Zod.ZodString; type: Zod.ZodString; identity_fields: Zod.ZodArray; display_name: Zod.ZodString; metrics: Zod.ZodRecord; definition_version: Zod.ZodString; schema_version: Zod.ZodString; definition_id: Zod.ZodString; }, \"strip\", Zod.ZodTypeAny, { id: string; type: string; metrics: Record; schema_version: string; definition_id: string; definition_version: string; display_name: string; identity_fields: string[]; }, { id: string; type: string; metrics: Record; schema_version: string; definition_id: string; definition_version: string; display_name: string; identity_fields: string[]; }>" ], "path": "x-pack/packages/kbn-entities-schema/src/schema/entity.ts", "deprecated": false, @@ -664,21 +664,6 @@ "trackAdoption": false, "initialIsOpen": false }, - { - "parentPluginId": "@kbn/entities-schema", - "id": "def-common.entityHistorySchema", - "type": "Object", - "tags": [], - "label": "entityHistorySchema", - "description": [], - "signature": [ - "Zod.ZodIntersection; displayName: Zod.ZodString; metrics: Zod.ZodRecord; definitionVersion: Zod.ZodString; schemaVersion: Zod.ZodString; definitionId: Zod.ZodString; }, \"strip\", Zod.ZodTypeAny, { id: string; type: string; metrics: Record; displayName: string; identityFields: string[]; definitionId: string; definitionVersion: string; schemaVersion: string; }, { id: string; type: string; metrics: Record; displayName: string; identityFields: string[]; definitionId: string; definitionVersion: string; schemaVersion: string; }>; }, \"strip\", Zod.ZodTypeAny, { '@timestamp': string; entity: { id: string; type: string; metrics: Record; displayName: string; identityFields: string[]; definitionId: string; definitionVersion: string; schemaVersion: string; }; }, { '@timestamp': string; entity: { id: string; type: string; metrics: Record; displayName: string; identityFields: string[]; definitionId: string; definitionVersion: string; schemaVersion: string; }; }>, Zod.ZodType>" - ], - "path": "x-pack/packages/kbn-entities-schema/src/schema/entity.ts", - "deprecated": false, - "trackAdoption": false, - "initialIsOpen": false - }, { "parentPluginId": "@kbn/entities-schema", "id": "def-common.entityLatestSchema", @@ -687,7 +672,7 @@ "label": "entityLatestSchema", "description": [], "signature": [ - "Zod.ZodIntersection; displayName: Zod.ZodString; metrics: Zod.ZodRecord; definitionVersion: Zod.ZodString; schemaVersion: Zod.ZodString; definitionId: Zod.ZodString; }, { lastSeenTimestamp: Zod.ZodString; }>, \"strip\", Zod.ZodTypeAny, { id: string; type: string; metrics: Record; displayName: string; identityFields: string[]; definitionId: string; definitionVersion: string; lastSeenTimestamp: string; schemaVersion: string; }, { id: string; type: string; metrics: Record; displayName: string; identityFields: string[]; definitionId: string; definitionVersion: string; lastSeenTimestamp: string; schemaVersion: string; }>; }, \"strip\", Zod.ZodTypeAny, { entity: { id: string; type: string; metrics: Record; displayName: string; identityFields: string[]; definitionId: string; definitionVersion: string; lastSeenTimestamp: string; schemaVersion: string; }; }, { entity: { id: string; type: string; metrics: Record; displayName: string; identityFields: string[]; definitionId: string; definitionVersion: string; lastSeenTimestamp: string; schemaVersion: string; }; }>, Zod.ZodType>" + "Zod.ZodIntersection; display_name: Zod.ZodString; metrics: Zod.ZodRecord; definition_version: Zod.ZodString; schema_version: Zod.ZodString; definition_id: Zod.ZodString; }, { last_seen_timestamp: Zod.ZodString; }>, \"strip\", Zod.ZodTypeAny, { id: string; type: string; metrics: Record; schema_version: string; definition_id: string; definition_version: string; display_name: string; last_seen_timestamp: string; identity_fields: string[]; }, { id: string; type: string; metrics: Record; schema_version: string; definition_id: string; definition_version: string; display_name: string; last_seen_timestamp: string; identity_fields: string[]; }>; }, \"strip\", Zod.ZodTypeAny, { entity: { id: string; type: string; metrics: Record; schema_version: string; definition_id: string; definition_version: string; display_name: string; last_seen_timestamp: string; identity_fields: string[]; }; }, { entity: { id: string; type: string; metrics: Record; schema_version: string; definition_id: string; definition_version: string; display_name: string; last_seen_timestamp: string; identity_fields: string[]; }; }>, Zod.ZodType>" ], "path": "x-pack/packages/kbn-entities-schema/src/schema/entity.ts", "deprecated": false, diff --git a/api_docs/kbn_entities_schema.mdx b/api_docs/kbn_entities_schema.mdx index 3d23c1fd039e1c..d313ebb1306ac9 100644 --- a/api_docs/kbn_entities_schema.mdx +++ b/api_docs/kbn_entities_schema.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-entities-schema title: "@kbn/entities-schema" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/entities-schema plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/entities-schema'] --- import kbnEntitiesSchemaObj from './kbn_entities_schema.devdocs.json'; @@ -21,7 +21,7 @@ Contact [@elastic/obs-entities](https://github.com/orgs/elastic/teams/obs-entiti | Public API count | Any count | Items lacking comments | Missing exports | |-------------------|-----------|------------------------|-----------------| -| 44 | 0 | 44 | 0 | +| 43 | 0 | 43 | 0 | ## Common diff --git a/api_docs/kbn_es.mdx b/api_docs/kbn_es.mdx index 5e6133738583c7..c7b0ebb5874ddf 100644 --- a/api_docs/kbn_es.mdx +++ b/api_docs/kbn_es.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-es title: "@kbn/es" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/es plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/es'] --- import kbnEsObj from './kbn_es.devdocs.json'; diff --git a/api_docs/kbn_es_archiver.mdx b/api_docs/kbn_es_archiver.mdx index f148792b3c4e7d..55707e9a387686 100644 --- a/api_docs/kbn_es_archiver.mdx +++ b/api_docs/kbn_es_archiver.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-es-archiver title: "@kbn/es-archiver" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/es-archiver plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/es-archiver'] --- import kbnEsArchiverObj from './kbn_es_archiver.devdocs.json'; diff --git a/api_docs/kbn_es_errors.mdx b/api_docs/kbn_es_errors.mdx index f6b38721942d39..f295049c285ead 100644 --- a/api_docs/kbn_es_errors.mdx +++ b/api_docs/kbn_es_errors.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-es-errors title: "@kbn/es-errors" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/es-errors plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/es-errors'] --- import kbnEsErrorsObj from './kbn_es_errors.devdocs.json'; diff --git a/api_docs/kbn_es_query.mdx b/api_docs/kbn_es_query.mdx index 7bee1862638b00..122e111454de1f 100644 --- a/api_docs/kbn_es_query.mdx +++ b/api_docs/kbn_es_query.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-es-query title: "@kbn/es-query" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/es-query plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/es-query'] --- import kbnEsQueryObj from './kbn_es_query.devdocs.json'; diff --git a/api_docs/kbn_es_types.mdx b/api_docs/kbn_es_types.mdx index 07708c9ef92034..33cfd56d452207 100644 --- a/api_docs/kbn_es_types.mdx +++ b/api_docs/kbn_es_types.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-es-types title: "@kbn/es-types" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/es-types plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/es-types'] --- import kbnEsTypesObj from './kbn_es_types.devdocs.json'; diff --git a/api_docs/kbn_eslint_plugin_imports.mdx b/api_docs/kbn_eslint_plugin_imports.mdx index 254b382c15e0c7..6e77d2213edfc2 100644 --- a/api_docs/kbn_eslint_plugin_imports.mdx +++ b/api_docs/kbn_eslint_plugin_imports.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-eslint-plugin-imports title: "@kbn/eslint-plugin-imports" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/eslint-plugin-imports plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/eslint-plugin-imports'] --- import kbnEslintPluginImportsObj from './kbn_eslint_plugin_imports.devdocs.json'; diff --git a/api_docs/kbn_esql_ast.devdocs.json b/api_docs/kbn_esql_ast.devdocs.json index 5d8e934eb8994f..cac01fac9555dd 100644 --- a/api_docs/kbn_esql_ast.devdocs.json +++ b/api_docs/kbn_esql_ast.devdocs.json @@ -487,6 +487,67 @@ ], "returnComment": [] }, + { + "parentPluginId": "@kbn/esql-ast", + "id": "def-common.BasicPrettyPrinter.simplifyMultiplicationByOne", + "type": "Function", + "tags": [], + "label": "simplifyMultiplicationByOne", + "description": [], + "signature": [ + "(node: ", + { + "pluginId": "@kbn/esql-ast", + "scope": "common", + "docId": "kibKbnEsqlAstPluginApi", + "section": "def-common.ESQLSingleAstItem", + "text": "ESQLSingleAstItem" + }, + ", minusCount?: number) => string | undefined" + ], + "path": "packages/kbn-esql-ast/src/pretty_print/basic_pretty_printer.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/esql-ast", + "id": "def-common.BasicPrettyPrinter.simplifyMultiplicationByOne.$1", + "type": "CompoundType", + "tags": [], + "label": "node", + "description": [], + "signature": [ + { + "pluginId": "@kbn/esql-ast", + "scope": "common", + "docId": "kibKbnEsqlAstPluginApi", + "section": "def-common.ESQLSingleAstItem", + "text": "ESQLSingleAstItem" + } + ], + "path": "packages/kbn-esql-ast/src/pretty_print/basic_pretty_printer.ts", + "deprecated": false, + "trackAdoption": false, + "isRequired": true + }, + { + "parentPluginId": "@kbn/esql-ast", + "id": "def-common.BasicPrettyPrinter.simplifyMultiplicationByOne.$2", + "type": "number", + "tags": [], + "label": "minusCount", + "description": [], + "signature": [ + "number" + ], + "path": "packages/kbn-esql-ast/src/pretty_print/basic_pretty_printer.ts", + "deprecated": false, + "trackAdoption": false, + "isRequired": true + } + ], + "returnComment": [] + }, { "parentPluginId": "@kbn/esql-ast", "id": "def-common.BasicPrettyPrinter.visitor", diff --git a/api_docs/kbn_esql_ast.mdx b/api_docs/kbn_esql_ast.mdx index 625509d02bfa08..19fe99f93f78ee 100644 --- a/api_docs/kbn_esql_ast.mdx +++ b/api_docs/kbn_esql_ast.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-esql-ast title: "@kbn/esql-ast" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/esql-ast plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/esql-ast'] --- import kbnEsqlAstObj from './kbn_esql_ast.devdocs.json'; @@ -21,7 +21,7 @@ Contact [@elastic/kibana-esql](https://github.com/orgs/elastic/teams/kibana-esql | Public API count | Any count | Items lacking comments | Missing exports | |-------------------|-----------|------------------------|-----------------| -| 266 | 1 | 208 | 34 | +| 269 | 1 | 211 | 34 | ## Common diff --git a/api_docs/kbn_esql_editor.mdx b/api_docs/kbn_esql_editor.mdx index 51ef9afc634a4a..e03146f39e3783 100644 --- a/api_docs/kbn_esql_editor.mdx +++ b/api_docs/kbn_esql_editor.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-esql-editor title: "@kbn/esql-editor" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/esql-editor plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/esql-editor'] --- import kbnEsqlEditorObj from './kbn_esql_editor.devdocs.json'; diff --git a/api_docs/kbn_esql_utils.mdx b/api_docs/kbn_esql_utils.mdx index 4ebe962f9439aa..2ec3411c954be5 100644 --- a/api_docs/kbn_esql_utils.mdx +++ b/api_docs/kbn_esql_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-esql-utils title: "@kbn/esql-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/esql-utils plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/esql-utils'] --- import kbnEsqlUtilsObj from './kbn_esql_utils.devdocs.json'; diff --git a/api_docs/kbn_esql_validation_autocomplete.mdx b/api_docs/kbn_esql_validation_autocomplete.mdx index 193bd95bee56da..89b610257e42a7 100644 --- a/api_docs/kbn_esql_validation_autocomplete.mdx +++ b/api_docs/kbn_esql_validation_autocomplete.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-esql-validation-autocomplete title: "@kbn/esql-validation-autocomplete" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/esql-validation-autocomplete plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/esql-validation-autocomplete'] --- import kbnEsqlValidationAutocompleteObj from './kbn_esql_validation_autocomplete.devdocs.json'; diff --git a/api_docs/kbn_event_annotation_common.mdx b/api_docs/kbn_event_annotation_common.mdx index d6afc3b87e1890..d98f0b0115fdc6 100644 --- a/api_docs/kbn_event_annotation_common.mdx +++ b/api_docs/kbn_event_annotation_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-event-annotation-common title: "@kbn/event-annotation-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/event-annotation-common plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/event-annotation-common'] --- import kbnEventAnnotationCommonObj from './kbn_event_annotation_common.devdocs.json'; diff --git a/api_docs/kbn_event_annotation_components.mdx b/api_docs/kbn_event_annotation_components.mdx index 6ee0841e09a27b..4b34d02751a587 100644 --- a/api_docs/kbn_event_annotation_components.mdx +++ b/api_docs/kbn_event_annotation_components.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-event-annotation-components title: "@kbn/event-annotation-components" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/event-annotation-components plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/event-annotation-components'] --- import kbnEventAnnotationComponentsObj from './kbn_event_annotation_components.devdocs.json'; diff --git a/api_docs/kbn_expandable_flyout.mdx b/api_docs/kbn_expandable_flyout.mdx index 78564d8b01de6a..b35a6c59d7a8b5 100644 --- a/api_docs/kbn_expandable_flyout.mdx +++ b/api_docs/kbn_expandable_flyout.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-expandable-flyout title: "@kbn/expandable-flyout" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/expandable-flyout plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/expandable-flyout'] --- import kbnExpandableFlyoutObj from './kbn_expandable_flyout.devdocs.json'; diff --git a/api_docs/kbn_field_types.mdx b/api_docs/kbn_field_types.mdx index 71d6621ce781bf..e9c21d7f729dec 100644 --- a/api_docs/kbn_field_types.mdx +++ b/api_docs/kbn_field_types.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-field-types title: "@kbn/field-types" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/field-types plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/field-types'] --- import kbnFieldTypesObj from './kbn_field_types.devdocs.json'; diff --git a/api_docs/kbn_field_utils.mdx b/api_docs/kbn_field_utils.mdx index 9ae6a644e45904..649469038a671d 100644 --- a/api_docs/kbn_field_utils.mdx +++ b/api_docs/kbn_field_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-field-utils title: "@kbn/field-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/field-utils plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/field-utils'] --- import kbnFieldUtilsObj from './kbn_field_utils.devdocs.json'; diff --git a/api_docs/kbn_find_used_node_modules.mdx b/api_docs/kbn_find_used_node_modules.mdx index 5d3bf128fcab10..603c676515bf37 100644 --- a/api_docs/kbn_find_used_node_modules.mdx +++ b/api_docs/kbn_find_used_node_modules.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-find-used-node-modules title: "@kbn/find-used-node-modules" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/find-used-node-modules plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/find-used-node-modules'] --- import kbnFindUsedNodeModulesObj from './kbn_find_used_node_modules.devdocs.json'; diff --git a/api_docs/kbn_formatters.mdx b/api_docs/kbn_formatters.mdx index 39161ed5bd6f23..246393d6987915 100644 --- a/api_docs/kbn_formatters.mdx +++ b/api_docs/kbn_formatters.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-formatters title: "@kbn/formatters" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/formatters plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/formatters'] --- import kbnFormattersObj from './kbn_formatters.devdocs.json'; diff --git a/api_docs/kbn_ftr_common_functional_services.mdx b/api_docs/kbn_ftr_common_functional_services.mdx index 16dc49d361b7af..f81cabc48d3324 100644 --- a/api_docs/kbn_ftr_common_functional_services.mdx +++ b/api_docs/kbn_ftr_common_functional_services.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ftr-common-functional-services title: "@kbn/ftr-common-functional-services" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ftr-common-functional-services plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ftr-common-functional-services'] --- import kbnFtrCommonFunctionalServicesObj from './kbn_ftr_common_functional_services.devdocs.json'; diff --git a/api_docs/kbn_ftr_common_functional_ui_services.mdx b/api_docs/kbn_ftr_common_functional_ui_services.mdx index 4b76cc8b12bab3..c28175e7152e4c 100644 --- a/api_docs/kbn_ftr_common_functional_ui_services.mdx +++ b/api_docs/kbn_ftr_common_functional_ui_services.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ftr-common-functional-ui-services title: "@kbn/ftr-common-functional-ui-services" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ftr-common-functional-ui-services plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ftr-common-functional-ui-services'] --- import kbnFtrCommonFunctionalUiServicesObj from './kbn_ftr_common_functional_ui_services.devdocs.json'; diff --git a/api_docs/kbn_generate.mdx b/api_docs/kbn_generate.mdx index 135de4ebde8b35..42be7bae5cf302 100644 --- a/api_docs/kbn_generate.mdx +++ b/api_docs/kbn_generate.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-generate title: "@kbn/generate" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/generate plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/generate'] --- import kbnGenerateObj from './kbn_generate.devdocs.json'; diff --git a/api_docs/kbn_generate_console_definitions.mdx b/api_docs/kbn_generate_console_definitions.mdx index 0805bfcdf422a3..d9eb05cdee8a29 100644 --- a/api_docs/kbn_generate_console_definitions.mdx +++ b/api_docs/kbn_generate_console_definitions.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-generate-console-definitions title: "@kbn/generate-console-definitions" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/generate-console-definitions plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/generate-console-definitions'] --- import kbnGenerateConsoleDefinitionsObj from './kbn_generate_console_definitions.devdocs.json'; diff --git a/api_docs/kbn_generate_csv.mdx b/api_docs/kbn_generate_csv.mdx index d33d5d0a84e5ca..830fdbea1f5904 100644 --- a/api_docs/kbn_generate_csv.mdx +++ b/api_docs/kbn_generate_csv.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-generate-csv title: "@kbn/generate-csv" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/generate-csv plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/generate-csv'] --- import kbnGenerateCsvObj from './kbn_generate_csv.devdocs.json'; diff --git a/api_docs/kbn_grid_layout.mdx b/api_docs/kbn_grid_layout.mdx index 97203fd7a4e8d2..a5dd8bb8b9464d 100644 --- a/api_docs/kbn_grid_layout.mdx +++ b/api_docs/kbn_grid_layout.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-grid-layout title: "@kbn/grid-layout" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/grid-layout plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/grid-layout'] --- import kbnGridLayoutObj from './kbn_grid_layout.devdocs.json'; diff --git a/api_docs/kbn_grouping.mdx b/api_docs/kbn_grouping.mdx index 1f797791202a7a..affb1d2442f8c7 100644 --- a/api_docs/kbn_grouping.mdx +++ b/api_docs/kbn_grouping.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-grouping title: "@kbn/grouping" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/grouping plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/grouping'] --- import kbnGroupingObj from './kbn_grouping.devdocs.json'; diff --git a/api_docs/kbn_guided_onboarding.mdx b/api_docs/kbn_guided_onboarding.mdx index 6cdebec4189862..07feed0a2f9b07 100644 --- a/api_docs/kbn_guided_onboarding.mdx +++ b/api_docs/kbn_guided_onboarding.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-guided-onboarding title: "@kbn/guided-onboarding" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/guided-onboarding plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/guided-onboarding'] --- import kbnGuidedOnboardingObj from './kbn_guided_onboarding.devdocs.json'; diff --git a/api_docs/kbn_handlebars.mdx b/api_docs/kbn_handlebars.mdx index 32ed0b433c073d..83c9a60809a287 100644 --- a/api_docs/kbn_handlebars.mdx +++ b/api_docs/kbn_handlebars.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-handlebars title: "@kbn/handlebars" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/handlebars plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/handlebars'] --- import kbnHandlebarsObj from './kbn_handlebars.devdocs.json'; diff --git a/api_docs/kbn_hapi_mocks.mdx b/api_docs/kbn_hapi_mocks.mdx index a7970bc0a8951e..ea3f6bd0832706 100644 --- a/api_docs/kbn_hapi_mocks.mdx +++ b/api_docs/kbn_hapi_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-hapi-mocks title: "@kbn/hapi-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/hapi-mocks plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/hapi-mocks'] --- import kbnHapiMocksObj from './kbn_hapi_mocks.devdocs.json'; diff --git a/api_docs/kbn_health_gateway_server.mdx b/api_docs/kbn_health_gateway_server.mdx index a525f99873c268..75e2918850da69 100644 --- a/api_docs/kbn_health_gateway_server.mdx +++ b/api_docs/kbn_health_gateway_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-health-gateway-server title: "@kbn/health-gateway-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/health-gateway-server plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/health-gateway-server'] --- import kbnHealthGatewayServerObj from './kbn_health_gateway_server.devdocs.json'; diff --git a/api_docs/kbn_home_sample_data_card.mdx b/api_docs/kbn_home_sample_data_card.mdx index 9778685de55fd0..0a6c849e2d27ea 100644 --- a/api_docs/kbn_home_sample_data_card.mdx +++ b/api_docs/kbn_home_sample_data_card.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-home-sample-data-card title: "@kbn/home-sample-data-card" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/home-sample-data-card plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/home-sample-data-card'] --- import kbnHomeSampleDataCardObj from './kbn_home_sample_data_card.devdocs.json'; diff --git a/api_docs/kbn_home_sample_data_tab.mdx b/api_docs/kbn_home_sample_data_tab.mdx index d04725b0e55f41..a3b5c18877998e 100644 --- a/api_docs/kbn_home_sample_data_tab.mdx +++ b/api_docs/kbn_home_sample_data_tab.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-home-sample-data-tab title: "@kbn/home-sample-data-tab" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/home-sample-data-tab plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/home-sample-data-tab'] --- import kbnHomeSampleDataTabObj from './kbn_home_sample_data_tab.devdocs.json'; diff --git a/api_docs/kbn_i18n.mdx b/api_docs/kbn_i18n.mdx index 8d775fb5eb5779..24c51107b67574 100644 --- a/api_docs/kbn_i18n.mdx +++ b/api_docs/kbn_i18n.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-i18n title: "@kbn/i18n" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/i18n plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/i18n'] --- import kbnI18nObj from './kbn_i18n.devdocs.json'; diff --git a/api_docs/kbn_i18n_react.mdx b/api_docs/kbn_i18n_react.mdx index 5335fcad0de65e..7365b9cf56c0c5 100644 --- a/api_docs/kbn_i18n_react.mdx +++ b/api_docs/kbn_i18n_react.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-i18n-react title: "@kbn/i18n-react" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/i18n-react plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/i18n-react'] --- import kbnI18nReactObj from './kbn_i18n_react.devdocs.json'; diff --git a/api_docs/kbn_import_resolver.mdx b/api_docs/kbn_import_resolver.mdx index df4c9a154bd5f3..6835ab654ec62e 100644 --- a/api_docs/kbn_import_resolver.mdx +++ b/api_docs/kbn_import_resolver.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-import-resolver title: "@kbn/import-resolver" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/import-resolver plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/import-resolver'] --- import kbnImportResolverObj from './kbn_import_resolver.devdocs.json'; diff --git a/api_docs/kbn_index_management_shared_types.mdx b/api_docs/kbn_index_management_shared_types.mdx index e619e036fb1f09..b3592adaed27c1 100644 --- a/api_docs/kbn_index_management_shared_types.mdx +++ b/api_docs/kbn_index_management_shared_types.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-index-management-shared-types title: "@kbn/index-management-shared-types" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/index-management-shared-types plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/index-management-shared-types'] --- import kbnIndexManagementSharedTypesObj from './kbn_index_management_shared_types.devdocs.json'; diff --git a/api_docs/kbn_inference_integration_flyout.mdx b/api_docs/kbn_inference_integration_flyout.mdx index b669b0166c3267..ac27018c2f3ff2 100644 --- a/api_docs/kbn_inference_integration_flyout.mdx +++ b/api_docs/kbn_inference_integration_flyout.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-inference_integration_flyout title: "@kbn/inference_integration_flyout" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/inference_integration_flyout plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/inference_integration_flyout'] --- import kbnInferenceIntegrationFlyoutObj from './kbn_inference_integration_flyout.devdocs.json'; diff --git a/api_docs/kbn_infra_forge.mdx b/api_docs/kbn_infra_forge.mdx index 58c525bda283b4..43150f2f556b3b 100644 --- a/api_docs/kbn_infra_forge.mdx +++ b/api_docs/kbn_infra_forge.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-infra-forge title: "@kbn/infra-forge" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/infra-forge plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/infra-forge'] --- import kbnInfraForgeObj from './kbn_infra_forge.devdocs.json'; diff --git a/api_docs/kbn_interpreter.mdx b/api_docs/kbn_interpreter.mdx index 9c80d96185174c..b8fed5edc9fd4c 100644 --- a/api_docs/kbn_interpreter.mdx +++ b/api_docs/kbn_interpreter.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-interpreter title: "@kbn/interpreter" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/interpreter plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/interpreter'] --- import kbnInterpreterObj from './kbn_interpreter.devdocs.json'; diff --git a/api_docs/kbn_investigation_shared.devdocs.json b/api_docs/kbn_investigation_shared.devdocs.json index 1ca48a20a4cd56..80d8b3d426e225 100644 --- a/api_docs/kbn_investigation_shared.devdocs.json +++ b/api_docs/kbn_investigation_shared.devdocs.json @@ -180,7 +180,7 @@ "label": "EntityWithSource", "description": [], "signature": [ - "{ id: string; type: string; metrics: { latency?: number | undefined; throughput?: number | undefined; failedTransactionRate?: number | undefined; logErrorRate?: number | undefined; logRate?: number | undefined; }; displayName: string; identityFields: string[]; definitionId: string; definitionVersion: string; firstSeenTimestamp: string; lastSeenTimestamp: string; schemaVersion: string; } & { sources: { dataStream?: string | undefined; }[]; }" + "{ id: string; type: string; metrics: { latency?: number | undefined; throughput?: number | undefined; failedTransactionRate?: number | undefined; logErrorRate?: number | undefined; logRate?: number | undefined; }; schema_version: string; definition_id: string; definition_version: string; display_name: string; last_seen_timestamp: string; identity_fields: string[]; } & { sources: { dataStream?: string | undefined; }[]; }" ], "path": "packages/kbn-investigation-shared/src/rest_specs/entity.ts", "deprecated": false, @@ -300,7 +300,7 @@ "label": "GetEntitiesResponse", "description": [], "signature": [ - "{ entities: ({ id: string; type: string; metrics: { latency?: number | undefined; throughput?: number | undefined; failedTransactionRate?: number | undefined; logErrorRate?: number | undefined; logRate?: number | undefined; }; displayName: string; identityFields: string[]; definitionId: string; definitionVersion: string; firstSeenTimestamp: string; lastSeenTimestamp: string; schemaVersion: string; } & { sources: { dataStream?: string | undefined; }[]; })[]; }" + "{ entities: ({ id: string; type: string; metrics: { latency?: number | undefined; throughput?: number | undefined; failedTransactionRate?: number | undefined; logErrorRate?: number | undefined; logRate?: number | undefined; }; schema_version: string; definition_id: string; definition_version: string; display_name: string; last_seen_timestamp: string; identity_fields: string[]; } & { sources: { dataStream?: string | undefined; }[]; })[]; }" ], "path": "packages/kbn-investigation-shared/src/rest_specs/get_entities.ts", "deprecated": false, @@ -752,7 +752,7 @@ "label": "entitySchema", "description": [], "signature": [ - "Zod.ZodObject<{ id: Zod.ZodString; definitionId: Zod.ZodString; definitionVersion: Zod.ZodString; displayName: Zod.ZodString; firstSeenTimestamp: Zod.ZodString; lastSeenTimestamp: Zod.ZodString; identityFields: Zod.ZodArray; schemaVersion: Zod.ZodString; type: Zod.ZodString; metrics: Zod.ZodObject<{ failedTransactionRate: Zod.ZodOptional; latency: Zod.ZodOptional; throughput: Zod.ZodOptional; logErrorRate: Zod.ZodOptional; logRate: Zod.ZodOptional; }, \"strip\", Zod.ZodTypeAny, { latency?: number | undefined; throughput?: number | undefined; failedTransactionRate?: number | undefined; logErrorRate?: number | undefined; logRate?: number | undefined; }, { latency?: number | undefined; throughput?: number | undefined; failedTransactionRate?: number | undefined; logErrorRate?: number | undefined; logRate?: number | undefined; }>; }, \"strip\", Zod.ZodTypeAny, { id: string; type: string; metrics: { latency?: number | undefined; throughput?: number | undefined; failedTransactionRate?: number | undefined; logErrorRate?: number | undefined; logRate?: number | undefined; }; displayName: string; identityFields: string[]; definitionId: string; definitionVersion: string; firstSeenTimestamp: string; lastSeenTimestamp: string; schemaVersion: string; }, { id: string; type: string; metrics: { latency?: number | undefined; throughput?: number | undefined; failedTransactionRate?: number | undefined; logErrorRate?: number | undefined; logRate?: number | undefined; }; displayName: string; identityFields: string[]; definitionId: string; definitionVersion: string; firstSeenTimestamp: string; lastSeenTimestamp: string; schemaVersion: string; }>" + "Zod.ZodObject<{ id: Zod.ZodString; definition_id: Zod.ZodString; definition_version: Zod.ZodString; display_name: Zod.ZodString; last_seen_timestamp: Zod.ZodString; identity_fields: Zod.ZodArray; schema_version: Zod.ZodString; type: Zod.ZodString; metrics: Zod.ZodObject<{ failedTransactionRate: Zod.ZodOptional; latency: Zod.ZodOptional; throughput: Zod.ZodOptional; logErrorRate: Zod.ZodOptional; logRate: Zod.ZodOptional; }, \"strip\", Zod.ZodTypeAny, { latency?: number | undefined; throughput?: number | undefined; failedTransactionRate?: number | undefined; logErrorRate?: number | undefined; logRate?: number | undefined; }, { latency?: number | undefined; throughput?: number | undefined; failedTransactionRate?: number | undefined; logErrorRate?: number | undefined; logRate?: number | undefined; }>; }, \"strip\", Zod.ZodTypeAny, { id: string; type: string; metrics: { latency?: number | undefined; throughput?: number | undefined; failedTransactionRate?: number | undefined; logErrorRate?: number | undefined; logRate?: number | undefined; }; schema_version: string; definition_id: string; definition_version: string; display_name: string; last_seen_timestamp: string; identity_fields: string[]; }, { id: string; type: string; metrics: { latency?: number | undefined; throughput?: number | undefined; failedTransactionRate?: number | undefined; logErrorRate?: number | undefined; logRate?: number | undefined; }; schema_version: string; definition_id: string; definition_version: string; display_name: string; last_seen_timestamp: string; identity_fields: string[]; }>" ], "path": "packages/kbn-investigation-shared/src/rest_specs/entity.ts", "deprecated": false, @@ -767,7 +767,7 @@ "label": "entityWithSourceSchema", "description": [], "signature": [ - "Zod.ZodIntersection; schemaVersion: Zod.ZodString; type: Zod.ZodString; metrics: Zod.ZodObject<{ failedTransactionRate: Zod.ZodOptional; latency: Zod.ZodOptional; throughput: Zod.ZodOptional; logErrorRate: Zod.ZodOptional; logRate: Zod.ZodOptional; }, \"strip\", Zod.ZodTypeAny, { latency?: number | undefined; throughput?: number | undefined; failedTransactionRate?: number | undefined; logErrorRate?: number | undefined; logRate?: number | undefined; }, { latency?: number | undefined; throughput?: number | undefined; failedTransactionRate?: number | undefined; logErrorRate?: number | undefined; logRate?: number | undefined; }>; }, \"strip\", Zod.ZodTypeAny, { id: string; type: string; metrics: { latency?: number | undefined; throughput?: number | undefined; failedTransactionRate?: number | undefined; logErrorRate?: number | undefined; logRate?: number | undefined; }; displayName: string; identityFields: string[]; definitionId: string; definitionVersion: string; firstSeenTimestamp: string; lastSeenTimestamp: string; schemaVersion: string; }, { id: string; type: string; metrics: { latency?: number | undefined; throughput?: number | undefined; failedTransactionRate?: number | undefined; logErrorRate?: number | undefined; logRate?: number | undefined; }; displayName: string; identityFields: string[]; definitionId: string; definitionVersion: string; firstSeenTimestamp: string; lastSeenTimestamp: string; schemaVersion: string; }>, Zod.ZodObject<{ sources: Zod.ZodArray; }, \"strip\", Zod.ZodTypeAny, { dataStream?: string | undefined; }, { dataStream?: string | undefined; }>, \"many\">; }, \"strip\", Zod.ZodTypeAny, { sources: { dataStream?: string | undefined; }[]; }, { sources: { dataStream?: string | undefined; }[]; }>>" + "Zod.ZodIntersection; schema_version: Zod.ZodString; type: Zod.ZodString; metrics: Zod.ZodObject<{ failedTransactionRate: Zod.ZodOptional; latency: Zod.ZodOptional; throughput: Zod.ZodOptional; logErrorRate: Zod.ZodOptional; logRate: Zod.ZodOptional; }, \"strip\", Zod.ZodTypeAny, { latency?: number | undefined; throughput?: number | undefined; failedTransactionRate?: number | undefined; logErrorRate?: number | undefined; logRate?: number | undefined; }, { latency?: number | undefined; throughput?: number | undefined; failedTransactionRate?: number | undefined; logErrorRate?: number | undefined; logRate?: number | undefined; }>; }, \"strip\", Zod.ZodTypeAny, { id: string; type: string; metrics: { latency?: number | undefined; throughput?: number | undefined; failedTransactionRate?: number | undefined; logErrorRate?: number | undefined; logRate?: number | undefined; }; schema_version: string; definition_id: string; definition_version: string; display_name: string; last_seen_timestamp: string; identity_fields: string[]; }, { id: string; type: string; metrics: { latency?: number | undefined; throughput?: number | undefined; failedTransactionRate?: number | undefined; logErrorRate?: number | undefined; logRate?: number | undefined; }; schema_version: string; definition_id: string; definition_version: string; display_name: string; last_seen_timestamp: string; identity_fields: string[]; }>, Zod.ZodObject<{ sources: Zod.ZodArray; }, \"strip\", Zod.ZodTypeAny, { dataStream?: string | undefined; }, { dataStream?: string | undefined; }>, \"many\">; }, \"strip\", Zod.ZodTypeAny, { sources: { dataStream?: string | undefined; }[]; }, { sources: { dataStream?: string | undefined; }[]; }>>" ], "path": "packages/kbn-investigation-shared/src/rest_specs/entity.ts", "deprecated": false, @@ -917,7 +917,7 @@ "label": "getEntitiesResponseSchema", "description": [], "signature": [ - "Zod.ZodObject<{ entities: Zod.ZodArray; schemaVersion: Zod.ZodString; type: Zod.ZodString; metrics: Zod.ZodObject<{ failedTransactionRate: Zod.ZodOptional; latency: Zod.ZodOptional; throughput: Zod.ZodOptional; logErrorRate: Zod.ZodOptional; logRate: Zod.ZodOptional; }, \"strip\", Zod.ZodTypeAny, { latency?: number | undefined; throughput?: number | undefined; failedTransactionRate?: number | undefined; logErrorRate?: number | undefined; logRate?: number | undefined; }, { latency?: number | undefined; throughput?: number | undefined; failedTransactionRate?: number | undefined; logErrorRate?: number | undefined; logRate?: number | undefined; }>; }, \"strip\", Zod.ZodTypeAny, { id: string; type: string; metrics: { latency?: number | undefined; throughput?: number | undefined; failedTransactionRate?: number | undefined; logErrorRate?: number | undefined; logRate?: number | undefined; }; displayName: string; identityFields: string[]; definitionId: string; definitionVersion: string; firstSeenTimestamp: string; lastSeenTimestamp: string; schemaVersion: string; }, { id: string; type: string; metrics: { latency?: number | undefined; throughput?: number | undefined; failedTransactionRate?: number | undefined; logErrorRate?: number | undefined; logRate?: number | undefined; }; displayName: string; identityFields: string[]; definitionId: string; definitionVersion: string; firstSeenTimestamp: string; lastSeenTimestamp: string; schemaVersion: string; }>, Zod.ZodObject<{ sources: Zod.ZodArray; }, \"strip\", Zod.ZodTypeAny, { dataStream?: string | undefined; }, { dataStream?: string | undefined; }>, \"many\">; }, \"strip\", Zod.ZodTypeAny, { sources: { dataStream?: string | undefined; }[]; }, { sources: { dataStream?: string | undefined; }[]; }>>, \"many\">; }, \"strip\", Zod.ZodTypeAny, { entities: ({ id: string; type: string; metrics: { latency?: number | undefined; throughput?: number | undefined; failedTransactionRate?: number | undefined; logErrorRate?: number | undefined; logRate?: number | undefined; }; displayName: string; identityFields: string[]; definitionId: string; definitionVersion: string; firstSeenTimestamp: string; lastSeenTimestamp: string; schemaVersion: string; } & { sources: { dataStream?: string | undefined; }[]; })[]; }, { entities: ({ id: string; type: string; metrics: { latency?: number | undefined; throughput?: number | undefined; failedTransactionRate?: number | undefined; logErrorRate?: number | undefined; logRate?: number | undefined; }; displayName: string; identityFields: string[]; definitionId: string; definitionVersion: string; firstSeenTimestamp: string; lastSeenTimestamp: string; schemaVersion: string; } & { sources: { dataStream?: string | undefined; }[]; })[]; }>" + "Zod.ZodObject<{ entities: Zod.ZodArray; schema_version: Zod.ZodString; type: Zod.ZodString; metrics: Zod.ZodObject<{ failedTransactionRate: Zod.ZodOptional; latency: Zod.ZodOptional; throughput: Zod.ZodOptional; logErrorRate: Zod.ZodOptional; logRate: Zod.ZodOptional; }, \"strip\", Zod.ZodTypeAny, { latency?: number | undefined; throughput?: number | undefined; failedTransactionRate?: number | undefined; logErrorRate?: number | undefined; logRate?: number | undefined; }, { latency?: number | undefined; throughput?: number | undefined; failedTransactionRate?: number | undefined; logErrorRate?: number | undefined; logRate?: number | undefined; }>; }, \"strip\", Zod.ZodTypeAny, { id: string; type: string; metrics: { latency?: number | undefined; throughput?: number | undefined; failedTransactionRate?: number | undefined; logErrorRate?: number | undefined; logRate?: number | undefined; }; schema_version: string; definition_id: string; definition_version: string; display_name: string; last_seen_timestamp: string; identity_fields: string[]; }, { id: string; type: string; metrics: { latency?: number | undefined; throughput?: number | undefined; failedTransactionRate?: number | undefined; logErrorRate?: number | undefined; logRate?: number | undefined; }; schema_version: string; definition_id: string; definition_version: string; display_name: string; last_seen_timestamp: string; identity_fields: string[]; }>, Zod.ZodObject<{ sources: Zod.ZodArray; }, \"strip\", Zod.ZodTypeAny, { dataStream?: string | undefined; }, { dataStream?: string | undefined; }>, \"many\">; }, \"strip\", Zod.ZodTypeAny, { sources: { dataStream?: string | undefined; }[]; }, { sources: { dataStream?: string | undefined; }[]; }>>, \"many\">; }, \"strip\", Zod.ZodTypeAny, { entities: ({ id: string; type: string; metrics: { latency?: number | undefined; throughput?: number | undefined; failedTransactionRate?: number | undefined; logErrorRate?: number | undefined; logRate?: number | undefined; }; schema_version: string; definition_id: string; definition_version: string; display_name: string; last_seen_timestamp: string; identity_fields: string[]; } & { sources: { dataStream?: string | undefined; }[]; })[]; }, { entities: ({ id: string; type: string; metrics: { latency?: number | undefined; throughput?: number | undefined; failedTransactionRate?: number | undefined; logErrorRate?: number | undefined; logRate?: number | undefined; }; schema_version: string; definition_id: string; definition_version: string; display_name: string; last_seen_timestamp: string; identity_fields: string[]; } & { sources: { dataStream?: string | undefined; }[]; })[]; }>" ], "path": "packages/kbn-investigation-shared/src/rest_specs/get_entities.ts", "deprecated": false, diff --git a/api_docs/kbn_investigation_shared.mdx b/api_docs/kbn_investigation_shared.mdx index 9bdf9f66056c3c..61e2c59ca03cf9 100644 --- a/api_docs/kbn_investigation_shared.mdx +++ b/api_docs/kbn_investigation_shared.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-investigation-shared title: "@kbn/investigation-shared" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/investigation-shared plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/investigation-shared'] --- import kbnInvestigationSharedObj from './kbn_investigation_shared.devdocs.json'; diff --git a/api_docs/kbn_io_ts_utils.mdx b/api_docs/kbn_io_ts_utils.mdx index a2e70b41ef33ea..779de9c3ba849d 100644 --- a/api_docs/kbn_io_ts_utils.mdx +++ b/api_docs/kbn_io_ts_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-io-ts-utils title: "@kbn/io-ts-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/io-ts-utils plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/io-ts-utils'] --- import kbnIoTsUtilsObj from './kbn_io_ts_utils.devdocs.json'; diff --git a/api_docs/kbn_ipynb.mdx b/api_docs/kbn_ipynb.mdx index 45decbae3a3eb3..aca26680391e1e 100644 --- a/api_docs/kbn_ipynb.mdx +++ b/api_docs/kbn_ipynb.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ipynb title: "@kbn/ipynb" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ipynb plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ipynb'] --- import kbnIpynbObj from './kbn_ipynb.devdocs.json'; diff --git a/api_docs/kbn_item_buffer.mdx b/api_docs/kbn_item_buffer.mdx index 135772fbde8672..e238e311fae619 100644 --- a/api_docs/kbn_item_buffer.mdx +++ b/api_docs/kbn_item_buffer.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-item-buffer title: "@kbn/item-buffer" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/item-buffer plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/item-buffer'] --- import kbnItemBufferObj from './kbn_item_buffer.devdocs.json'; diff --git a/api_docs/kbn_jest_serializers.mdx b/api_docs/kbn_jest_serializers.mdx index 1fc41a05541357..346ed1307acb52 100644 --- a/api_docs/kbn_jest_serializers.mdx +++ b/api_docs/kbn_jest_serializers.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-jest-serializers title: "@kbn/jest-serializers" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/jest-serializers plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/jest-serializers'] --- import kbnJestSerializersObj from './kbn_jest_serializers.devdocs.json'; diff --git a/api_docs/kbn_journeys.mdx b/api_docs/kbn_journeys.mdx index 329485f4cc88a4..a5973f75e5229a 100644 --- a/api_docs/kbn_journeys.mdx +++ b/api_docs/kbn_journeys.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-journeys title: "@kbn/journeys" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/journeys plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/journeys'] --- import kbnJourneysObj from './kbn_journeys.devdocs.json'; diff --git a/api_docs/kbn_json_ast.mdx b/api_docs/kbn_json_ast.mdx index 7444cf0fc55f25..79b2c1083c6e09 100644 --- a/api_docs/kbn_json_ast.mdx +++ b/api_docs/kbn_json_ast.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-json-ast title: "@kbn/json-ast" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/json-ast plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/json-ast'] --- import kbnJsonAstObj from './kbn_json_ast.devdocs.json'; diff --git a/api_docs/kbn_json_schemas.mdx b/api_docs/kbn_json_schemas.mdx index faeff6e944a52c..9d9a8e0942e9d6 100644 --- a/api_docs/kbn_json_schemas.mdx +++ b/api_docs/kbn_json_schemas.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-json-schemas title: "@kbn/json-schemas" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/json-schemas plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/json-schemas'] --- import kbnJsonSchemasObj from './kbn_json_schemas.devdocs.json'; diff --git a/api_docs/kbn_kibana_manifest_schema.devdocs.json b/api_docs/kbn_kibana_manifest_schema.devdocs.json index e9509c172d6e81..296e6527f7bcb5 100644 --- a/api_docs/kbn_kibana_manifest_schema.devdocs.json +++ b/api_docs/kbn_kibana_manifest_schema.devdocs.json @@ -989,6 +989,104 @@ } ] }, + { + "parentPluginId": "@kbn/kibana-manifest-schema", + "id": "def-common.MANIFEST_V2.properties.group", + "type": "Object", + "tags": [], + "label": "group", + "description": [], + "path": "packages/kbn-kibana-manifest-schema/src/kibana_json_v2_schema.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/kibana-manifest-schema", + "id": "def-common.MANIFEST_V2.properties.group.enum", + "type": "Array", + "tags": [], + "label": "enum", + "description": [], + "signature": [ + "string[]" + ], + "path": "packages/kbn-kibana-manifest-schema/src/kibana_json_v2_schema.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/kibana-manifest-schema", + "id": "def-common.MANIFEST_V2.properties.group.description", + "type": "string", + "tags": [], + "label": "description", + "description": [], + "path": "packages/kbn-kibana-manifest-schema/src/kibana_json_v2_schema.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/kibana-manifest-schema", + "id": "def-common.MANIFEST_V2.properties.group.default", + "type": "string", + "tags": [], + "label": "default", + "description": [], + "path": "packages/kbn-kibana-manifest-schema/src/kibana_json_v2_schema.ts", + "deprecated": false, + "trackAdoption": false + } + ] + }, + { + "parentPluginId": "@kbn/kibana-manifest-schema", + "id": "def-common.MANIFEST_V2.properties.visibility", + "type": "Object", + "tags": [], + "label": "visibility", + "description": [], + "path": "packages/kbn-kibana-manifest-schema/src/kibana_json_v2_schema.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/kibana-manifest-schema", + "id": "def-common.MANIFEST_V2.properties.visibility.enum", + "type": "Array", + "tags": [], + "label": "enum", + "description": [], + "signature": [ + "string[]" + ], + "path": "packages/kbn-kibana-manifest-schema/src/kibana_json_v2_schema.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/kibana-manifest-schema", + "id": "def-common.MANIFEST_V2.properties.visibility.description", + "type": "string", + "tags": [], + "label": "description", + "description": [], + "path": "packages/kbn-kibana-manifest-schema/src/kibana_json_v2_schema.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/kibana-manifest-schema", + "id": "def-common.MANIFEST_V2.properties.visibility.default", + "type": "string", + "tags": [], + "label": "default", + "description": [], + "path": "packages/kbn-kibana-manifest-schema/src/kibana_json_v2_schema.ts", + "deprecated": false, + "trackAdoption": false + } + ] + }, { "parentPluginId": "@kbn/kibana-manifest-schema", "id": "def-common.MANIFEST_V2.properties.devOnly", diff --git a/api_docs/kbn_kibana_manifest_schema.mdx b/api_docs/kbn_kibana_manifest_schema.mdx index d148a562006970..ce2895c28a0103 100644 --- a/api_docs/kbn_kibana_manifest_schema.mdx +++ b/api_docs/kbn_kibana_manifest_schema.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-kibana-manifest-schema title: "@kbn/kibana-manifest-schema" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/kibana-manifest-schema plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/kibana-manifest-schema'] --- import kbnKibanaManifestSchemaObj from './kbn_kibana_manifest_schema.devdocs.json'; @@ -21,7 +21,7 @@ Contact [@elastic/kibana-operations](https://github.com/orgs/elastic/teams/kiban | Public API count | Any count | Items lacking comments | Missing exports | |-------------------|-----------|------------------------|-----------------| -| 108 | 0 | 107 | 0 | +| 116 | 0 | 115 | 0 | ## Common diff --git a/api_docs/kbn_language_documentation.mdx b/api_docs/kbn_language_documentation.mdx index 4968cc51a8c852..4cb5df56da3d75 100644 --- a/api_docs/kbn_language_documentation.mdx +++ b/api_docs/kbn_language_documentation.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-language-documentation title: "@kbn/language-documentation" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/language-documentation plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/language-documentation'] --- import kbnLanguageDocumentationObj from './kbn_language_documentation.devdocs.json'; diff --git a/api_docs/kbn_lens_embeddable_utils.mdx b/api_docs/kbn_lens_embeddable_utils.mdx index 76cb1d414fa89a..8363bed3760741 100644 --- a/api_docs/kbn_lens_embeddable_utils.mdx +++ b/api_docs/kbn_lens_embeddable_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-lens-embeddable-utils title: "@kbn/lens-embeddable-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/lens-embeddable-utils plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/lens-embeddable-utils'] --- import kbnLensEmbeddableUtilsObj from './kbn_lens_embeddable_utils.devdocs.json'; diff --git a/api_docs/kbn_lens_formula_docs.mdx b/api_docs/kbn_lens_formula_docs.mdx index 2f173726d5b2f3..3af2e063a80fad 100644 --- a/api_docs/kbn_lens_formula_docs.mdx +++ b/api_docs/kbn_lens_formula_docs.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-lens-formula-docs title: "@kbn/lens-formula-docs" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/lens-formula-docs plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/lens-formula-docs'] --- import kbnLensFormulaDocsObj from './kbn_lens_formula_docs.devdocs.json'; diff --git a/api_docs/kbn_logging.mdx b/api_docs/kbn_logging.mdx index 2d68262b5da123..c3771a2efafb05 100644 --- a/api_docs/kbn_logging.mdx +++ b/api_docs/kbn_logging.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-logging title: "@kbn/logging" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/logging plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/logging'] --- import kbnLoggingObj from './kbn_logging.devdocs.json'; diff --git a/api_docs/kbn_logging_mocks.mdx b/api_docs/kbn_logging_mocks.mdx index ccc4f099b20d91..6c21ab3c5702bd 100644 --- a/api_docs/kbn_logging_mocks.mdx +++ b/api_docs/kbn_logging_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-logging-mocks title: "@kbn/logging-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/logging-mocks plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/logging-mocks'] --- import kbnLoggingMocksObj from './kbn_logging_mocks.devdocs.json'; diff --git a/api_docs/kbn_managed_content_badge.mdx b/api_docs/kbn_managed_content_badge.mdx index 49b2445a25ee8f..f27e92755d3d44 100644 --- a/api_docs/kbn_managed_content_badge.mdx +++ b/api_docs/kbn_managed_content_badge.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-managed-content-badge title: "@kbn/managed-content-badge" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/managed-content-badge plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/managed-content-badge'] --- import kbnManagedContentBadgeObj from './kbn_managed_content_badge.devdocs.json'; diff --git a/api_docs/kbn_managed_vscode_config.mdx b/api_docs/kbn_managed_vscode_config.mdx index 18517f837f82bb..b20f954729a57b 100644 --- a/api_docs/kbn_managed_vscode_config.mdx +++ b/api_docs/kbn_managed_vscode_config.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-managed-vscode-config title: "@kbn/managed-vscode-config" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/managed-vscode-config plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/managed-vscode-config'] --- import kbnManagedVscodeConfigObj from './kbn_managed_vscode_config.devdocs.json'; diff --git a/api_docs/kbn_management_cards_navigation.mdx b/api_docs/kbn_management_cards_navigation.mdx index 288e9f381d5004..f19508644a759a 100644 --- a/api_docs/kbn_management_cards_navigation.mdx +++ b/api_docs/kbn_management_cards_navigation.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-management-cards-navigation title: "@kbn/management-cards-navigation" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/management-cards-navigation plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/management-cards-navigation'] --- import kbnManagementCardsNavigationObj from './kbn_management_cards_navigation.devdocs.json'; diff --git a/api_docs/kbn_management_settings_application.mdx b/api_docs/kbn_management_settings_application.mdx index bcbf9008e3883b..1d836867112ed3 100644 --- a/api_docs/kbn_management_settings_application.mdx +++ b/api_docs/kbn_management_settings_application.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-management-settings-application title: "@kbn/management-settings-application" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/management-settings-application plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/management-settings-application'] --- import kbnManagementSettingsApplicationObj from './kbn_management_settings_application.devdocs.json'; diff --git a/api_docs/kbn_management_settings_components_field_category.mdx b/api_docs/kbn_management_settings_components_field_category.mdx index 2e9131afcd2c7e..04af4cb8bdaf59 100644 --- a/api_docs/kbn_management_settings_components_field_category.mdx +++ b/api_docs/kbn_management_settings_components_field_category.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-management-settings-components-field-category title: "@kbn/management-settings-components-field-category" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/management-settings-components-field-category plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/management-settings-components-field-category'] --- import kbnManagementSettingsComponentsFieldCategoryObj from './kbn_management_settings_components_field_category.devdocs.json'; diff --git a/api_docs/kbn_management_settings_components_field_input.mdx b/api_docs/kbn_management_settings_components_field_input.mdx index 06cc931a07834c..8d46a1cec735cb 100644 --- a/api_docs/kbn_management_settings_components_field_input.mdx +++ b/api_docs/kbn_management_settings_components_field_input.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-management-settings-components-field-input title: "@kbn/management-settings-components-field-input" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/management-settings-components-field-input plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/management-settings-components-field-input'] --- import kbnManagementSettingsComponentsFieldInputObj from './kbn_management_settings_components_field_input.devdocs.json'; diff --git a/api_docs/kbn_management_settings_components_field_row.mdx b/api_docs/kbn_management_settings_components_field_row.mdx index 0bce8891a2ac4f..4df6d303d000eb 100644 --- a/api_docs/kbn_management_settings_components_field_row.mdx +++ b/api_docs/kbn_management_settings_components_field_row.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-management-settings-components-field-row title: "@kbn/management-settings-components-field-row" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/management-settings-components-field-row plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/management-settings-components-field-row'] --- import kbnManagementSettingsComponentsFieldRowObj from './kbn_management_settings_components_field_row.devdocs.json'; diff --git a/api_docs/kbn_management_settings_components_form.mdx b/api_docs/kbn_management_settings_components_form.mdx index 0f79c6ca2d16bd..2fbd974dfd6938 100644 --- a/api_docs/kbn_management_settings_components_form.mdx +++ b/api_docs/kbn_management_settings_components_form.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-management-settings-components-form title: "@kbn/management-settings-components-form" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/management-settings-components-form plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/management-settings-components-form'] --- import kbnManagementSettingsComponentsFormObj from './kbn_management_settings_components_form.devdocs.json'; diff --git a/api_docs/kbn_management_settings_field_definition.mdx b/api_docs/kbn_management_settings_field_definition.mdx index f2c4aacfe915fe..9aca16df027a34 100644 --- a/api_docs/kbn_management_settings_field_definition.mdx +++ b/api_docs/kbn_management_settings_field_definition.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-management-settings-field-definition title: "@kbn/management-settings-field-definition" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/management-settings-field-definition plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/management-settings-field-definition'] --- import kbnManagementSettingsFieldDefinitionObj from './kbn_management_settings_field_definition.devdocs.json'; diff --git a/api_docs/kbn_management_settings_ids.mdx b/api_docs/kbn_management_settings_ids.mdx index 51d70700b9fd9d..d80da012989c11 100644 --- a/api_docs/kbn_management_settings_ids.mdx +++ b/api_docs/kbn_management_settings_ids.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-management-settings-ids title: "@kbn/management-settings-ids" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/management-settings-ids plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/management-settings-ids'] --- import kbnManagementSettingsIdsObj from './kbn_management_settings_ids.devdocs.json'; diff --git a/api_docs/kbn_management_settings_section_registry.mdx b/api_docs/kbn_management_settings_section_registry.mdx index a967ceea13f330..d48c4fb58b71cb 100644 --- a/api_docs/kbn_management_settings_section_registry.mdx +++ b/api_docs/kbn_management_settings_section_registry.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-management-settings-section-registry title: "@kbn/management-settings-section-registry" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/management-settings-section-registry plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/management-settings-section-registry'] --- import kbnManagementSettingsSectionRegistryObj from './kbn_management_settings_section_registry.devdocs.json'; diff --git a/api_docs/kbn_management_settings_types.mdx b/api_docs/kbn_management_settings_types.mdx index 14935155925255..27188158164317 100644 --- a/api_docs/kbn_management_settings_types.mdx +++ b/api_docs/kbn_management_settings_types.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-management-settings-types title: "@kbn/management-settings-types" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/management-settings-types plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/management-settings-types'] --- import kbnManagementSettingsTypesObj from './kbn_management_settings_types.devdocs.json'; diff --git a/api_docs/kbn_management_settings_utilities.mdx b/api_docs/kbn_management_settings_utilities.mdx index 8abcad04d83e25..e331df415b0040 100644 --- a/api_docs/kbn_management_settings_utilities.mdx +++ b/api_docs/kbn_management_settings_utilities.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-management-settings-utilities title: "@kbn/management-settings-utilities" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/management-settings-utilities plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/management-settings-utilities'] --- import kbnManagementSettingsUtilitiesObj from './kbn_management_settings_utilities.devdocs.json'; diff --git a/api_docs/kbn_management_storybook_config.mdx b/api_docs/kbn_management_storybook_config.mdx index de95c998c86fde..d112f7f7114640 100644 --- a/api_docs/kbn_management_storybook_config.mdx +++ b/api_docs/kbn_management_storybook_config.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-management-storybook-config title: "@kbn/management-storybook-config" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/management-storybook-config plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/management-storybook-config'] --- import kbnManagementStorybookConfigObj from './kbn_management_storybook_config.devdocs.json'; diff --git a/api_docs/kbn_manifest.devdocs.json b/api_docs/kbn_manifest.devdocs.json new file mode 100644 index 00000000000000..d5098e14db2bff --- /dev/null +++ b/api_docs/kbn_manifest.devdocs.json @@ -0,0 +1,47 @@ +{ + "id": "@kbn/manifest", + "client": { + "classes": [], + "functions": [], + "interfaces": [], + "enums": [], + "misc": [], + "objects": [] + }, + "server": { + "classes": [], + "functions": [ + { + "parentPluginId": "@kbn/manifest", + "id": "def-server.runKbnManifestCli", + "type": "Function", + "tags": [], + "label": "runKbnManifestCli", + "description": [ + "\nA CLI to manipulate Kibana package manifest files" + ], + "signature": [ + "() => void" + ], + "path": "packages/kbn-manifest/index.ts", + "deprecated": false, + "trackAdoption": false, + "children": [], + "returnComment": [], + "initialIsOpen": false + } + ], + "interfaces": [], + "enums": [], + "misc": [], + "objects": [] + }, + "common": { + "classes": [], + "functions": [], + "interfaces": [], + "enums": [], + "misc": [], + "objects": [] + } +} \ No newline at end of file diff --git a/api_docs/kbn_manifest.mdx b/api_docs/kbn_manifest.mdx new file mode 100644 index 00000000000000..eab05016b07817 --- /dev/null +++ b/api_docs/kbn_manifest.mdx @@ -0,0 +1,30 @@ +--- +#### +#### This document is auto-generated and is meant to be viewed inside our experimental, new docs system. +#### Reach out in #docs-engineering for more info. +#### +id: kibKbnManifestPluginApi +slug: /kibana-dev-docs/api/kbn-manifest +title: "@kbn/manifest" +image: https://source.unsplash.com/400x175/?github +description: API docs for the @kbn/manifest plugin +date: 2024-10-24 +tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/manifest'] +--- +import kbnManifestObj from './kbn_manifest.devdocs.json'; + + + +Contact [@elastic/kibana-core](https://github.com/orgs/elastic/teams/kibana-core) for questions regarding this plugin. + +**Code health stats** + +| Public API count | Any count | Items lacking comments | Missing exports | +|-------------------|-----------|------------------------|-----------------| +| 1 | 0 | 0 | 0 | + +## Server + +### Functions + + diff --git a/api_docs/kbn_mapbox_gl.mdx b/api_docs/kbn_mapbox_gl.mdx index c04953a7435ac3..1dc75e2bd15d81 100644 --- a/api_docs/kbn_mapbox_gl.mdx +++ b/api_docs/kbn_mapbox_gl.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-mapbox-gl title: "@kbn/mapbox-gl" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/mapbox-gl plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/mapbox-gl'] --- import kbnMapboxGlObj from './kbn_mapbox_gl.devdocs.json'; diff --git a/api_docs/kbn_maps_vector_tile_utils.mdx b/api_docs/kbn_maps_vector_tile_utils.mdx index a5b258019f37bd..772c2db275abfb 100644 --- a/api_docs/kbn_maps_vector_tile_utils.mdx +++ b/api_docs/kbn_maps_vector_tile_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-maps-vector-tile-utils title: "@kbn/maps-vector-tile-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/maps-vector-tile-utils plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/maps-vector-tile-utils'] --- import kbnMapsVectorTileUtilsObj from './kbn_maps_vector_tile_utils.devdocs.json'; diff --git a/api_docs/kbn_ml_agg_utils.mdx b/api_docs/kbn_ml_agg_utils.mdx index 992b3a0c083af7..1e304bc971f6d2 100644 --- a/api_docs/kbn_ml_agg_utils.mdx +++ b/api_docs/kbn_ml_agg_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-agg-utils title: "@kbn/ml-agg-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-agg-utils plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-agg-utils'] --- import kbnMlAggUtilsObj from './kbn_ml_agg_utils.devdocs.json'; diff --git a/api_docs/kbn_ml_anomaly_utils.mdx b/api_docs/kbn_ml_anomaly_utils.mdx index 92983870454d69..10c93e64321ff9 100644 --- a/api_docs/kbn_ml_anomaly_utils.mdx +++ b/api_docs/kbn_ml_anomaly_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-anomaly-utils title: "@kbn/ml-anomaly-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-anomaly-utils plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-anomaly-utils'] --- import kbnMlAnomalyUtilsObj from './kbn_ml_anomaly_utils.devdocs.json'; diff --git a/api_docs/kbn_ml_cancellable_search.mdx b/api_docs/kbn_ml_cancellable_search.mdx index e8dc739abdce17..d4ba18b9f16e95 100644 --- a/api_docs/kbn_ml_cancellable_search.mdx +++ b/api_docs/kbn_ml_cancellable_search.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-cancellable-search title: "@kbn/ml-cancellable-search" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-cancellable-search plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-cancellable-search'] --- import kbnMlCancellableSearchObj from './kbn_ml_cancellable_search.devdocs.json'; diff --git a/api_docs/kbn_ml_category_validator.mdx b/api_docs/kbn_ml_category_validator.mdx index abea7b929ee00f..b2a3fca81adfa1 100644 --- a/api_docs/kbn_ml_category_validator.mdx +++ b/api_docs/kbn_ml_category_validator.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-category-validator title: "@kbn/ml-category-validator" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-category-validator plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-category-validator'] --- import kbnMlCategoryValidatorObj from './kbn_ml_category_validator.devdocs.json'; diff --git a/api_docs/kbn_ml_chi2test.mdx b/api_docs/kbn_ml_chi2test.mdx index eafaf68a02cf59..220de4f84cf84a 100644 --- a/api_docs/kbn_ml_chi2test.mdx +++ b/api_docs/kbn_ml_chi2test.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-chi2test title: "@kbn/ml-chi2test" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-chi2test plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-chi2test'] --- import kbnMlChi2testObj from './kbn_ml_chi2test.devdocs.json'; diff --git a/api_docs/kbn_ml_data_frame_analytics_utils.mdx b/api_docs/kbn_ml_data_frame_analytics_utils.mdx index 0eebb6ba983bcd..151ed86d568e83 100644 --- a/api_docs/kbn_ml_data_frame_analytics_utils.mdx +++ b/api_docs/kbn_ml_data_frame_analytics_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-data-frame-analytics-utils title: "@kbn/ml-data-frame-analytics-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-data-frame-analytics-utils plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-data-frame-analytics-utils'] --- import kbnMlDataFrameAnalyticsUtilsObj from './kbn_ml_data_frame_analytics_utils.devdocs.json'; diff --git a/api_docs/kbn_ml_data_grid.mdx b/api_docs/kbn_ml_data_grid.mdx index 55ad195a65c456..5e9cc1871e6aa0 100644 --- a/api_docs/kbn_ml_data_grid.mdx +++ b/api_docs/kbn_ml_data_grid.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-data-grid title: "@kbn/ml-data-grid" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-data-grid plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-data-grid'] --- import kbnMlDataGridObj from './kbn_ml_data_grid.devdocs.json'; diff --git a/api_docs/kbn_ml_date_picker.mdx b/api_docs/kbn_ml_date_picker.mdx index 8342e2b3557e79..6591030da75bba 100644 --- a/api_docs/kbn_ml_date_picker.mdx +++ b/api_docs/kbn_ml_date_picker.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-date-picker title: "@kbn/ml-date-picker" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-date-picker plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-date-picker'] --- import kbnMlDatePickerObj from './kbn_ml_date_picker.devdocs.json'; diff --git a/api_docs/kbn_ml_date_utils.mdx b/api_docs/kbn_ml_date_utils.mdx index 34fd72c37c8242..105c825f80d19f 100644 --- a/api_docs/kbn_ml_date_utils.mdx +++ b/api_docs/kbn_ml_date_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-date-utils title: "@kbn/ml-date-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-date-utils plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-date-utils'] --- import kbnMlDateUtilsObj from './kbn_ml_date_utils.devdocs.json'; diff --git a/api_docs/kbn_ml_error_utils.mdx b/api_docs/kbn_ml_error_utils.mdx index cf4d88ab1fb5d4..22d9b3204d1e22 100644 --- a/api_docs/kbn_ml_error_utils.mdx +++ b/api_docs/kbn_ml_error_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-error-utils title: "@kbn/ml-error-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-error-utils plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-error-utils'] --- import kbnMlErrorUtilsObj from './kbn_ml_error_utils.devdocs.json'; diff --git a/api_docs/kbn_ml_field_stats_flyout.mdx b/api_docs/kbn_ml_field_stats_flyout.mdx index e9ea48091905cb..24ea3ef0382d45 100644 --- a/api_docs/kbn_ml_field_stats_flyout.mdx +++ b/api_docs/kbn_ml_field_stats_flyout.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-field-stats-flyout title: "@kbn/ml-field-stats-flyout" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-field-stats-flyout plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-field-stats-flyout'] --- import kbnMlFieldStatsFlyoutObj from './kbn_ml_field_stats_flyout.devdocs.json'; diff --git a/api_docs/kbn_ml_in_memory_table.mdx b/api_docs/kbn_ml_in_memory_table.mdx index 8d8fdffa219a1d..409fa6e07494ab 100644 --- a/api_docs/kbn_ml_in_memory_table.mdx +++ b/api_docs/kbn_ml_in_memory_table.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-in-memory-table title: "@kbn/ml-in-memory-table" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-in-memory-table plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-in-memory-table'] --- import kbnMlInMemoryTableObj from './kbn_ml_in_memory_table.devdocs.json'; diff --git a/api_docs/kbn_ml_is_defined.mdx b/api_docs/kbn_ml_is_defined.mdx index cf6644abdc034c..43e597ee21b30d 100644 --- a/api_docs/kbn_ml_is_defined.mdx +++ b/api_docs/kbn_ml_is_defined.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-is-defined title: "@kbn/ml-is-defined" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-is-defined plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-is-defined'] --- import kbnMlIsDefinedObj from './kbn_ml_is_defined.devdocs.json'; diff --git a/api_docs/kbn_ml_is_populated_object.mdx b/api_docs/kbn_ml_is_populated_object.mdx index 1b6bea67b5c313..ffefb9c6ca19cb 100644 --- a/api_docs/kbn_ml_is_populated_object.mdx +++ b/api_docs/kbn_ml_is_populated_object.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-is-populated-object title: "@kbn/ml-is-populated-object" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-is-populated-object plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-is-populated-object'] --- import kbnMlIsPopulatedObjectObj from './kbn_ml_is_populated_object.devdocs.json'; diff --git a/api_docs/kbn_ml_kibana_theme.mdx b/api_docs/kbn_ml_kibana_theme.mdx index a69a78b7a180d5..719b33ec53994e 100644 --- a/api_docs/kbn_ml_kibana_theme.mdx +++ b/api_docs/kbn_ml_kibana_theme.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-kibana-theme title: "@kbn/ml-kibana-theme" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-kibana-theme plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-kibana-theme'] --- import kbnMlKibanaThemeObj from './kbn_ml_kibana_theme.devdocs.json'; diff --git a/api_docs/kbn_ml_local_storage.mdx b/api_docs/kbn_ml_local_storage.mdx index b0349a49914ce6..2b5893c9c295ee 100644 --- a/api_docs/kbn_ml_local_storage.mdx +++ b/api_docs/kbn_ml_local_storage.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-local-storage title: "@kbn/ml-local-storage" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-local-storage plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-local-storage'] --- import kbnMlLocalStorageObj from './kbn_ml_local_storage.devdocs.json'; diff --git a/api_docs/kbn_ml_nested_property.mdx b/api_docs/kbn_ml_nested_property.mdx index 9704c768dcc086..5296c2dbaccad2 100644 --- a/api_docs/kbn_ml_nested_property.mdx +++ b/api_docs/kbn_ml_nested_property.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-nested-property title: "@kbn/ml-nested-property" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-nested-property plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-nested-property'] --- import kbnMlNestedPropertyObj from './kbn_ml_nested_property.devdocs.json'; diff --git a/api_docs/kbn_ml_number_utils.mdx b/api_docs/kbn_ml_number_utils.mdx index 5e7a0bf70316db..bf6232a4827ffc 100644 --- a/api_docs/kbn_ml_number_utils.mdx +++ b/api_docs/kbn_ml_number_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-number-utils title: "@kbn/ml-number-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-number-utils plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-number-utils'] --- import kbnMlNumberUtilsObj from './kbn_ml_number_utils.devdocs.json'; diff --git a/api_docs/kbn_ml_parse_interval.mdx b/api_docs/kbn_ml_parse_interval.mdx index 09c38d05ad53de..6f96cb6e6f94ca 100644 --- a/api_docs/kbn_ml_parse_interval.mdx +++ b/api_docs/kbn_ml_parse_interval.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-parse-interval title: "@kbn/ml-parse-interval" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-parse-interval plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-parse-interval'] --- import kbnMlParseIntervalObj from './kbn_ml_parse_interval.devdocs.json'; diff --git a/api_docs/kbn_ml_query_utils.mdx b/api_docs/kbn_ml_query_utils.mdx index 15e985b28d7a58..c64c059e5ed057 100644 --- a/api_docs/kbn_ml_query_utils.mdx +++ b/api_docs/kbn_ml_query_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-query-utils title: "@kbn/ml-query-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-query-utils plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-query-utils'] --- import kbnMlQueryUtilsObj from './kbn_ml_query_utils.devdocs.json'; diff --git a/api_docs/kbn_ml_random_sampler_utils.mdx b/api_docs/kbn_ml_random_sampler_utils.mdx index cee21727718f7b..352a55b529ea1a 100644 --- a/api_docs/kbn_ml_random_sampler_utils.mdx +++ b/api_docs/kbn_ml_random_sampler_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-random-sampler-utils title: "@kbn/ml-random-sampler-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-random-sampler-utils plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-random-sampler-utils'] --- import kbnMlRandomSamplerUtilsObj from './kbn_ml_random_sampler_utils.devdocs.json'; diff --git a/api_docs/kbn_ml_route_utils.mdx b/api_docs/kbn_ml_route_utils.mdx index 3e36659760b58d..c646654becebca 100644 --- a/api_docs/kbn_ml_route_utils.mdx +++ b/api_docs/kbn_ml_route_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-route-utils title: "@kbn/ml-route-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-route-utils plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-route-utils'] --- import kbnMlRouteUtilsObj from './kbn_ml_route_utils.devdocs.json'; diff --git a/api_docs/kbn_ml_runtime_field_utils.mdx b/api_docs/kbn_ml_runtime_field_utils.mdx index 5461bd78fc7ac2..1c47a531cf2545 100644 --- a/api_docs/kbn_ml_runtime_field_utils.mdx +++ b/api_docs/kbn_ml_runtime_field_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-runtime-field-utils title: "@kbn/ml-runtime-field-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-runtime-field-utils plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-runtime-field-utils'] --- import kbnMlRuntimeFieldUtilsObj from './kbn_ml_runtime_field_utils.devdocs.json'; diff --git a/api_docs/kbn_ml_string_hash.mdx b/api_docs/kbn_ml_string_hash.mdx index bf585d5dd1912f..4497bb7ffc4c6e 100644 --- a/api_docs/kbn_ml_string_hash.mdx +++ b/api_docs/kbn_ml_string_hash.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-string-hash title: "@kbn/ml-string-hash" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-string-hash plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-string-hash'] --- import kbnMlStringHashObj from './kbn_ml_string_hash.devdocs.json'; diff --git a/api_docs/kbn_ml_time_buckets.mdx b/api_docs/kbn_ml_time_buckets.mdx index 117d37264b8440..d6da826dc5ba96 100644 --- a/api_docs/kbn_ml_time_buckets.mdx +++ b/api_docs/kbn_ml_time_buckets.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-time-buckets title: "@kbn/ml-time-buckets" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-time-buckets plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-time-buckets'] --- import kbnMlTimeBucketsObj from './kbn_ml_time_buckets.devdocs.json'; diff --git a/api_docs/kbn_ml_trained_models_utils.mdx b/api_docs/kbn_ml_trained_models_utils.mdx index 48682095883d0d..af8cd6a5f04492 100644 --- a/api_docs/kbn_ml_trained_models_utils.mdx +++ b/api_docs/kbn_ml_trained_models_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-trained-models-utils title: "@kbn/ml-trained-models-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-trained-models-utils plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-trained-models-utils'] --- import kbnMlTrainedModelsUtilsObj from './kbn_ml_trained_models_utils.devdocs.json'; diff --git a/api_docs/kbn_ml_ui_actions.mdx b/api_docs/kbn_ml_ui_actions.mdx index 9e9d596acaf7c8..a1ad0693351197 100644 --- a/api_docs/kbn_ml_ui_actions.mdx +++ b/api_docs/kbn_ml_ui_actions.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-ui-actions title: "@kbn/ml-ui-actions" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-ui-actions plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-ui-actions'] --- import kbnMlUiActionsObj from './kbn_ml_ui_actions.devdocs.json'; diff --git a/api_docs/kbn_ml_url_state.mdx b/api_docs/kbn_ml_url_state.mdx index 7d1ec73eb86299..76ff92117272fb 100644 --- a/api_docs/kbn_ml_url_state.mdx +++ b/api_docs/kbn_ml_url_state.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-url-state title: "@kbn/ml-url-state" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-url-state plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-url-state'] --- import kbnMlUrlStateObj from './kbn_ml_url_state.devdocs.json'; diff --git a/api_docs/kbn_ml_validators.mdx b/api_docs/kbn_ml_validators.mdx index 2483a8d2d3ee5f..ef17b9c932dab0 100644 --- a/api_docs/kbn_ml_validators.mdx +++ b/api_docs/kbn_ml_validators.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ml-validators title: "@kbn/ml-validators" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ml-validators plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ml-validators'] --- import kbnMlValidatorsObj from './kbn_ml_validators.devdocs.json'; diff --git a/api_docs/kbn_mock_idp_utils.mdx b/api_docs/kbn_mock_idp_utils.mdx index 6b2f53570bf6c4..9d781ae8ef90b7 100644 --- a/api_docs/kbn_mock_idp_utils.mdx +++ b/api_docs/kbn_mock_idp_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-mock-idp-utils title: "@kbn/mock-idp-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/mock-idp-utils plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/mock-idp-utils'] --- import kbnMockIdpUtilsObj from './kbn_mock_idp_utils.devdocs.json'; diff --git a/api_docs/kbn_monaco.mdx b/api_docs/kbn_monaco.mdx index 07c12af29972dd..89067681d89d1b 100644 --- a/api_docs/kbn_monaco.mdx +++ b/api_docs/kbn_monaco.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-monaco title: "@kbn/monaco" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/monaco plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/monaco'] --- import kbnMonacoObj from './kbn_monaco.devdocs.json'; diff --git a/api_docs/kbn_object_versioning.mdx b/api_docs/kbn_object_versioning.mdx index 1c491a5d31ab12..01acce6ddca1a4 100644 --- a/api_docs/kbn_object_versioning.mdx +++ b/api_docs/kbn_object_versioning.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-object-versioning title: "@kbn/object-versioning" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/object-versioning plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/object-versioning'] --- import kbnObjectVersioningObj from './kbn_object_versioning.devdocs.json'; diff --git a/api_docs/kbn_object_versioning_utils.mdx b/api_docs/kbn_object_versioning_utils.mdx index ff89a07625a7b6..9f26696d1e97a7 100644 --- a/api_docs/kbn_object_versioning_utils.mdx +++ b/api_docs/kbn_object_versioning_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-object-versioning-utils title: "@kbn/object-versioning-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/object-versioning-utils plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/object-versioning-utils'] --- import kbnObjectVersioningUtilsObj from './kbn_object_versioning_utils.devdocs.json'; diff --git a/api_docs/kbn_observability_alert_details.mdx b/api_docs/kbn_observability_alert_details.mdx index 09005e1014f7ca..cbc063a9ee9c12 100644 --- a/api_docs/kbn_observability_alert_details.mdx +++ b/api_docs/kbn_observability_alert_details.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-observability-alert-details title: "@kbn/observability-alert-details" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/observability-alert-details plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/observability-alert-details'] --- import kbnObservabilityAlertDetailsObj from './kbn_observability_alert_details.devdocs.json'; diff --git a/api_docs/kbn_observability_alerting_rule_utils.mdx b/api_docs/kbn_observability_alerting_rule_utils.mdx index 6cbf6e568676bb..9fe0fb4744d893 100644 --- a/api_docs/kbn_observability_alerting_rule_utils.mdx +++ b/api_docs/kbn_observability_alerting_rule_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-observability-alerting-rule-utils title: "@kbn/observability-alerting-rule-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/observability-alerting-rule-utils plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/observability-alerting-rule-utils'] --- import kbnObservabilityAlertingRuleUtilsObj from './kbn_observability_alerting_rule_utils.devdocs.json'; diff --git a/api_docs/kbn_observability_alerting_test_data.mdx b/api_docs/kbn_observability_alerting_test_data.mdx index 0c060694087415..1992171a0064b1 100644 --- a/api_docs/kbn_observability_alerting_test_data.mdx +++ b/api_docs/kbn_observability_alerting_test_data.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-observability-alerting-test-data title: "@kbn/observability-alerting-test-data" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/observability-alerting-test-data plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/observability-alerting-test-data'] --- import kbnObservabilityAlertingTestDataObj from './kbn_observability_alerting_test_data.devdocs.json'; diff --git a/api_docs/kbn_observability_get_padded_alert_time_range_util.mdx b/api_docs/kbn_observability_get_padded_alert_time_range_util.mdx index 21610ab2328675..0da3e233e1801a 100644 --- a/api_docs/kbn_observability_get_padded_alert_time_range_util.mdx +++ b/api_docs/kbn_observability_get_padded_alert_time_range_util.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-observability-get-padded-alert-time-range-util title: "@kbn/observability-get-padded-alert-time-range-util" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/observability-get-padded-alert-time-range-util plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/observability-get-padded-alert-time-range-util'] --- import kbnObservabilityGetPaddedAlertTimeRangeUtilObj from './kbn_observability_get_padded_alert_time_range_util.devdocs.json'; diff --git a/api_docs/kbn_observability_logs_overview.mdx b/api_docs/kbn_observability_logs_overview.mdx index 18a2d64769a825..498633eefc4c8b 100644 --- a/api_docs/kbn_observability_logs_overview.mdx +++ b/api_docs/kbn_observability_logs_overview.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-observability-logs-overview title: "@kbn/observability-logs-overview" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/observability-logs-overview plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/observability-logs-overview'] --- import kbnObservabilityLogsOverviewObj from './kbn_observability_logs_overview.devdocs.json'; diff --git a/api_docs/kbn_observability_synthetics_test_data.mdx b/api_docs/kbn_observability_synthetics_test_data.mdx index f7d0ae2e26748f..2691732ed9e5cb 100644 --- a/api_docs/kbn_observability_synthetics_test_data.mdx +++ b/api_docs/kbn_observability_synthetics_test_data.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-observability-synthetics-test-data title: "@kbn/observability-synthetics-test-data" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/observability-synthetics-test-data plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/observability-synthetics-test-data'] --- import kbnObservabilitySyntheticsTestDataObj from './kbn_observability_synthetics_test_data.devdocs.json'; diff --git a/api_docs/kbn_openapi_bundler.mdx b/api_docs/kbn_openapi_bundler.mdx index d988f50fd43c6b..5f9b4d5c59fbeb 100644 --- a/api_docs/kbn_openapi_bundler.mdx +++ b/api_docs/kbn_openapi_bundler.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-openapi-bundler title: "@kbn/openapi-bundler" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/openapi-bundler plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/openapi-bundler'] --- import kbnOpenapiBundlerObj from './kbn_openapi_bundler.devdocs.json'; diff --git a/api_docs/kbn_openapi_generator.mdx b/api_docs/kbn_openapi_generator.mdx index bca0a657ee65ea..ef82dc2240bd8e 100644 --- a/api_docs/kbn_openapi_generator.mdx +++ b/api_docs/kbn_openapi_generator.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-openapi-generator title: "@kbn/openapi-generator" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/openapi-generator plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/openapi-generator'] --- import kbnOpenapiGeneratorObj from './kbn_openapi_generator.devdocs.json'; diff --git a/api_docs/kbn_optimizer.mdx b/api_docs/kbn_optimizer.mdx index 971544cfea0892..e7a08328125a91 100644 --- a/api_docs/kbn_optimizer.mdx +++ b/api_docs/kbn_optimizer.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-optimizer title: "@kbn/optimizer" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/optimizer plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/optimizer'] --- import kbnOptimizerObj from './kbn_optimizer.devdocs.json'; diff --git a/api_docs/kbn_optimizer_webpack_helpers.mdx b/api_docs/kbn_optimizer_webpack_helpers.mdx index 816fb94c3fc64e..d8710d1994b37a 100644 --- a/api_docs/kbn_optimizer_webpack_helpers.mdx +++ b/api_docs/kbn_optimizer_webpack_helpers.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-optimizer-webpack-helpers title: "@kbn/optimizer-webpack-helpers" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/optimizer-webpack-helpers plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/optimizer-webpack-helpers'] --- import kbnOptimizerWebpackHelpersObj from './kbn_optimizer_webpack_helpers.devdocs.json'; diff --git a/api_docs/kbn_osquery_io_ts_types.mdx b/api_docs/kbn_osquery_io_ts_types.mdx index e09125c4c34ecf..08a954ce8bedd9 100644 --- a/api_docs/kbn_osquery_io_ts_types.mdx +++ b/api_docs/kbn_osquery_io_ts_types.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-osquery-io-ts-types title: "@kbn/osquery-io-ts-types" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/osquery-io-ts-types plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/osquery-io-ts-types'] --- import kbnOsqueryIoTsTypesObj from './kbn_osquery_io_ts_types.devdocs.json'; diff --git a/api_docs/kbn_panel_loader.mdx b/api_docs/kbn_panel_loader.mdx index 6f90cf1953843a..98497c50147704 100644 --- a/api_docs/kbn_panel_loader.mdx +++ b/api_docs/kbn_panel_loader.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-panel-loader title: "@kbn/panel-loader" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/panel-loader plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/panel-loader'] --- import kbnPanelLoaderObj from './kbn_panel_loader.devdocs.json'; diff --git a/api_docs/kbn_performance_testing_dataset_extractor.mdx b/api_docs/kbn_performance_testing_dataset_extractor.mdx index 7e2d17c3f97c0b..830692290562e9 100644 --- a/api_docs/kbn_performance_testing_dataset_extractor.mdx +++ b/api_docs/kbn_performance_testing_dataset_extractor.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-performance-testing-dataset-extractor title: "@kbn/performance-testing-dataset-extractor" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/performance-testing-dataset-extractor plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/performance-testing-dataset-extractor'] --- import kbnPerformanceTestingDatasetExtractorObj from './kbn_performance_testing_dataset_extractor.devdocs.json'; diff --git a/api_docs/kbn_plugin_check.mdx b/api_docs/kbn_plugin_check.mdx index 852000262e28e0..2731107736a371 100644 --- a/api_docs/kbn_plugin_check.mdx +++ b/api_docs/kbn_plugin_check.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-plugin-check title: "@kbn/plugin-check" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/plugin-check plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/plugin-check'] --- import kbnPluginCheckObj from './kbn_plugin_check.devdocs.json'; diff --git a/api_docs/kbn_plugin_generator.mdx b/api_docs/kbn_plugin_generator.mdx index 7df8c47b7ed3f7..5cf0010cabece5 100644 --- a/api_docs/kbn_plugin_generator.mdx +++ b/api_docs/kbn_plugin_generator.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-plugin-generator title: "@kbn/plugin-generator" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/plugin-generator plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/plugin-generator'] --- import kbnPluginGeneratorObj from './kbn_plugin_generator.devdocs.json'; diff --git a/api_docs/kbn_plugin_helpers.mdx b/api_docs/kbn_plugin_helpers.mdx index eac4ad9e54d707..a1e8d6fb77d251 100644 --- a/api_docs/kbn_plugin_helpers.mdx +++ b/api_docs/kbn_plugin_helpers.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-plugin-helpers title: "@kbn/plugin-helpers" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/plugin-helpers plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/plugin-helpers'] --- import kbnPluginHelpersObj from './kbn_plugin_helpers.devdocs.json'; diff --git a/api_docs/kbn_presentation_containers.mdx b/api_docs/kbn_presentation_containers.mdx index 236c9b5d26a73b..c53c3bb5db04a1 100644 --- a/api_docs/kbn_presentation_containers.mdx +++ b/api_docs/kbn_presentation_containers.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-presentation-containers title: "@kbn/presentation-containers" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/presentation-containers plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/presentation-containers'] --- import kbnPresentationContainersObj from './kbn_presentation_containers.devdocs.json'; diff --git a/api_docs/kbn_presentation_publishing.mdx b/api_docs/kbn_presentation_publishing.mdx index da055d89ddbc4a..ced581a4c37166 100644 --- a/api_docs/kbn_presentation_publishing.mdx +++ b/api_docs/kbn_presentation_publishing.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-presentation-publishing title: "@kbn/presentation-publishing" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/presentation-publishing plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/presentation-publishing'] --- import kbnPresentationPublishingObj from './kbn_presentation_publishing.devdocs.json'; diff --git a/api_docs/kbn_product_doc_artifact_builder.mdx b/api_docs/kbn_product_doc_artifact_builder.mdx index 1b25de9e3e507f..27906026a3a584 100644 --- a/api_docs/kbn_product_doc_artifact_builder.mdx +++ b/api_docs/kbn_product_doc_artifact_builder.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-product-doc-artifact-builder title: "@kbn/product-doc-artifact-builder" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/product-doc-artifact-builder plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/product-doc-artifact-builder'] --- import kbnProductDocArtifactBuilderObj from './kbn_product_doc_artifact_builder.devdocs.json'; diff --git a/api_docs/kbn_profiling_utils.mdx b/api_docs/kbn_profiling_utils.mdx index 7abb4dc7cd6cfe..f5b837d955f93c 100644 --- a/api_docs/kbn_profiling_utils.mdx +++ b/api_docs/kbn_profiling_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-profiling-utils title: "@kbn/profiling-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/profiling-utils plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/profiling-utils'] --- import kbnProfilingUtilsObj from './kbn_profiling_utils.devdocs.json'; diff --git a/api_docs/kbn_random_sampling.mdx b/api_docs/kbn_random_sampling.mdx index 3ea9834b3d7da0..c29eb601ef06dd 100644 --- a/api_docs/kbn_random_sampling.mdx +++ b/api_docs/kbn_random_sampling.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-random-sampling title: "@kbn/random-sampling" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/random-sampling plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/random-sampling'] --- import kbnRandomSamplingObj from './kbn_random_sampling.devdocs.json'; diff --git a/api_docs/kbn_react_field.mdx b/api_docs/kbn_react_field.mdx index dc2696d6a53213..01f92485140e36 100644 --- a/api_docs/kbn_react_field.mdx +++ b/api_docs/kbn_react_field.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-react-field title: "@kbn/react-field" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/react-field plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/react-field'] --- import kbnReactFieldObj from './kbn_react_field.devdocs.json'; diff --git a/api_docs/kbn_react_hooks.mdx b/api_docs/kbn_react_hooks.mdx index 6cec99462dd1a0..5231dac3065894 100644 --- a/api_docs/kbn_react_hooks.mdx +++ b/api_docs/kbn_react_hooks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-react-hooks title: "@kbn/react-hooks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/react-hooks plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/react-hooks'] --- import kbnReactHooksObj from './kbn_react_hooks.devdocs.json'; diff --git a/api_docs/kbn_react_kibana_context_common.mdx b/api_docs/kbn_react_kibana_context_common.mdx index ede5a137b5c516..aa58df9b3f3cd8 100644 --- a/api_docs/kbn_react_kibana_context_common.mdx +++ b/api_docs/kbn_react_kibana_context_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-react-kibana-context-common title: "@kbn/react-kibana-context-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/react-kibana-context-common plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/react-kibana-context-common'] --- import kbnReactKibanaContextCommonObj from './kbn_react_kibana_context_common.devdocs.json'; diff --git a/api_docs/kbn_react_kibana_context_render.mdx b/api_docs/kbn_react_kibana_context_render.mdx index 33291be69d4236..c982453cc508a3 100644 --- a/api_docs/kbn_react_kibana_context_render.mdx +++ b/api_docs/kbn_react_kibana_context_render.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-react-kibana-context-render title: "@kbn/react-kibana-context-render" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/react-kibana-context-render plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/react-kibana-context-render'] --- import kbnReactKibanaContextRenderObj from './kbn_react_kibana_context_render.devdocs.json'; diff --git a/api_docs/kbn_react_kibana_context_root.mdx b/api_docs/kbn_react_kibana_context_root.mdx index 279b96d218736d..80bf2e9a894eb4 100644 --- a/api_docs/kbn_react_kibana_context_root.mdx +++ b/api_docs/kbn_react_kibana_context_root.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-react-kibana-context-root title: "@kbn/react-kibana-context-root" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/react-kibana-context-root plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/react-kibana-context-root'] --- import kbnReactKibanaContextRootObj from './kbn_react_kibana_context_root.devdocs.json'; diff --git a/api_docs/kbn_react_kibana_context_styled.mdx b/api_docs/kbn_react_kibana_context_styled.mdx index c94ac2938a9b95..c50c21cefbb2d7 100644 --- a/api_docs/kbn_react_kibana_context_styled.mdx +++ b/api_docs/kbn_react_kibana_context_styled.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-react-kibana-context-styled title: "@kbn/react-kibana-context-styled" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/react-kibana-context-styled plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/react-kibana-context-styled'] --- import kbnReactKibanaContextStyledObj from './kbn_react_kibana_context_styled.devdocs.json'; diff --git a/api_docs/kbn_react_kibana_context_theme.mdx b/api_docs/kbn_react_kibana_context_theme.mdx index 1bb1a0ee36b286..f39d0990c6c86c 100644 --- a/api_docs/kbn_react_kibana_context_theme.mdx +++ b/api_docs/kbn_react_kibana_context_theme.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-react-kibana-context-theme title: "@kbn/react-kibana-context-theme" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/react-kibana-context-theme plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/react-kibana-context-theme'] --- import kbnReactKibanaContextThemeObj from './kbn_react_kibana_context_theme.devdocs.json'; diff --git a/api_docs/kbn_react_kibana_mount.mdx b/api_docs/kbn_react_kibana_mount.mdx index c1a35f3a6228a4..da2e8df6af3ba4 100644 --- a/api_docs/kbn_react_kibana_mount.mdx +++ b/api_docs/kbn_react_kibana_mount.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-react-kibana-mount title: "@kbn/react-kibana-mount" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/react-kibana-mount plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/react-kibana-mount'] --- import kbnReactKibanaMountObj from './kbn_react_kibana_mount.devdocs.json'; diff --git a/api_docs/kbn_recently_accessed.mdx b/api_docs/kbn_recently_accessed.mdx index a0c1b5e74776c5..4b420ff4ea28b9 100644 --- a/api_docs/kbn_recently_accessed.mdx +++ b/api_docs/kbn_recently_accessed.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-recently-accessed title: "@kbn/recently-accessed" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/recently-accessed plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/recently-accessed'] --- import kbnRecentlyAccessedObj from './kbn_recently_accessed.devdocs.json'; diff --git a/api_docs/kbn_repo_file_maps.mdx b/api_docs/kbn_repo_file_maps.mdx index 248fa203007b3a..aa391c71440b5d 100644 --- a/api_docs/kbn_repo_file_maps.mdx +++ b/api_docs/kbn_repo_file_maps.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-repo-file-maps title: "@kbn/repo-file-maps" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/repo-file-maps plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/repo-file-maps'] --- import kbnRepoFileMapsObj from './kbn_repo_file_maps.devdocs.json'; diff --git a/api_docs/kbn_repo_linter.mdx b/api_docs/kbn_repo_linter.mdx index cb519b1e2f8d29..ee6bef619fa75e 100644 --- a/api_docs/kbn_repo_linter.mdx +++ b/api_docs/kbn_repo_linter.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-repo-linter title: "@kbn/repo-linter" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/repo-linter plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/repo-linter'] --- import kbnRepoLinterObj from './kbn_repo_linter.devdocs.json'; diff --git a/api_docs/kbn_repo_path.mdx b/api_docs/kbn_repo_path.mdx index 0dcddda8cf31c7..1590607a4aa8ef 100644 --- a/api_docs/kbn_repo_path.mdx +++ b/api_docs/kbn_repo_path.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-repo-path title: "@kbn/repo-path" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/repo-path plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/repo-path'] --- import kbnRepoPathObj from './kbn_repo_path.devdocs.json'; diff --git a/api_docs/kbn_repo_source_classifier.mdx b/api_docs/kbn_repo_source_classifier.mdx index 00ca1c52bc0f25..70cecf2eadc23d 100644 --- a/api_docs/kbn_repo_source_classifier.mdx +++ b/api_docs/kbn_repo_source_classifier.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-repo-source-classifier title: "@kbn/repo-source-classifier" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/repo-source-classifier plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/repo-source-classifier'] --- import kbnRepoSourceClassifierObj from './kbn_repo_source_classifier.devdocs.json'; diff --git a/api_docs/kbn_reporting_common.devdocs.json b/api_docs/kbn_reporting_common.devdocs.json index 7139afb78c24eb..b7b20c613c82aa 100644 --- a/api_docs/kbn_reporting_common.devdocs.json +++ b/api_docs/kbn_reporting_common.devdocs.json @@ -758,6 +758,62 @@ ], "initialIsOpen": false }, + { + "parentPluginId": "@kbn/reporting-common", + "id": "def-common.ReportingSavedObjectNotFoundError", + "type": "Class", + "tags": [], + "label": "ReportingSavedObjectNotFoundError", + "description": [], + "signature": [ + { + "pluginId": "@kbn/reporting-common", + "scope": "common", + "docId": "kibKbnReportingCommonPluginApi", + "section": "def-common.ReportingSavedObjectNotFoundError", + "text": "ReportingSavedObjectNotFoundError" + }, + " extends ", + { + "pluginId": "@kbn/reporting-common", + "scope": "common", + "docId": "kibKbnReportingCommonPluginApi", + "section": "def-common.ReportingError", + "text": "ReportingError" + } + ], + "path": "packages/kbn-reporting/common/errors.ts", + "deprecated": false, + "trackAdoption": false, + "children": [ + { + "parentPluginId": "@kbn/reporting-common", + "id": "def-common.ReportingSavedObjectNotFoundError.code", + "type": "string", + "tags": [], + "label": "code", + "description": [], + "signature": [ + "\"reporting_saved_object_not_found_error\"" + ], + "path": "packages/kbn-reporting/common/errors.ts", + "deprecated": false, + "trackAdoption": false + }, + { + "parentPluginId": "@kbn/reporting-common", + "id": "def-common.ReportingSavedObjectNotFoundError.code", + "type": "string", + "tags": [], + "label": "code", + "description": [], + "path": "packages/kbn-reporting/common/errors.ts", + "deprecated": false, + "trackAdoption": false + } + ], + "initialIsOpen": false + }, { "parentPluginId": "@kbn/reporting-common", "id": "def-common.UnknownError", diff --git a/api_docs/kbn_reporting_common.mdx b/api_docs/kbn_reporting_common.mdx index 1ae4233d883822..7f38487a5971e3 100644 --- a/api_docs/kbn_reporting_common.mdx +++ b/api_docs/kbn_reporting_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-reporting-common title: "@kbn/reporting-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/reporting-common plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/reporting-common'] --- import kbnReportingCommonObj from './kbn_reporting_common.devdocs.json'; @@ -21,7 +21,7 @@ Contact [@elastic/appex-sharedux](https://github.com/orgs/elastic/teams/appex-sh | Public API count | Any count | Items lacking comments | Missing exports | |-------------------|-----------|------------------------|-----------------| -| 96 | 0 | 86 | 13 | +| 99 | 0 | 89 | 13 | ## Common diff --git a/api_docs/kbn_reporting_csv_share_panel.mdx b/api_docs/kbn_reporting_csv_share_panel.mdx index d21b90368cbdc7..28c69946fc45b1 100644 --- a/api_docs/kbn_reporting_csv_share_panel.mdx +++ b/api_docs/kbn_reporting_csv_share_panel.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-reporting-csv-share-panel title: "@kbn/reporting-csv-share-panel" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/reporting-csv-share-panel plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/reporting-csv-share-panel'] --- import kbnReportingCsvSharePanelObj from './kbn_reporting_csv_share_panel.devdocs.json'; diff --git a/api_docs/kbn_reporting_export_types_csv.mdx b/api_docs/kbn_reporting_export_types_csv.mdx index b919dd0947d426..27ec46307e090b 100644 --- a/api_docs/kbn_reporting_export_types_csv.mdx +++ b/api_docs/kbn_reporting_export_types_csv.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-reporting-export-types-csv title: "@kbn/reporting-export-types-csv" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/reporting-export-types-csv plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/reporting-export-types-csv'] --- import kbnReportingExportTypesCsvObj from './kbn_reporting_export_types_csv.devdocs.json'; diff --git a/api_docs/kbn_reporting_export_types_csv_common.mdx b/api_docs/kbn_reporting_export_types_csv_common.mdx index c4419a291e0bd7..42cd225d97770f 100644 --- a/api_docs/kbn_reporting_export_types_csv_common.mdx +++ b/api_docs/kbn_reporting_export_types_csv_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-reporting-export-types-csv-common title: "@kbn/reporting-export-types-csv-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/reporting-export-types-csv-common plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/reporting-export-types-csv-common'] --- import kbnReportingExportTypesCsvCommonObj from './kbn_reporting_export_types_csv_common.devdocs.json'; diff --git a/api_docs/kbn_reporting_export_types_pdf.mdx b/api_docs/kbn_reporting_export_types_pdf.mdx index 33031ccc8fa886..0edbe3b0b1df59 100644 --- a/api_docs/kbn_reporting_export_types_pdf.mdx +++ b/api_docs/kbn_reporting_export_types_pdf.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-reporting-export-types-pdf title: "@kbn/reporting-export-types-pdf" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/reporting-export-types-pdf plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/reporting-export-types-pdf'] --- import kbnReportingExportTypesPdfObj from './kbn_reporting_export_types_pdf.devdocs.json'; diff --git a/api_docs/kbn_reporting_export_types_pdf_common.mdx b/api_docs/kbn_reporting_export_types_pdf_common.mdx index 4185d0009078b0..6186066bb6bc91 100644 --- a/api_docs/kbn_reporting_export_types_pdf_common.mdx +++ b/api_docs/kbn_reporting_export_types_pdf_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-reporting-export-types-pdf-common title: "@kbn/reporting-export-types-pdf-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/reporting-export-types-pdf-common plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/reporting-export-types-pdf-common'] --- import kbnReportingExportTypesPdfCommonObj from './kbn_reporting_export_types_pdf_common.devdocs.json'; diff --git a/api_docs/kbn_reporting_export_types_png.mdx b/api_docs/kbn_reporting_export_types_png.mdx index 7c4112db6980d0..8366182dc3ba96 100644 --- a/api_docs/kbn_reporting_export_types_png.mdx +++ b/api_docs/kbn_reporting_export_types_png.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-reporting-export-types-png title: "@kbn/reporting-export-types-png" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/reporting-export-types-png plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/reporting-export-types-png'] --- import kbnReportingExportTypesPngObj from './kbn_reporting_export_types_png.devdocs.json'; diff --git a/api_docs/kbn_reporting_export_types_png_common.mdx b/api_docs/kbn_reporting_export_types_png_common.mdx index 350e6c9ebe98d8..eef81b3da3ae72 100644 --- a/api_docs/kbn_reporting_export_types_png_common.mdx +++ b/api_docs/kbn_reporting_export_types_png_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-reporting-export-types-png-common title: "@kbn/reporting-export-types-png-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/reporting-export-types-png-common plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/reporting-export-types-png-common'] --- import kbnReportingExportTypesPngCommonObj from './kbn_reporting_export_types_png_common.devdocs.json'; diff --git a/api_docs/kbn_reporting_mocks_server.mdx b/api_docs/kbn_reporting_mocks_server.mdx index 2a5d299dac6701..217aaea7ef540d 100644 --- a/api_docs/kbn_reporting_mocks_server.mdx +++ b/api_docs/kbn_reporting_mocks_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-reporting-mocks-server title: "@kbn/reporting-mocks-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/reporting-mocks-server plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/reporting-mocks-server'] --- import kbnReportingMocksServerObj from './kbn_reporting_mocks_server.devdocs.json'; diff --git a/api_docs/kbn_reporting_public.mdx b/api_docs/kbn_reporting_public.mdx index a01f17bef4a94c..ebcdbba42865b1 100644 --- a/api_docs/kbn_reporting_public.mdx +++ b/api_docs/kbn_reporting_public.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-reporting-public title: "@kbn/reporting-public" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/reporting-public plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/reporting-public'] --- import kbnReportingPublicObj from './kbn_reporting_public.devdocs.json'; diff --git a/api_docs/kbn_reporting_server.mdx b/api_docs/kbn_reporting_server.mdx index fb4239439dc419..9570c7c300ecd3 100644 --- a/api_docs/kbn_reporting_server.mdx +++ b/api_docs/kbn_reporting_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-reporting-server title: "@kbn/reporting-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/reporting-server plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/reporting-server'] --- import kbnReportingServerObj from './kbn_reporting_server.devdocs.json'; diff --git a/api_docs/kbn_resizable_layout.mdx b/api_docs/kbn_resizable_layout.mdx index d47a74ecebf7bb..a21dd8d7e3821b 100644 --- a/api_docs/kbn_resizable_layout.mdx +++ b/api_docs/kbn_resizable_layout.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-resizable-layout title: "@kbn/resizable-layout" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/resizable-layout plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/resizable-layout'] --- import kbnResizableLayoutObj from './kbn_resizable_layout.devdocs.json'; diff --git a/api_docs/kbn_response_ops_feature_flag_service.mdx b/api_docs/kbn_response_ops_feature_flag_service.mdx index 7f542701102559..b013f86b351898 100644 --- a/api_docs/kbn_response_ops_feature_flag_service.mdx +++ b/api_docs/kbn_response_ops_feature_flag_service.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-response-ops-feature-flag-service title: "@kbn/response-ops-feature-flag-service" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/response-ops-feature-flag-service plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/response-ops-feature-flag-service'] --- import kbnResponseOpsFeatureFlagServiceObj from './kbn_response_ops_feature_flag_service.devdocs.json'; diff --git a/api_docs/kbn_response_ops_rule_params.devdocs.json b/api_docs/kbn_response_ops_rule_params.devdocs.json new file mode 100644 index 00000000000000..765f753679eed7 --- /dev/null +++ b/api_docs/kbn_response_ops_rule_params.devdocs.json @@ -0,0 +1,177 @@ +{ + "id": "@kbn/response-ops-rule-params", + "client": { + "classes": [], + "functions": [], + "interfaces": [], + "enums": [], + "misc": [], + "objects": [] + }, + "server": { + "classes": [], + "functions": [], + "interfaces": [], + "enums": [], + "misc": [], + "objects": [] + }, + "common": { + "classes": [], + "functions": [], + "interfaces": [], + "enums": [], + "misc": [ + { + "parentPluginId": "@kbn/response-ops-rule-params", + "id": "def-common.RuleParams", + "type": "Type", + "tags": [], + "label": "RuleParams", + "description": [], + "signature": [ + "{ [x: string]: any; }" + ], + "path": "packages/response-ops/rule_params/v1.ts", + "deprecated": false, + "trackAdoption": false, + "initialIsOpen": false + }, + { + "parentPluginId": "@kbn/response-ops-rule-params", + "id": "def-common.RuleParams", + "type": "Type", + "tags": [], + "label": "RuleParams", + "description": [], + "signature": [ + "{ [x: string]: any; }" + ], + "path": "packages/response-ops/rule_params/v1.ts", + "deprecated": false, + "trackAdoption": false, + "initialIsOpen": false + }, + { + "parentPluginId": "@kbn/response-ops-rule-params", + "id": "def-common.RuleParamsWithDefaultValue", + "type": "Type", + "tags": [], + "label": "RuleParamsWithDefaultValue", + "description": [], + "signature": [ + "{ [x: string]: any; }" + ], + "path": "packages/response-ops/rule_params/v1.ts", + "deprecated": false, + "trackAdoption": false, + "initialIsOpen": false + }, + { + "parentPluginId": "@kbn/response-ops-rule-params", + "id": "def-common.RuleParamsWithDefaultValue", + "type": "Type", + "tags": [], + "label": "RuleParamsWithDefaultValue", + "description": [], + "signature": [ + "{ [x: string]: any; }" + ], + "path": "packages/response-ops/rule_params/v1.ts", + "deprecated": false, + "trackAdoption": false, + "initialIsOpen": false + } + ], + "objects": [ + { + "parentPluginId": "@kbn/response-ops-rule-params", + "id": "def-common.ruleParamsSchema", + "type": "Object", + "tags": [], + "label": "ruleParamsSchema", + "description": [], + "signature": [ + { + "pluginId": "@kbn/config-schema", + "scope": "common", + "docId": "kibKbnConfigSchemaPluginApi", + "section": "def-common.Type", + "text": "Type" + }, + ">" + ], + "path": "packages/response-ops/rule_params/v1.ts", + "deprecated": false, + "trackAdoption": false, + "initialIsOpen": false + }, + { + "parentPluginId": "@kbn/response-ops-rule-params", + "id": "def-common.ruleParamsSchema", + "type": "Object", + "tags": [], + "label": "ruleParamsSchema", + "description": [], + "signature": [ + { + "pluginId": "@kbn/config-schema", + "scope": "common", + "docId": "kibKbnConfigSchemaPluginApi", + "section": "def-common.Type", + "text": "Type" + }, + ">" + ], + "path": "packages/response-ops/rule_params/v1.ts", + "deprecated": false, + "trackAdoption": false, + "initialIsOpen": false + }, + { + "parentPluginId": "@kbn/response-ops-rule-params", + "id": "def-common.ruleParamsSchemaWithDefaultValue", + "type": "Object", + "tags": [], + "label": "ruleParamsSchemaWithDefaultValue", + "description": [], + "signature": [ + { + "pluginId": "@kbn/config-schema", + "scope": "common", + "docId": "kibKbnConfigSchemaPluginApi", + "section": "def-common.Type", + "text": "Type" + }, + ">" + ], + "path": "packages/response-ops/rule_params/v1.ts", + "deprecated": false, + "trackAdoption": false, + "initialIsOpen": false + }, + { + "parentPluginId": "@kbn/response-ops-rule-params", + "id": "def-common.ruleParamsSchemaWithDefaultValue", + "type": "Object", + "tags": [], + "label": "ruleParamsSchemaWithDefaultValue", + "description": [], + "signature": [ + { + "pluginId": "@kbn/config-schema", + "scope": "common", + "docId": "kibKbnConfigSchemaPluginApi", + "section": "def-common.Type", + "text": "Type" + }, + ">" + ], + "path": "packages/response-ops/rule_params/v1.ts", + "deprecated": false, + "trackAdoption": false, + "initialIsOpen": false + } + ] + } +} \ No newline at end of file diff --git a/api_docs/kbn_response_ops_rule_params.mdx b/api_docs/kbn_response_ops_rule_params.mdx new file mode 100644 index 00000000000000..88e4d676ab4089 --- /dev/null +++ b/api_docs/kbn_response_ops_rule_params.mdx @@ -0,0 +1,33 @@ +--- +#### +#### This document is auto-generated and is meant to be viewed inside our experimental, new docs system. +#### Reach out in #docs-engineering for more info. +#### +id: kibKbnResponseOpsRuleParamsPluginApi +slug: /kibana-dev-docs/api/kbn-response-ops-rule-params +title: "@kbn/response-ops-rule-params" +image: https://source.unsplash.com/400x175/?github +description: API docs for the @kbn/response-ops-rule-params plugin +date: 2024-10-24 +tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/response-ops-rule-params'] +--- +import kbnResponseOpsRuleParamsObj from './kbn_response_ops_rule_params.devdocs.json'; + + + +Contact [@elastic/response-ops](https://github.com/orgs/elastic/teams/response-ops) for questions regarding this plugin. + +**Code health stats** + +| Public API count | Any count | Items lacking comments | Missing exports | +|-------------------|-----------|------------------------|-----------------| +| 8 | 0 | 8 | 0 | + +## Common + +### Objects + + +### Consts, variables and types + + diff --git a/api_docs/kbn_rison.mdx b/api_docs/kbn_rison.mdx index 6614b305b55a99..5899bb7f3c7ced 100644 --- a/api_docs/kbn_rison.mdx +++ b/api_docs/kbn_rison.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-rison title: "@kbn/rison" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/rison plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/rison'] --- import kbnRisonObj from './kbn_rison.devdocs.json'; diff --git a/api_docs/kbn_rollup.mdx b/api_docs/kbn_rollup.mdx index b76f4b5724970a..c438a0c052ba2e 100644 --- a/api_docs/kbn_rollup.mdx +++ b/api_docs/kbn_rollup.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-rollup title: "@kbn/rollup" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/rollup plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/rollup'] --- import kbnRollupObj from './kbn_rollup.devdocs.json'; diff --git a/api_docs/kbn_router_to_openapispec.mdx b/api_docs/kbn_router_to_openapispec.mdx index 4deeda9306ef8c..6f3297c1c90434 100644 --- a/api_docs/kbn_router_to_openapispec.mdx +++ b/api_docs/kbn_router_to_openapispec.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-router-to-openapispec title: "@kbn/router-to-openapispec" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/router-to-openapispec plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/router-to-openapispec'] --- import kbnRouterToOpenapispecObj from './kbn_router_to_openapispec.devdocs.json'; diff --git a/api_docs/kbn_router_utils.mdx b/api_docs/kbn_router_utils.mdx index 082a3b3e90b1d4..9875b5cb9e87c7 100644 --- a/api_docs/kbn_router_utils.mdx +++ b/api_docs/kbn_router_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-router-utils title: "@kbn/router-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/router-utils plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/router-utils'] --- import kbnRouterUtilsObj from './kbn_router_utils.devdocs.json'; diff --git a/api_docs/kbn_rrule.mdx b/api_docs/kbn_rrule.mdx index 9438e4e78c1ef5..86119a9dc91a9c 100644 --- a/api_docs/kbn_rrule.mdx +++ b/api_docs/kbn_rrule.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-rrule title: "@kbn/rrule" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/rrule plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/rrule'] --- import kbnRruleObj from './kbn_rrule.devdocs.json'; diff --git a/api_docs/kbn_rule_data_utils.devdocs.json b/api_docs/kbn_rule_data_utils.devdocs.json index abb9f407735b10..20d8ad66f520a6 100644 --- a/api_docs/kbn_rule_data_utils.devdocs.json +++ b/api_docs/kbn_rule_data_utils.devdocs.json @@ -1982,6 +1982,36 @@ "trackAdoption": false, "initialIsOpen": false }, + { + "parentPluginId": "@kbn/rule-data-utils", + "id": "def-common.SYNTHETICS_STATUS_RULE", + "type": "string", + "tags": [], + "label": "SYNTHETICS_STATUS_RULE", + "description": [], + "signature": [ + "\"xpack.synthetics.alerts.monitorStatus\"" + ], + "path": "packages/kbn-rule-data-utils/src/rule_types/o11y_rules.ts", + "deprecated": false, + "trackAdoption": false, + "initialIsOpen": false + }, + { + "parentPluginId": "@kbn/rule-data-utils", + "id": "def-common.SYNTHETICS_TLS_RULE", + "type": "string", + "tags": [], + "label": "SYNTHETICS_TLS_RULE", + "description": [], + "signature": [ + "\"xpack.synthetics.alerts.tls\"" + ], + "path": "packages/kbn-rule-data-utils/src/rule_types/o11y_rules.ts", + "deprecated": false, + "trackAdoption": false, + "initialIsOpen": false + }, { "parentPluginId": "@kbn/rule-data-utils", "id": "def-common.TAGS", diff --git a/api_docs/kbn_rule_data_utils.mdx b/api_docs/kbn_rule_data_utils.mdx index 17ed3bfe8c968b..49768d5de76ac4 100644 --- a/api_docs/kbn_rule_data_utils.mdx +++ b/api_docs/kbn_rule_data_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-rule-data-utils title: "@kbn/rule-data-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/rule-data-utils plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/rule-data-utils'] --- import kbnRuleDataUtilsObj from './kbn_rule_data_utils.devdocs.json'; @@ -21,7 +21,7 @@ Contact [@elastic/security-detections-response](https://github.com/orgs/elastic/ | Public API count | Any count | Items lacking comments | Missing exports | |-------------------|-----------|------------------------|-----------------| -| 136 | 0 | 133 | 0 | +| 138 | 0 | 135 | 0 | ## Common diff --git a/api_docs/kbn_saved_objects_settings.mdx b/api_docs/kbn_saved_objects_settings.mdx index 864a63c3966e12..fce8c568bd63e0 100644 --- a/api_docs/kbn_saved_objects_settings.mdx +++ b/api_docs/kbn_saved_objects_settings.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-saved-objects-settings title: "@kbn/saved-objects-settings" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/saved-objects-settings plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/saved-objects-settings'] --- import kbnSavedObjectsSettingsObj from './kbn_saved_objects_settings.devdocs.json'; diff --git a/api_docs/kbn_screenshotting_server.mdx b/api_docs/kbn_screenshotting_server.mdx index 188122da3dd0f8..f91e379cf0c8b6 100644 --- a/api_docs/kbn_screenshotting_server.mdx +++ b/api_docs/kbn_screenshotting_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-screenshotting-server title: "@kbn/screenshotting-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/screenshotting-server plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/screenshotting-server'] --- import kbnScreenshottingServerObj from './kbn_screenshotting_server.devdocs.json'; diff --git a/api_docs/kbn_search_api_keys_components.mdx b/api_docs/kbn_search_api_keys_components.mdx index ac74dc87774fb9..efdf98cc9edf3d 100644 --- a/api_docs/kbn_search_api_keys_components.mdx +++ b/api_docs/kbn_search_api_keys_components.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-search-api-keys-components title: "@kbn/search-api-keys-components" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/search-api-keys-components plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/search-api-keys-components'] --- import kbnSearchApiKeysComponentsObj from './kbn_search_api_keys_components.devdocs.json'; diff --git a/api_docs/kbn_search_api_keys_server.mdx b/api_docs/kbn_search_api_keys_server.mdx index 8c468a0184bfc8..c72af04c3d7de6 100644 --- a/api_docs/kbn_search_api_keys_server.mdx +++ b/api_docs/kbn_search_api_keys_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-search-api-keys-server title: "@kbn/search-api-keys-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/search-api-keys-server plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/search-api-keys-server'] --- import kbnSearchApiKeysServerObj from './kbn_search_api_keys_server.devdocs.json'; diff --git a/api_docs/kbn_search_api_panels.mdx b/api_docs/kbn_search_api_panels.mdx index a07ea609236b93..724161af9c3761 100644 --- a/api_docs/kbn_search_api_panels.mdx +++ b/api_docs/kbn_search_api_panels.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-search-api-panels title: "@kbn/search-api-panels" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/search-api-panels plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/search-api-panels'] --- import kbnSearchApiPanelsObj from './kbn_search_api_panels.devdocs.json'; diff --git a/api_docs/kbn_search_connectors.mdx b/api_docs/kbn_search_connectors.mdx index fa9ea8e99b4ef2..f6d6e0c1b5d55f 100644 --- a/api_docs/kbn_search_connectors.mdx +++ b/api_docs/kbn_search_connectors.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-search-connectors title: "@kbn/search-connectors" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/search-connectors plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/search-connectors'] --- import kbnSearchConnectorsObj from './kbn_search_connectors.devdocs.json'; diff --git a/api_docs/kbn_search_errors.mdx b/api_docs/kbn_search_errors.mdx index 600e8aafb27957..728996daa84bed 100644 --- a/api_docs/kbn_search_errors.mdx +++ b/api_docs/kbn_search_errors.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-search-errors title: "@kbn/search-errors" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/search-errors plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/search-errors'] --- import kbnSearchErrorsObj from './kbn_search_errors.devdocs.json'; diff --git a/api_docs/kbn_search_index_documents.devdocs.json b/api_docs/kbn_search_index_documents.devdocs.json index 7f2b1b151d7920..47d7e742f5e902 100644 --- a/api_docs/kbn_search_index_documents.devdocs.json +++ b/api_docs/kbn_search_index_documents.devdocs.json @@ -101,7 +101,7 @@ "section": "def-server.ElasticsearchClient", "text": "ElasticsearchClient" }, - ", indexName: string, query?: string | undefined, from?: number, size?: number) => Promise<", + ", indexName: string, query?: string | undefined, from?: number, size?: number, trackTotalHits?: boolean) => Promise<", { "pluginId": "@kbn/search-index-documents", "scope": "common", @@ -197,6 +197,21 @@ "deprecated": false, "trackAdoption": false, "isRequired": true + }, + { + "parentPluginId": "@kbn/search-index-documents", + "id": "def-common.fetchSearchResults.$6", + "type": "boolean", + "tags": [], + "label": "trackTotalHits", + "description": [], + "signature": [ + "boolean" + ], + "path": "packages/kbn-search-index-documents/lib/fetch_search_results.ts", + "deprecated": false, + "trackAdoption": false, + "isRequired": true } ], "returnComment": [], diff --git a/api_docs/kbn_search_index_documents.mdx b/api_docs/kbn_search_index_documents.mdx index 6d9c97f7365d89..6c7d6b0e425f5f 100644 --- a/api_docs/kbn_search_index_documents.mdx +++ b/api_docs/kbn_search_index_documents.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-search-index-documents title: "@kbn/search-index-documents" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/search-index-documents plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/search-index-documents'] --- import kbnSearchIndexDocumentsObj from './kbn_search_index_documents.devdocs.json'; @@ -21,7 +21,7 @@ Contact [@elastic/search-kibana](https://github.com/orgs/elastic/teams/search-ki | Public API count | Any count | Items lacking comments | Missing exports | |-------------------|-----------|------------------------|-----------------| -| 35 | 0 | 33 | 3 | +| 36 | 0 | 34 | 3 | ## Common diff --git a/api_docs/kbn_search_response_warnings.mdx b/api_docs/kbn_search_response_warnings.mdx index bfe1816a9ffe28..5d87c05626abb7 100644 --- a/api_docs/kbn_search_response_warnings.mdx +++ b/api_docs/kbn_search_response_warnings.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-search-response-warnings title: "@kbn/search-response-warnings" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/search-response-warnings plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/search-response-warnings'] --- import kbnSearchResponseWarningsObj from './kbn_search_response_warnings.devdocs.json'; diff --git a/api_docs/kbn_search_shared_ui.mdx b/api_docs/kbn_search_shared_ui.mdx index c94dc0c525e0dc..5e1dcf4044ada6 100644 --- a/api_docs/kbn_search_shared_ui.mdx +++ b/api_docs/kbn_search_shared_ui.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-search-shared-ui title: "@kbn/search-shared-ui" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/search-shared-ui plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/search-shared-ui'] --- import kbnSearchSharedUiObj from './kbn_search_shared_ui.devdocs.json'; diff --git a/api_docs/kbn_search_types.mdx b/api_docs/kbn_search_types.mdx index df378c53d7dc35..ce4627c62ab75e 100644 --- a/api_docs/kbn_search_types.mdx +++ b/api_docs/kbn_search_types.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-search-types title: "@kbn/search-types" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/search-types plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/search-types'] --- import kbnSearchTypesObj from './kbn_search_types.devdocs.json'; diff --git a/api_docs/kbn_security_api_key_management.mdx b/api_docs/kbn_security_api_key_management.mdx index f58b166637af6d..275f4d5d54d8e6 100644 --- a/api_docs/kbn_security_api_key_management.mdx +++ b/api_docs/kbn_security_api_key_management.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-security-api-key-management title: "@kbn/security-api-key-management" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/security-api-key-management plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/security-api-key-management'] --- import kbnSecurityApiKeyManagementObj from './kbn_security_api_key_management.devdocs.json'; diff --git a/api_docs/kbn_security_authorization_core.mdx b/api_docs/kbn_security_authorization_core.mdx index dc114cdcb9880e..1800c7ac7eb4b1 100644 --- a/api_docs/kbn_security_authorization_core.mdx +++ b/api_docs/kbn_security_authorization_core.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-security-authorization-core title: "@kbn/security-authorization-core" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/security-authorization-core plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/security-authorization-core'] --- import kbnSecurityAuthorizationCoreObj from './kbn_security_authorization_core.devdocs.json'; diff --git a/api_docs/kbn_security_authorization_core_common.mdx b/api_docs/kbn_security_authorization_core_common.mdx index 05bed52c0f360a..cd4fd6bb4374cd 100644 --- a/api_docs/kbn_security_authorization_core_common.mdx +++ b/api_docs/kbn_security_authorization_core_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-security-authorization-core-common title: "@kbn/security-authorization-core-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/security-authorization-core-common plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/security-authorization-core-common'] --- import kbnSecurityAuthorizationCoreCommonObj from './kbn_security_authorization_core_common.devdocs.json'; diff --git a/api_docs/kbn_security_form_components.mdx b/api_docs/kbn_security_form_components.mdx index 2d15a288366dd4..e44b796fc598d7 100644 --- a/api_docs/kbn_security_form_components.mdx +++ b/api_docs/kbn_security_form_components.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-security-form-components title: "@kbn/security-form-components" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/security-form-components plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/security-form-components'] --- import kbnSecurityFormComponentsObj from './kbn_security_form_components.devdocs.json'; diff --git a/api_docs/kbn_security_hardening.mdx b/api_docs/kbn_security_hardening.mdx index fafaa7a6151f8a..3699ab2e157b2e 100644 --- a/api_docs/kbn_security_hardening.mdx +++ b/api_docs/kbn_security_hardening.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-security-hardening title: "@kbn/security-hardening" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/security-hardening plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/security-hardening'] --- import kbnSecurityHardeningObj from './kbn_security_hardening.devdocs.json'; diff --git a/api_docs/kbn_security_plugin_types_common.mdx b/api_docs/kbn_security_plugin_types_common.mdx index 5bf405f636499b..d6cd03dff66e95 100644 --- a/api_docs/kbn_security_plugin_types_common.mdx +++ b/api_docs/kbn_security_plugin_types_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-security-plugin-types-common title: "@kbn/security-plugin-types-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/security-plugin-types-common plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/security-plugin-types-common'] --- import kbnSecurityPluginTypesCommonObj from './kbn_security_plugin_types_common.devdocs.json'; diff --git a/api_docs/kbn_security_plugin_types_public.mdx b/api_docs/kbn_security_plugin_types_public.mdx index 9178ef625d3017..39c53f51defb35 100644 --- a/api_docs/kbn_security_plugin_types_public.mdx +++ b/api_docs/kbn_security_plugin_types_public.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-security-plugin-types-public title: "@kbn/security-plugin-types-public" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/security-plugin-types-public plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/security-plugin-types-public'] --- import kbnSecurityPluginTypesPublicObj from './kbn_security_plugin_types_public.devdocs.json'; diff --git a/api_docs/kbn_security_plugin_types_server.mdx b/api_docs/kbn_security_plugin_types_server.mdx index 4b6f8a26edad73..f5ed0a2ca46f2c 100644 --- a/api_docs/kbn_security_plugin_types_server.mdx +++ b/api_docs/kbn_security_plugin_types_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-security-plugin-types-server title: "@kbn/security-plugin-types-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/security-plugin-types-server plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/security-plugin-types-server'] --- import kbnSecurityPluginTypesServerObj from './kbn_security_plugin_types_server.devdocs.json'; diff --git a/api_docs/kbn_security_role_management_model.mdx b/api_docs/kbn_security_role_management_model.mdx index 1598eb157f77e5..9e4f63765a0f65 100644 --- a/api_docs/kbn_security_role_management_model.mdx +++ b/api_docs/kbn_security_role_management_model.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-security-role-management-model title: "@kbn/security-role-management-model" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/security-role-management-model plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/security-role-management-model'] --- import kbnSecurityRoleManagementModelObj from './kbn_security_role_management_model.devdocs.json'; diff --git a/api_docs/kbn_security_solution_common.mdx b/api_docs/kbn_security_solution_common.mdx index 27bf28d16850ea..8b4ac9b45d9a30 100644 --- a/api_docs/kbn_security_solution_common.mdx +++ b/api_docs/kbn_security_solution_common.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-security-solution-common title: "@kbn/security-solution-common" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/security-solution-common plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/security-solution-common'] --- import kbnSecuritySolutionCommonObj from './kbn_security_solution_common.devdocs.json'; diff --git a/api_docs/kbn_security_solution_distribution_bar.mdx b/api_docs/kbn_security_solution_distribution_bar.mdx index 3e8de225d9c68c..c67c232cd26efa 100644 --- a/api_docs/kbn_security_solution_distribution_bar.mdx +++ b/api_docs/kbn_security_solution_distribution_bar.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-security-solution-distribution-bar title: "@kbn/security-solution-distribution-bar" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/security-solution-distribution-bar plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/security-solution-distribution-bar'] --- import kbnSecuritySolutionDistributionBarObj from './kbn_security_solution_distribution_bar.devdocs.json'; diff --git a/api_docs/kbn_security_solution_features.mdx b/api_docs/kbn_security_solution_features.mdx index 49527e05721c67..16cfbfdcbc12af 100644 --- a/api_docs/kbn_security_solution_features.mdx +++ b/api_docs/kbn_security_solution_features.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-security-solution-features title: "@kbn/security-solution-features" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/security-solution-features plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/security-solution-features'] --- import kbnSecuritySolutionFeaturesObj from './kbn_security_solution_features.devdocs.json'; diff --git a/api_docs/kbn_security_solution_navigation.mdx b/api_docs/kbn_security_solution_navigation.mdx index 1b86f2b851b7cf..e138249a2f819e 100644 --- a/api_docs/kbn_security_solution_navigation.mdx +++ b/api_docs/kbn_security_solution_navigation.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-security-solution-navigation title: "@kbn/security-solution-navigation" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/security-solution-navigation plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/security-solution-navigation'] --- import kbnSecuritySolutionNavigationObj from './kbn_security_solution_navigation.devdocs.json'; diff --git a/api_docs/kbn_security_solution_side_nav.devdocs.json b/api_docs/kbn_security_solution_side_nav.devdocs.json index dc0cf9c11e5793..f50c9850b3ac26 100644 --- a/api_docs/kbn_security_solution_side_nav.devdocs.json +++ b/api_docs/kbn_security_solution_side_nav.devdocs.json @@ -429,22 +429,6 @@ "path": "x-pack/packages/security-solution/side_nav/src/solution_side_nav.tsx", "deprecated": false, "trackAdoption": false - }, - { - "parentPluginId": "@kbn/security-solution-side-nav", - "id": "def-common.SolutionSideNavProps.onMount", - "type": "Function", - "tags": [], - "label": "onMount", - "description": [], - "signature": [ - "(() => void) | undefined" - ], - "path": "x-pack/packages/security-solution/side_nav/src/solution_side_nav.tsx", - "deprecated": false, - "trackAdoption": false, - "children": [], - "returnComment": [] } ], "initialIsOpen": false diff --git a/api_docs/kbn_security_solution_side_nav.mdx b/api_docs/kbn_security_solution_side_nav.mdx index 03934b286203df..b7686231b037c3 100644 --- a/api_docs/kbn_security_solution_side_nav.mdx +++ b/api_docs/kbn_security_solution_side_nav.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-security-solution-side-nav title: "@kbn/security-solution-side-nav" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/security-solution-side-nav plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/security-solution-side-nav'] --- import kbnSecuritySolutionSideNavObj from './kbn_security_solution_side_nav.devdocs.json'; @@ -21,7 +21,7 @@ Contact [@elastic/security-threat-hunting-explore](https://github.com/orgs/elast | Public API count | Any count | Items lacking comments | Missing exports | |-------------------|-----------|------------------------|-----------------| -| 30 | 0 | 24 | 0 | +| 29 | 0 | 23 | 0 | ## Common diff --git a/api_docs/kbn_security_solution_storybook_config.mdx b/api_docs/kbn_security_solution_storybook_config.mdx index af9d2c4227e083..6a23426a72620c 100644 --- a/api_docs/kbn_security_solution_storybook_config.mdx +++ b/api_docs/kbn_security_solution_storybook_config.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-security-solution-storybook-config title: "@kbn/security-solution-storybook-config" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/security-solution-storybook-config plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/security-solution-storybook-config'] --- import kbnSecuritySolutionStorybookConfigObj from './kbn_security_solution_storybook_config.devdocs.json'; diff --git a/api_docs/kbn_security_ui_components.mdx b/api_docs/kbn_security_ui_components.mdx index 0f652723561c77..7055d7ba2ed1bb 100644 --- a/api_docs/kbn_security_ui_components.mdx +++ b/api_docs/kbn_security_ui_components.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-security-ui-components title: "@kbn/security-ui-components" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/security-ui-components plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/security-ui-components'] --- import kbnSecurityUiComponentsObj from './kbn_security_ui_components.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_autocomplete.mdx b/api_docs/kbn_securitysolution_autocomplete.mdx index a2c1aa8fd811e6..909df279fc1e69 100644 --- a/api_docs/kbn_securitysolution_autocomplete.mdx +++ b/api_docs/kbn_securitysolution_autocomplete.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-autocomplete title: "@kbn/securitysolution-autocomplete" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-autocomplete plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-autocomplete'] --- import kbnSecuritysolutionAutocompleteObj from './kbn_securitysolution_autocomplete.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_data_table.mdx b/api_docs/kbn_securitysolution_data_table.mdx index 2969e11c04f15a..7d444b8ff87bf8 100644 --- a/api_docs/kbn_securitysolution_data_table.mdx +++ b/api_docs/kbn_securitysolution_data_table.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-data-table title: "@kbn/securitysolution-data-table" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-data-table plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-data-table'] --- import kbnSecuritysolutionDataTableObj from './kbn_securitysolution_data_table.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_ecs.mdx b/api_docs/kbn_securitysolution_ecs.mdx index c84e603a2d4e83..6263e1daccc168 100644 --- a/api_docs/kbn_securitysolution_ecs.mdx +++ b/api_docs/kbn_securitysolution_ecs.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-ecs title: "@kbn/securitysolution-ecs" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-ecs plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-ecs'] --- import kbnSecuritysolutionEcsObj from './kbn_securitysolution_ecs.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_es_utils.mdx b/api_docs/kbn_securitysolution_es_utils.mdx index e29c43229c7a62..e9201e142f40a8 100644 --- a/api_docs/kbn_securitysolution_es_utils.mdx +++ b/api_docs/kbn_securitysolution_es_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-es-utils title: "@kbn/securitysolution-es-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-es-utils plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-es-utils'] --- import kbnSecuritysolutionEsUtilsObj from './kbn_securitysolution_es_utils.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_exception_list_components.mdx b/api_docs/kbn_securitysolution_exception_list_components.mdx index 629424fb18b75b..6e346b1a0522b3 100644 --- a/api_docs/kbn_securitysolution_exception_list_components.mdx +++ b/api_docs/kbn_securitysolution_exception_list_components.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-exception-list-components title: "@kbn/securitysolution-exception-list-components" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-exception-list-components plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-exception-list-components'] --- import kbnSecuritysolutionExceptionListComponentsObj from './kbn_securitysolution_exception_list_components.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_hook_utils.mdx b/api_docs/kbn_securitysolution_hook_utils.mdx index a75e60ba3fa857..1cfae764751f12 100644 --- a/api_docs/kbn_securitysolution_hook_utils.mdx +++ b/api_docs/kbn_securitysolution_hook_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-hook-utils title: "@kbn/securitysolution-hook-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-hook-utils plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-hook-utils'] --- import kbnSecuritysolutionHookUtilsObj from './kbn_securitysolution_hook_utils.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_io_ts_alerting_types.mdx b/api_docs/kbn_securitysolution_io_ts_alerting_types.mdx index 6660f085635919..f4ec44556dc5ba 100644 --- a/api_docs/kbn_securitysolution_io_ts_alerting_types.mdx +++ b/api_docs/kbn_securitysolution_io_ts_alerting_types.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-io-ts-alerting-types title: "@kbn/securitysolution-io-ts-alerting-types" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-io-ts-alerting-types plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-io-ts-alerting-types'] --- import kbnSecuritysolutionIoTsAlertingTypesObj from './kbn_securitysolution_io_ts_alerting_types.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_io_ts_list_types.mdx b/api_docs/kbn_securitysolution_io_ts_list_types.mdx index ab375f06389e89..e7016c29ebcc8c 100644 --- a/api_docs/kbn_securitysolution_io_ts_list_types.mdx +++ b/api_docs/kbn_securitysolution_io_ts_list_types.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-io-ts-list-types title: "@kbn/securitysolution-io-ts-list-types" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-io-ts-list-types plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-io-ts-list-types'] --- import kbnSecuritysolutionIoTsListTypesObj from './kbn_securitysolution_io_ts_list_types.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_io_ts_types.mdx b/api_docs/kbn_securitysolution_io_ts_types.mdx index c67ce3ce810aa4..9c1dc65480ff05 100644 --- a/api_docs/kbn_securitysolution_io_ts_types.mdx +++ b/api_docs/kbn_securitysolution_io_ts_types.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-io-ts-types title: "@kbn/securitysolution-io-ts-types" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-io-ts-types plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-io-ts-types'] --- import kbnSecuritysolutionIoTsTypesObj from './kbn_securitysolution_io_ts_types.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_io_ts_utils.mdx b/api_docs/kbn_securitysolution_io_ts_utils.mdx index 06b60edb298f0e..06a4472891e690 100644 --- a/api_docs/kbn_securitysolution_io_ts_utils.mdx +++ b/api_docs/kbn_securitysolution_io_ts_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-io-ts-utils title: "@kbn/securitysolution-io-ts-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-io-ts-utils plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-io-ts-utils'] --- import kbnSecuritysolutionIoTsUtilsObj from './kbn_securitysolution_io_ts_utils.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_list_api.mdx b/api_docs/kbn_securitysolution_list_api.mdx index ed4c421b96bb82..3385333a0700ac 100644 --- a/api_docs/kbn_securitysolution_list_api.mdx +++ b/api_docs/kbn_securitysolution_list_api.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-list-api title: "@kbn/securitysolution-list-api" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-list-api plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-list-api'] --- import kbnSecuritysolutionListApiObj from './kbn_securitysolution_list_api.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_list_constants.mdx b/api_docs/kbn_securitysolution_list_constants.mdx index 1f76ee7f0b03a4..63e8213fd24888 100644 --- a/api_docs/kbn_securitysolution_list_constants.mdx +++ b/api_docs/kbn_securitysolution_list_constants.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-list-constants title: "@kbn/securitysolution-list-constants" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-list-constants plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-list-constants'] --- import kbnSecuritysolutionListConstantsObj from './kbn_securitysolution_list_constants.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_list_hooks.mdx b/api_docs/kbn_securitysolution_list_hooks.mdx index a32253b5b69969..cf0ffdf937ded1 100644 --- a/api_docs/kbn_securitysolution_list_hooks.mdx +++ b/api_docs/kbn_securitysolution_list_hooks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-list-hooks title: "@kbn/securitysolution-list-hooks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-list-hooks plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-list-hooks'] --- import kbnSecuritysolutionListHooksObj from './kbn_securitysolution_list_hooks.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_list_utils.mdx b/api_docs/kbn_securitysolution_list_utils.mdx index 4dd287a92f4ff2..06e4d656ec7966 100644 --- a/api_docs/kbn_securitysolution_list_utils.mdx +++ b/api_docs/kbn_securitysolution_list_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-list-utils title: "@kbn/securitysolution-list-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-list-utils plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-list-utils'] --- import kbnSecuritysolutionListUtilsObj from './kbn_securitysolution_list_utils.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_rules.mdx b/api_docs/kbn_securitysolution_rules.mdx index dd7fdc995b6f95..20226ffb9b432a 100644 --- a/api_docs/kbn_securitysolution_rules.mdx +++ b/api_docs/kbn_securitysolution_rules.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-rules title: "@kbn/securitysolution-rules" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-rules plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-rules'] --- import kbnSecuritysolutionRulesObj from './kbn_securitysolution_rules.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_t_grid.mdx b/api_docs/kbn_securitysolution_t_grid.mdx index 6d406abda987ad..1d0d49ea56bd35 100644 --- a/api_docs/kbn_securitysolution_t_grid.mdx +++ b/api_docs/kbn_securitysolution_t_grid.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-t-grid title: "@kbn/securitysolution-t-grid" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-t-grid plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-t-grid'] --- import kbnSecuritysolutionTGridObj from './kbn_securitysolution_t_grid.devdocs.json'; diff --git a/api_docs/kbn_securitysolution_utils.mdx b/api_docs/kbn_securitysolution_utils.mdx index c7e659c1ef337e..6980d27fc3c423 100644 --- a/api_docs/kbn_securitysolution_utils.mdx +++ b/api_docs/kbn_securitysolution_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-securitysolution-utils title: "@kbn/securitysolution-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/securitysolution-utils plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/securitysolution-utils'] --- import kbnSecuritysolutionUtilsObj from './kbn_securitysolution_utils.devdocs.json'; diff --git a/api_docs/kbn_server_http_tools.mdx b/api_docs/kbn_server_http_tools.mdx index 8c173bbc0f9213..92ec5fbdde3ed8 100644 --- a/api_docs/kbn_server_http_tools.mdx +++ b/api_docs/kbn_server_http_tools.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-server-http-tools title: "@kbn/server-http-tools" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/server-http-tools plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/server-http-tools'] --- import kbnServerHttpToolsObj from './kbn_server_http_tools.devdocs.json'; diff --git a/api_docs/kbn_server_route_repository.mdx b/api_docs/kbn_server_route_repository.mdx index 310b07c2f56623..8509e6af1bb9b7 100644 --- a/api_docs/kbn_server_route_repository.mdx +++ b/api_docs/kbn_server_route_repository.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-server-route-repository title: "@kbn/server-route-repository" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/server-route-repository plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/server-route-repository'] --- import kbnServerRouteRepositoryObj from './kbn_server_route_repository.devdocs.json'; diff --git a/api_docs/kbn_server_route_repository_client.mdx b/api_docs/kbn_server_route_repository_client.mdx index 37ee023c84a1ca..147a3667777c51 100644 --- a/api_docs/kbn_server_route_repository_client.mdx +++ b/api_docs/kbn_server_route_repository_client.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-server-route-repository-client title: "@kbn/server-route-repository-client" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/server-route-repository-client plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/server-route-repository-client'] --- import kbnServerRouteRepositoryClientObj from './kbn_server_route_repository_client.devdocs.json'; diff --git a/api_docs/kbn_server_route_repository_utils.mdx b/api_docs/kbn_server_route_repository_utils.mdx index 75f10c1ac000ea..503877bb568785 100644 --- a/api_docs/kbn_server_route_repository_utils.mdx +++ b/api_docs/kbn_server_route_repository_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-server-route-repository-utils title: "@kbn/server-route-repository-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/server-route-repository-utils plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/server-route-repository-utils'] --- import kbnServerRouteRepositoryUtilsObj from './kbn_server_route_repository_utils.devdocs.json'; diff --git a/api_docs/kbn_serverless_common_settings.mdx b/api_docs/kbn_serverless_common_settings.mdx index 4264fe3b41a361..0805195332da65 100644 --- a/api_docs/kbn_serverless_common_settings.mdx +++ b/api_docs/kbn_serverless_common_settings.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-serverless-common-settings title: "@kbn/serverless-common-settings" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/serverless-common-settings plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/serverless-common-settings'] --- import kbnServerlessCommonSettingsObj from './kbn_serverless_common_settings.devdocs.json'; diff --git a/api_docs/kbn_serverless_observability_settings.mdx b/api_docs/kbn_serverless_observability_settings.mdx index 77b6ac3dddd422..cfc4a4fe4c2b86 100644 --- a/api_docs/kbn_serverless_observability_settings.mdx +++ b/api_docs/kbn_serverless_observability_settings.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-serverless-observability-settings title: "@kbn/serverless-observability-settings" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/serverless-observability-settings plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/serverless-observability-settings'] --- import kbnServerlessObservabilitySettingsObj from './kbn_serverless_observability_settings.devdocs.json'; diff --git a/api_docs/kbn_serverless_project_switcher.mdx b/api_docs/kbn_serverless_project_switcher.mdx index b10db9b61c91fd..c29a4f7c7a2dda 100644 --- a/api_docs/kbn_serverless_project_switcher.mdx +++ b/api_docs/kbn_serverless_project_switcher.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-serverless-project-switcher title: "@kbn/serverless-project-switcher" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/serverless-project-switcher plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/serverless-project-switcher'] --- import kbnServerlessProjectSwitcherObj from './kbn_serverless_project_switcher.devdocs.json'; diff --git a/api_docs/kbn_serverless_search_settings.mdx b/api_docs/kbn_serverless_search_settings.mdx index 8c06941b27e970..1c66ad3fc3e299 100644 --- a/api_docs/kbn_serverless_search_settings.mdx +++ b/api_docs/kbn_serverless_search_settings.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-serverless-search-settings title: "@kbn/serverless-search-settings" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/serverless-search-settings plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/serverless-search-settings'] --- import kbnServerlessSearchSettingsObj from './kbn_serverless_search_settings.devdocs.json'; diff --git a/api_docs/kbn_serverless_security_settings.mdx b/api_docs/kbn_serverless_security_settings.mdx index b38a2f7d589b98..230a579ad51291 100644 --- a/api_docs/kbn_serverless_security_settings.mdx +++ b/api_docs/kbn_serverless_security_settings.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-serverless-security-settings title: "@kbn/serverless-security-settings" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/serverless-security-settings plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/serverless-security-settings'] --- import kbnServerlessSecuritySettingsObj from './kbn_serverless_security_settings.devdocs.json'; diff --git a/api_docs/kbn_serverless_storybook_config.mdx b/api_docs/kbn_serverless_storybook_config.mdx index 6610e36a3cb883..dae791baec64a9 100644 --- a/api_docs/kbn_serverless_storybook_config.mdx +++ b/api_docs/kbn_serverless_storybook_config.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-serverless-storybook-config title: "@kbn/serverless-storybook-config" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/serverless-storybook-config plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/serverless-storybook-config'] --- import kbnServerlessStorybookConfigObj from './kbn_serverless_storybook_config.devdocs.json'; diff --git a/api_docs/kbn_shared_svg.mdx b/api_docs/kbn_shared_svg.mdx index 856bd2ec929391..98bc180f019f4a 100644 --- a/api_docs/kbn_shared_svg.mdx +++ b/api_docs/kbn_shared_svg.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-svg title: "@kbn/shared-svg" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-svg plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-svg'] --- import kbnSharedSvgObj from './kbn_shared_svg.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_avatar_solution.mdx b/api_docs/kbn_shared_ux_avatar_solution.mdx index b804966794803b..822da7183a72f2 100644 --- a/api_docs/kbn_shared_ux_avatar_solution.mdx +++ b/api_docs/kbn_shared_ux_avatar_solution.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-avatar-solution title: "@kbn/shared-ux-avatar-solution" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-avatar-solution plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-avatar-solution'] --- import kbnSharedUxAvatarSolutionObj from './kbn_shared_ux_avatar_solution.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_button_exit_full_screen.mdx b/api_docs/kbn_shared_ux_button_exit_full_screen.mdx index 0b8ddd044c5f08..bd5093da6b4ef4 100644 --- a/api_docs/kbn_shared_ux_button_exit_full_screen.mdx +++ b/api_docs/kbn_shared_ux_button_exit_full_screen.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-button-exit-full-screen title: "@kbn/shared-ux-button-exit-full-screen" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-button-exit-full-screen plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-button-exit-full-screen'] --- import kbnSharedUxButtonExitFullScreenObj from './kbn_shared_ux_button_exit_full_screen.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_button_toolbar.mdx b/api_docs/kbn_shared_ux_button_toolbar.mdx index bcac3baa8ee0df..76e5c1024ba5c2 100644 --- a/api_docs/kbn_shared_ux_button_toolbar.mdx +++ b/api_docs/kbn_shared_ux_button_toolbar.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-button-toolbar title: "@kbn/shared-ux-button-toolbar" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-button-toolbar plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-button-toolbar'] --- import kbnSharedUxButtonToolbarObj from './kbn_shared_ux_button_toolbar.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_card_no_data.mdx b/api_docs/kbn_shared_ux_card_no_data.mdx index e668bd2fb5d636..e9655f2e1f4435 100644 --- a/api_docs/kbn_shared_ux_card_no_data.mdx +++ b/api_docs/kbn_shared_ux_card_no_data.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-card-no-data title: "@kbn/shared-ux-card-no-data" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-card-no-data plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-card-no-data'] --- import kbnSharedUxCardNoDataObj from './kbn_shared_ux_card_no_data.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_card_no_data_mocks.mdx b/api_docs/kbn_shared_ux_card_no_data_mocks.mdx index ed1ea09c8f8a8d..7eb6e70b0bd17d 100644 --- a/api_docs/kbn_shared_ux_card_no_data_mocks.mdx +++ b/api_docs/kbn_shared_ux_card_no_data_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-card-no-data-mocks title: "@kbn/shared-ux-card-no-data-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-card-no-data-mocks plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-card-no-data-mocks'] --- import kbnSharedUxCardNoDataMocksObj from './kbn_shared_ux_card_no_data_mocks.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_chrome_navigation.mdx b/api_docs/kbn_shared_ux_chrome_navigation.mdx index d0c9a4ac32cc0c..0b41e40ad647e6 100644 --- a/api_docs/kbn_shared_ux_chrome_navigation.mdx +++ b/api_docs/kbn_shared_ux_chrome_navigation.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-chrome-navigation title: "@kbn/shared-ux-chrome-navigation" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-chrome-navigation plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-chrome-navigation'] --- import kbnSharedUxChromeNavigationObj from './kbn_shared_ux_chrome_navigation.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_error_boundary.mdx b/api_docs/kbn_shared_ux_error_boundary.mdx index c85cf8bdd9c9f0..be45df269a1e59 100644 --- a/api_docs/kbn_shared_ux_error_boundary.mdx +++ b/api_docs/kbn_shared_ux_error_boundary.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-error-boundary title: "@kbn/shared-ux-error-boundary" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-error-boundary plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-error-boundary'] --- import kbnSharedUxErrorBoundaryObj from './kbn_shared_ux_error_boundary.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_file_context.mdx b/api_docs/kbn_shared_ux_file_context.mdx index d69102a26d1535..396a33e40bbc6f 100644 --- a/api_docs/kbn_shared_ux_file_context.mdx +++ b/api_docs/kbn_shared_ux_file_context.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-file-context title: "@kbn/shared-ux-file-context" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-file-context plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-file-context'] --- import kbnSharedUxFileContextObj from './kbn_shared_ux_file_context.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_file_image.mdx b/api_docs/kbn_shared_ux_file_image.mdx index fa572554a43646..92db869bce2c4d 100644 --- a/api_docs/kbn_shared_ux_file_image.mdx +++ b/api_docs/kbn_shared_ux_file_image.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-file-image title: "@kbn/shared-ux-file-image" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-file-image plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-file-image'] --- import kbnSharedUxFileImageObj from './kbn_shared_ux_file_image.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_file_image_mocks.mdx b/api_docs/kbn_shared_ux_file_image_mocks.mdx index 7e75bd0265db29..de7f1b217e9cf1 100644 --- a/api_docs/kbn_shared_ux_file_image_mocks.mdx +++ b/api_docs/kbn_shared_ux_file_image_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-file-image-mocks title: "@kbn/shared-ux-file-image-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-file-image-mocks plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-file-image-mocks'] --- import kbnSharedUxFileImageMocksObj from './kbn_shared_ux_file_image_mocks.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_file_mocks.mdx b/api_docs/kbn_shared_ux_file_mocks.mdx index af929a71368d86..14c89431337798 100644 --- a/api_docs/kbn_shared_ux_file_mocks.mdx +++ b/api_docs/kbn_shared_ux_file_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-file-mocks title: "@kbn/shared-ux-file-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-file-mocks plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-file-mocks'] --- import kbnSharedUxFileMocksObj from './kbn_shared_ux_file_mocks.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_file_picker.mdx b/api_docs/kbn_shared_ux_file_picker.mdx index b7e97d39038a22..7e17eb7d819cc8 100644 --- a/api_docs/kbn_shared_ux_file_picker.mdx +++ b/api_docs/kbn_shared_ux_file_picker.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-file-picker title: "@kbn/shared-ux-file-picker" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-file-picker plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-file-picker'] --- import kbnSharedUxFilePickerObj from './kbn_shared_ux_file_picker.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_file_types.mdx b/api_docs/kbn_shared_ux_file_types.mdx index 8c5406e4e82528..83bf40963f9479 100644 --- a/api_docs/kbn_shared_ux_file_types.mdx +++ b/api_docs/kbn_shared_ux_file_types.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-file-types title: "@kbn/shared-ux-file-types" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-file-types plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-file-types'] --- import kbnSharedUxFileTypesObj from './kbn_shared_ux_file_types.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_file_upload.mdx b/api_docs/kbn_shared_ux_file_upload.mdx index 5fceb058fec194..45446d66af211a 100644 --- a/api_docs/kbn_shared_ux_file_upload.mdx +++ b/api_docs/kbn_shared_ux_file_upload.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-file-upload title: "@kbn/shared-ux-file-upload" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-file-upload plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-file-upload'] --- import kbnSharedUxFileUploadObj from './kbn_shared_ux_file_upload.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_file_util.mdx b/api_docs/kbn_shared_ux_file_util.mdx index 81403cae8909be..4f12fe115c9079 100644 --- a/api_docs/kbn_shared_ux_file_util.mdx +++ b/api_docs/kbn_shared_ux_file_util.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-file-util title: "@kbn/shared-ux-file-util" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-file-util plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-file-util'] --- import kbnSharedUxFileUtilObj from './kbn_shared_ux_file_util.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_link_redirect_app.mdx b/api_docs/kbn_shared_ux_link_redirect_app.mdx index 37fe11c6d56d4b..24abd1ba34c9a9 100644 --- a/api_docs/kbn_shared_ux_link_redirect_app.mdx +++ b/api_docs/kbn_shared_ux_link_redirect_app.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-link-redirect-app title: "@kbn/shared-ux-link-redirect-app" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-link-redirect-app plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-link-redirect-app'] --- import kbnSharedUxLinkRedirectAppObj from './kbn_shared_ux_link_redirect_app.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_link_redirect_app_mocks.mdx b/api_docs/kbn_shared_ux_link_redirect_app_mocks.mdx index 80bd1224596409..32f20c5915e611 100644 --- a/api_docs/kbn_shared_ux_link_redirect_app_mocks.mdx +++ b/api_docs/kbn_shared_ux_link_redirect_app_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-link-redirect-app-mocks title: "@kbn/shared-ux-link-redirect-app-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-link-redirect-app-mocks plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-link-redirect-app-mocks'] --- import kbnSharedUxLinkRedirectAppMocksObj from './kbn_shared_ux_link_redirect_app_mocks.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_markdown.mdx b/api_docs/kbn_shared_ux_markdown.mdx index e794758716f82d..ab38fe37dc371e 100644 --- a/api_docs/kbn_shared_ux_markdown.mdx +++ b/api_docs/kbn_shared_ux_markdown.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-markdown title: "@kbn/shared-ux-markdown" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-markdown plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-markdown'] --- import kbnSharedUxMarkdownObj from './kbn_shared_ux_markdown.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_markdown_mocks.mdx b/api_docs/kbn_shared_ux_markdown_mocks.mdx index 44575cf2c46659..7c324453937659 100644 --- a/api_docs/kbn_shared_ux_markdown_mocks.mdx +++ b/api_docs/kbn_shared_ux_markdown_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-markdown-mocks title: "@kbn/shared-ux-markdown-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-markdown-mocks plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-markdown-mocks'] --- import kbnSharedUxMarkdownMocksObj from './kbn_shared_ux_markdown_mocks.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_page_analytics_no_data.mdx b/api_docs/kbn_shared_ux_page_analytics_no_data.mdx index 9f26d46ef203e2..2004b3f43f6cb2 100644 --- a/api_docs/kbn_shared_ux_page_analytics_no_data.mdx +++ b/api_docs/kbn_shared_ux_page_analytics_no_data.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-page-analytics-no-data title: "@kbn/shared-ux-page-analytics-no-data" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-page-analytics-no-data plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-page-analytics-no-data'] --- import kbnSharedUxPageAnalyticsNoDataObj from './kbn_shared_ux_page_analytics_no_data.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_page_analytics_no_data_mocks.mdx b/api_docs/kbn_shared_ux_page_analytics_no_data_mocks.mdx index d859d191678015..e58e7bc7d6d952 100644 --- a/api_docs/kbn_shared_ux_page_analytics_no_data_mocks.mdx +++ b/api_docs/kbn_shared_ux_page_analytics_no_data_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-page-analytics-no-data-mocks title: "@kbn/shared-ux-page-analytics-no-data-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-page-analytics-no-data-mocks plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-page-analytics-no-data-mocks'] --- import kbnSharedUxPageAnalyticsNoDataMocksObj from './kbn_shared_ux_page_analytics_no_data_mocks.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_page_kibana_no_data.mdx b/api_docs/kbn_shared_ux_page_kibana_no_data.mdx index bc4bfac7b610bb..7eac5db08d40f9 100644 --- a/api_docs/kbn_shared_ux_page_kibana_no_data.mdx +++ b/api_docs/kbn_shared_ux_page_kibana_no_data.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-page-kibana-no-data title: "@kbn/shared-ux-page-kibana-no-data" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-page-kibana-no-data plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-page-kibana-no-data'] --- import kbnSharedUxPageKibanaNoDataObj from './kbn_shared_ux_page_kibana_no_data.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_page_kibana_no_data_mocks.mdx b/api_docs/kbn_shared_ux_page_kibana_no_data_mocks.mdx index 3e33f69f0184b1..23dad166ea523c 100644 --- a/api_docs/kbn_shared_ux_page_kibana_no_data_mocks.mdx +++ b/api_docs/kbn_shared_ux_page_kibana_no_data_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-page-kibana-no-data-mocks title: "@kbn/shared-ux-page-kibana-no-data-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-page-kibana-no-data-mocks plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-page-kibana-no-data-mocks'] --- import kbnSharedUxPageKibanaNoDataMocksObj from './kbn_shared_ux_page_kibana_no_data_mocks.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_page_kibana_template.mdx b/api_docs/kbn_shared_ux_page_kibana_template.mdx index cb951509ec57c5..cee656a5560073 100644 --- a/api_docs/kbn_shared_ux_page_kibana_template.mdx +++ b/api_docs/kbn_shared_ux_page_kibana_template.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-page-kibana-template title: "@kbn/shared-ux-page-kibana-template" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-page-kibana-template plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-page-kibana-template'] --- import kbnSharedUxPageKibanaTemplateObj from './kbn_shared_ux_page_kibana_template.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_page_kibana_template_mocks.mdx b/api_docs/kbn_shared_ux_page_kibana_template_mocks.mdx index c80b4c984ecae6..64c6f6112bad28 100644 --- a/api_docs/kbn_shared_ux_page_kibana_template_mocks.mdx +++ b/api_docs/kbn_shared_ux_page_kibana_template_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-page-kibana-template-mocks title: "@kbn/shared-ux-page-kibana-template-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-page-kibana-template-mocks plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-page-kibana-template-mocks'] --- import kbnSharedUxPageKibanaTemplateMocksObj from './kbn_shared_ux_page_kibana_template_mocks.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_page_no_data.mdx b/api_docs/kbn_shared_ux_page_no_data.mdx index 0b2d6c921ee635..75a6fb420bfa81 100644 --- a/api_docs/kbn_shared_ux_page_no_data.mdx +++ b/api_docs/kbn_shared_ux_page_no_data.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-page-no-data title: "@kbn/shared-ux-page-no-data" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-page-no-data plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-page-no-data'] --- import kbnSharedUxPageNoDataObj from './kbn_shared_ux_page_no_data.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_page_no_data_config.mdx b/api_docs/kbn_shared_ux_page_no_data_config.mdx index 8d38a0dbc7ad9d..21d2977f02a330 100644 --- a/api_docs/kbn_shared_ux_page_no_data_config.mdx +++ b/api_docs/kbn_shared_ux_page_no_data_config.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-page-no-data-config title: "@kbn/shared-ux-page-no-data-config" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-page-no-data-config plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-page-no-data-config'] --- import kbnSharedUxPageNoDataConfigObj from './kbn_shared_ux_page_no_data_config.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_page_no_data_config_mocks.mdx b/api_docs/kbn_shared_ux_page_no_data_config_mocks.mdx index 0080ad6aee0f34..a9fa2f37d4a688 100644 --- a/api_docs/kbn_shared_ux_page_no_data_config_mocks.mdx +++ b/api_docs/kbn_shared_ux_page_no_data_config_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-page-no-data-config-mocks title: "@kbn/shared-ux-page-no-data-config-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-page-no-data-config-mocks plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-page-no-data-config-mocks'] --- import kbnSharedUxPageNoDataConfigMocksObj from './kbn_shared_ux_page_no_data_config_mocks.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_page_no_data_mocks.mdx b/api_docs/kbn_shared_ux_page_no_data_mocks.mdx index 1517ab415f6ac0..d3674cc85385c2 100644 --- a/api_docs/kbn_shared_ux_page_no_data_mocks.mdx +++ b/api_docs/kbn_shared_ux_page_no_data_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-page-no-data-mocks title: "@kbn/shared-ux-page-no-data-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-page-no-data-mocks plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-page-no-data-mocks'] --- import kbnSharedUxPageNoDataMocksObj from './kbn_shared_ux_page_no_data_mocks.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_page_solution_nav.mdx b/api_docs/kbn_shared_ux_page_solution_nav.mdx index d6d68305187c0f..2c3ce002a0f545 100644 --- a/api_docs/kbn_shared_ux_page_solution_nav.mdx +++ b/api_docs/kbn_shared_ux_page_solution_nav.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-page-solution-nav title: "@kbn/shared-ux-page-solution-nav" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-page-solution-nav plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-page-solution-nav'] --- import kbnSharedUxPageSolutionNavObj from './kbn_shared_ux_page_solution_nav.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_prompt_no_data_views.mdx b/api_docs/kbn_shared_ux_prompt_no_data_views.mdx index 6a8dbc7d213686..3c9c69bc9f736b 100644 --- a/api_docs/kbn_shared_ux_prompt_no_data_views.mdx +++ b/api_docs/kbn_shared_ux_prompt_no_data_views.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-prompt-no-data-views title: "@kbn/shared-ux-prompt-no-data-views" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-prompt-no-data-views plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-prompt-no-data-views'] --- import kbnSharedUxPromptNoDataViewsObj from './kbn_shared_ux_prompt_no_data_views.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_prompt_no_data_views_mocks.mdx b/api_docs/kbn_shared_ux_prompt_no_data_views_mocks.mdx index 3c7d6cd8fc844e..db3cd8963593ab 100644 --- a/api_docs/kbn_shared_ux_prompt_no_data_views_mocks.mdx +++ b/api_docs/kbn_shared_ux_prompt_no_data_views_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-prompt-no-data-views-mocks title: "@kbn/shared-ux-prompt-no-data-views-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-prompt-no-data-views-mocks plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-prompt-no-data-views-mocks'] --- import kbnSharedUxPromptNoDataViewsMocksObj from './kbn_shared_ux_prompt_no_data_views_mocks.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_prompt_not_found.mdx b/api_docs/kbn_shared_ux_prompt_not_found.mdx index 685b9584e11e4b..1228353883d734 100644 --- a/api_docs/kbn_shared_ux_prompt_not_found.mdx +++ b/api_docs/kbn_shared_ux_prompt_not_found.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-prompt-not-found title: "@kbn/shared-ux-prompt-not-found" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-prompt-not-found plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-prompt-not-found'] --- import kbnSharedUxPromptNotFoundObj from './kbn_shared_ux_prompt_not_found.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_router.mdx b/api_docs/kbn_shared_ux_router.mdx index fbb5a5269b008c..610cbd90062d06 100644 --- a/api_docs/kbn_shared_ux_router.mdx +++ b/api_docs/kbn_shared_ux_router.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-router title: "@kbn/shared-ux-router" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-router plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-router'] --- import kbnSharedUxRouterObj from './kbn_shared_ux_router.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_router_mocks.mdx b/api_docs/kbn_shared_ux_router_mocks.mdx index e82b40b6d80973..2311343e9a32d2 100644 --- a/api_docs/kbn_shared_ux_router_mocks.mdx +++ b/api_docs/kbn_shared_ux_router_mocks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-router-mocks title: "@kbn/shared-ux-router-mocks" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-router-mocks plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-router-mocks'] --- import kbnSharedUxRouterMocksObj from './kbn_shared_ux_router_mocks.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_storybook_config.mdx b/api_docs/kbn_shared_ux_storybook_config.mdx index 89329f36da0e59..f3fd353ce3c63f 100644 --- a/api_docs/kbn_shared_ux_storybook_config.mdx +++ b/api_docs/kbn_shared_ux_storybook_config.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-storybook-config title: "@kbn/shared-ux-storybook-config" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-storybook-config plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-storybook-config'] --- import kbnSharedUxStorybookConfigObj from './kbn_shared_ux_storybook_config.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_storybook_mock.mdx b/api_docs/kbn_shared_ux_storybook_mock.mdx index 5d6eee710bdf30..728e119f465475 100644 --- a/api_docs/kbn_shared_ux_storybook_mock.mdx +++ b/api_docs/kbn_shared_ux_storybook_mock.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-storybook-mock title: "@kbn/shared-ux-storybook-mock" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-storybook-mock plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-storybook-mock'] --- import kbnSharedUxStorybookMockObj from './kbn_shared_ux_storybook_mock.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_tabbed_modal.mdx b/api_docs/kbn_shared_ux_tabbed_modal.mdx index 13e9b4d9653684..7634ff5946b625 100644 --- a/api_docs/kbn_shared_ux_tabbed_modal.mdx +++ b/api_docs/kbn_shared_ux_tabbed_modal.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-tabbed-modal title: "@kbn/shared-ux-tabbed-modal" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-tabbed-modal plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-tabbed-modal'] --- import kbnSharedUxTabbedModalObj from './kbn_shared_ux_tabbed_modal.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_table_persist.mdx b/api_docs/kbn_shared_ux_table_persist.mdx index 72732b67f8cb2a..8a4fc026336085 100644 --- a/api_docs/kbn_shared_ux_table_persist.mdx +++ b/api_docs/kbn_shared_ux_table_persist.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-table-persist title: "@kbn/shared-ux-table-persist" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-table-persist plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-table-persist'] --- import kbnSharedUxTablePersistObj from './kbn_shared_ux_table_persist.devdocs.json'; diff --git a/api_docs/kbn_shared_ux_utility.mdx b/api_docs/kbn_shared_ux_utility.mdx index 89a390d4c1afb2..7d200a66794814 100644 --- a/api_docs/kbn_shared_ux_utility.mdx +++ b/api_docs/kbn_shared_ux_utility.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-shared-ux-utility title: "@kbn/shared-ux-utility" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/shared-ux-utility plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/shared-ux-utility'] --- import kbnSharedUxUtilityObj from './kbn_shared_ux_utility.devdocs.json'; diff --git a/api_docs/kbn_slo_schema.mdx b/api_docs/kbn_slo_schema.mdx index d84b117f3573a7..d36c9e94676cd9 100644 --- a/api_docs/kbn_slo_schema.mdx +++ b/api_docs/kbn_slo_schema.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-slo-schema title: "@kbn/slo-schema" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/slo-schema plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/slo-schema'] --- import kbnSloSchemaObj from './kbn_slo_schema.devdocs.json'; diff --git a/api_docs/kbn_some_dev_log.mdx b/api_docs/kbn_some_dev_log.mdx index 6b09ea82ce21ea..f5bf940b18646c 100644 --- a/api_docs/kbn_some_dev_log.mdx +++ b/api_docs/kbn_some_dev_log.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-some-dev-log title: "@kbn/some-dev-log" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/some-dev-log plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/some-dev-log'] --- import kbnSomeDevLogObj from './kbn_some_dev_log.devdocs.json'; diff --git a/api_docs/kbn_sort_predicates.mdx b/api_docs/kbn_sort_predicates.mdx index 3fdf88a37ba3d2..de56ad430533d9 100644 --- a/api_docs/kbn_sort_predicates.mdx +++ b/api_docs/kbn_sort_predicates.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-sort-predicates title: "@kbn/sort-predicates" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/sort-predicates plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/sort-predicates'] --- import kbnSortPredicatesObj from './kbn_sort_predicates.devdocs.json'; diff --git a/api_docs/kbn_sse_utils.mdx b/api_docs/kbn_sse_utils.mdx index 1e8c5262aef8f5..78afb2203f4247 100644 --- a/api_docs/kbn_sse_utils.mdx +++ b/api_docs/kbn_sse_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-sse-utils title: "@kbn/sse-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/sse-utils plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/sse-utils'] --- import kbnSseUtilsObj from './kbn_sse_utils.devdocs.json'; diff --git a/api_docs/kbn_sse_utils_client.mdx b/api_docs/kbn_sse_utils_client.mdx index 6d39d1e27d909b..e8d3b727641773 100644 --- a/api_docs/kbn_sse_utils_client.mdx +++ b/api_docs/kbn_sse_utils_client.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-sse-utils-client title: "@kbn/sse-utils-client" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/sse-utils-client plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/sse-utils-client'] --- import kbnSseUtilsClientObj from './kbn_sse_utils_client.devdocs.json'; diff --git a/api_docs/kbn_sse_utils_server.mdx b/api_docs/kbn_sse_utils_server.mdx index 543affac55eb3a..0c11bb194bcc09 100644 --- a/api_docs/kbn_sse_utils_server.mdx +++ b/api_docs/kbn_sse_utils_server.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-sse-utils-server title: "@kbn/sse-utils-server" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/sse-utils-server plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/sse-utils-server'] --- import kbnSseUtilsServerObj from './kbn_sse_utils_server.devdocs.json'; diff --git a/api_docs/kbn_std.mdx b/api_docs/kbn_std.mdx index cad88942bedee6..234afc3ecf74d9 100644 --- a/api_docs/kbn_std.mdx +++ b/api_docs/kbn_std.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-std title: "@kbn/std" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/std plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/std'] --- import kbnStdObj from './kbn_std.devdocs.json'; diff --git a/api_docs/kbn_stdio_dev_helpers.mdx b/api_docs/kbn_stdio_dev_helpers.mdx index bd1002c67119d0..27aadb73c39c48 100644 --- a/api_docs/kbn_stdio_dev_helpers.mdx +++ b/api_docs/kbn_stdio_dev_helpers.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-stdio-dev-helpers title: "@kbn/stdio-dev-helpers" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/stdio-dev-helpers plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/stdio-dev-helpers'] --- import kbnStdioDevHelpersObj from './kbn_stdio_dev_helpers.devdocs.json'; diff --git a/api_docs/kbn_storybook.mdx b/api_docs/kbn_storybook.mdx index 796d9e8510855f..c9c8efb41bc05a 100644 --- a/api_docs/kbn_storybook.mdx +++ b/api_docs/kbn_storybook.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-storybook title: "@kbn/storybook" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/storybook plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/storybook'] --- import kbnStorybookObj from './kbn_storybook.devdocs.json'; diff --git a/api_docs/kbn_synthetics_e2e.mdx b/api_docs/kbn_synthetics_e2e.mdx index a7d39de24af350..17a8ce6628fae8 100644 --- a/api_docs/kbn_synthetics_e2e.mdx +++ b/api_docs/kbn_synthetics_e2e.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-synthetics-e2e title: "@kbn/synthetics-e2e" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/synthetics-e2e plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/synthetics-e2e'] --- import kbnSyntheticsE2eObj from './kbn_synthetics_e2e.devdocs.json'; diff --git a/api_docs/kbn_synthetics_private_location.mdx b/api_docs/kbn_synthetics_private_location.mdx index cdf37117f02603..ecc295501a89fb 100644 --- a/api_docs/kbn_synthetics_private_location.mdx +++ b/api_docs/kbn_synthetics_private_location.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-synthetics-private-location title: "@kbn/synthetics-private-location" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/synthetics-private-location plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/synthetics-private-location'] --- import kbnSyntheticsPrivateLocationObj from './kbn_synthetics_private_location.devdocs.json'; diff --git a/api_docs/kbn_telemetry_tools.mdx b/api_docs/kbn_telemetry_tools.mdx index 71b29d4060865d..93675548d4fc6e 100644 --- a/api_docs/kbn_telemetry_tools.mdx +++ b/api_docs/kbn_telemetry_tools.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-telemetry-tools title: "@kbn/telemetry-tools" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/telemetry-tools plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/telemetry-tools'] --- import kbnTelemetryToolsObj from './kbn_telemetry_tools.devdocs.json'; diff --git a/api_docs/kbn_test.mdx b/api_docs/kbn_test.mdx index 8e34cdcd7c89be..ef0a7177a0c0c1 100644 --- a/api_docs/kbn_test.mdx +++ b/api_docs/kbn_test.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-test title: "@kbn/test" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/test plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/test'] --- import kbnTestObj from './kbn_test.devdocs.json'; diff --git a/api_docs/kbn_test_eui_helpers.mdx b/api_docs/kbn_test_eui_helpers.mdx index 224e0c169922c0..810b6d454119e4 100644 --- a/api_docs/kbn_test_eui_helpers.mdx +++ b/api_docs/kbn_test_eui_helpers.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-test-eui-helpers title: "@kbn/test-eui-helpers" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/test-eui-helpers plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/test-eui-helpers'] --- import kbnTestEuiHelpersObj from './kbn_test_eui_helpers.devdocs.json'; diff --git a/api_docs/kbn_test_jest_helpers.mdx b/api_docs/kbn_test_jest_helpers.mdx index 29febf0df47c6a..fa7efc46bb9bdc 100644 --- a/api_docs/kbn_test_jest_helpers.mdx +++ b/api_docs/kbn_test_jest_helpers.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-test-jest-helpers title: "@kbn/test-jest-helpers" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/test-jest-helpers plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/test-jest-helpers'] --- import kbnTestJestHelpersObj from './kbn_test_jest_helpers.devdocs.json'; diff --git a/api_docs/kbn_test_subj_selector.mdx b/api_docs/kbn_test_subj_selector.mdx index f4207d572b7330..236ce1de841680 100644 --- a/api_docs/kbn_test_subj_selector.mdx +++ b/api_docs/kbn_test_subj_selector.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-test-subj-selector title: "@kbn/test-subj-selector" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/test-subj-selector plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/test-subj-selector'] --- import kbnTestSubjSelectorObj from './kbn_test_subj_selector.devdocs.json'; diff --git a/api_docs/kbn_timerange.mdx b/api_docs/kbn_timerange.mdx index bb13f4337466ad..959f28010c41ba 100644 --- a/api_docs/kbn_timerange.mdx +++ b/api_docs/kbn_timerange.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-timerange title: "@kbn/timerange" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/timerange plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/timerange'] --- import kbnTimerangeObj from './kbn_timerange.devdocs.json'; diff --git a/api_docs/kbn_tooling_log.mdx b/api_docs/kbn_tooling_log.mdx index 30f382910df35f..f417b4188be7b0 100644 --- a/api_docs/kbn_tooling_log.mdx +++ b/api_docs/kbn_tooling_log.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-tooling-log title: "@kbn/tooling-log" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/tooling-log plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/tooling-log'] --- import kbnToolingLogObj from './kbn_tooling_log.devdocs.json'; diff --git a/api_docs/kbn_triggers_actions_ui_types.mdx b/api_docs/kbn_triggers_actions_ui_types.mdx index fb2a44e49b2508..0944855f0a148f 100644 --- a/api_docs/kbn_triggers_actions_ui_types.mdx +++ b/api_docs/kbn_triggers_actions_ui_types.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-triggers-actions-ui-types title: "@kbn/triggers-actions-ui-types" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/triggers-actions-ui-types plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/triggers-actions-ui-types'] --- import kbnTriggersActionsUiTypesObj from './kbn_triggers_actions_ui_types.devdocs.json'; diff --git a/api_docs/kbn_try_in_console.mdx b/api_docs/kbn_try_in_console.mdx index 51c01d775d293c..f9a76b03c276d3 100644 --- a/api_docs/kbn_try_in_console.mdx +++ b/api_docs/kbn_try_in_console.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-try-in-console title: "@kbn/try-in-console" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/try-in-console plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/try-in-console'] --- import kbnTryInConsoleObj from './kbn_try_in_console.devdocs.json'; diff --git a/api_docs/kbn_ts_projects.mdx b/api_docs/kbn_ts_projects.mdx index 9c581c5a531392..c5af21efac2a4c 100644 --- a/api_docs/kbn_ts_projects.mdx +++ b/api_docs/kbn_ts_projects.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ts-projects title: "@kbn/ts-projects" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ts-projects plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ts-projects'] --- import kbnTsProjectsObj from './kbn_ts_projects.devdocs.json'; diff --git a/api_docs/kbn_typed_react_router_config.mdx b/api_docs/kbn_typed_react_router_config.mdx index da88acab22f3d6..6b7dbdd723961a 100644 --- a/api_docs/kbn_typed_react_router_config.mdx +++ b/api_docs/kbn_typed_react_router_config.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-typed-react-router-config title: "@kbn/typed-react-router-config" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/typed-react-router-config plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/typed-react-router-config'] --- import kbnTypedReactRouterConfigObj from './kbn_typed_react_router_config.devdocs.json'; diff --git a/api_docs/kbn_ui_actions_browser.mdx b/api_docs/kbn_ui_actions_browser.mdx index 01d6c1a420181b..f601e072d822d8 100644 --- a/api_docs/kbn_ui_actions_browser.mdx +++ b/api_docs/kbn_ui_actions_browser.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ui-actions-browser title: "@kbn/ui-actions-browser" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ui-actions-browser plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ui-actions-browser'] --- import kbnUiActionsBrowserObj from './kbn_ui_actions_browser.devdocs.json'; diff --git a/api_docs/kbn_ui_shared_deps_src.mdx b/api_docs/kbn_ui_shared_deps_src.mdx index 6bdd65c4579105..982abcfee14e52 100644 --- a/api_docs/kbn_ui_shared_deps_src.mdx +++ b/api_docs/kbn_ui_shared_deps_src.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ui-shared-deps-src title: "@kbn/ui-shared-deps-src" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ui-shared-deps-src plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ui-shared-deps-src'] --- import kbnUiSharedDepsSrcObj from './kbn_ui_shared_deps_src.devdocs.json'; diff --git a/api_docs/kbn_ui_theme.mdx b/api_docs/kbn_ui_theme.mdx index c81bbd52a1b152..6b1c3dd2af46bb 100644 --- a/api_docs/kbn_ui_theme.mdx +++ b/api_docs/kbn_ui_theme.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-ui-theme title: "@kbn/ui-theme" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/ui-theme plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/ui-theme'] --- import kbnUiThemeObj from './kbn_ui_theme.devdocs.json'; diff --git a/api_docs/kbn_unified_data_table.mdx b/api_docs/kbn_unified_data_table.mdx index f9eb81699615d5..dd86f054f1a11b 100644 --- a/api_docs/kbn_unified_data_table.mdx +++ b/api_docs/kbn_unified_data_table.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-unified-data-table title: "@kbn/unified-data-table" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/unified-data-table plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/unified-data-table'] --- import kbnUnifiedDataTableObj from './kbn_unified_data_table.devdocs.json'; diff --git a/api_docs/kbn_unified_doc_viewer.mdx b/api_docs/kbn_unified_doc_viewer.mdx index f5433e9781be4b..bcd7d407e54a30 100644 --- a/api_docs/kbn_unified_doc_viewer.mdx +++ b/api_docs/kbn_unified_doc_viewer.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-unified-doc-viewer title: "@kbn/unified-doc-viewer" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/unified-doc-viewer plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/unified-doc-viewer'] --- import kbnUnifiedDocViewerObj from './kbn_unified_doc_viewer.devdocs.json'; diff --git a/api_docs/kbn_unified_field_list.mdx b/api_docs/kbn_unified_field_list.mdx index e4290b6b040e00..818021341e8246 100644 --- a/api_docs/kbn_unified_field_list.mdx +++ b/api_docs/kbn_unified_field_list.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-unified-field-list title: "@kbn/unified-field-list" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/unified-field-list plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/unified-field-list'] --- import kbnUnifiedFieldListObj from './kbn_unified_field_list.devdocs.json'; diff --git a/api_docs/kbn_unsaved_changes_badge.mdx b/api_docs/kbn_unsaved_changes_badge.mdx index ea3c8c2866f617..fa7b9dbc097d20 100644 --- a/api_docs/kbn_unsaved_changes_badge.mdx +++ b/api_docs/kbn_unsaved_changes_badge.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-unsaved-changes-badge title: "@kbn/unsaved-changes-badge" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/unsaved-changes-badge plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/unsaved-changes-badge'] --- import kbnUnsavedChangesBadgeObj from './kbn_unsaved_changes_badge.devdocs.json'; diff --git a/api_docs/kbn_unsaved_changes_prompt.mdx b/api_docs/kbn_unsaved_changes_prompt.mdx index fba98901995630..12204ee978716e 100644 --- a/api_docs/kbn_unsaved_changes_prompt.mdx +++ b/api_docs/kbn_unsaved_changes_prompt.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-unsaved-changes-prompt title: "@kbn/unsaved-changes-prompt" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/unsaved-changes-prompt plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/unsaved-changes-prompt'] --- import kbnUnsavedChangesPromptObj from './kbn_unsaved_changes_prompt.devdocs.json'; diff --git a/api_docs/kbn_use_tracked_promise.mdx b/api_docs/kbn_use_tracked_promise.mdx index e43b0238842c6a..352b65a450148c 100644 --- a/api_docs/kbn_use_tracked_promise.mdx +++ b/api_docs/kbn_use_tracked_promise.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-use-tracked-promise title: "@kbn/use-tracked-promise" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/use-tracked-promise plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/use-tracked-promise'] --- import kbnUseTrackedPromiseObj from './kbn_use_tracked_promise.devdocs.json'; diff --git a/api_docs/kbn_user_profile_components.mdx b/api_docs/kbn_user_profile_components.mdx index a936b065fa89e0..18ac898f99d15d 100644 --- a/api_docs/kbn_user_profile_components.mdx +++ b/api_docs/kbn_user_profile_components.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-user-profile-components title: "@kbn/user-profile-components" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/user-profile-components plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/user-profile-components'] --- import kbnUserProfileComponentsObj from './kbn_user_profile_components.devdocs.json'; diff --git a/api_docs/kbn_utility_types.mdx b/api_docs/kbn_utility_types.mdx index e89e1c68efd3bd..2138ec302ed95e 100644 --- a/api_docs/kbn_utility_types.mdx +++ b/api_docs/kbn_utility_types.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-utility-types title: "@kbn/utility-types" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/utility-types plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/utility-types'] --- import kbnUtilityTypesObj from './kbn_utility_types.devdocs.json'; diff --git a/api_docs/kbn_utility_types_jest.mdx b/api_docs/kbn_utility_types_jest.mdx index 3f529820ecb032..3a0b5ef1b45ace 100644 --- a/api_docs/kbn_utility_types_jest.mdx +++ b/api_docs/kbn_utility_types_jest.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-utility-types-jest title: "@kbn/utility-types-jest" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/utility-types-jest plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/utility-types-jest'] --- import kbnUtilityTypesJestObj from './kbn_utility_types_jest.devdocs.json'; diff --git a/api_docs/kbn_utils.mdx b/api_docs/kbn_utils.mdx index b916813b37f2ed..ce2d35f98002a7 100644 --- a/api_docs/kbn_utils.mdx +++ b/api_docs/kbn_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-utils title: "@kbn/utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/utils plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/utils'] --- import kbnUtilsObj from './kbn_utils.devdocs.json'; diff --git a/api_docs/kbn_visualization_ui_components.mdx b/api_docs/kbn_visualization_ui_components.mdx index 7925519564c7cb..38c5b86994b79c 100644 --- a/api_docs/kbn_visualization_ui_components.mdx +++ b/api_docs/kbn_visualization_ui_components.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-visualization-ui-components title: "@kbn/visualization-ui-components" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/visualization-ui-components plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/visualization-ui-components'] --- import kbnVisualizationUiComponentsObj from './kbn_visualization_ui_components.devdocs.json'; diff --git a/api_docs/kbn_visualization_utils.mdx b/api_docs/kbn_visualization_utils.mdx index 333980dd09ce15..a4d86aaf5879b8 100644 --- a/api_docs/kbn_visualization_utils.mdx +++ b/api_docs/kbn_visualization_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-visualization-utils title: "@kbn/visualization-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/visualization-utils plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/visualization-utils'] --- import kbnVisualizationUtilsObj from './kbn_visualization_utils.devdocs.json'; diff --git a/api_docs/kbn_xstate_utils.mdx b/api_docs/kbn_xstate_utils.mdx index a2246d3caae5bc..ea6786600957a9 100644 --- a/api_docs/kbn_xstate_utils.mdx +++ b/api_docs/kbn_xstate_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-xstate-utils title: "@kbn/xstate-utils" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/xstate-utils plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/xstate-utils'] --- import kbnXstateUtilsObj from './kbn_xstate_utils.devdocs.json'; diff --git a/api_docs/kbn_yarn_lock_validator.mdx b/api_docs/kbn_yarn_lock_validator.mdx index 979cb4a70bf9d9..23857d1860f8c3 100644 --- a/api_docs/kbn_yarn_lock_validator.mdx +++ b/api_docs/kbn_yarn_lock_validator.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-yarn-lock-validator title: "@kbn/yarn-lock-validator" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/yarn-lock-validator plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/yarn-lock-validator'] --- import kbnYarnLockValidatorObj from './kbn_yarn_lock_validator.devdocs.json'; diff --git a/api_docs/kbn_zod.mdx b/api_docs/kbn_zod.mdx index 70c76cb5e2a248..9c6e95aa5a5d30 100644 --- a/api_docs/kbn_zod.mdx +++ b/api_docs/kbn_zod.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-zod title: "@kbn/zod" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/zod plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/zod'] --- import kbnZodObj from './kbn_zod.devdocs.json'; diff --git a/api_docs/kbn_zod_helpers.mdx b/api_docs/kbn_zod_helpers.mdx index 2e7c6759d1bbac..98ea085a48fd11 100644 --- a/api_docs/kbn_zod_helpers.mdx +++ b/api_docs/kbn_zod_helpers.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kbn-zod-helpers title: "@kbn/zod-helpers" image: https://source.unsplash.com/400x175/?github description: API docs for the @kbn/zod-helpers plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', '@kbn/zod-helpers'] --- import kbnZodHelpersObj from './kbn_zod_helpers.devdocs.json'; diff --git a/api_docs/kibana_overview.mdx b/api_docs/kibana_overview.mdx index d8ee39257300dd..03cb1bbe75192e 100644 --- a/api_docs/kibana_overview.mdx +++ b/api_docs/kibana_overview.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kibanaOverview title: "kibanaOverview" image: https://source.unsplash.com/400x175/?github description: API docs for the kibanaOverview plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'kibanaOverview'] --- import kibanaOverviewObj from './kibana_overview.devdocs.json'; diff --git a/api_docs/kibana_react.mdx b/api_docs/kibana_react.mdx index 68dc3db270a996..6b15df13d6c0be 100644 --- a/api_docs/kibana_react.mdx +++ b/api_docs/kibana_react.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kibanaReact title: "kibanaReact" image: https://source.unsplash.com/400x175/?github description: API docs for the kibanaReact plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'kibanaReact'] --- import kibanaReactObj from './kibana_react.devdocs.json'; diff --git a/api_docs/kibana_utils.mdx b/api_docs/kibana_utils.mdx index a6185f402e9d73..6a456f97eff7c4 100644 --- a/api_docs/kibana_utils.mdx +++ b/api_docs/kibana_utils.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kibanaUtils title: "kibanaUtils" image: https://source.unsplash.com/400x175/?github description: API docs for the kibanaUtils plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'kibanaUtils'] --- import kibanaUtilsObj from './kibana_utils.devdocs.json'; diff --git a/api_docs/kubernetes_security.mdx b/api_docs/kubernetes_security.mdx index 9d6decce120c3b..c500dd4eb3a59f 100644 --- a/api_docs/kubernetes_security.mdx +++ b/api_docs/kubernetes_security.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/kubernetesSecurity title: "kubernetesSecurity" image: https://source.unsplash.com/400x175/?github description: API docs for the kubernetesSecurity plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'kubernetesSecurity'] --- import kubernetesSecurityObj from './kubernetes_security.devdocs.json'; diff --git a/api_docs/lens.mdx b/api_docs/lens.mdx index c162ec5866ad00..3f999d929c2a78 100644 --- a/api_docs/lens.mdx +++ b/api_docs/lens.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/lens title: "lens" image: https://source.unsplash.com/400x175/?github description: API docs for the lens plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'lens'] --- import lensObj from './lens.devdocs.json'; diff --git a/api_docs/license_api_guard.mdx b/api_docs/license_api_guard.mdx index 97562a0e6e2728..8442a37f05f378 100644 --- a/api_docs/license_api_guard.mdx +++ b/api_docs/license_api_guard.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/licenseApiGuard title: "licenseApiGuard" image: https://source.unsplash.com/400x175/?github description: API docs for the licenseApiGuard plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'licenseApiGuard'] --- import licenseApiGuardObj from './license_api_guard.devdocs.json'; diff --git a/api_docs/license_management.mdx b/api_docs/license_management.mdx index 65174058b7b389..39516c41eca783 100644 --- a/api_docs/license_management.mdx +++ b/api_docs/license_management.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/licenseManagement title: "licenseManagement" image: https://source.unsplash.com/400x175/?github description: API docs for the licenseManagement plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'licenseManagement'] --- import licenseManagementObj from './license_management.devdocs.json'; diff --git a/api_docs/licensing.mdx b/api_docs/licensing.mdx index cbef10848f0fb5..585b1c7948063d 100644 --- a/api_docs/licensing.mdx +++ b/api_docs/licensing.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/licensing title: "licensing" image: https://source.unsplash.com/400x175/?github description: API docs for the licensing plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'licensing'] --- import licensingObj from './licensing.devdocs.json'; diff --git a/api_docs/links.mdx b/api_docs/links.mdx index 8f74b43bbcb5de..db35d0f6d7892f 100644 --- a/api_docs/links.mdx +++ b/api_docs/links.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/links title: "links" image: https://source.unsplash.com/400x175/?github description: API docs for the links plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'links'] --- import linksObj from './links.devdocs.json'; diff --git a/api_docs/lists.mdx b/api_docs/lists.mdx index d1bd5fedbfe1b8..f87ac4f4e3c97b 100644 --- a/api_docs/lists.mdx +++ b/api_docs/lists.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/lists title: "lists" image: https://source.unsplash.com/400x175/?github description: API docs for the lists plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'lists'] --- import listsObj from './lists.devdocs.json'; diff --git a/api_docs/logs_data_access.mdx b/api_docs/logs_data_access.mdx index 0020f949df0b73..933135ae01924d 100644 --- a/api_docs/logs_data_access.mdx +++ b/api_docs/logs_data_access.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/logsDataAccess title: "logsDataAccess" image: https://source.unsplash.com/400x175/?github description: API docs for the logsDataAccess plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'logsDataAccess'] --- import logsDataAccessObj from './logs_data_access.devdocs.json'; diff --git a/api_docs/logs_explorer.mdx b/api_docs/logs_explorer.mdx index 2afde38ca0d0dd..34e4ba9bfef8f0 100644 --- a/api_docs/logs_explorer.mdx +++ b/api_docs/logs_explorer.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/logsExplorer title: "logsExplorer" image: https://source.unsplash.com/400x175/?github description: API docs for the logsExplorer plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'logsExplorer'] --- import logsExplorerObj from './logs_explorer.devdocs.json'; diff --git a/api_docs/logs_shared.mdx b/api_docs/logs_shared.mdx index 7714991e37aaf5..3c2e731778ba7b 100644 --- a/api_docs/logs_shared.mdx +++ b/api_docs/logs_shared.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/logsShared title: "logsShared" image: https://source.unsplash.com/400x175/?github description: API docs for the logsShared plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'logsShared'] --- import logsSharedObj from './logs_shared.devdocs.json'; diff --git a/api_docs/management.mdx b/api_docs/management.mdx index 8eb08b1d62103a..cb4c1fbcb1b1de 100644 --- a/api_docs/management.mdx +++ b/api_docs/management.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/management title: "management" image: https://source.unsplash.com/400x175/?github description: API docs for the management plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'management'] --- import managementObj from './management.devdocs.json'; diff --git a/api_docs/maps.mdx b/api_docs/maps.mdx index 8256542d3d7e0b..a4567e13c4d51d 100644 --- a/api_docs/maps.mdx +++ b/api_docs/maps.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/maps title: "maps" image: https://source.unsplash.com/400x175/?github description: API docs for the maps plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'maps'] --- import mapsObj from './maps.devdocs.json'; diff --git a/api_docs/maps_ems.mdx b/api_docs/maps_ems.mdx index 9c0c54181a4ce4..352c331853b1f7 100644 --- a/api_docs/maps_ems.mdx +++ b/api_docs/maps_ems.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/mapsEms title: "mapsEms" image: https://source.unsplash.com/400x175/?github description: API docs for the mapsEms plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'mapsEms'] --- import mapsEmsObj from './maps_ems.devdocs.json'; diff --git a/api_docs/metrics_data_access.mdx b/api_docs/metrics_data_access.mdx index adc6dce0402c94..2af6cb50a974fa 100644 --- a/api_docs/metrics_data_access.mdx +++ b/api_docs/metrics_data_access.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/metricsDataAccess title: "metricsDataAccess" image: https://source.unsplash.com/400x175/?github description: API docs for the metricsDataAccess plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'metricsDataAccess'] --- import metricsDataAccessObj from './metrics_data_access.devdocs.json'; diff --git a/api_docs/ml.mdx b/api_docs/ml.mdx index cd92f7017293a0..86f1d9507dee26 100644 --- a/api_docs/ml.mdx +++ b/api_docs/ml.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/ml title: "ml" image: https://source.unsplash.com/400x175/?github description: API docs for the ml plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'ml'] --- import mlObj from './ml.devdocs.json'; diff --git a/api_docs/mock_idp_plugin.mdx b/api_docs/mock_idp_plugin.mdx index 5edd58a1bf0471..258b635f140392 100644 --- a/api_docs/mock_idp_plugin.mdx +++ b/api_docs/mock_idp_plugin.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/mockIdpPlugin title: "mockIdpPlugin" image: https://source.unsplash.com/400x175/?github description: API docs for the mockIdpPlugin plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'mockIdpPlugin'] --- import mockIdpPluginObj from './mock_idp_plugin.devdocs.json'; diff --git a/api_docs/monitoring.mdx b/api_docs/monitoring.mdx index 8165a72f02fe10..6fb4ac29c0c626 100644 --- a/api_docs/monitoring.mdx +++ b/api_docs/monitoring.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/monitoring title: "monitoring" image: https://source.unsplash.com/400x175/?github description: API docs for the monitoring plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'monitoring'] --- import monitoringObj from './monitoring.devdocs.json'; diff --git a/api_docs/monitoring_collection.mdx b/api_docs/monitoring_collection.mdx index 9e204245b74586..6b99b22da3d2f2 100644 --- a/api_docs/monitoring_collection.mdx +++ b/api_docs/monitoring_collection.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/monitoringCollection title: "monitoringCollection" image: https://source.unsplash.com/400x175/?github description: API docs for the monitoringCollection plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'monitoringCollection'] --- import monitoringCollectionObj from './monitoring_collection.devdocs.json'; diff --git a/api_docs/navigation.devdocs.json b/api_docs/navigation.devdocs.json index 339e145f24c30c..d1c3a65dac7cc5 100644 --- a/api_docs/navigation.devdocs.json +++ b/api_docs/navigation.devdocs.json @@ -368,15 +368,7 @@ "label": "TopNavMenuItems", "description": [], "signature": [ - "({ config, className, }: { config: ", - { - "pluginId": "navigation", - "scope": "public", - "docId": "kibNavigationPluginApi", - "section": "def-public.TopNavMenuData", - "text": "TopNavMenuData" - }, - "[] | undefined; className?: string | undefined; }) => React.JSX.Element | null" + "({ config, className, popoverBreakpoints, }: TopNavMenuItemsProps) => React.JSX.Element | null" ], "path": "src/plugins/navigation/public/top_nav_menu/top_nav_menu_items.tsx", "deprecated": false, @@ -387,48 +379,15 @@ "id": "def-public.TopNavMenuItems.$1", "type": "Object", "tags": [], - "label": "{\n config,\n className,\n}", + "label": "{\n config,\n className,\n popoverBreakpoints,\n}", "description": [], + "signature": [ + "TopNavMenuItemsProps" + ], "path": "src/plugins/navigation/public/top_nav_menu/top_nav_menu_items.tsx", "deprecated": false, "trackAdoption": false, - "children": [ - { - "parentPluginId": "navigation", - "id": "def-public.TopNavMenuItems.$1.config", - "type": "Array", - "tags": [], - "label": "config", - "description": [], - "signature": [ - { - "pluginId": "navigation", - "scope": "public", - "docId": "kibNavigationPluginApi", - "section": "def-public.TopNavMenuData", - "text": "TopNavMenuData" - }, - "[] | undefined" - ], - "path": "src/plugins/navigation/public/top_nav_menu/top_nav_menu_items.tsx", - "deprecated": false, - "trackAdoption": false - }, - { - "parentPluginId": "navigation", - "id": "def-public.TopNavMenuItems.$1.className", - "type": "string", - "tags": [], - "label": "className", - "description": [], - "signature": [ - "string | undefined" - ], - "path": "src/plugins/navigation/public/top_nav_menu/top_nav_menu_items.tsx", - "deprecated": false, - "trackAdoption": false - } - ] + "isRequired": true } ], "returnComment": [], @@ -976,7 +935,7 @@ "section": "def-public.MountPoint", "text": "MountPoint" }, - " | undefined) => void) | undefined; }" + " | undefined) => void) | undefined; popoverBreakpoints?: string[] | undefined; }" ], "path": "src/plugins/navigation/public/top_nav_menu/top_nav_menu.tsx", "deprecated": false, diff --git a/api_docs/navigation.mdx b/api_docs/navigation.mdx index f35924b446e076..d8acadab5f8cb3 100644 --- a/api_docs/navigation.mdx +++ b/api_docs/navigation.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/navigation title: "navigation" image: https://source.unsplash.com/400x175/?github description: API docs for the navigation plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'navigation'] --- import navigationObj from './navigation.devdocs.json'; @@ -21,7 +21,7 @@ Contact [@elastic/appex-sharedux](https://github.com/orgs/elastic/teams/appex-sh | Public API count | Any count | Items lacking comments | Missing exports | |-------------------|-----------|------------------------|-----------------| -| 57 | 0 | 55 | 4 | +| 55 | 0 | 53 | 4 | ## Client diff --git a/api_docs/newsfeed.mdx b/api_docs/newsfeed.mdx index f40600ca5085d0..d46818f2cd7ca7 100644 --- a/api_docs/newsfeed.mdx +++ b/api_docs/newsfeed.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/newsfeed title: "newsfeed" image: https://source.unsplash.com/400x175/?github description: API docs for the newsfeed plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'newsfeed'] --- import newsfeedObj from './newsfeed.devdocs.json'; diff --git a/api_docs/no_data_page.mdx b/api_docs/no_data_page.mdx index bd54f40c6451f5..0475f3f105f2f7 100644 --- a/api_docs/no_data_page.mdx +++ b/api_docs/no_data_page.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/noDataPage title: "noDataPage" image: https://source.unsplash.com/400x175/?github description: API docs for the noDataPage plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'noDataPage'] --- import noDataPageObj from './no_data_page.devdocs.json'; diff --git a/api_docs/notifications.mdx b/api_docs/notifications.mdx index dd7e3d43cfce30..4310fbf1523644 100644 --- a/api_docs/notifications.mdx +++ b/api_docs/notifications.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/notifications title: "notifications" image: https://source.unsplash.com/400x175/?github description: API docs for the notifications plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'notifications'] --- import notificationsObj from './notifications.devdocs.json'; diff --git a/api_docs/observability.mdx b/api_docs/observability.mdx index b443903f3eca9c..de184d5fc23a96 100644 --- a/api_docs/observability.mdx +++ b/api_docs/observability.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/observability title: "observability" image: https://source.unsplash.com/400x175/?github description: API docs for the observability plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'observability'] --- import observabilityObj from './observability.devdocs.json'; diff --git a/api_docs/observability_a_i_assistant.mdx b/api_docs/observability_a_i_assistant.mdx index 588ba1c9dadc52..a436c5670e5b8d 100644 --- a/api_docs/observability_a_i_assistant.mdx +++ b/api_docs/observability_a_i_assistant.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/observabilityAIAssistant title: "observabilityAIAssistant" image: https://source.unsplash.com/400x175/?github description: API docs for the observabilityAIAssistant plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'observabilityAIAssistant'] --- import observabilityAIAssistantObj from './observability_a_i_assistant.devdocs.json'; diff --git a/api_docs/observability_a_i_assistant_app.mdx b/api_docs/observability_a_i_assistant_app.mdx index d1d0d6d19d5906..3ba070e3a6df77 100644 --- a/api_docs/observability_a_i_assistant_app.mdx +++ b/api_docs/observability_a_i_assistant_app.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/observabilityAIAssistantApp title: "observabilityAIAssistantApp" image: https://source.unsplash.com/400x175/?github description: API docs for the observabilityAIAssistantApp plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'observabilityAIAssistantApp'] --- import observabilityAIAssistantAppObj from './observability_a_i_assistant_app.devdocs.json'; diff --git a/api_docs/observability_ai_assistant_management.mdx b/api_docs/observability_ai_assistant_management.mdx index a12c88298e3bf8..de39ce5afc857f 100644 --- a/api_docs/observability_ai_assistant_management.mdx +++ b/api_docs/observability_ai_assistant_management.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/observabilityAiAssistantManagement title: "observabilityAiAssistantManagement" image: https://source.unsplash.com/400x175/?github description: API docs for the observabilityAiAssistantManagement plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'observabilityAiAssistantManagement'] --- import observabilityAiAssistantManagementObj from './observability_ai_assistant_management.devdocs.json'; diff --git a/api_docs/observability_logs_explorer.mdx b/api_docs/observability_logs_explorer.mdx index 4c567799ca7c79..3959396c3e8def 100644 --- a/api_docs/observability_logs_explorer.mdx +++ b/api_docs/observability_logs_explorer.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/observabilityLogsExplorer title: "observabilityLogsExplorer" image: https://source.unsplash.com/400x175/?github description: API docs for the observabilityLogsExplorer plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'observabilityLogsExplorer'] --- import observabilityLogsExplorerObj from './observability_logs_explorer.devdocs.json'; diff --git a/api_docs/observability_onboarding.mdx b/api_docs/observability_onboarding.mdx index c0fca97af1367b..1f65e3c78a610b 100644 --- a/api_docs/observability_onboarding.mdx +++ b/api_docs/observability_onboarding.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/observabilityOnboarding title: "observabilityOnboarding" image: https://source.unsplash.com/400x175/?github description: API docs for the observabilityOnboarding plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'observabilityOnboarding'] --- import observabilityOnboardingObj from './observability_onboarding.devdocs.json'; diff --git a/api_docs/observability_shared.devdocs.json b/api_docs/observability_shared.devdocs.json index 4047b0886ada33..ded54140435bb0 100644 --- a/api_docs/observability_shared.devdocs.json +++ b/api_docs/observability_shared.devdocs.json @@ -6926,7 +6926,7 @@ "label": "ENTITY_DEFINITION_ID", "description": [], "signature": [ - "\"entity.definitionId\"" + "\"entity.definition_id\"" ], "path": "x-pack/plugins/observability_solution/observability_shared/common/field_names/elasticsearch.ts", "deprecated": false, @@ -6941,7 +6941,7 @@ "label": "ENTITY_DISPLAY_NAME", "description": [], "signature": [ - "\"entity.displayName\"" + "\"entity.display_name\"" ], "path": "x-pack/plugins/observability_solution/observability_shared/common/field_names/elasticsearch.ts", "deprecated": false, @@ -6956,7 +6956,7 @@ "label": "ENTITY_FIRST_SEEN", "description": [], "signature": [ - "\"entity.firstSeenTimestamp\"" + "\"entity.first_seen_timestamp\"" ], "path": "x-pack/plugins/observability_solution/observability_shared/common/field_names/elasticsearch.ts", "deprecated": false, @@ -6986,7 +6986,7 @@ "label": "ENTITY_IDENTITY_FIELDS", "description": [], "signature": [ - "\"entity.identityFields\"" + "\"entity.identity_fields\"" ], "path": "x-pack/plugins/observability_solution/observability_shared/common/field_names/elasticsearch.ts", "deprecated": false, @@ -7001,7 +7001,7 @@ "label": "ENTITY_LAST_SEEN", "description": [], "signature": [ - "\"entity.lastSeenTimestamp\"" + "\"entity.last_seen_timestamp\"" ], "path": "x-pack/plugins/observability_solution/observability_shared/common/field_names/elasticsearch.ts", "deprecated": false, diff --git a/api_docs/observability_shared.mdx b/api_docs/observability_shared.mdx index 1bff987d33fc19..4873cd8f74709a 100644 --- a/api_docs/observability_shared.mdx +++ b/api_docs/observability_shared.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/observabilityShared title: "observabilityShared" image: https://source.unsplash.com/400x175/?github description: API docs for the observabilityShared plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'observabilityShared'] --- import observabilitySharedObj from './observability_shared.devdocs.json'; diff --git a/api_docs/osquery.mdx b/api_docs/osquery.mdx index 20fb34470067e3..a4ae0ec212cdfe 100644 --- a/api_docs/osquery.mdx +++ b/api_docs/osquery.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/osquery title: "osquery" image: https://source.unsplash.com/400x175/?github description: API docs for the osquery plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'osquery'] --- import osqueryObj from './osquery.devdocs.json'; diff --git a/api_docs/painless_lab.mdx b/api_docs/painless_lab.mdx index 282c43217d2190..097b63f4e07185 100644 --- a/api_docs/painless_lab.mdx +++ b/api_docs/painless_lab.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/painlessLab title: "painlessLab" image: https://source.unsplash.com/400x175/?github description: API docs for the painlessLab plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'painlessLab'] --- import painlessLabObj from './painless_lab.devdocs.json'; diff --git a/api_docs/plugin_directory.mdx b/api_docs/plugin_directory.mdx index 5ba71242b62bd4..31e2927355f028 100644 --- a/api_docs/plugin_directory.mdx +++ b/api_docs/plugin_directory.mdx @@ -7,7 +7,7 @@ id: kibDevDocsPluginDirectory slug: /kibana-dev-docs/api-meta/plugin-api-directory title: Directory description: Directory of public APIs available through plugins or packages. -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana'] --- @@ -15,19 +15,19 @@ tags: ['contributor', 'dev', 'apidocs', 'kibana'] | Count | Plugins or Packages with a
public API | Number of teams | |--------------|----------|------------------------| -| 874 | 746 | 45 | +| 876 | 748 | 45 | ### Public API health stats | API Count | Any Count | Missing comments | Missing exports | |--------------|----------|-----------------|--------| -| 53926 | 242 | 40512 | 2004 | +| 54006 | 242 | 40588 | 2008 | ## Plugin Directory | Plugin name           | Maintaining team | Description | API Cnt | Any Cnt | Missing
comments | Missing
exports | |--------------|----------------|-----------|--------------|----------|---------------|--------| -| | [@elastic/response-ops](https://github.com/orgs/elastic/teams/response-ops) | - | 320 | 0 | 314 | 37 | +| | [@elastic/response-ops](https://github.com/orgs/elastic/teams/response-ops) | - | 322 | 0 | 316 | 37 | | | [@elastic/appex-sharedux @elastic/kibana-management](https://github.com/orgs/elastic/teams/appex-sharedux ) | - | 2 | 0 | 2 | 0 | | | [@elastic/obs-knowledge-team](https://github.com/orgs/elastic/teams/obs-knowledge-team) | - | 4 | 0 | 4 | 1 | | | [@elastic/ml-ui](https://github.com/orgs/elastic/teams/ml-ui) | AIOps plugin maintained by ML team. | 72 | 0 | 8 | 2 | @@ -103,7 +103,7 @@ tags: ['contributor', 'dev', 'apidocs', 'kibana'] | | [@elastic/kibana-presentation](https://github.com/orgs/elastic/teams/kibana-presentation) | The file upload plugin contains components and services for uploading a file, analyzing its data, and then importing the data into an Elasticsearch index. Supported file types include CSV, TSV, newline-delimited JSON and GeoJSON. | 88 | 0 | 88 | 8 | | | [@elastic/appex-sharedux](https://github.com/orgs/elastic/teams/appex-sharedux) | File upload, download, sharing, and serving over HTTP implementation in Kibana. | 240 | 0 | 24 | 9 | | | [@elastic/appex-sharedux](https://github.com/orgs/elastic/teams/appex-sharedux) | Simple UI for managing files in Kibana | 3 | 0 | 3 | 0 | -| | [@elastic/fleet](https://github.com/orgs/elastic/teams/fleet) | - | 1421 | 5 | 1296 | 76 | +| | [@elastic/fleet](https://github.com/orgs/elastic/teams/fleet) | - | 1426 | 5 | 1301 | 76 | | ftrApis | [@elastic/kibana-core](https://github.com/orgs/elastic/teams/kibana-core) | - | 0 | 0 | 0 | 0 | | | [@elastic/appex-sharedux](https://github.com/orgs/elastic/teams/appex-sharedux) | - | 72 | 0 | 14 | 5 | | globalSearchBar | [@elastic/appex-sharedux](https://github.com/orgs/elastic/teams/appex-sharedux) | - | 0 | 0 | 0 | 0 | @@ -148,7 +148,7 @@ tags: ['contributor', 'dev', 'apidocs', 'kibana'] | | [@elastic/kibana-security](https://github.com/orgs/elastic/teams/kibana-security) | - | 2 | 0 | 2 | 0 | | | [@elastic/stack-monitoring](https://github.com/orgs/elastic/teams/stack-monitoring) | - | 15 | 3 | 13 | 1 | | | [@elastic/stack-monitoring](https://github.com/orgs/elastic/teams/stack-monitoring) | - | 9 | 0 | 9 | 0 | -| | [@elastic/appex-sharedux](https://github.com/orgs/elastic/teams/appex-sharedux) | - | 57 | 0 | 55 | 4 | +| | [@elastic/appex-sharedux](https://github.com/orgs/elastic/teams/appex-sharedux) | - | 55 | 0 | 53 | 4 | | | [@elastic/kibana-core](https://github.com/orgs/elastic/teams/kibana-core) | - | 17 | 0 | 17 | 0 | | | [@elastic/appex-sharedux](https://github.com/orgs/elastic/teams/appex-sharedux) | - | 3 | 0 | 3 | 0 | | | [@elastic/appex-sharedux](https://github.com/orgs/elastic/teams/appex-sharedux) | - | 2 | 0 | 2 | 1 | @@ -194,7 +194,7 @@ tags: ['contributor', 'dev', 'apidocs', 'kibana'] | | [@elastic/obs-ux-management-team](https://github.com/orgs/elastic/teams/obs-ux-management-team) | Serverless customizations for observability. | 6 | 0 | 6 | 0 | | | [@elastic/search-kibana](https://github.com/orgs/elastic/teams/search-kibana) | Serverless customizations for search. | 7 | 0 | 7 | 0 | | | [@elastic/kibana-cloud-security-posture](https://github.com/orgs/elastic/teams/kibana-cloud-security-posture) | - | 134 | 0 | 134 | 8 | -| | [@elastic/appex-sharedux](https://github.com/orgs/elastic/teams/appex-sharedux) | Adds URL Service and sharing capabilities to Kibana | 135 | 0 | 72 | 15 | +| | [@elastic/appex-sharedux](https://github.com/orgs/elastic/teams/appex-sharedux) | Adds URL Service and sharing capabilities to Kibana | 136 | 0 | 73 | 15 | | | [@elastic/obs-ux-management-team](https://github.com/orgs/elastic/teams/obs-ux-management-team) | - | 59 | 0 | 59 | 1 | | | [@elastic/kibana-management](https://github.com/orgs/elastic/teams/kibana-management) | - | 22 | 1 | 22 | 1 | | | [@elastic/kibana-security](https://github.com/orgs/elastic/teams/kibana-security) | This plugin provides the Spaces feature, which allows saved objects to be organized into meaningful categories. | 269 | 0 | 73 | 1 | @@ -260,7 +260,7 @@ tags: ['contributor', 'dev', 'apidocs', 'kibana'] | | [@elastic/kibana-core](https://github.com/orgs/elastic/teams/kibana-core) | - | 18 | 0 | 18 | 0 | | | [@elastic/obs-ux-infra_services-team](https://github.com/orgs/elastic/teams/obs-ux-infra_services-team) | - | 4 | 0 | 4 | 0 | | | [@elastic/obs-ux-infra_services-team](https://github.com/orgs/elastic/teams/obs-ux-infra_services-team) | - | 86 | 0 | 86 | 11 | -| | [@elastic/obs-ux-infra_services-team](https://github.com/orgs/elastic/teams/obs-ux-infra_services-team) | - | 247 | 0 | 247 | 36 | +| | [@elastic/obs-ux-infra_services-team](https://github.com/orgs/elastic/teams/obs-ux-infra_services-team) | - | 268 | 0 | 268 | 38 | | | [@elastic/obs-ux-infra_services-team](https://github.com/orgs/elastic/teams/obs-ux-infra_services-team) | - | 337 | 0 | 336 | 0 | | | [@elastic/obs-ux-infra_services-team](https://github.com/orgs/elastic/teams/obs-ux-infra_services-team) | - | 11 | 0 | 11 | 0 | | | [@elastic/security-defend-workflows](https://github.com/orgs/elastic/teams/security-defend-workflows) | - | 3 | 0 | 3 | 0 | @@ -331,7 +331,7 @@ tags: ['contributor', 'dev', 'apidocs', 'kibana'] | | [@elastic/kibana-core](https://github.com/orgs/elastic/teams/kibana-core) | - | 9 | 0 | 3 | 0 | | | [@elastic/kibana-core](https://github.com/orgs/elastic/teams/kibana-core) | - | 6 | 0 | 6 | 0 | | | [@elastic/kibana-core](https://github.com/orgs/elastic/teams/kibana-core) | - | 4 | 0 | 4 | 0 | -| | [@elastic/kibana-core](https://github.com/orgs/elastic/teams/kibana-core) | - | 17 | 0 | 9 | 0 | +| | [@elastic/kibana-core](https://github.com/orgs/elastic/teams/kibana-core) | - | 17 | 0 | 9 | 1 | | | [@elastic/kibana-core](https://github.com/orgs/elastic/teams/kibana-core) | - | 16 | 0 | 13 | 0 | | | [@elastic/kibana-core](https://github.com/orgs/elastic/teams/kibana-core) | - | 4 | 0 | 3 | 0 | | | [@elastic/kibana-core](https://github.com/orgs/elastic/teams/kibana-core) | - | 6 | 0 | 6 | 0 | @@ -372,7 +372,7 @@ tags: ['contributor', 'dev', 'apidocs', 'kibana'] | | [@elastic/kibana-core](https://github.com/orgs/elastic/teams/kibana-core) | - | 7 | 0 | 7 | 0 | | | [@elastic/kibana-core](https://github.com/orgs/elastic/teams/kibana-core) | - | 54 | 7 | 54 | 6 | | | [@elastic/kibana-core](https://github.com/orgs/elastic/teams/kibana-core) | - | 15 | 0 | 15 | 1 | -| | [@elastic/kibana-core](https://github.com/orgs/elastic/teams/kibana-core) | - | 533 | 2 | 216 | 0 | +| | [@elastic/kibana-core](https://github.com/orgs/elastic/teams/kibana-core) | - | 552 | 2 | 232 | 1 | | | [@elastic/kibana-core](https://github.com/orgs/elastic/teams/kibana-core) | - | 96 | 0 | 83 | 10 | | | [@elastic/kibana-core](https://github.com/orgs/elastic/teams/kibana-core) | - | 46 | 0 | 45 | 0 | | | [@elastic/kibana-core](https://github.com/orgs/elastic/teams/kibana-core) | - | 4 | 0 | 2 | 0 | @@ -463,7 +463,7 @@ tags: ['contributor', 'dev', 'apidocs', 'kibana'] | | [@elastic/appex-sharedux](https://github.com/orgs/elastic/teams/appex-sharedux) | - | 42 | 1 | 24 | 0 | | | [@elastic/appex-sharedux](https://github.com/orgs/elastic/teams/appex-sharedux) | - | 20 | 1 | 19 | 3 | | | [@elastic/appex-sharedux](https://github.com/orgs/elastic/teams/appex-sharedux) | - | 6 | 0 | 6 | 0 | -| | [@elastic/kibana-core](https://github.com/orgs/elastic/teams/kibana-core) | - | 155 | 0 | 144 | 0 | +| | [@elastic/kibana-core](https://github.com/orgs/elastic/teams/kibana-core) | - | 165 | 0 | 154 | 0 | | | [@elastic/kibana-core](https://github.com/orgs/elastic/teams/kibana-core) | - | 8 | 0 | 8 | 2 | | | [@elastic/kibana-core](https://github.com/orgs/elastic/teams/kibana-core) | - | 7 | 0 | 7 | 0 | | | [@elastic/kibana-core](https://github.com/orgs/elastic/teams/kibana-core) | - | 29 | 0 | 4 | 0 | @@ -511,14 +511,14 @@ tags: ['contributor', 'dev', 'apidocs', 'kibana'] | | [@elastic/obs-ux-logs-team](https://github.com/orgs/elastic/teams/obs-ux-logs-team) | - | 42 | 0 | 41 | 0 | | | [@elastic/security-generative-ai](https://github.com/orgs/elastic/teams/security-generative-ai) | - | 169 | 0 | 140 | 10 | | | [@elastic/security-generative-ai](https://github.com/orgs/elastic/teams/security-generative-ai) | - | 403 | 0 | 372 | 0 | -| | [@elastic/obs-entities](https://github.com/orgs/elastic/teams/obs-entities) | - | 44 | 0 | 44 | 0 | +| | [@elastic/obs-entities](https://github.com/orgs/elastic/teams/obs-entities) | - | 43 | 0 | 43 | 0 | | | [@elastic/kibana-operations](https://github.com/orgs/elastic/teams/kibana-operations) | - | 55 | 0 | 40 | 7 | | | [@elastic/kibana-operations](https://github.com/orgs/elastic/teams/kibana-operations) | - | 32 | 0 | 19 | 1 | | | [@elastic/kibana-core](https://github.com/orgs/elastic/teams/kibana-core) | - | 11 | 0 | 6 | 0 | | | [@elastic/kibana-data-discovery](https://github.com/orgs/elastic/teams/kibana-data-discovery) | - | 271 | 1 | 210 | 14 | | | [@elastic/kibana-core](https://github.com/orgs/elastic/teams/kibana-core) | - | 29 | 0 | 29 | 1 | | | [@elastic/kibana-operations](https://github.com/orgs/elastic/teams/kibana-operations) | - | 2 | 0 | 1 | 0 | -| | [@elastic/kibana-esql](https://github.com/orgs/elastic/teams/kibana-esql) | - | 266 | 1 | 208 | 34 | +| | [@elastic/kibana-esql](https://github.com/orgs/elastic/teams/kibana-esql) | - | 269 | 1 | 211 | 34 | | | [@elastic/kibana-esql](https://github.com/orgs/elastic/teams/kibana-esql) | - | 29 | 0 | 12 | 0 | | | [@elastic/kibana-esql](https://github.com/orgs/elastic/teams/kibana-esql) | - | 79 | 0 | 71 | 0 | | | [@elastic/kibana-esql](https://github.com/orgs/elastic/teams/kibana-esql) | - | 202 | 0 | 190 | 12 | @@ -557,7 +557,7 @@ tags: ['contributor', 'dev', 'apidocs', 'kibana'] | | [@elastic/kibana-operations](https://github.com/orgs/elastic/teams/kibana-operations) | - | 87 | 0 | 79 | 6 | | | [@elastic/kibana-operations](https://github.com/orgs/elastic/teams/kibana-operations) | - | 41 | 2 | 35 | 0 | | | [@elastic/ml-ui](https://github.com/orgs/elastic/teams/ml-ui) | - | 9 | 0 | 7 | 0 | -| | [@elastic/kibana-operations](https://github.com/orgs/elastic/teams/kibana-operations) | - | 108 | 0 | 107 | 0 | +| | [@elastic/kibana-operations](https://github.com/orgs/elastic/teams/kibana-operations) | - | 116 | 0 | 115 | 0 | | | [@elastic/kibana-esql](https://github.com/orgs/elastic/teams/kibana-esql) | - | 11 | 0 | 7 | 0 | | | [@elastic/obs-ux-infra_services-team](https://github.com/orgs/elastic/teams/obs-ux-infra_services-team) | - | 193 | 0 | 190 | 6 | | | [@elastic/kibana-visualizations](https://github.com/orgs/elastic/teams/kibana-visualizations) | - | 172 | 0 | 172 | 1 | @@ -577,6 +577,7 @@ tags: ['contributor', 'dev', 'apidocs', 'kibana'] | | [@elastic/kibana-management](https://github.com/orgs/elastic/teams/kibana-management) | - | 88 | 0 | 10 | 0 | | | [@elastic/kibana-management](https://github.com/orgs/elastic/teams/kibana-management) | - | 56 | 0 | 6 | 0 | | | [@elastic/kibana-management](https://github.com/orgs/elastic/teams/kibana-management) | - | 2 | 0 | 0 | 0 | +| | [@elastic/kibana-core](https://github.com/orgs/elastic/teams/kibana-core) | - | 1 | 0 | 0 | 0 | | | [@elastic/kibana-presentation](https://github.com/orgs/elastic/teams/kibana-presentation) | - | 592 | 1 | 1 | 0 | | | [@elastic/kibana-presentation](https://github.com/orgs/elastic/teams/kibana-presentation) | - | 2 | 0 | 2 | 0 | | | [@elastic/ml-ui](https://github.com/orgs/elastic/teams/ml-ui) | - | 95 | 1 | 0 | 0 | @@ -646,7 +647,7 @@ tags: ['contributor', 'dev', 'apidocs', 'kibana'] | | [@elastic/kibana-operations](https://github.com/orgs/elastic/teams/kibana-operations) | - | 40 | 0 | 38 | 5 | | | [@elastic/kibana-operations](https://github.com/orgs/elastic/teams/kibana-operations) | - | 13 | 0 | 9 | 0 | | | [@elastic/kibana-operations](https://github.com/orgs/elastic/teams/kibana-operations) | - | 6 | 0 | 6 | 1 | -| | [@elastic/appex-sharedux](https://github.com/orgs/elastic/teams/appex-sharedux) | - | 96 | 0 | 86 | 13 | +| | [@elastic/appex-sharedux](https://github.com/orgs/elastic/teams/appex-sharedux) | - | 99 | 0 | 89 | 13 | | | [@elastic/appex-sharedux](https://github.com/orgs/elastic/teams/appex-sharedux) | - | 13 | 0 | 13 | 0 | | | [@elastic/appex-sharedux](https://github.com/orgs/elastic/teams/appex-sharedux) | - | 52 | 0 | 52 | 3 | | | [@elastic/appex-sharedux](https://github.com/orgs/elastic/teams/appex-sharedux) | - | 25 | 0 | 21 | 0 | @@ -659,12 +660,13 @@ tags: ['contributor', 'dev', 'apidocs', 'kibana'] | | [@elastic/appex-sharedux](https://github.com/orgs/elastic/teams/appex-sharedux) | - | 92 | 0 | 91 | 0 | | | [@elastic/kibana-data-discovery](https://github.com/orgs/elastic/teams/kibana-data-discovery) | A component for creating resizable layouts containing a fixed width panel and a flexible panel, with support for horizontal and vertical layouts. | 18 | 0 | 5 | 0 | | | [@elastic/response-ops](https://github.com/orgs/elastic/teams/response-ops) | - | 3 | 0 | 3 | 0 | +| | [@elastic/response-ops](https://github.com/orgs/elastic/teams/response-ops) | - | 8 | 0 | 8 | 0 | | | [@elastic/kibana-operations](https://github.com/orgs/elastic/teams/kibana-operations) | - | 13 | 2 | 8 | 0 | | | [@elastic/kibana-management](https://github.com/orgs/elastic/teams/kibana-management) | - | 3 | 0 | 3 | 0 | | | [@elastic/kibana-core](https://github.com/orgs/elastic/teams/kibana-core) | - | 10 | 0 | 10 | 1 | | | [@elastic/obs-ux-logs-team](https://github.com/orgs/elastic/teams/obs-ux-logs-team) | - | 2 | 0 | 1 | 1 | | | [@elastic/response-ops](https://github.com/orgs/elastic/teams/response-ops) | - | 16 | 0 | 16 | 1 | -| | [@elastic/security-detections-response](https://github.com/orgs/elastic/teams/security-detections-response) | - | 136 | 0 | 133 | 0 | +| | [@elastic/security-detections-response](https://github.com/orgs/elastic/teams/security-detections-response) | - | 138 | 0 | 135 | 0 | | | [@elastic/appex-sharedux](https://github.com/orgs/elastic/teams/appex-sharedux) | - | 2 | 0 | 2 | 0 | | | [@elastic/appex-sharedux](https://github.com/orgs/elastic/teams/appex-sharedux) | - | 35 | 0 | 34 | 0 | | | [@elastic/search-kibana](https://github.com/orgs/elastic/teams/search-kibana) | - | 8 | 0 | 8 | 1 | @@ -672,7 +674,7 @@ tags: ['contributor', 'dev', 'apidocs', 'kibana'] | | [@elastic/search-kibana](https://github.com/orgs/elastic/teams/search-kibana) | - | 76 | 0 | 76 | 0 | | | [@elastic/search-kibana](https://github.com/orgs/elastic/teams/search-kibana) | - | 3929 | 0 | 3929 | 0 | | | [@elastic/kibana-data-discovery](https://github.com/orgs/elastic/teams/kibana-data-discovery) | - | 18 | 1 | 17 | 1 | -| | [@elastic/search-kibana](https://github.com/orgs/elastic/teams/search-kibana) | - | 35 | 0 | 33 | 3 | +| | [@elastic/search-kibana](https://github.com/orgs/elastic/teams/search-kibana) | - | 36 | 0 | 34 | 3 | | | [@elastic/kibana-data-discovery](https://github.com/orgs/elastic/teams/kibana-data-discovery) | - | 20 | 0 | 18 | 1 | | | [@elastic/search-kibana](https://github.com/orgs/elastic/teams/search-kibana) | - | 2 | 0 | 2 | 0 | | | [@elastic/kibana-data-discovery](https://github.com/orgs/elastic/teams/kibana-data-discovery) | - | 50 | 0 | 25 | 0 | @@ -689,7 +691,7 @@ tags: ['contributor', 'dev', 'apidocs', 'kibana'] | | [@elastic/kibana-cloud-security-posture](https://github.com/orgs/elastic/teams/kibana-cloud-security-posture) | - | 7 | 0 | 0 | 0 | | | [@elastic/security-threat-hunting-explore](https://github.com/orgs/elastic/teams/security-threat-hunting-explore) | - | 15 | 0 | 15 | 7 | | | [@elastic/security-threat-hunting-explore](https://github.com/orgs/elastic/teams/security-threat-hunting-explore) | - | 54 | 0 | 49 | 0 | -| | [@elastic/security-threat-hunting-explore](https://github.com/orgs/elastic/teams/security-threat-hunting-explore) | - | 30 | 0 | 24 | 0 | +| | [@elastic/security-threat-hunting-explore](https://github.com/orgs/elastic/teams/security-threat-hunting-explore) | - | 29 | 0 | 23 | 0 | | | [@elastic/security-threat-hunting-explore](https://github.com/orgs/elastic/teams/security-threat-hunting-explore) | - | 2 | 0 | 0 | 0 | | | [@elastic/kibana-security](https://github.com/orgs/elastic/teams/kibana-security) | - | 48 | 0 | 13 | 0 | | | [@elastic/security-detection-engine](https://github.com/orgs/elastic/teams/security-detection-engine) | - | 56 | 1 | 41 | 1 | diff --git a/api_docs/presentation_panel.mdx b/api_docs/presentation_panel.mdx index 6188b3e244ac9a..0c3cb44216a1af 100644 --- a/api_docs/presentation_panel.mdx +++ b/api_docs/presentation_panel.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/presentationPanel title: "presentationPanel" image: https://source.unsplash.com/400x175/?github description: API docs for the presentationPanel plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'presentationPanel'] --- import presentationPanelObj from './presentation_panel.devdocs.json'; diff --git a/api_docs/presentation_util.mdx b/api_docs/presentation_util.mdx index ba1d578bee5703..9e66cb19a58b0c 100644 --- a/api_docs/presentation_util.mdx +++ b/api_docs/presentation_util.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/presentationUtil title: "presentationUtil" image: https://source.unsplash.com/400x175/?github description: API docs for the presentationUtil plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'presentationUtil'] --- import presentationUtilObj from './presentation_util.devdocs.json'; diff --git a/api_docs/profiling.mdx b/api_docs/profiling.mdx index b870ee4e9db049..13ae4068670b71 100644 --- a/api_docs/profiling.mdx +++ b/api_docs/profiling.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/profiling title: "profiling" image: https://source.unsplash.com/400x175/?github description: API docs for the profiling plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'profiling'] --- import profilingObj from './profiling.devdocs.json'; diff --git a/api_docs/profiling_data_access.mdx b/api_docs/profiling_data_access.mdx index e5f6b6cd5e8477..a56732f53c4020 100644 --- a/api_docs/profiling_data_access.mdx +++ b/api_docs/profiling_data_access.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/profilingDataAccess title: "profilingDataAccess" image: https://source.unsplash.com/400x175/?github description: API docs for the profilingDataAccess plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'profilingDataAccess'] --- import profilingDataAccessObj from './profiling_data_access.devdocs.json'; diff --git a/api_docs/remote_clusters.mdx b/api_docs/remote_clusters.mdx index 2436457724a6eb..0b915786bb8703 100644 --- a/api_docs/remote_clusters.mdx +++ b/api_docs/remote_clusters.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/remoteClusters title: "remoteClusters" image: https://source.unsplash.com/400x175/?github description: API docs for the remoteClusters plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'remoteClusters'] --- import remoteClustersObj from './remote_clusters.devdocs.json'; diff --git a/api_docs/reporting.mdx b/api_docs/reporting.mdx index 9465b38e3fbd23..5bb77fef791848 100644 --- a/api_docs/reporting.mdx +++ b/api_docs/reporting.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/reporting title: "reporting" image: https://source.unsplash.com/400x175/?github description: API docs for the reporting plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'reporting'] --- import reportingObj from './reporting.devdocs.json'; diff --git a/api_docs/rollup.mdx b/api_docs/rollup.mdx index 82e31c7ce74fc8..85102752a5e057 100644 --- a/api_docs/rollup.mdx +++ b/api_docs/rollup.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/rollup title: "rollup" image: https://source.unsplash.com/400x175/?github description: API docs for the rollup plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'rollup'] --- import rollupObj from './rollup.devdocs.json'; diff --git a/api_docs/rule_registry.mdx b/api_docs/rule_registry.mdx index 62f09cc3d9c771..36d91f7904e9bd 100644 --- a/api_docs/rule_registry.mdx +++ b/api_docs/rule_registry.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/ruleRegistry title: "ruleRegistry" image: https://source.unsplash.com/400x175/?github description: API docs for the ruleRegistry plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'ruleRegistry'] --- import ruleRegistryObj from './rule_registry.devdocs.json'; diff --git a/api_docs/runtime_fields.mdx b/api_docs/runtime_fields.mdx index 820c215bcb4ea6..b05913ed4fc5e2 100644 --- a/api_docs/runtime_fields.mdx +++ b/api_docs/runtime_fields.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/runtimeFields title: "runtimeFields" image: https://source.unsplash.com/400x175/?github description: API docs for the runtimeFields plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'runtimeFields'] --- import runtimeFieldsObj from './runtime_fields.devdocs.json'; diff --git a/api_docs/saved_objects.devdocs.json b/api_docs/saved_objects.devdocs.json index 1e04ae0514ce8b..340a56e3620f2a 100644 --- a/api_docs/saved_objects.devdocs.json +++ b/api_docs/saved_objects.devdocs.json @@ -50,6 +50,14 @@ "plugin": "presentationUtil", "path": "src/plugins/presentation_util/public/components/saved_object_save_modal_dashboard.tsx" }, + { + "plugin": "lens", + "path": "x-pack/plugins/lens/public/visualizations/xy/annotations/actions/save_action.tsx" + }, + { + "plugin": "lens", + "path": "x-pack/plugins/lens/public/visualizations/xy/annotations/actions/save_action.tsx" + }, { "plugin": "dashboard", "path": "src/plugins/dashboard/public/dashboard_container/embeddable/api/overlays/save_modal.tsx" @@ -66,14 +74,6 @@ "plugin": "dashboard", "path": "src/plugins/dashboard/public/dashboard_actions/add_to_library_action.tsx" }, - { - "plugin": "lens", - "path": "x-pack/plugins/lens/public/visualizations/xy/annotations/actions/save_action.tsx" - }, - { - "plugin": "lens", - "path": "x-pack/plugins/lens/public/visualizations/xy/annotations/actions/save_action.tsx" - }, { "plugin": "discover", "path": "src/plugins/discover/public/application/main/components/top_nav/on_save_search.tsx" diff --git a/api_docs/saved_objects.mdx b/api_docs/saved_objects.mdx index 63c4273fb837e0..bb5d3ed8bd614c 100644 --- a/api_docs/saved_objects.mdx +++ b/api_docs/saved_objects.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/savedObjects title: "savedObjects" image: https://source.unsplash.com/400x175/?github description: API docs for the savedObjects plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'savedObjects'] --- import savedObjectsObj from './saved_objects.devdocs.json'; diff --git a/api_docs/saved_objects_finder.mdx b/api_docs/saved_objects_finder.mdx index 73091b76c31f8a..28a39f6ce5ce7c 100644 --- a/api_docs/saved_objects_finder.mdx +++ b/api_docs/saved_objects_finder.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/savedObjectsFinder title: "savedObjectsFinder" image: https://source.unsplash.com/400x175/?github description: API docs for the savedObjectsFinder plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'savedObjectsFinder'] --- import savedObjectsFinderObj from './saved_objects_finder.devdocs.json'; diff --git a/api_docs/saved_objects_management.mdx b/api_docs/saved_objects_management.mdx index b459f34794a70a..246fefcad879eb 100644 --- a/api_docs/saved_objects_management.mdx +++ b/api_docs/saved_objects_management.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/savedObjectsManagement title: "savedObjectsManagement" image: https://source.unsplash.com/400x175/?github description: API docs for the savedObjectsManagement plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'savedObjectsManagement'] --- import savedObjectsManagementObj from './saved_objects_management.devdocs.json'; diff --git a/api_docs/saved_objects_tagging.mdx b/api_docs/saved_objects_tagging.mdx index 2531dde77c2a20..8fb3fa86149b17 100644 --- a/api_docs/saved_objects_tagging.mdx +++ b/api_docs/saved_objects_tagging.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/savedObjectsTagging title: "savedObjectsTagging" image: https://source.unsplash.com/400x175/?github description: API docs for the savedObjectsTagging plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'savedObjectsTagging'] --- import savedObjectsTaggingObj from './saved_objects_tagging.devdocs.json'; diff --git a/api_docs/saved_objects_tagging_oss.mdx b/api_docs/saved_objects_tagging_oss.mdx index eb5c6b8d9ce1c4..8bd86ba5350e02 100644 --- a/api_docs/saved_objects_tagging_oss.mdx +++ b/api_docs/saved_objects_tagging_oss.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/savedObjectsTaggingOss title: "savedObjectsTaggingOss" image: https://source.unsplash.com/400x175/?github description: API docs for the savedObjectsTaggingOss plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'savedObjectsTaggingOss'] --- import savedObjectsTaggingOssObj from './saved_objects_tagging_oss.devdocs.json'; diff --git a/api_docs/saved_search.mdx b/api_docs/saved_search.mdx index 5cb0939bda3114..6ff1f2d9f32e66 100644 --- a/api_docs/saved_search.mdx +++ b/api_docs/saved_search.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/savedSearch title: "savedSearch" image: https://source.unsplash.com/400x175/?github description: API docs for the savedSearch plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'savedSearch'] --- import savedSearchObj from './saved_search.devdocs.json'; diff --git a/api_docs/screenshot_mode.mdx b/api_docs/screenshot_mode.mdx index 94bbb78878302e..022a3fb46a893a 100644 --- a/api_docs/screenshot_mode.mdx +++ b/api_docs/screenshot_mode.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/screenshotMode title: "screenshotMode" image: https://source.unsplash.com/400x175/?github description: API docs for the screenshotMode plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'screenshotMode'] --- import screenshotModeObj from './screenshot_mode.devdocs.json'; diff --git a/api_docs/screenshotting.mdx b/api_docs/screenshotting.mdx index 8dde46afdd098a..26d1fec512b5ec 100644 --- a/api_docs/screenshotting.mdx +++ b/api_docs/screenshotting.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/screenshotting title: "screenshotting" image: https://source.unsplash.com/400x175/?github description: API docs for the screenshotting plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'screenshotting'] --- import screenshottingObj from './screenshotting.devdocs.json'; diff --git a/api_docs/search_assistant.mdx b/api_docs/search_assistant.mdx index db4b8c6bdc5e23..d66a66ace673c9 100644 --- a/api_docs/search_assistant.mdx +++ b/api_docs/search_assistant.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/searchAssistant title: "searchAssistant" image: https://source.unsplash.com/400x175/?github description: API docs for the searchAssistant plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'searchAssistant'] --- import searchAssistantObj from './search_assistant.devdocs.json'; diff --git a/api_docs/search_connectors.mdx b/api_docs/search_connectors.mdx index ee10979316ec0d..1136458004da58 100644 --- a/api_docs/search_connectors.mdx +++ b/api_docs/search_connectors.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/searchConnectors title: "searchConnectors" image: https://source.unsplash.com/400x175/?github description: API docs for the searchConnectors plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'searchConnectors'] --- import searchConnectorsObj from './search_connectors.devdocs.json'; diff --git a/api_docs/search_homepage.mdx b/api_docs/search_homepage.mdx index 521a8787dfb23f..eeccbe7faa08f6 100644 --- a/api_docs/search_homepage.mdx +++ b/api_docs/search_homepage.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/searchHomepage title: "searchHomepage" image: https://source.unsplash.com/400x175/?github description: API docs for the searchHomepage plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'searchHomepage'] --- import searchHomepageObj from './search_homepage.devdocs.json'; diff --git a/api_docs/search_indices.devdocs.json b/api_docs/search_indices.devdocs.json index c92f3da9f8c171..a2fa441a9b27d9 100644 --- a/api_docs/search_indices.devdocs.json +++ b/api_docs/search_indices.devdocs.json @@ -85,7 +85,7 @@ "label": "startAppId", "description": [], "signature": [ - "\"fleet\" | \"graph\" | \"ml\" | \"monitoring\" | \"profiling\" | \"metrics\" | \"management\" | \"apm\" | \"synthetics\" | \"ux\" | \"canvas\" | \"logs\" | \"dashboards\" | \"slo\" | \"observabilityAIAssistant\" | \"home\" | \"integrations\" | \"discover\" | \"observability-overview\" | \"appSearch\" | \"dev_tools\" | \"maps\" | \"visualize\" | \"dev_tools:console\" | \"dev_tools:searchprofiler\" | \"dev_tools:painless_lab\" | \"dev_tools:grokdebugger\" | \"ml:notifications\" | \"ml:nodes\" | \"ml:overview\" | \"ml:memoryUsage\" | \"ml:settings\" | \"ml:dataVisualizer\" | \"ml:logPatternAnalysis\" | \"ml:logRateAnalysis\" | \"ml:singleMetricViewer\" | \"ml:anomalyDetection\" | \"ml:anomalyExplorer\" | \"ml:dataDrift\" | \"ml:dataFrameAnalytics\" | \"ml:resultExplorer\" | \"ml:analyticsMap\" | \"ml:aiOps\" | \"ml:changePointDetections\" | \"ml:modelManagement\" | \"ml:nodesOverview\" | \"ml:esqlDataVisualizer\" | \"ml:fileUpload\" | \"ml:indexDataVisualizer\" | \"ml:calendarSettings\" | \"ml:filterListsSettings\" | \"ml:suppliedConfigurations\" | \"osquery\" | \"management:transform\" | \"management:watcher\" | \"management:cases\" | \"management:tags\" | \"management:maintenanceWindows\" | \"management:cross_cluster_replication\" | \"management:dataViews\" | \"management:spaces\" | \"management:settings\" | \"management:users\" | \"management:migrate_data\" | \"management:search_sessions\" | \"management:data_quality\" | \"management:filesManagement\" | \"management:roles\" | \"management:reporting\" | \"management:aiAssistantManagementSelection\" | \"management:securityAiAssistantManagement\" | \"management:observabilityAiAssistantManagement\" | \"management:api_keys\" | \"management:license_management\" | \"management:index_lifecycle_management\" | \"management:index_management\" | \"management:ingest_pipelines\" | \"management:jobsListLink\" | \"management:objects\" | \"management:pipelines\" | \"management:remote_clusters\" | \"management:role_mappings\" | \"management:rollup_jobs\" | \"management:snapshot_restore\" | \"management:triggersActions\" | \"management:triggersActionsConnectors\" | \"management:upgrade_assistant\" | \"enterpriseSearch\" | \"enterpriseSearchContent\" | \"enterpriseSearchApplications\" | \"enterpriseSearchRelevance\" | \"enterpriseSearchAnalytics\" | \"workplaceSearch\" | \"serverlessElasticsearch\" | \"serverlessConnectors\" | \"searchPlayground\" | \"searchInferenceEndpoints\" | \"searchHomepage\" | \"enterpriseSearchContent:connectors\" | \"enterpriseSearchContent:searchIndices\" | \"enterpriseSearchContent:webCrawlers\" | \"enterpriseSearchApplications:searchApplications\" | \"enterpriseSearchApplications:playground\" | \"appSearch:engines\" | \"enterpriseSearchRelevance:inferenceEndpoints\" | \"elasticsearchStart\" | \"elasticsearchIndices\" | \"observability-logs-explorer\" | \"last-used-logs-viewer\" | \"observabilityOnboarding\" | \"inventory\" | \"logs:settings\" | \"logs:stream\" | \"logs:log-categories\" | \"logs:anomalies\" | \"observability-overview:cases\" | \"observability-overview:alerts\" | \"observability-overview:rules\" | \"observability-overview:cases_create\" | \"observability-overview:cases_configure\" | \"metrics:settings\" | \"metrics:hosts\" | \"metrics:inventory\" | \"metrics:metrics-explorer\" | \"metrics:assetDetails\" | \"apm:services\" | \"apm:traces\" | \"apm:dependencies\" | \"apm:service-map\" | \"apm:settings\" | \"apm:service-groups-list\" | \"apm:storage-explorer\" | \"synthetics:overview\" | \"synthetics:certificates\" | \"profiling:functions\" | \"profiling:stacktraces\" | \"profiling:flamegraphs\" | \"inventory:datastreams\" | \"securitySolutionUI\" | \"securitySolutionUI:\" | \"securitySolutionUI:cases\" | \"securitySolutionUI:alerts\" | \"securitySolutionUI:rules\" | \"securitySolutionUI:policy\" | \"securitySolutionUI:overview\" | \"securitySolutionUI:dashboards\" | \"securitySolutionUI:kubernetes\" | \"securitySolutionUI:cases_create\" | \"securitySolutionUI:cases_configure\" | \"securitySolutionUI:hosts\" | \"securitySolutionUI:users\" | \"securitySolutionUI:cloud_defend-policies\" | \"securitySolutionUI:cloud_security_posture-dashboard\" | \"securitySolutionUI:cloud_security_posture-findings\" | \"securitySolutionUI:cloud_security_posture-benchmarks\" | \"securitySolutionUI:network\" | \"securitySolutionUI:data_quality\" | \"securitySolutionUI:explore\" | \"securitySolutionUI:assets\" | \"securitySolutionUI:cloud_defend\" | \"securitySolutionUI:notes\" | \"securitySolutionUI:administration\" | \"securitySolutionUI:attack_discovery\" | \"securitySolutionUI:blocklist\" | \"securitySolutionUI:cloud_security_posture-rules\" | \"securitySolutionUI:detections\" | \"securitySolutionUI:detection_response\" | \"securitySolutionUI:endpoints\" | \"securitySolutionUI:event_filters\" | \"securitySolutionUI:exceptions\" | \"securitySolutionUI:host_isolation_exceptions\" | \"securitySolutionUI:hosts-all\" | \"securitySolutionUI:hosts-anomalies\" | \"securitySolutionUI:hosts-risk\" | \"securitySolutionUI:hosts-events\" | \"securitySolutionUI:hosts-sessions\" | \"securitySolutionUI:hosts-uncommon_processes\" | \"securitySolutionUI:investigations\" | \"securitySolutionUI:get_started\" | \"securitySolutionUI:machine_learning-landing\" | \"securitySolutionUI:network-anomalies\" | \"securitySolutionUI:network-dns\" | \"securitySolutionUI:network-events\" | \"securitySolutionUI:network-flows\" | \"securitySolutionUI:network-http\" | \"securitySolutionUI:network-tls\" | \"securitySolutionUI:response_actions_history\" | \"securitySolutionUI:rules-add\" | \"securitySolutionUI:rules-create\" | \"securitySolutionUI:rules-landing\" | \"securitySolutionUI:threat_intelligence\" | \"securitySolutionUI:timelines\" | \"securitySolutionUI:timelines-templates\" | \"securitySolutionUI:trusted_apps\" | \"securitySolutionUI:users-all\" | \"securitySolutionUI:users-anomalies\" | \"securitySolutionUI:users-authentications\" | \"securitySolutionUI:users-events\" | \"securitySolutionUI:users-risk\" | \"securitySolutionUI:entity_analytics\" | \"securitySolutionUI:entity_analytics-management\" | \"securitySolutionUI:entity_analytics-asset-classification\" | \"securitySolutionUI:entity_analytics-entity_store_management\" | \"securitySolutionUI:coverage-overview\" | \"fleet:settings\" | \"fleet:agents\" | \"fleet:policies\" | \"fleet:data_streams\" | \"fleet:enrollment_tokens\" | \"fleet:uninstall_tokens\"" + "\"fleet\" | \"graph\" | \"ml\" | \"monitoring\" | \"profiling\" | \"metrics\" | \"management\" | \"apm\" | \"synthetics\" | \"ux\" | \"canvas\" | \"logs\" | \"dashboards\" | \"slo\" | \"observabilityAIAssistant\" | \"home\" | \"integrations\" | \"discover\" | \"observability-overview\" | \"appSearch\" | \"dev_tools\" | \"maps\" | \"visualize\" | \"dev_tools:console\" | \"dev_tools:searchprofiler\" | \"dev_tools:painless_lab\" | \"dev_tools:grokdebugger\" | \"ml:notifications\" | \"ml:nodes\" | \"ml:overview\" | \"ml:memoryUsage\" | \"ml:settings\" | \"ml:dataVisualizer\" | \"ml:logPatternAnalysis\" | \"ml:logRateAnalysis\" | \"ml:singleMetricViewer\" | \"ml:anomalyDetection\" | \"ml:anomalyExplorer\" | \"ml:dataDrift\" | \"ml:dataFrameAnalytics\" | \"ml:resultExplorer\" | \"ml:analyticsMap\" | \"ml:aiOps\" | \"ml:changePointDetections\" | \"ml:modelManagement\" | \"ml:nodesOverview\" | \"ml:esqlDataVisualizer\" | \"ml:fileUpload\" | \"ml:indexDataVisualizer\" | \"ml:calendarSettings\" | \"ml:filterListsSettings\" | \"ml:suppliedConfigurations\" | \"osquery\" | \"management:transform\" | \"management:watcher\" | \"management:cases\" | \"management:tags\" | \"management:maintenanceWindows\" | \"management:cross_cluster_replication\" | \"management:dataViews\" | \"management:spaces\" | \"management:settings\" | \"management:users\" | \"management:migrate_data\" | \"management:search_sessions\" | \"management:data_quality\" | \"management:filesManagement\" | \"management:roles\" | \"management:reporting\" | \"management:aiAssistantManagementSelection\" | \"management:securityAiAssistantManagement\" | \"management:observabilityAiAssistantManagement\" | \"management:api_keys\" | \"management:license_management\" | \"management:index_lifecycle_management\" | \"management:index_management\" | \"management:ingest_pipelines\" | \"management:jobsListLink\" | \"management:objects\" | \"management:pipelines\" | \"management:remote_clusters\" | \"management:role_mappings\" | \"management:rollup_jobs\" | \"management:snapshot_restore\" | \"management:triggersActions\" | \"management:triggersActionsConnectors\" | \"management:upgrade_assistant\" | \"enterpriseSearch\" | \"enterpriseSearchContent\" | \"enterpriseSearchApplications\" | \"searchInferenceEndpoints\" | \"enterpriseSearchAnalytics\" | \"workplaceSearch\" | \"serverlessElasticsearch\" | \"serverlessConnectors\" | \"searchPlayground\" | \"searchHomepage\" | \"enterpriseSearchContent:connectors\" | \"enterpriseSearchContent:searchIndices\" | \"enterpriseSearchContent:webCrawlers\" | \"enterpriseSearchApplications:searchApplications\" | \"enterpriseSearchApplications:playground\" | \"appSearch:engines\" | \"searchInferenceEndpoints:inferenceEndpoints\" | \"elasticsearchStart\" | \"elasticsearchIndices\" | \"observability-logs-explorer\" | \"last-used-logs-viewer\" | \"observabilityOnboarding\" | \"inventory\" | \"logs:settings\" | \"logs:stream\" | \"logs:log-categories\" | \"logs:anomalies\" | \"observability-overview:cases\" | \"observability-overview:alerts\" | \"observability-overview:rules\" | \"observability-overview:cases_create\" | \"observability-overview:cases_configure\" | \"metrics:settings\" | \"metrics:hosts\" | \"metrics:inventory\" | \"metrics:metrics-explorer\" | \"metrics:assetDetails\" | \"apm:services\" | \"apm:traces\" | \"apm:dependencies\" | \"apm:service-map\" | \"apm:settings\" | \"apm:service-groups-list\" | \"apm:storage-explorer\" | \"synthetics:overview\" | \"synthetics:certificates\" | \"profiling:functions\" | \"profiling:stacktraces\" | \"profiling:flamegraphs\" | \"inventory:datastreams\" | \"securitySolutionUI\" | \"securitySolutionUI:\" | \"securitySolutionUI:cases\" | \"securitySolutionUI:alerts\" | \"securitySolutionUI:rules\" | \"securitySolutionUI:policy\" | \"securitySolutionUI:overview\" | \"securitySolutionUI:dashboards\" | \"securitySolutionUI:kubernetes\" | \"securitySolutionUI:cases_create\" | \"securitySolutionUI:cases_configure\" | \"securitySolutionUI:hosts\" | \"securitySolutionUI:users\" | \"securitySolutionUI:cloud_defend-policies\" | \"securitySolutionUI:cloud_security_posture-dashboard\" | \"securitySolutionUI:cloud_security_posture-findings\" | \"securitySolutionUI:cloud_security_posture-benchmarks\" | \"securitySolutionUI:network\" | \"securitySolutionUI:data_quality\" | \"securitySolutionUI:explore\" | \"securitySolutionUI:assets\" | \"securitySolutionUI:cloud_defend\" | \"securitySolutionUI:notes\" | \"securitySolutionUI:administration\" | \"securitySolutionUI:attack_discovery\" | \"securitySolutionUI:blocklist\" | \"securitySolutionUI:cloud_security_posture-rules\" | \"securitySolutionUI:detections\" | \"securitySolutionUI:detection_response\" | \"securitySolutionUI:endpoints\" | \"securitySolutionUI:event_filters\" | \"securitySolutionUI:exceptions\" | \"securitySolutionUI:host_isolation_exceptions\" | \"securitySolutionUI:hosts-all\" | \"securitySolutionUI:hosts-anomalies\" | \"securitySolutionUI:hosts-risk\" | \"securitySolutionUI:hosts-events\" | \"securitySolutionUI:hosts-sessions\" | \"securitySolutionUI:hosts-uncommon_processes\" | \"securitySolutionUI:investigations\" | \"securitySolutionUI:get_started\" | \"securitySolutionUI:machine_learning-landing\" | \"securitySolutionUI:network-anomalies\" | \"securitySolutionUI:network-dns\" | \"securitySolutionUI:network-events\" | \"securitySolutionUI:network-flows\" | \"securitySolutionUI:network-http\" | \"securitySolutionUI:network-tls\" | \"securitySolutionUI:response_actions_history\" | \"securitySolutionUI:rules-add\" | \"securitySolutionUI:rules-create\" | \"securitySolutionUI:rules-landing\" | \"securitySolutionUI:threat_intelligence\" | \"securitySolutionUI:timelines\" | \"securitySolutionUI:timelines-templates\" | \"securitySolutionUI:trusted_apps\" | \"securitySolutionUI:users-all\" | \"securitySolutionUI:users-anomalies\" | \"securitySolutionUI:users-authentications\" | \"securitySolutionUI:users-events\" | \"securitySolutionUI:users-risk\" | \"securitySolutionUI:entity_analytics\" | \"securitySolutionUI:entity_analytics-management\" | \"securitySolutionUI:entity_analytics-asset-classification\" | \"securitySolutionUI:entity_analytics-entity_store_management\" | \"securitySolutionUI:coverage-overview\" | \"fleet:settings\" | \"fleet:agents\" | \"fleet:policies\" | \"fleet:data_streams\" | \"fleet:enrollment_tokens\" | \"fleet:uninstall_tokens\"" ], "path": "x-pack/plugins/search_indices/public/types.ts", "deprecated": false, diff --git a/api_docs/search_indices.mdx b/api_docs/search_indices.mdx index 048ef641738f45..b662d6c015100a 100644 --- a/api_docs/search_indices.mdx +++ b/api_docs/search_indices.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/searchIndices title: "searchIndices" image: https://source.unsplash.com/400x175/?github description: API docs for the searchIndices plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'searchIndices'] --- import searchIndicesObj from './search_indices.devdocs.json'; diff --git a/api_docs/search_inference_endpoints.mdx b/api_docs/search_inference_endpoints.mdx index 1acfd9569473ef..66f6d593c078d3 100644 --- a/api_docs/search_inference_endpoints.mdx +++ b/api_docs/search_inference_endpoints.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/searchInferenceEndpoints title: "searchInferenceEndpoints" image: https://source.unsplash.com/400x175/?github description: API docs for the searchInferenceEndpoints plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'searchInferenceEndpoints'] --- import searchInferenceEndpointsObj from './search_inference_endpoints.devdocs.json'; diff --git a/api_docs/search_notebooks.mdx b/api_docs/search_notebooks.mdx index 847d0b86878d09..05336feed06f4c 100644 --- a/api_docs/search_notebooks.mdx +++ b/api_docs/search_notebooks.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/searchNotebooks title: "searchNotebooks" image: https://source.unsplash.com/400x175/?github description: API docs for the searchNotebooks plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'searchNotebooks'] --- import searchNotebooksObj from './search_notebooks.devdocs.json'; diff --git a/api_docs/search_playground.mdx b/api_docs/search_playground.mdx index ec54edd81de7e8..5415cb0166981b 100644 --- a/api_docs/search_playground.mdx +++ b/api_docs/search_playground.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/searchPlayground title: "searchPlayground" image: https://source.unsplash.com/400x175/?github description: API docs for the searchPlayground plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'searchPlayground'] --- import searchPlaygroundObj from './search_playground.devdocs.json'; diff --git a/api_docs/security.mdx b/api_docs/security.mdx index 78109bb35320ea..d3b7ef9dedc016 100644 --- a/api_docs/security.mdx +++ b/api_docs/security.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/security title: "security" image: https://source.unsplash.com/400x175/?github description: API docs for the security plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'security'] --- import securityObj from './security.devdocs.json'; diff --git a/api_docs/security_solution.mdx b/api_docs/security_solution.mdx index 6ef5b6e401017e..9e393a13639e4c 100644 --- a/api_docs/security_solution.mdx +++ b/api_docs/security_solution.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/securitySolution title: "securitySolution" image: https://source.unsplash.com/400x175/?github description: API docs for the securitySolution plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'securitySolution'] --- import securitySolutionObj from './security_solution.devdocs.json'; diff --git a/api_docs/security_solution_ess.mdx b/api_docs/security_solution_ess.mdx index 00cceb7e4502b7..895e042ec2a5ec 100644 --- a/api_docs/security_solution_ess.mdx +++ b/api_docs/security_solution_ess.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/securitySolutionEss title: "securitySolutionEss" image: https://source.unsplash.com/400x175/?github description: API docs for the securitySolutionEss plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'securitySolutionEss'] --- import securitySolutionEssObj from './security_solution_ess.devdocs.json'; diff --git a/api_docs/security_solution_serverless.mdx b/api_docs/security_solution_serverless.mdx index 75351b08d96696..f4a603c21a5c54 100644 --- a/api_docs/security_solution_serverless.mdx +++ b/api_docs/security_solution_serverless.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/securitySolutionServerless title: "securitySolutionServerless" image: https://source.unsplash.com/400x175/?github description: API docs for the securitySolutionServerless plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'securitySolutionServerless'] --- import securitySolutionServerlessObj from './security_solution_serverless.devdocs.json'; diff --git a/api_docs/serverless.mdx b/api_docs/serverless.mdx index 81c5b3522da875..3735c7acaa940e 100644 --- a/api_docs/serverless.mdx +++ b/api_docs/serverless.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/serverless title: "serverless" image: https://source.unsplash.com/400x175/?github description: API docs for the serverless plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'serverless'] --- import serverlessObj from './serverless.devdocs.json'; diff --git a/api_docs/serverless_observability.mdx b/api_docs/serverless_observability.mdx index e4428073f460d5..00225f3e8a3727 100644 --- a/api_docs/serverless_observability.mdx +++ b/api_docs/serverless_observability.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/serverlessObservability title: "serverlessObservability" image: https://source.unsplash.com/400x175/?github description: API docs for the serverlessObservability plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'serverlessObservability'] --- import serverlessObservabilityObj from './serverless_observability.devdocs.json'; diff --git a/api_docs/serverless_search.mdx b/api_docs/serverless_search.mdx index d6d38498dcdf27..f75308b519a757 100644 --- a/api_docs/serverless_search.mdx +++ b/api_docs/serverless_search.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/serverlessSearch title: "serverlessSearch" image: https://source.unsplash.com/400x175/?github description: API docs for the serverlessSearch plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'serverlessSearch'] --- import serverlessSearchObj from './serverless_search.devdocs.json'; diff --git a/api_docs/session_view.mdx b/api_docs/session_view.mdx index 21a85dc1bdc77f..f5845f7aa95847 100644 --- a/api_docs/session_view.mdx +++ b/api_docs/session_view.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/sessionView title: "sessionView" image: https://source.unsplash.com/400x175/?github description: API docs for the sessionView plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'sessionView'] --- import sessionViewObj from './session_view.devdocs.json'; diff --git a/api_docs/share.devdocs.json b/api_docs/share.devdocs.json index df10eee7ece274..779c2a12f4c64e 100644 --- a/api_docs/share.devdocs.json +++ b/api_docs/share.devdocs.json @@ -1419,6 +1419,20 @@ "path": "src/plugins/share/public/types.ts", "deprecated": false, "trackAdoption": false + }, + { + "parentPluginId": "share", + "id": "def-public.ShareMenuItemV2.warnings", + "type": "Array", + "tags": [], + "label": "warnings", + "description": [], + "signature": [ + "{ title: string; message: string; }[] | undefined" + ], + "path": "src/plugins/share/public/types.ts", + "deprecated": false, + "trackAdoption": false } ], "initialIsOpen": false diff --git a/api_docs/share.mdx b/api_docs/share.mdx index 613f6e915c9b96..43620b83f12309 100644 --- a/api_docs/share.mdx +++ b/api_docs/share.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/share title: "share" image: https://source.unsplash.com/400x175/?github description: API docs for the share plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'share'] --- import shareObj from './share.devdocs.json'; @@ -21,7 +21,7 @@ Contact [@elastic/appex-sharedux](https://github.com/orgs/elastic/teams/appex-sh | Public API count | Any count | Items lacking comments | Missing exports | |-------------------|-----------|------------------------|-----------------| -| 135 | 0 | 72 | 15 | +| 136 | 0 | 73 | 15 | ## Client diff --git a/api_docs/slo.mdx b/api_docs/slo.mdx index 3aa27b1c14171b..1cbb1da238d657 100644 --- a/api_docs/slo.mdx +++ b/api_docs/slo.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/slo title: "slo" image: https://source.unsplash.com/400x175/?github description: API docs for the slo plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'slo'] --- import sloObj from './slo.devdocs.json'; diff --git a/api_docs/snapshot_restore.mdx b/api_docs/snapshot_restore.mdx index bf30f5171e288b..c89f36dfc4b713 100644 --- a/api_docs/snapshot_restore.mdx +++ b/api_docs/snapshot_restore.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/snapshotRestore title: "snapshotRestore" image: https://source.unsplash.com/400x175/?github description: API docs for the snapshotRestore plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'snapshotRestore'] --- import snapshotRestoreObj from './snapshot_restore.devdocs.json'; diff --git a/api_docs/spaces.mdx b/api_docs/spaces.mdx index be7bd2a17dd654..f9826555b83850 100644 --- a/api_docs/spaces.mdx +++ b/api_docs/spaces.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/spaces title: "spaces" image: https://source.unsplash.com/400x175/?github description: API docs for the spaces plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'spaces'] --- import spacesObj from './spaces.devdocs.json'; diff --git a/api_docs/stack_alerts.mdx b/api_docs/stack_alerts.mdx index 12734e8fc52d62..fa0f5ed1188d02 100644 --- a/api_docs/stack_alerts.mdx +++ b/api_docs/stack_alerts.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/stackAlerts title: "stackAlerts" image: https://source.unsplash.com/400x175/?github description: API docs for the stackAlerts plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'stackAlerts'] --- import stackAlertsObj from './stack_alerts.devdocs.json'; diff --git a/api_docs/stack_connectors.mdx b/api_docs/stack_connectors.mdx index c76654fd5049b0..8588064cd6a344 100644 --- a/api_docs/stack_connectors.mdx +++ b/api_docs/stack_connectors.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/stackConnectors title: "stackConnectors" image: https://source.unsplash.com/400x175/?github description: API docs for the stackConnectors plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'stackConnectors'] --- import stackConnectorsObj from './stack_connectors.devdocs.json'; diff --git a/api_docs/task_manager.mdx b/api_docs/task_manager.mdx index 49ba693218e37f..318b944b62f391 100644 --- a/api_docs/task_manager.mdx +++ b/api_docs/task_manager.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/taskManager title: "taskManager" image: https://source.unsplash.com/400x175/?github description: API docs for the taskManager plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'taskManager'] --- import taskManagerObj from './task_manager.devdocs.json'; diff --git a/api_docs/telemetry.mdx b/api_docs/telemetry.mdx index 51343aef7e857b..a341a90574a8ff 100644 --- a/api_docs/telemetry.mdx +++ b/api_docs/telemetry.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/telemetry title: "telemetry" image: https://source.unsplash.com/400x175/?github description: API docs for the telemetry plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'telemetry'] --- import telemetryObj from './telemetry.devdocs.json'; diff --git a/api_docs/telemetry_collection_manager.mdx b/api_docs/telemetry_collection_manager.mdx index 6d9a2ae35af94b..627e130e10d2d0 100644 --- a/api_docs/telemetry_collection_manager.mdx +++ b/api_docs/telemetry_collection_manager.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/telemetryCollectionManager title: "telemetryCollectionManager" image: https://source.unsplash.com/400x175/?github description: API docs for the telemetryCollectionManager plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'telemetryCollectionManager'] --- import telemetryCollectionManagerObj from './telemetry_collection_manager.devdocs.json'; diff --git a/api_docs/telemetry_collection_xpack.mdx b/api_docs/telemetry_collection_xpack.mdx index cedee388bb0468..820a18bf1d8b53 100644 --- a/api_docs/telemetry_collection_xpack.mdx +++ b/api_docs/telemetry_collection_xpack.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/telemetryCollectionXpack title: "telemetryCollectionXpack" image: https://source.unsplash.com/400x175/?github description: API docs for the telemetryCollectionXpack plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'telemetryCollectionXpack'] --- import telemetryCollectionXpackObj from './telemetry_collection_xpack.devdocs.json'; diff --git a/api_docs/telemetry_management_section.mdx b/api_docs/telemetry_management_section.mdx index 4d0733b871af87..31928ad49e6dfd 100644 --- a/api_docs/telemetry_management_section.mdx +++ b/api_docs/telemetry_management_section.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/telemetryManagementSection title: "telemetryManagementSection" image: https://source.unsplash.com/400x175/?github description: API docs for the telemetryManagementSection plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'telemetryManagementSection'] --- import telemetryManagementSectionObj from './telemetry_management_section.devdocs.json'; diff --git a/api_docs/threat_intelligence.mdx b/api_docs/threat_intelligence.mdx index ffe088d4aedc41..7eccfa80a188a8 100644 --- a/api_docs/threat_intelligence.mdx +++ b/api_docs/threat_intelligence.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/threatIntelligence title: "threatIntelligence" image: https://source.unsplash.com/400x175/?github description: API docs for the threatIntelligence plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'threatIntelligence'] --- import threatIntelligenceObj from './threat_intelligence.devdocs.json'; diff --git a/api_docs/timelines.mdx b/api_docs/timelines.mdx index e5d0d55890db8d..607b2eb7ae1b48 100644 --- a/api_docs/timelines.mdx +++ b/api_docs/timelines.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/timelines title: "timelines" image: https://source.unsplash.com/400x175/?github description: API docs for the timelines plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'timelines'] --- import timelinesObj from './timelines.devdocs.json'; diff --git a/api_docs/transform.mdx b/api_docs/transform.mdx index 7dfa9cb9d4efe2..3b9479ad7e04ce 100644 --- a/api_docs/transform.mdx +++ b/api_docs/transform.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/transform title: "transform" image: https://source.unsplash.com/400x175/?github description: API docs for the transform plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'transform'] --- import transformObj from './transform.devdocs.json'; diff --git a/api_docs/triggers_actions_ui.mdx b/api_docs/triggers_actions_ui.mdx index c1849c4d585f09..528c0b87a54abe 100644 --- a/api_docs/triggers_actions_ui.mdx +++ b/api_docs/triggers_actions_ui.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/triggersActionsUi title: "triggersActionsUi" image: https://source.unsplash.com/400x175/?github description: API docs for the triggersActionsUi plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'triggersActionsUi'] --- import triggersActionsUiObj from './triggers_actions_ui.devdocs.json'; diff --git a/api_docs/ui_actions.mdx b/api_docs/ui_actions.mdx index 2f776303961240..3cb2db5b23aa9f 100644 --- a/api_docs/ui_actions.mdx +++ b/api_docs/ui_actions.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/uiActions title: "uiActions" image: https://source.unsplash.com/400x175/?github description: API docs for the uiActions plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'uiActions'] --- import uiActionsObj from './ui_actions.devdocs.json'; diff --git a/api_docs/ui_actions_enhanced.mdx b/api_docs/ui_actions_enhanced.mdx index de13e87996fad8..677b0bd6071d04 100644 --- a/api_docs/ui_actions_enhanced.mdx +++ b/api_docs/ui_actions_enhanced.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/uiActionsEnhanced title: "uiActionsEnhanced" image: https://source.unsplash.com/400x175/?github description: API docs for the uiActionsEnhanced plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'uiActionsEnhanced'] --- import uiActionsEnhancedObj from './ui_actions_enhanced.devdocs.json'; diff --git a/api_docs/unified_doc_viewer.mdx b/api_docs/unified_doc_viewer.mdx index 3fa77ed4a2bf01..faf3ff01f37ef0 100644 --- a/api_docs/unified_doc_viewer.mdx +++ b/api_docs/unified_doc_viewer.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/unifiedDocViewer title: "unifiedDocViewer" image: https://source.unsplash.com/400x175/?github description: API docs for the unifiedDocViewer plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'unifiedDocViewer'] --- import unifiedDocViewerObj from './unified_doc_viewer.devdocs.json'; diff --git a/api_docs/unified_histogram.mdx b/api_docs/unified_histogram.mdx index 36286be79ac35f..e87989b8cbbe2a 100644 --- a/api_docs/unified_histogram.mdx +++ b/api_docs/unified_histogram.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/unifiedHistogram title: "unifiedHistogram" image: https://source.unsplash.com/400x175/?github description: API docs for the unifiedHistogram plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'unifiedHistogram'] --- import unifiedHistogramObj from './unified_histogram.devdocs.json'; diff --git a/api_docs/unified_search.mdx b/api_docs/unified_search.mdx index 1931e1a60e0e3b..03ca2d121383d9 100644 --- a/api_docs/unified_search.mdx +++ b/api_docs/unified_search.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/unifiedSearch title: "unifiedSearch" image: https://source.unsplash.com/400x175/?github description: API docs for the unifiedSearch plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'unifiedSearch'] --- import unifiedSearchObj from './unified_search.devdocs.json'; diff --git a/api_docs/unified_search_autocomplete.mdx b/api_docs/unified_search_autocomplete.mdx index 64061d2147f9c1..33d93dd2450307 100644 --- a/api_docs/unified_search_autocomplete.mdx +++ b/api_docs/unified_search_autocomplete.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/unifiedSearch-autocomplete title: "unifiedSearch.autocomplete" image: https://source.unsplash.com/400x175/?github description: API docs for the unifiedSearch.autocomplete plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'unifiedSearch.autocomplete'] --- import unifiedSearchAutocompleteObj from './unified_search_autocomplete.devdocs.json'; diff --git a/api_docs/uptime.mdx b/api_docs/uptime.mdx index ec33e9e770dbb4..8c604601a45657 100644 --- a/api_docs/uptime.mdx +++ b/api_docs/uptime.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/uptime title: "uptime" image: https://source.unsplash.com/400x175/?github description: API docs for the uptime plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'uptime'] --- import uptimeObj from './uptime.devdocs.json'; diff --git a/api_docs/url_forwarding.mdx b/api_docs/url_forwarding.mdx index 4d271192dfef39..ba0276527dee73 100644 --- a/api_docs/url_forwarding.mdx +++ b/api_docs/url_forwarding.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/urlForwarding title: "urlForwarding" image: https://source.unsplash.com/400x175/?github description: API docs for the urlForwarding plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'urlForwarding'] --- import urlForwardingObj from './url_forwarding.devdocs.json'; diff --git a/api_docs/usage_collection.mdx b/api_docs/usage_collection.mdx index 171594804fee5e..1170eec5a458a1 100644 --- a/api_docs/usage_collection.mdx +++ b/api_docs/usage_collection.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/usageCollection title: "usageCollection" image: https://source.unsplash.com/400x175/?github description: API docs for the usageCollection plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'usageCollection'] --- import usageCollectionObj from './usage_collection.devdocs.json'; diff --git a/api_docs/ux.mdx b/api_docs/ux.mdx index 07de025d8c8190..c1f92c49c267aa 100644 --- a/api_docs/ux.mdx +++ b/api_docs/ux.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/ux title: "ux" image: https://source.unsplash.com/400x175/?github description: API docs for the ux plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'ux'] --- import uxObj from './ux.devdocs.json'; diff --git a/api_docs/vis_default_editor.mdx b/api_docs/vis_default_editor.mdx index 96bb43f0fd03fb..70d9bcf78a1dd9 100644 --- a/api_docs/vis_default_editor.mdx +++ b/api_docs/vis_default_editor.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/visDefaultEditor title: "visDefaultEditor" image: https://source.unsplash.com/400x175/?github description: API docs for the visDefaultEditor plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'visDefaultEditor'] --- import visDefaultEditorObj from './vis_default_editor.devdocs.json'; diff --git a/api_docs/vis_type_gauge.mdx b/api_docs/vis_type_gauge.mdx index a671264177f712..66ee00301492aa 100644 --- a/api_docs/vis_type_gauge.mdx +++ b/api_docs/vis_type_gauge.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/visTypeGauge title: "visTypeGauge" image: https://source.unsplash.com/400x175/?github description: API docs for the visTypeGauge plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'visTypeGauge'] --- import visTypeGaugeObj from './vis_type_gauge.devdocs.json'; diff --git a/api_docs/vis_type_heatmap.mdx b/api_docs/vis_type_heatmap.mdx index 55d4c04564ddc8..7a38ed1c1a068f 100644 --- a/api_docs/vis_type_heatmap.mdx +++ b/api_docs/vis_type_heatmap.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/visTypeHeatmap title: "visTypeHeatmap" image: https://source.unsplash.com/400x175/?github description: API docs for the visTypeHeatmap plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'visTypeHeatmap'] --- import visTypeHeatmapObj from './vis_type_heatmap.devdocs.json'; diff --git a/api_docs/vis_type_pie.mdx b/api_docs/vis_type_pie.mdx index 9b111873958b71..2025517672cd98 100644 --- a/api_docs/vis_type_pie.mdx +++ b/api_docs/vis_type_pie.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/visTypePie title: "visTypePie" image: https://source.unsplash.com/400x175/?github description: API docs for the visTypePie plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'visTypePie'] --- import visTypePieObj from './vis_type_pie.devdocs.json'; diff --git a/api_docs/vis_type_table.mdx b/api_docs/vis_type_table.mdx index 90b1e62b6b3838..70592aa5d8a7a9 100644 --- a/api_docs/vis_type_table.mdx +++ b/api_docs/vis_type_table.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/visTypeTable title: "visTypeTable" image: https://source.unsplash.com/400x175/?github description: API docs for the visTypeTable plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'visTypeTable'] --- import visTypeTableObj from './vis_type_table.devdocs.json'; diff --git a/api_docs/vis_type_timelion.mdx b/api_docs/vis_type_timelion.mdx index ac57e80c0aa9d7..688101a8fbc216 100644 --- a/api_docs/vis_type_timelion.mdx +++ b/api_docs/vis_type_timelion.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/visTypeTimelion title: "visTypeTimelion" image: https://source.unsplash.com/400x175/?github description: API docs for the visTypeTimelion plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'visTypeTimelion'] --- import visTypeTimelionObj from './vis_type_timelion.devdocs.json'; diff --git a/api_docs/vis_type_timeseries.mdx b/api_docs/vis_type_timeseries.mdx index 6b8a18c18b92ae..07e0e6f0ff1587 100644 --- a/api_docs/vis_type_timeseries.mdx +++ b/api_docs/vis_type_timeseries.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/visTypeTimeseries title: "visTypeTimeseries" image: https://source.unsplash.com/400x175/?github description: API docs for the visTypeTimeseries plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'visTypeTimeseries'] --- import visTypeTimeseriesObj from './vis_type_timeseries.devdocs.json'; diff --git a/api_docs/vis_type_vega.mdx b/api_docs/vis_type_vega.mdx index 40ba5219a3a1db..c84cc9645b25b8 100644 --- a/api_docs/vis_type_vega.mdx +++ b/api_docs/vis_type_vega.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/visTypeVega title: "visTypeVega" image: https://source.unsplash.com/400x175/?github description: API docs for the visTypeVega plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'visTypeVega'] --- import visTypeVegaObj from './vis_type_vega.devdocs.json'; diff --git a/api_docs/vis_type_vislib.mdx b/api_docs/vis_type_vislib.mdx index 7675748d30c9db..dea129607f14e3 100644 --- a/api_docs/vis_type_vislib.mdx +++ b/api_docs/vis_type_vislib.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/visTypeVislib title: "visTypeVislib" image: https://source.unsplash.com/400x175/?github description: API docs for the visTypeVislib plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'visTypeVislib'] --- import visTypeVislibObj from './vis_type_vislib.devdocs.json'; diff --git a/api_docs/vis_type_xy.mdx b/api_docs/vis_type_xy.mdx index d93bb25ac5b98f..97c9623e46d57f 100644 --- a/api_docs/vis_type_xy.mdx +++ b/api_docs/vis_type_xy.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/visTypeXy title: "visTypeXy" image: https://source.unsplash.com/400x175/?github description: API docs for the visTypeXy plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'visTypeXy'] --- import visTypeXyObj from './vis_type_xy.devdocs.json'; diff --git a/api_docs/visualizations.mdx b/api_docs/visualizations.mdx index 9e9e8a0f872c0e..8619c2f4b9ee70 100644 --- a/api_docs/visualizations.mdx +++ b/api_docs/visualizations.mdx @@ -8,7 +8,7 @@ slug: /kibana-dev-docs/api/visualizations title: "visualizations" image: https://source.unsplash.com/400x175/?github description: API docs for the visualizations plugin -date: 2024-10-22 +date: 2024-10-24 tags: ['contributor', 'dev', 'apidocs', 'kibana', 'visualizations'] --- import visualizationsObj from './visualizations.devdocs.json'; diff --git a/config/serverless.es.yml b/config/serverless.es.yml index eb3af92c899630..b3b953e5316ac1 100644 --- a/config/serverless.es.yml +++ b/config/serverless.es.yml @@ -120,4 +120,4 @@ xpack.searchInferenceEndpoints.ui.enabled: false xpack.search.notebooks.catalog.url: https://elastic-enterprise-search.s3.us-east-2.amazonaws.com/serverless/catalog.json # Semantic text UI -xpack.index_management.dev.enableSemanticText: false +xpack.index_management.dev.enableSemanticText: true diff --git a/dev_docs/getting_started/hello_world_plugin.mdx b/dev_docs/getting_started/hello_world_plugin.mdx index 08fd7e4a721c23..29e6944f88150b 100644 --- a/dev_docs/getting_started/hello_world_plugin.mdx +++ b/dev_docs/getting_started/hello_world_plugin.mdx @@ -90,7 +90,7 @@ And add the following to it: ```ts import React from 'react'; import ReactDOM from 'react-dom'; -import { AppMountParameters, CoreSetup, CoreStart, Plugin } from '../../../src/core/public'; +import { AppMountParameters, CoreSetup, CoreStart, Plugin } from '@kbn/core/public'; export class HelloWorldPlugin implements Plugin { public setup(core: CoreSetup) { diff --git a/docs/developer/plugin-list.asciidoc b/docs/developer/plugin-list.asciidoc index a99e030a4adc1e..b6ba24df78976f 100644 --- a/docs/developer/plugin-list.asciidoc +++ b/docs/developer/plugin-list.asciidoc @@ -744,7 +744,7 @@ Elastic. |{kib-repo}blob/{branch}/x-pack/plugins/observability_solution/observability_ai_assistant_management/README.md[observabilityAiAssistantManagement] -|The observabilityAiAssistantManagement plugin manages the Ai Assistant for Observability management section. +|The observabilityAiAssistantManagement plugin manages the Ai Assistant for Observability and Search management section. |{kib-repo}blob/{branch}/x-pack/plugins/observability_solution/observability_logs_explorer/README.md[observabilityLogsExplorer] diff --git a/examples/routing_example/common/index.ts b/examples/routing_example/common/index.ts index c86a994f469f19..b83582b66ff085 100644 --- a/examples/routing_example/common/index.ts +++ b/examples/routing_example/common/index.ts @@ -15,3 +15,9 @@ export const POST_MESSAGE_ROUTE_PATH = '/api/post_message'; // Internal APIs should use the `internal` prefix, instead of the `api` prefix. export const INTERNAL_GET_MESSAGE_BY_ID_ROUTE = '/internal/get_message'; + +export const DEPRECATED_ROUTES = { + REMOVED_ROUTE: '/api/routing_example/d/removed_route', + MIGRATED_ROUTE: '/api/routing_example/d/migrated_route', + VERSIONED_ROUTE: '/api/routing_example/d/versioned', +}; diff --git a/examples/routing_example/server/plugin.ts b/examples/routing_example/server/plugin.ts index cb6a00920dd055..d4036afc58b5bb 100644 --- a/examples/routing_example/server/plugin.ts +++ b/examples/routing_example/server/plugin.ts @@ -8,13 +8,14 @@ */ import { Plugin, CoreSetup, CoreStart } from '@kbn/core/server'; -import { registerRoutes } from './routes'; +import { registerRoutes, registerDeprecatedRoutes } from './routes'; export class RoutingExamplePlugin implements Plugin<{}, {}> { public setup(core: CoreSetup) { const router = core.http.createRouter(); registerRoutes(router); + registerDeprecatedRoutes(router); return {}; } diff --git a/examples/routing_example/server/routes/deprecated_routes/index.ts b/examples/routing_example/server/routes/deprecated_routes/index.ts new file mode 100644 index 00000000000000..75dc0261ed1b99 --- /dev/null +++ b/examples/routing_example/server/routes/deprecated_routes/index.ts @@ -0,0 +1,17 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the "Elastic License + * 2.0", the "GNU Affero General Public License v3.0 only", and the "Server Side + * Public License v 1"; you may not use this file except in compliance with, at + * your election, the "Elastic License 2.0", the "GNU Affero General Public + * License v3.0 only", or the "Server Side Public License, v 1". + */ + +import { IRouter } from '@kbn/core/server'; +import { registerDeprecatedRoute } from './unversioned'; +import { registerVersionedDeprecatedRoute } from './versioned'; + +export function registerDeprecatedRoutes(router: IRouter) { + registerDeprecatedRoute(router); + registerVersionedDeprecatedRoute(router); +} diff --git a/examples/routing_example/server/routes/deprecated_routes/unversioned.ts b/examples/routing_example/server/routes/deprecated_routes/unversioned.ts new file mode 100644 index 00000000000000..4e1451a91fc38b --- /dev/null +++ b/examples/routing_example/server/routes/deprecated_routes/unversioned.ts @@ -0,0 +1,62 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the "Elastic License + * 2.0", the "GNU Affero General Public License v3.0 only", and the "Server Side + * Public License v 1"; you may not use this file except in compliance with, at + * your election, the "Elastic License 2.0", the "GNU Affero General Public + * License v3.0 only", or the "Server Side Public License, v 1". + */ + +import type { IRouter } from '@kbn/core/server'; +import { schema } from '@kbn/config-schema'; +import { DEPRECATED_ROUTES } from '../../../common'; + +export const registerDeprecatedRoute = (router: IRouter) => { + router.get( + { + path: DEPRECATED_ROUTES.REMOVED_ROUTE, + validate: false, + options: { + access: 'public', + deprecated: { + documentationUrl: 'https://elastic.co/', + severity: 'critical', + reason: { type: 'remove' }, + }, + }, + }, + async (ctx, req, res) => { + return res.ok({ + body: { result: 'Called deprecated route. Check UA to see the deprecation.' }, + }); + } + ); + + router.post( + { + path: DEPRECATED_ROUTES.MIGRATED_ROUTE, + validate: { + body: schema.object({ + test: schema.maybe(schema.boolean()), + }), + }, + options: { + access: 'public', + deprecated: { + documentationUrl: 'https://elastic.co/', + severity: 'critical', + reason: { + type: 'migrate', + newApiMethod: 'GET', + newApiPath: `${DEPRECATED_ROUTES.VERSIONED_ROUTE}?apiVersion=2`, + }, + }, + }, + }, + async (ctx, req, res) => { + return res.ok({ + body: { result: 'Called deprecated route. Check UA to see the deprecation.' }, + }); + } + ); +}; diff --git a/examples/routing_example/server/routes/deprecated_routes/versioned.ts b/examples/routing_example/server/routes/deprecated_routes/versioned.ts new file mode 100644 index 00000000000000..54d6f779f77c3b --- /dev/null +++ b/examples/routing_example/server/routes/deprecated_routes/versioned.ts @@ -0,0 +1,53 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the "Elastic License + * 2.0", the "GNU Affero General Public License v3.0 only", and the "Server Side + * Public License v 1"; you may not use this file except in compliance with, at + * your election, the "Elastic License 2.0", the "GNU Affero General Public + * License v3.0 only", or the "Server Side Public License, v 1". + */ + +import type { RequestHandler } from '@kbn/core-http-server'; +import type { IRouter } from '@kbn/core/server'; +import { DEPRECATED_ROUTES } from '../../../common'; + +const createDummyHandler = + (version: string): RequestHandler => + (ctx, req, res) => { + return res.ok({ body: { result: `API version ${version}.` } }); + }; + +export const registerVersionedDeprecatedRoute = (router: IRouter) => { + const versionedRoute = router.versioned.get({ + path: DEPRECATED_ROUTES.VERSIONED_ROUTE, + description: 'Routing example plugin deprecated versioned route.', + access: 'internal', + options: { + excludeFromOAS: true, + }, + enableQueryVersion: true, + }); + + versionedRoute.addVersion( + { + options: { + deprecated: { + documentationUrl: 'https://elastic.co/', + severity: 'warning', + reason: { type: 'bump', newApiVersion: '2' }, + }, + }, + validate: false, + version: '1', + }, + createDummyHandler('1') + ); + + versionedRoute.addVersion( + { + version: '2', + validate: false, + }, + createDummyHandler('2') + ); +}; diff --git a/examples/routing_example/server/routes/index.ts b/examples/routing_example/server/routes/index.ts index 2f43c85b0d4712..1c1ccb9e191ffc 100644 --- a/examples/routing_example/server/routes/index.ts +++ b/examples/routing_example/server/routes/index.ts @@ -8,3 +8,4 @@ */ export { registerRoutes } from './register_routes'; +export { registerDeprecatedRoutes } from './deprecated_routes'; diff --git a/examples/routing_example/tsconfig.json b/examples/routing_example/tsconfig.json index b35e8dbd34f4a5..86bfda9d3d5297 100644 --- a/examples/routing_example/tsconfig.json +++ b/examples/routing_example/tsconfig.json @@ -20,5 +20,6 @@ "@kbn/core-http-browser", "@kbn/config-schema", "@kbn/react-kibana-context-render", + "@kbn/core-http-server", ] } diff --git a/oas_docs/bundle.json b/oas_docs/bundle.json index 098fb1de186993..6bca9024e77eae 100644 --- a/oas_docs/bundle.json +++ b/oas_docs/bundle.json @@ -6409,7 +6409,6 @@ }, "/api/fleet/agent-status": { "get": { - "deprecated": true, "operationId": "%2Fapi%2Ffleet%2Fagent-status#0", "parameters": [ { @@ -17479,7 +17478,6 @@ ] }, "put": { - "deprecated": true, "operationId": "%2Fapi%2Ffleet%2Fagents%2F%7BagentId%7D%2Freassign#0", "parameters": [ { @@ -18179,7 +18177,6 @@ }, "/api/fleet/enrollment-api-keys": { "get": { - "deprecated": true, "operationId": "%2Fapi%2Ffleet%2Fenrollment-api-keys#0", "parameters": [ { @@ -18226,7 +18223,6 @@ "tags": [] }, "post": { - "deprecated": true, "operationId": "%2Fapi%2Ffleet%2Fenrollment-api-keys#1", "parameters": [ { @@ -18283,7 +18279,6 @@ }, "/api/fleet/enrollment-api-keys/{keyId}": { "delete": { - "deprecated": true, "operationId": "%2Fapi%2Ffleet%2Fenrollment-api-keys%2F%7BkeyId%7D#1", "parameters": [ { @@ -18322,7 +18317,6 @@ "tags": [] }, "get": { - "deprecated": true, "operationId": "%2Fapi%2Ffleet%2Fenrollment-api-keys%2F%7BkeyId%7D#0", "parameters": [ { @@ -25053,7 +25047,6 @@ }, "/api/fleet/epm/packages/{pkgkey}": { "delete": { - "deprecated": true, "operationId": "%2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7Bpkgkey%7D#3", "parameters": [ { @@ -25111,7 +25104,6 @@ "tags": [] }, "get": { - "deprecated": true, "operationId": "%2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7Bpkgkey%7D#0", "parameters": [ { @@ -25173,7 +25165,6 @@ "tags": [] }, "post": { - "deprecated": true, "operationId": "%2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7Bpkgkey%7D#2", "parameters": [ { @@ -25257,7 +25248,6 @@ "tags": [] }, "put": { - "deprecated": true, "operationId": "%2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7Bpkgkey%7D#1", "parameters": [ { @@ -40472,7 +40462,6 @@ }, "/api/fleet/service-tokens": { "post": { - "deprecated": true, "description": "Create a service token", "operationId": "%2Fapi%2Ffleet%2Fservice-tokens#0", "parameters": [ diff --git a/oas_docs/bundle.serverless.json b/oas_docs/bundle.serverless.json index 479f79922fea8b..a8d428d5404fc0 100644 --- a/oas_docs/bundle.serverless.json +++ b/oas_docs/bundle.serverless.json @@ -6409,7 +6409,6 @@ }, "/api/fleet/agent-status": { "get": { - "deprecated": true, "operationId": "%2Fapi%2Ffleet%2Fagent-status#0", "parameters": [ { @@ -17479,7 +17478,6 @@ ] }, "put": { - "deprecated": true, "operationId": "%2Fapi%2Ffleet%2Fagents%2F%7BagentId%7D%2Freassign#0", "parameters": [ { @@ -18179,7 +18177,6 @@ }, "/api/fleet/enrollment-api-keys": { "get": { - "deprecated": true, "operationId": "%2Fapi%2Ffleet%2Fenrollment-api-keys#0", "parameters": [ { @@ -18226,7 +18223,6 @@ "tags": [] }, "post": { - "deprecated": true, "operationId": "%2Fapi%2Ffleet%2Fenrollment-api-keys#1", "parameters": [ { @@ -18283,7 +18279,6 @@ }, "/api/fleet/enrollment-api-keys/{keyId}": { "delete": { - "deprecated": true, "operationId": "%2Fapi%2Ffleet%2Fenrollment-api-keys%2F%7BkeyId%7D#1", "parameters": [ { @@ -18322,7 +18317,6 @@ "tags": [] }, "get": { - "deprecated": true, "operationId": "%2Fapi%2Ffleet%2Fenrollment-api-keys%2F%7BkeyId%7D#0", "parameters": [ { @@ -25053,7 +25047,6 @@ }, "/api/fleet/epm/packages/{pkgkey}": { "delete": { - "deprecated": true, "operationId": "%2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7Bpkgkey%7D#3", "parameters": [ { @@ -25111,7 +25104,6 @@ "tags": [] }, "get": { - "deprecated": true, "operationId": "%2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7Bpkgkey%7D#0", "parameters": [ { @@ -25173,7 +25165,6 @@ "tags": [] }, "post": { - "deprecated": true, "operationId": "%2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7Bpkgkey%7D#2", "parameters": [ { @@ -25257,7 +25248,6 @@ "tags": [] }, "put": { - "deprecated": true, "operationId": "%2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7Bpkgkey%7D#1", "parameters": [ { @@ -40472,7 +40462,6 @@ }, "/api/fleet/service-tokens": { "post": { - "deprecated": true, "description": "Create a service token", "operationId": "%2Fapi%2Ffleet%2Fservice-tokens#0", "parameters": [ diff --git a/oas_docs/makefile b/oas_docs/makefile index ce24aa5b7b8b7e..85ab06e0c2c735 100644 --- a/oas_docs/makefile +++ b/oas_docs/makefile @@ -18,11 +18,6 @@ api-docs: ## Generate Serverless and ESS Kibana OpenAPI bundles with kbn-openapi @node scripts/merge_serverless_oas.js @node scripts/merge_ess_oas.js -.PHONY: api-docs-staging -api-docs-staging: ## Generate Serverless and ESS Kibana OpenAPI bundles with kbn-openapi-bundler - @node scripts/merge_serverless_oas_staging.js - @node scripts/merge_ess_oas_staging.js - .PHONY: api-docs-stateful api-docs-stateful: ## Generate only kibana.yaml @node scripts/merge_ess_oas.js @@ -30,9 +25,9 @@ api-docs-stateful: ## Generate only kibana.yaml .PHONY: api-docs-serverless api-docs-serverless: ## Generate only kibana.serverless.yaml @node scripts/merge_serverless_oas.js - + .PHONY: api-docs-lint -api-docs-lint: ## Run spectral API docs linter +api-docs-lint: ## Run spectral API docs linter @npx @stoplight/spectral-cli lint "output/*.yaml" --ruleset ".spectral.yaml" .PHONY: api-docs-lint-errs diff --git a/oas_docs/output/kibana.serverless.staging.yaml b/oas_docs/output/kibana.serverless.staging.yaml deleted file mode 100644 index b1f6938936fbd4..00000000000000 --- a/oas_docs/output/kibana.serverless.staging.yaml +++ /dev/null @@ -1,52253 +0,0 @@ -openapi: 3.0.3 -info: - contact: - name: Kibana Team - description: > - **Technical preview** - - This functionality is in technical preview and may be changed or removed in - a future release. - - Elastic will work to fix any issues, but features in technical preview are - not subject to the support SLA of official GA features. - - - The Kibana REST APIs for Elastic serverless enable you to manage resources - - such as connectors, data views, and saved objects. The API calls are - - stateless. Each request that you make happens in isolation from other calls - - and must include all of the necessary information for Kibana to fulfill the - - request. API requests return JSON output, which is a format that is - - machine-readable and works well for automation. - - - To interact with Kibana APIs, use the following operations: - - - - GET: Fetches the information. - - - POST: Adds new information. - - - PUT: Updates the existing information. - - - DELETE: Removes the information. - - - You can prepend any Kibana API endpoint with `kbn:` and run the request in - - **Dev Tools → Console**. For example: - - - ``` - - GET kbn:/api/data_views - - ``` - - - ## Documentation source and versions - - - This documentation is derived from the `main` branch of the - [kibana](https://github.com/elastic/kibana) repository. - - It is provided under license [Attribution-NonCommercial-NoDerivatives 4.0 - International](https://creativecommons.org/licenses/by-nc-nd/4.0/). - title: Kibana Serverless APIs - version: 1.0.2 - x-doc-license: - name: Attribution-NonCommercial-NoDerivatives 4.0 International - url: https://creativecommons.org/licenses/by-nc-nd/4.0/ - x-feedbackLink: - label: Feedback - url: >- - https://github.com/elastic/docs-content/issues/new?assignees=&labels=feedback%2Ccommunity&projects=&template=api-feedback.yaml&title=%5BFeedback%5D%3A+ -servers: - - url: http://{kibana_host}:{port} - variables: - kibana_host: - default: localhost - port: - default: '5601' - - url: http://localhost:5622 - - url: https://{kibana_url} - variables: - kibana_url: - default: localhost:5601 - - url: / - - description: local - url: http://localhost:5601 -paths: - /api/actions: - get: - deprecated: true - operationId: '%2Fapi%2Factions#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - responses: {} - summary: Get all connectors - tags: - - connectors - /api/actions/action: - post: - deprecated: true - operationId: '%2Fapi%2Factions%2Faction#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - actionTypeId: - description: The connector type identifier. - type: string - config: - additionalProperties: {} - default: {} - type: object - name: - description: The display name for the connector. - type: string - secrets: - additionalProperties: {} - default: {} - type: object - required: - - name - - actionTypeId - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - config: - additionalProperties: {} - type: object - connector_type_id: - description: The connector type identifier. - type: string - id: - description: The identifier for the connector. - type: string - is_deprecated: - description: Indicates whether the connector is deprecated. - type: boolean - is_missing_secrets: - description: Indicates whether the connector is missing secrets. - type: boolean - is_preconfigured: - description: >- - Indicates whether the connector is preconfigured. If true, - the `config` and `is_missing_secrets` properties are - omitted from the response. - type: boolean - is_system_action: - description: >- - Indicates whether the connector is used for system - actions. - type: boolean - name: - description: ' The name of the rule.' - type: string - required: - - id - - name - - connector_type_id - - is_preconfigured - - is_deprecated - - is_system_action - description: Indicates a successful call. - summary: Create a connector - tags: - - connectors - /api/actions/action/{id}: - delete: - deprecated: true - description: 'WARNING: When you delete a connector, it cannot be recovered.' - operationId: '%2Fapi%2Factions%2Faction%2F%7Bid%7D#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - description: An identifier for the connector. - in: path - name: id - required: true - schema: - type: string - responses: - '204': - description: Indicates a successful call. - summary: Delete a connector - tags: - - connectors - get: - deprecated: true - operationId: '%2Fapi%2Factions%2Faction%2F%7Bid%7D#1' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: An identifier for the connector. - in: path - name: id - required: true - schema: - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - config: - additionalProperties: {} - type: object - connector_type_id: - description: The connector type identifier. - type: string - id: - description: The identifier for the connector. - type: string - is_deprecated: - description: Indicates whether the connector is deprecated. - type: boolean - is_missing_secrets: - description: Indicates whether the connector is missing secrets. - type: boolean - is_preconfigured: - description: >- - Indicates whether the connector is preconfigured. If true, - the `config` and `is_missing_secrets` properties are - omitted from the response. - type: boolean - is_system_action: - description: >- - Indicates whether the connector is used for system - actions. - type: boolean - name: - description: ' The name of the rule.' - type: string - required: - - id - - name - - connector_type_id - - is_preconfigured - - is_deprecated - - is_system_action - description: Indicates a successful call. - summary: Get connector information - tags: - - connectors - put: - deprecated: true - operationId: '%2Fapi%2Factions%2Faction%2F%7Bid%7D#2' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - description: An identifier for the connector. - in: path - name: id - required: true - schema: - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - config: - additionalProperties: {} - default: {} - type: object - name: - type: string - secrets: - additionalProperties: {} - default: {} - type: object - required: - - name - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - config: - additionalProperties: {} - type: object - connector_type_id: - description: The connector type identifier. - type: string - id: - description: The identifier for the connector. - type: string - is_deprecated: - description: Indicates whether the connector is deprecated. - type: boolean - is_missing_secrets: - description: Indicates whether the connector is missing secrets. - type: boolean - is_preconfigured: - description: >- - Indicates whether the connector is preconfigured. If true, - the `config` and `is_missing_secrets` properties are - omitted from the response. - type: boolean - is_system_action: - description: >- - Indicates whether the connector is used for system - actions. - type: boolean - name: - description: ' The name of the rule.' - type: string - required: - - id - - name - - connector_type_id - - is_preconfigured - - is_deprecated - - is_system_action - description: Indicates a successful call. - summary: Update a connector - tags: - - connectors - /api/actions/action/{id}/_execute: - post: - deprecated: true - operationId: '%2Fapi%2Factions%2Faction%2F%7Bid%7D%2F_execute#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - description: An identifier for the connector. - in: path - name: id - required: true - schema: - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - params: - additionalProperties: {} - type: object - required: - - params - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - config: - additionalProperties: {} - type: object - connector_type_id: - description: The connector type identifier. - type: string - id: - description: The identifier for the connector. - type: string - is_deprecated: - description: Indicates whether the connector is deprecated. - type: boolean - is_missing_secrets: - description: Indicates whether the connector is missing secrets. - type: boolean - is_preconfigured: - description: >- - Indicates whether the connector is preconfigured. If true, - the `config` and `is_missing_secrets` properties are - omitted from the response. - type: boolean - is_system_action: - description: >- - Indicates whether the connector is used for system - actions. - type: boolean - name: - description: ' The name of the rule.' - type: string - required: - - id - - name - - connector_type_id - - is_preconfigured - - is_deprecated - - is_system_action - description: Indicates a successful call. - summary: Run a connector - tags: - - connectors - /api/actions/connector_types: - get: - description: You do not need any Kibana feature privileges to run this API. - operationId: '%2Fapi%2Factions%2Fconnector_types#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: >- - A filter to limit the retrieved connector types to those that - support a specific feature (such as alerting or cases). - in: query - name: feature_id - required: false - schema: - type: string - responses: {} - summary: Get connector types - tags: - - connectors - /api/actions/connector/{id}: - delete: - description: 'WARNING: When you delete a connector, it cannot be recovered.' - operationId: '%2Fapi%2Factions%2Fconnector%2F%7Bid%7D#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - description: An identifier for the connector. - in: path - name: id - required: true - schema: - type: string - responses: - '204': - description: Indicates a successful call. - summary: Delete a connector - tags: - - connectors - get: - operationId: '%2Fapi%2Factions%2Fconnector%2F%7Bid%7D#1' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: An identifier for the connector. - in: path - name: id - required: true - schema: - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - config: - additionalProperties: {} - type: object - connector_type_id: - description: The connector type identifier. - type: string - id: - description: The identifier for the connector. - type: string - is_deprecated: - description: Indicates whether the connector is deprecated. - type: boolean - is_missing_secrets: - description: Indicates whether the connector is missing secrets. - type: boolean - is_preconfigured: - description: >- - Indicates whether the connector is preconfigured. If true, - the `config` and `is_missing_secrets` properties are - omitted from the response. - type: boolean - is_system_action: - description: >- - Indicates whether the connector is used for system - actions. - type: boolean - name: - description: ' The name of the rule.' - type: string - required: - - id - - name - - connector_type_id - - is_preconfigured - - is_deprecated - - is_system_action - description: Indicates a successful call. - summary: Get connector information - tags: - - connectors - post: - operationId: '%2Fapi%2Factions%2Fconnector%2F%7Bid%3F%7D#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - description: An identifier for the connector. - in: path - name: id - required: false - schema: - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - config: - additionalProperties: {} - default: {} - type: object - connector_type_id: - description: The type of connector. - type: string - name: - description: The display name for the connector. - type: string - secrets: - additionalProperties: {} - default: {} - type: object - required: - - name - - connector_type_id - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - config: - additionalProperties: {} - type: object - connector_type_id: - description: The connector type identifier. - type: string - id: - description: The identifier for the connector. - type: string - is_deprecated: - description: Indicates whether the connector is deprecated. - type: boolean - is_missing_secrets: - description: Indicates whether the connector is missing secrets. - type: boolean - is_preconfigured: - description: >- - Indicates whether the connector is preconfigured. If true, - the `config` and `is_missing_secrets` properties are - omitted from the response. - type: boolean - is_system_action: - description: >- - Indicates whether the connector is used for system - actions. - type: boolean - name: - description: ' The name of the rule.' - type: string - required: - - id - - name - - connector_type_id - - is_preconfigured - - is_deprecated - - is_system_action - description: Indicates a successful call. - summary: Create a connector - tags: - - connectors - put: - operationId: '%2Fapi%2Factions%2Fconnector%2F%7Bid%7D#2' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - description: An identifier for the connector. - in: path - name: id - required: true - schema: - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - config: - additionalProperties: {} - default: {} - type: object - name: - description: The display name for the connector. - type: string - secrets: - additionalProperties: {} - default: {} - type: object - required: - - name - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - config: - additionalProperties: {} - type: object - connector_type_id: - description: The connector type identifier. - type: string - id: - description: The identifier for the connector. - type: string - is_deprecated: - description: Indicates whether the connector is deprecated. - type: boolean - is_missing_secrets: - description: Indicates whether the connector is missing secrets. - type: boolean - is_preconfigured: - description: >- - Indicates whether the connector is preconfigured. If true, - the `config` and `is_missing_secrets` properties are - omitted from the response. - type: boolean - is_system_action: - description: >- - Indicates whether the connector is used for system - actions. - type: boolean - name: - description: ' The name of the rule.' - type: string - required: - - id - - name - - connector_type_id - - is_preconfigured - - is_deprecated - - is_system_action - description: Indicates a successful call. - summary: Update a connector - tags: - - connectors - /api/actions/connector/{id}/_execute: - post: - description: >- - You can use this API to test an action that involves interaction with - Kibana services or integrations with third-party systems. - operationId: '%2Fapi%2Factions%2Fconnector%2F%7Bid%7D%2F_execute#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - description: An identifier for the connector. - in: path - name: id - required: true - schema: - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - params: - additionalProperties: {} - type: object - required: - - params - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - config: - additionalProperties: {} - type: object - connector_type_id: - description: The connector type identifier. - type: string - id: - description: The identifier for the connector. - type: string - is_deprecated: - description: Indicates whether the connector is deprecated. - type: boolean - is_missing_secrets: - description: Indicates whether the connector is missing secrets. - type: boolean - is_preconfigured: - description: >- - Indicates whether the connector is preconfigured. If true, - the `config` and `is_missing_secrets` properties are - omitted from the response. - type: boolean - is_system_action: - description: >- - Indicates whether the connector is used for system - actions. - type: boolean - name: - description: ' The name of the rule.' - type: string - required: - - id - - name - - connector_type_id - - is_preconfigured - - is_deprecated - - is_system_action - description: Indicates a successful call. - summary: Run a connector - tags: - - connectors - /api/actions/connectors: - get: - operationId: '%2Fapi%2Factions%2Fconnectors#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - responses: {} - summary: Get all connectors - tags: - - connectors - /api/actions/list_action_types: - get: - deprecated: true - operationId: '%2Fapi%2Factions%2Flist_action_types#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - responses: {} - summary: Get connector types - tags: - - connectors - /api/alerting/rule/{id}: - delete: - operationId: '%2Fapi%2Falerting%2Frule%2F%7Bid%7D#2' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - description: The identifier for the rule. - in: path - name: id - required: true - schema: - type: string - responses: - '204': - description: Indicates a successful call. - '400': - description: Indicates an invalid schema or parameters. - '403': - description: Indicates that this call is forbidden. - '404': - description: Indicates a rule with the given ID does not exist. - summary: Delete a rule - tags: - - alerting - get: - operationId: '%2Fapi%2Falerting%2Frule%2F%7Bid%7D#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: The identifier for the rule. - in: path - name: id - required: true - schema: - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - actions: - items: - additionalProperties: false - type: object - properties: - alerts_filter: - additionalProperties: false - description: >- - Defines a period that limits whether the action - runs. - type: object - properties: - query: - additionalProperties: false - type: object - properties: - dsl: - description: >- - A filter written in Elasticsearch Query - Domain Specific Language (DSL). - type: string - filters: - description: >- - A filter written in Elasticsearch Query - Domain Specific Language (DSL) as defined in - the `kbn-es-query` package. - items: - additionalProperties: false - type: object - properties: - $state: - additionalProperties: false - type: object - properties: - store: - description: >- - A filter can be either specific to an - application context or applied globally. - enum: - - appState - - globalState - type: string - required: - - store - meta: - additionalProperties: {} - type: object - query: - additionalProperties: {} - type: object - required: - - meta - type: array - kql: - description: >- - A filter written in Kibana Query Language - (KQL). - type: string - required: - - kql - - filters - timeframe: - additionalProperties: false - type: object - properties: - days: - description: >- - Defines the days of the week that the action - can run, represented as an array of numbers. - For example, `1` represents Monday. An empty - array is equivalent to specifying all the - days of the week. - items: - enum: - - 1 - - 2 - - 3 - - 4 - - 5 - - 6 - - 7 - type: integer - type: array - hours: - additionalProperties: false - type: object - properties: - end: - description: >- - The end of the time frame in 24-hour - notation (`hh:mm`). - type: string - start: - description: >- - The start of the time frame in 24-hour - notation (`hh:mm`). - type: string - required: - - start - - end - timezone: - description: >- - The ISO time zone for the `hours` values. - Values such as `UTC` and `UTC+1` also work - but lack built-in daylight savings time - support and are not recommended. - type: string - required: - - days - - hours - - timezone - connector_type_id: - description: >- - The type of connector. This property appears in - responses but cannot be set in requests. - type: string - frequency: - additionalProperties: false - type: object - properties: - notify_when: - description: >- - Indicates how often alerts generate actions. - Valid values include: `onActionGroupChange`: - Actions run when the alert status changes; - `onActiveAlert`: Actions run when the alert - becomes active and at each check interval while - the rule conditions are met; - `onThrottleInterval`: Actions run when the alert - becomes active and at the interval specified in - the throttle property while the rule conditions - are met. NOTE: You cannot specify `notify_when` - at both the rule and action level. The - recommended method is to set it for each action. - If you set it at the rule level then update the - rule in Kibana, it is automatically changed to - use action-specific values. - enum: - - onActionGroupChange - - onActiveAlert - - onThrottleInterval - type: string - summary: - description: Indicates whether the action is a summary. - type: boolean - throttle: - description: >- - The throttle interval, which defines how often - an alert generates repeated actions. It is - specified in seconds, minutes, hours, or days - and is applicable only if 'notify_when' is set - to 'onThrottleInterval'. NOTE: You cannot - specify the throttle interval at both the rule - and action level. The recommended method is to - set it for each action. If you set it at the - rule level then update the rule in Kibana, it is - automatically changed to use action-specific - values. - nullable: true - type: string - required: - - summary - - notify_when - - throttle - group: - description: >- - The group name, which affects when the action runs - (for example, when the threshold is met or when the - alert is recovered). Each rule type has a list of - valid action group names. If you don't need to group - actions, set to `default`. - type: string - id: - description: The identifier for the connector saved object. - type: string - params: - additionalProperties: {} - description: >- - The parameters for the action, which are sent to the - connector. The `params` are handled as Mustache - templates and passed a default set of context. - type: object - use_alert_data_for_template: - description: Indicates whether to use alert data as a template. - type: boolean - uuid: - description: >- - A universally unique identifier (UUID) for the - action. - type: string - required: - - id - - connector_type_id - - params - type: array - active_snoozes: - items: - description: List of active snoozes for the rule. - type: string - type: array - alert_delay: - additionalProperties: false - description: >- - Indicates that an alert occurs only when the specified - number of consecutive runs met the rule conditions. - type: object - properties: - active: - description: >- - The number of consecutive runs that must meet the rule - conditions. - type: number - required: - - active - api_key_created_by_user: - description: >- - Indicates whether the API key that is associated with the - rule was created by the user. - nullable: true - type: boolean - api_key_owner: - description: >- - The owner of the API key that is associated with the rule - and used to run background tasks. - nullable: true - type: string - consumer: - description: >- - The name of the application or feature that owns the rule. - For example: `alerts`, `apm`, `discover`, - `infrastructure`, `logs`, `metrics`, `ml`, `monitoring`, - `securitySolution`, `siem`, `stackAlerts`, or `uptime`. - type: string - created_at: - description: The date and time that the rule was created. - type: string - created_by: - description: The identifier for the user that created the rule. - nullable: true - type: string - enabled: - description: >- - Indicates whether you want to run the rule on an interval - basis after it is created. - type: boolean - execution_status: - additionalProperties: false - type: object - properties: - error: - additionalProperties: false - type: object - properties: - message: - description: Error message. - type: string - reason: - description: Reason for error. - enum: - - read - - decrypt - - execute - - unknown - - license - - timeout - - disabled - - validate - type: string - required: - - reason - - message - last_duration: - description: Duration of last execution of the rule. - type: number - last_execution_date: - description: The date and time when rule was executed last. - type: string - status: - description: Status of rule execution. - enum: - - ok - - active - - error - - warning - - pending - - unknown - type: string - warning: - additionalProperties: false - type: object - properties: - message: - description: Warning message. - type: string - reason: - description: Reason for warning. - enum: - - maxExecutableActions - - maxAlerts - - maxQueuedActions - - ruleExecution - type: string - required: - - reason - - message - required: - - status - - last_execution_date - flapping: - additionalProperties: false - nullable: true - type: object - properties: - look_back_window: - maximum: 20 - minimum: 2 - type: number - status_change_threshold: - maximum: 20 - minimum: 2 - type: number - required: - - look_back_window - - status_change_threshold - id: - description: The identifier for the rule. - type: string - is_snoozed_until: - description: The date when the rule will no longer be snoozed. - nullable: true - type: string - last_run: - additionalProperties: false - nullable: true - type: object - properties: - alerts_count: - additionalProperties: false - type: object - properties: - active: - description: Number of active alerts during last run. - nullable: true - type: number - ignored: - description: Number of ignored alerts during last run. - nullable: true - type: number - new: - description: Number of new alerts during last run. - nullable: true - type: number - recovered: - description: Number of recovered alerts during last run. - nullable: true - type: number - outcome: - description: >- - Outcome of last run of the rule. Value could be - succeeded, warning or failed. - enum: - - succeeded - - warning - - failed - type: string - outcome_msg: - items: - description: Outcome message generated during last rule run. - type: string - nullable: true - type: array - outcome_order: - description: Order of the outcome. - type: number - warning: - description: Warning of last rule execution. - enum: - - read - - decrypt - - execute - - unknown - - license - - timeout - - disabled - - validate - - maxExecutableActions - - maxAlerts - - maxQueuedActions - - ruleExecution - nullable: true - type: string - required: - - outcome - - alerts_count - mapped_params: - additionalProperties: {} - type: object - monitoring: - additionalProperties: false - description: Monitoring details of the rule. - type: object - properties: - run: - additionalProperties: false - description: Rule run details. - type: object - properties: - calculated_metrics: - additionalProperties: false - description: >- - Calculation of different percentiles and success - ratio. - type: object - properties: - p50: - type: number - p95: - type: number - p99: - type: number - success_ratio: - type: number - required: - - success_ratio - history: - description: History of the rule run. - items: - additionalProperties: false - type: object - properties: - duration: - description: Duration of the rule run. - type: number - outcome: - additionalProperties: false - type: object - properties: - alerts_count: - additionalProperties: false - type: object - properties: - active: - description: Number of active alerts during last run. - nullable: true - type: number - ignored: - description: >- - Number of ignored alerts during last - run. - nullable: true - type: number - new: - description: Number of new alerts during last run. - nullable: true - type: number - recovered: - description: >- - Number of recovered alerts during last - run. - nullable: true - type: number - outcome: - description: >- - Outcome of last run of the rule. Value - could be succeeded, warning or failed. - enum: - - succeeded - - warning - - failed - type: string - outcome_msg: - items: - description: >- - Outcome message generated during last - rule run. - type: string - nullable: true - type: array - outcome_order: - description: Order of the outcome. - type: number - warning: - description: Warning of last rule execution. - enum: - - read - - decrypt - - execute - - unknown - - license - - timeout - - disabled - - validate - - maxExecutableActions - - maxAlerts - - maxQueuedActions - - ruleExecution - nullable: true - type: string - required: - - outcome - - alerts_count - success: - description: >- - Indicates whether the rule run was - successful. - type: boolean - timestamp: - description: Time of rule run. - type: number - required: - - success - - timestamp - type: array - last_run: - additionalProperties: false - type: object - properties: - metrics: - additionalProperties: false - type: object - properties: - duration: - description: Duration of most recent rule run. - type: number - gap_duration_s: - description: Duration in seconds of rule run gap. - nullable: true - type: number - total_alerts_created: - description: >- - Total number of alerts created during last - rule run. - nullable: true - type: number - total_alerts_detected: - description: >- - Total number of alerts detected during - last rule run. - nullable: true - type: number - total_indexing_duration_ms: - description: >- - Total time spent indexing documents during - last rule run in milliseconds. - nullable: true - type: number - total_search_duration_ms: - description: >- - Total time spent performing Elasticsearch - searches as measured by Kibana; includes - network latency and time spent serializing - or deserializing the request and response. - nullable: true - type: number - timestamp: - description: Time of the most recent rule run. - type: string - required: - - timestamp - - metrics - required: - - history - - calculated_metrics - - last_run - required: - - run - mute_all: - description: Indicates whether all alerts are muted. - type: boolean - muted_alert_ids: - items: - description: 'List of identifiers of muted alerts. ' - type: string - type: array - name: - description: ' The name of the rule.' - type: string - next_run: - description: Date and time of the next run of the rule. - nullable: true - type: string - notify_when: - description: >- - Indicates how often alerts generate actions. Valid values - include: `onActionGroupChange`: Actions run when the alert - status changes; `onActiveAlert`: Actions run when the - alert becomes active and at each check interval while the - rule conditions are met; `onThrottleInterval`: Actions run - when the alert becomes active and at the interval - specified in the throttle property while the rule - conditions are met. NOTE: You cannot specify `notify_when` - at both the rule and action level. The recommended method - is to set it for each action. If you set it at the rule - level then update the rule in Kibana, it is automatically - changed to use action-specific values. - enum: - - onActionGroupChange - - onActiveAlert - - onThrottleInterval - nullable: true - type: string - params: - additionalProperties: {} - description: The parameters for the rule. - type: object - revision: - description: The rule revision number. - type: number - rule_type_id: - description: The rule type identifier. - type: string - running: - description: Indicates whether the rule is running. - nullable: true - type: boolean - schedule: - additionalProperties: false - type: object - properties: - interval: - description: >- - The interval is specified in seconds, minutes, hours, - or days. - type: string - required: - - interval - scheduled_task_id: - description: Identifier of the scheduled task. - type: string - snooze_schedule: - items: - additionalProperties: false - type: object - properties: - duration: - description: Duration of the rule snooze schedule. - type: number - id: - description: Identifier of the rule snooze schedule. - type: string - rRule: - additionalProperties: false - type: object - properties: - byhour: - items: - description: Indicates hours of the day to recur. - type: number - type: array - byminute: - items: - description: Indicates minutes of the hour to recur. - type: number - type: array - bymonth: - items: - description: >- - Indicates months of the year that this rule - should recur. - type: number - type: array - bymonthday: - items: - description: Indicates the days of the month to recur. - type: number - type: array - bysecond: - items: - description: Indicates seconds of the day to recur. - type: number - type: array - bysetpos: - items: - description: >- - A positive or negative integer affecting the - nth day of the month. For example, -2 combined - with `byweekday` of FR is 2nd to last Friday - of the month. It is recommended to not set - this manually and just use `byweekday`. - type: number - type: array - byweekday: - items: - anyOf: - - type: string - - type: number - description: >- - Indicates the days of the week to recur or - else nth-day-of-month strings. For example, - "+2TU" second Tuesday of month, "-1FR" last - Friday of the month, which are internally - converted to a `byweekday/bysetpos` - combination. - type: array - byweekno: - items: - description: Indicates number of the week hours to recur. - type: number - type: array - byyearday: - items: - description: >- - Indicates the days of the year that this rule - should recur. - type: number - type: array - count: - description: >- - Number of times the rule should recur until it - stops. - type: number - dtstart: - description: >- - Rule start date in Coordinated Universal Time - (UTC). - type: string - freq: - description: >- - Indicates frequency of the rule. Options are - YEARLY, MONTHLY, WEEKLY, DAILY. - enum: - - 0 - - 1 - - 2 - - 3 - - 4 - - 5 - - 6 - type: integer - interval: - description: >- - Indicates the interval of frequency. For - example, 1 and YEARLY is every 1 year, 2 and - WEEKLY is every 2 weeks. - type: number - tzid: - description: Indicates timezone abbreviation. - type: string - until: - description: Recur the rule until this date. - type: string - wkst: - description: Indicates the start of week, defaults to Monday. - enum: - - MO - - TU - - WE - - TH - - FR - - SA - - SU - type: string - required: - - dtstart - - tzid - skipRecurrences: - items: - description: Skips recurrence of rule on this date. - type: string - type: array - required: - - duration - - rRule - type: array - tags: - items: - description: The tags for the rule. - type: string - type: array - throttle: - deprecated: true - description: >- - Deprecated in 8.13.0. Use the `throttle` property in the - action `frequency` object instead. The throttle interval, - which defines how often an alert generates repeated - actions. NOTE: You cannot specify the throttle interval at - both the rule and action level. If you set it at the rule - level then update the rule in Kibana, it is automatically - changed to use action-specific values. - nullable: true - type: string - updated_at: - description: The date and time that the rule was updated most recently. - type: string - updated_by: - description: >- - The identifier for the user that updated this rule most - recently. - nullable: true - type: string - view_in_app_relative_url: - description: Relative URL to view rule in the app. - nullable: true - type: string - required: - - id - - enabled - - name - - tags - - rule_type_id - - consumer - - schedule - - actions - - params - - created_by - - updated_by - - created_at - - updated_at - - api_key_owner - - mute_all - - muted_alert_ids - - execution_status - - revision - description: Indicates a successful call. - '400': - description: Indicates an invalid schema or parameters. - '403': - description: Indicates that this call is forbidden. - '404': - description: Indicates a rule with the given ID does not exist. - summary: Get rule details - tags: - - alerting - post: - operationId: '%2Fapi%2Falerting%2Frule%2F%7Bid%3F%7D#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - description: >- - The identifier for the rule. If it is omitted, an ID is randomly - generated. - in: path - name: id - required: false - schema: - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - actions: - default: [] - items: - additionalProperties: false - description: An action that runs under defined conditions. - type: object - properties: - alerts_filter: - additionalProperties: false - description: >- - Conditions that affect whether the action runs. If you - specify multiple conditions, all conditions must be - met for the action to run. For example, if an alert - occurs within the specified time frame and matches the - query, the action runs. - type: object - properties: - query: - additionalProperties: false - type: object - properties: - dsl: - description: >- - A filter written in Elasticsearch Query Domain - Specific Language (DSL). - type: string - filters: - description: >- - A filter written in Elasticsearch Query Domain - Specific Language (DSL) as defined in the - `kbn-es-query` package. - items: - additionalProperties: false - type: object - properties: - $state: - additionalProperties: false - type: object - properties: - store: - description: >- - A filter can be either specific to an - application context or applied globally. - enum: - - appState - - globalState - type: string - required: - - store - meta: - additionalProperties: {} - type: object - query: - additionalProperties: {} - type: object - required: - - meta - type: array - kql: - description: >- - A filter written in Kibana Query Language - (KQL). - type: string - required: - - kql - - filters - timeframe: - additionalProperties: false - description: >- - Defines a period that limits whether the action - runs. - type: object - properties: - days: - description: >- - Defines the days of the week that the action - can run, represented as an array of numbers. - For example, `1` represents Monday. An empty - array is equivalent to specifying all the days - of the week. - items: - enum: - - 1 - - 2 - - 3 - - 4 - - 5 - - 6 - - 7 - type: integer - type: array - hours: - additionalProperties: false - description: >- - Defines the range of time in a day that the - action can run. If the `start` value is - `00:00` and the `end` value is `24:00`, - actions be generated all day. - type: object - properties: - end: - description: >- - The end of the time frame in 24-hour - notation (`hh:mm`). - type: string - start: - description: >- - The start of the time frame in 24-hour - notation (`hh:mm`). - type: string - required: - - start - - end - timezone: - description: >- - The ISO time zone for the `hours` values. - Values such as `UTC` and `UTC+1` also work but - lack built-in daylight savings time support - and are not recommended. - type: string - required: - - days - - hours - - timezone - frequency: - additionalProperties: false - type: object - properties: - notify_when: - description: >- - Indicates how often alerts generate actions. Valid - values include: `onActionGroupChange`: Actions run - when the alert status changes; `onActiveAlert`: - Actions run when the alert becomes active and at - each check interval while the rule conditions are - met; `onThrottleInterval`: Actions run when the - alert becomes active and at the interval specified - in the throttle property while the rule conditions - are met. NOTE: You cannot specify `notify_when` at - both the rule and action level. The recommended - method is to set it for each action. If you set it - at the rule level then update the rule in Kibana, - it is automatically changed to use action-specific - values. - enum: - - onActionGroupChange - - onActiveAlert - - onThrottleInterval - type: string - summary: - description: Indicates whether the action is a summary. - type: boolean - throttle: - description: >- - The throttle interval, which defines how often an - alert generates repeated actions. It is specified - in seconds, minutes, hours, or days and is - applicable only if `notify_when` is set to - `onThrottleInterval`. NOTE: You cannot specify the - throttle interval at both the rule and action - level. The recommended method is to set it for - each action. If you set it at the rule level then - update the rule in Kibana, it is automatically - changed to use action-specific values. - nullable: true - type: string - required: - - summary - - notify_when - - throttle - group: - description: >- - The group name, which affects when the action runs - (for example, when the threshold is met or when the - alert is recovered). Each rule type has a list of - valid action group names. If you don't need to group - actions, set to `default`. - type: string - id: - description: The identifier for the connector saved object. - type: string - params: - additionalProperties: {} - default: {} - description: >- - The parameters for the action, which are sent to the - connector. The `params` are handled as Mustache - templates and passed a default set of context. - type: object - use_alert_data_for_template: - description: Indicates whether to use alert data as a template. - type: boolean - uuid: - description: A universally unique identifier (UUID) for the action. - type: string - required: - - id - type: array - alert_delay: - additionalProperties: false - description: >- - Indicates that an alert occurs only when the specified - number of consecutive runs met the rule conditions. - type: object - properties: - active: - description: >- - The number of consecutive runs that must meet the rule - conditions. - type: number - required: - - active - consumer: - description: >- - The name of the application or feature that owns the rule. - For example: `alerts`, `apm`, `discover`, `infrastructure`, - `logs`, `metrics`, `ml`, `monitoring`, `securitySolution`, - `siem`, `stackAlerts`, or `uptime`. - type: string - enabled: - default: true - description: >- - Indicates whether you want to run the rule on an interval - basis after it is created. - type: boolean - flapping: - additionalProperties: false - nullable: true - type: object - properties: - look_back_window: - maximum: 20 - minimum: 2 - type: number - status_change_threshold: - maximum: 20 - minimum: 2 - type: number - required: - - look_back_window - - status_change_threshold - name: - description: >- - The name of the rule. While this name does not have to be - unique, a distinctive name can help you identify a rule. - type: string - notify_when: - description: >- - Indicates how often alerts generate actions. Valid values - include: `onActionGroupChange`: Actions run when the alert - status changes; `onActiveAlert`: Actions run when the alert - becomes active and at each check interval while the rule - conditions are met; `onThrottleInterval`: Actions run when - the alert becomes active and at the interval specified in - the throttle property while the rule conditions are met. - NOTE: You cannot specify `notify_when` at both the rule and - action level. The recommended method is to set it for each - action. If you set it at the rule level then update the rule - in Kibana, it is automatically changed to use - action-specific values. - enum: - - onActionGroupChange - - onActiveAlert - - onThrottleInterval - nullable: true - type: string - params: - additionalProperties: {} - default: {} - description: The parameters for the rule. - type: object - rule_type_id: - description: The rule type identifier. - type: string - schedule: - additionalProperties: false - description: >- - The check interval, which specifies how frequently the rule - conditions are checked. - type: object - properties: - interval: - description: >- - The interval is specified in seconds, minutes, hours, or - days. - type: string - required: - - interval - tags: - default: [] - description: The tags for the rule. - items: - type: string - type: array - throttle: - description: >- - Use the `throttle` property in the action `frequency` object - instead. The throttle interval, which defines how often an - alert generates repeated actions. NOTE: You cannot specify - the throttle interval at both the rule and action level. If - you set it at the rule level then update the rule in Kibana, - it is automatically changed to use action-specific values. - nullable: true - type: string - required: - - name - - rule_type_id - - consumer - - schedule - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - actions: - items: - additionalProperties: false - type: object - properties: - alerts_filter: - additionalProperties: false - description: >- - Defines a period that limits whether the action - runs. - type: object - properties: - query: - additionalProperties: false - type: object - properties: - dsl: - description: >- - A filter written in Elasticsearch Query - Domain Specific Language (DSL). - type: string - filters: - description: >- - A filter written in Elasticsearch Query - Domain Specific Language (DSL) as defined in - the `kbn-es-query` package. - items: - additionalProperties: false - type: object - properties: - $state: - additionalProperties: false - type: object - properties: - store: - description: >- - A filter can be either specific to an - application context or applied globally. - enum: - - appState - - globalState - type: string - required: - - store - meta: - additionalProperties: {} - type: object - query: - additionalProperties: {} - type: object - required: - - meta - type: array - kql: - description: >- - A filter written in Kibana Query Language - (KQL). - type: string - required: - - kql - - filters - timeframe: - additionalProperties: false - type: object - properties: - days: - description: >- - Defines the days of the week that the action - can run, represented as an array of numbers. - For example, `1` represents Monday. An empty - array is equivalent to specifying all the - days of the week. - items: - enum: - - 1 - - 2 - - 3 - - 4 - - 5 - - 6 - - 7 - type: integer - type: array - hours: - additionalProperties: false - type: object - properties: - end: - description: >- - The end of the time frame in 24-hour - notation (`hh:mm`). - type: string - start: - description: >- - The start of the time frame in 24-hour - notation (`hh:mm`). - type: string - required: - - start - - end - timezone: - description: >- - The ISO time zone for the `hours` values. - Values such as `UTC` and `UTC+1` also work - but lack built-in daylight savings time - support and are not recommended. - type: string - required: - - days - - hours - - timezone - connector_type_id: - description: >- - The type of connector. This property appears in - responses but cannot be set in requests. - type: string - frequency: - additionalProperties: false - type: object - properties: - notify_when: - description: >- - Indicates how often alerts generate actions. - Valid values include: `onActionGroupChange`: - Actions run when the alert status changes; - `onActiveAlert`: Actions run when the alert - becomes active and at each check interval while - the rule conditions are met; - `onThrottleInterval`: Actions run when the alert - becomes active and at the interval specified in - the throttle property while the rule conditions - are met. NOTE: You cannot specify `notify_when` - at both the rule and action level. The - recommended method is to set it for each action. - If you set it at the rule level then update the - rule in Kibana, it is automatically changed to - use action-specific values. - enum: - - onActionGroupChange - - onActiveAlert - - onThrottleInterval - type: string - summary: - description: Indicates whether the action is a summary. - type: boolean - throttle: - description: >- - The throttle interval, which defines how often - an alert generates repeated actions. It is - specified in seconds, minutes, hours, or days - and is applicable only if 'notify_when' is set - to 'onThrottleInterval'. NOTE: You cannot - specify the throttle interval at both the rule - and action level. The recommended method is to - set it for each action. If you set it at the - rule level then update the rule in Kibana, it is - automatically changed to use action-specific - values. - nullable: true - type: string - required: - - summary - - notify_when - - throttle - group: - description: >- - The group name, which affects when the action runs - (for example, when the threshold is met or when the - alert is recovered). Each rule type has a list of - valid action group names. If you don't need to group - actions, set to `default`. - type: string - id: - description: The identifier for the connector saved object. - type: string - params: - additionalProperties: {} - description: >- - The parameters for the action, which are sent to the - connector. The `params` are handled as Mustache - templates and passed a default set of context. - type: object - use_alert_data_for_template: - description: Indicates whether to use alert data as a template. - type: boolean - uuid: - description: >- - A universally unique identifier (UUID) for the - action. - type: string - required: - - id - - connector_type_id - - params - type: array - active_snoozes: - items: - description: List of active snoozes for the rule. - type: string - type: array - alert_delay: - additionalProperties: false - description: >- - Indicates that an alert occurs only when the specified - number of consecutive runs met the rule conditions. - type: object - properties: - active: - description: >- - The number of consecutive runs that must meet the rule - conditions. - type: number - required: - - active - api_key_created_by_user: - description: >- - Indicates whether the API key that is associated with the - rule was created by the user. - nullable: true - type: boolean - api_key_owner: - description: >- - The owner of the API key that is associated with the rule - and used to run background tasks. - nullable: true - type: string - consumer: - description: >- - The name of the application or feature that owns the rule. - For example: `alerts`, `apm`, `discover`, - `infrastructure`, `logs`, `metrics`, `ml`, `monitoring`, - `securitySolution`, `siem`, `stackAlerts`, or `uptime`. - type: string - created_at: - description: The date and time that the rule was created. - type: string - created_by: - description: The identifier for the user that created the rule. - nullable: true - type: string - enabled: - description: >- - Indicates whether you want to run the rule on an interval - basis after it is created. - type: boolean - execution_status: - additionalProperties: false - type: object - properties: - error: - additionalProperties: false - type: object - properties: - message: - description: Error message. - type: string - reason: - description: Reason for error. - enum: - - read - - decrypt - - execute - - unknown - - license - - timeout - - disabled - - validate - type: string - required: - - reason - - message - last_duration: - description: Duration of last execution of the rule. - type: number - last_execution_date: - description: The date and time when rule was executed last. - type: string - status: - description: Status of rule execution. - enum: - - ok - - active - - error - - warning - - pending - - unknown - type: string - warning: - additionalProperties: false - type: object - properties: - message: - description: Warning message. - type: string - reason: - description: Reason for warning. - enum: - - maxExecutableActions - - maxAlerts - - maxQueuedActions - - ruleExecution - type: string - required: - - reason - - message - required: - - status - - last_execution_date - flapping: - additionalProperties: false - nullable: true - type: object - properties: - look_back_window: - maximum: 20 - minimum: 2 - type: number - status_change_threshold: - maximum: 20 - minimum: 2 - type: number - required: - - look_back_window - - status_change_threshold - id: - description: The identifier for the rule. - type: string - is_snoozed_until: - description: The date when the rule will no longer be snoozed. - nullable: true - type: string - last_run: - additionalProperties: false - nullable: true - type: object - properties: - alerts_count: - additionalProperties: false - type: object - properties: - active: - description: Number of active alerts during last run. - nullable: true - type: number - ignored: - description: Number of ignored alerts during last run. - nullable: true - type: number - new: - description: Number of new alerts during last run. - nullable: true - type: number - recovered: - description: Number of recovered alerts during last run. - nullable: true - type: number - outcome: - description: >- - Outcome of last run of the rule. Value could be - succeeded, warning or failed. - enum: - - succeeded - - warning - - failed - type: string - outcome_msg: - items: - description: Outcome message generated during last rule run. - type: string - nullable: true - type: array - outcome_order: - description: Order of the outcome. - type: number - warning: - description: Warning of last rule execution. - enum: - - read - - decrypt - - execute - - unknown - - license - - timeout - - disabled - - validate - - maxExecutableActions - - maxAlerts - - maxQueuedActions - - ruleExecution - nullable: true - type: string - required: - - outcome - - alerts_count - mapped_params: - additionalProperties: {} - type: object - monitoring: - additionalProperties: false - description: Monitoring details of the rule. - type: object - properties: - run: - additionalProperties: false - description: Rule run details. - type: object - properties: - calculated_metrics: - additionalProperties: false - description: >- - Calculation of different percentiles and success - ratio. - type: object - properties: - p50: - type: number - p95: - type: number - p99: - type: number - success_ratio: - type: number - required: - - success_ratio - history: - description: History of the rule run. - items: - additionalProperties: false - type: object - properties: - duration: - description: Duration of the rule run. - type: number - outcome: - additionalProperties: false - type: object - properties: - alerts_count: - additionalProperties: false - type: object - properties: - active: - description: Number of active alerts during last run. - nullable: true - type: number - ignored: - description: >- - Number of ignored alerts during last - run. - nullable: true - type: number - new: - description: Number of new alerts during last run. - nullable: true - type: number - recovered: - description: >- - Number of recovered alerts during last - run. - nullable: true - type: number - outcome: - description: >- - Outcome of last run of the rule. Value - could be succeeded, warning or failed. - enum: - - succeeded - - warning - - failed - type: string - outcome_msg: - items: - description: >- - Outcome message generated during last - rule run. - type: string - nullable: true - type: array - outcome_order: - description: Order of the outcome. - type: number - warning: - description: Warning of last rule execution. - enum: - - read - - decrypt - - execute - - unknown - - license - - timeout - - disabled - - validate - - maxExecutableActions - - maxAlerts - - maxQueuedActions - - ruleExecution - nullable: true - type: string - required: - - outcome - - alerts_count - success: - description: >- - Indicates whether the rule run was - successful. - type: boolean - timestamp: - description: Time of rule run. - type: number - required: - - success - - timestamp - type: array - last_run: - additionalProperties: false - type: object - properties: - metrics: - additionalProperties: false - type: object - properties: - duration: - description: Duration of most recent rule run. - type: number - gap_duration_s: - description: Duration in seconds of rule run gap. - nullable: true - type: number - total_alerts_created: - description: >- - Total number of alerts created during last - rule run. - nullable: true - type: number - total_alerts_detected: - description: >- - Total number of alerts detected during - last rule run. - nullable: true - type: number - total_indexing_duration_ms: - description: >- - Total time spent indexing documents during - last rule run in milliseconds. - nullable: true - type: number - total_search_duration_ms: - description: >- - Total time spent performing Elasticsearch - searches as measured by Kibana; includes - network latency and time spent serializing - or deserializing the request and response. - nullable: true - type: number - timestamp: - description: Time of the most recent rule run. - type: string - required: - - timestamp - - metrics - required: - - history - - calculated_metrics - - last_run - required: - - run - mute_all: - description: Indicates whether all alerts are muted. - type: boolean - muted_alert_ids: - items: - description: 'List of identifiers of muted alerts. ' - type: string - type: array - name: - description: ' The name of the rule.' - type: string - next_run: - description: Date and time of the next run of the rule. - nullable: true - type: string - notify_when: - description: >- - Indicates how often alerts generate actions. Valid values - include: `onActionGroupChange`: Actions run when the alert - status changes; `onActiveAlert`: Actions run when the - alert becomes active and at each check interval while the - rule conditions are met; `onThrottleInterval`: Actions run - when the alert becomes active and at the interval - specified in the throttle property while the rule - conditions are met. NOTE: You cannot specify `notify_when` - at both the rule and action level. The recommended method - is to set it for each action. If you set it at the rule - level then update the rule in Kibana, it is automatically - changed to use action-specific values. - enum: - - onActionGroupChange - - onActiveAlert - - onThrottleInterval - nullable: true - type: string - params: - additionalProperties: {} - description: The parameters for the rule. - type: object - revision: - description: The rule revision number. - type: number - rule_type_id: - description: The rule type identifier. - type: string - running: - description: Indicates whether the rule is running. - nullable: true - type: boolean - schedule: - additionalProperties: false - type: object - properties: - interval: - description: >- - The interval is specified in seconds, minutes, hours, - or days. - type: string - required: - - interval - scheduled_task_id: - description: Identifier of the scheduled task. - type: string - snooze_schedule: - items: - additionalProperties: false - type: object - properties: - duration: - description: Duration of the rule snooze schedule. - type: number - id: - description: Identifier of the rule snooze schedule. - type: string - rRule: - additionalProperties: false - type: object - properties: - byhour: - items: - description: Indicates hours of the day to recur. - type: number - type: array - byminute: - items: - description: Indicates minutes of the hour to recur. - type: number - type: array - bymonth: - items: - description: >- - Indicates months of the year that this rule - should recur. - type: number - type: array - bymonthday: - items: - description: Indicates the days of the month to recur. - type: number - type: array - bysecond: - items: - description: Indicates seconds of the day to recur. - type: number - type: array - bysetpos: - items: - description: >- - A positive or negative integer affecting the - nth day of the month. For example, -2 combined - with `byweekday` of FR is 2nd to last Friday - of the month. It is recommended to not set - this manually and just use `byweekday`. - type: number - type: array - byweekday: - items: - anyOf: - - type: string - - type: number - description: >- - Indicates the days of the week to recur or - else nth-day-of-month strings. For example, - "+2TU" second Tuesday of month, "-1FR" last - Friday of the month, which are internally - converted to a `byweekday/bysetpos` - combination. - type: array - byweekno: - items: - description: Indicates number of the week hours to recur. - type: number - type: array - byyearday: - items: - description: >- - Indicates the days of the year that this rule - should recur. - type: number - type: array - count: - description: >- - Number of times the rule should recur until it - stops. - type: number - dtstart: - description: >- - Rule start date in Coordinated Universal Time - (UTC). - type: string - freq: - description: >- - Indicates frequency of the rule. Options are - YEARLY, MONTHLY, WEEKLY, DAILY. - enum: - - 0 - - 1 - - 2 - - 3 - - 4 - - 5 - - 6 - type: integer - interval: - description: >- - Indicates the interval of frequency. For - example, 1 and YEARLY is every 1 year, 2 and - WEEKLY is every 2 weeks. - type: number - tzid: - description: Indicates timezone abbreviation. - type: string - until: - description: Recur the rule until this date. - type: string - wkst: - description: Indicates the start of week, defaults to Monday. - enum: - - MO - - TU - - WE - - TH - - FR - - SA - - SU - type: string - required: - - dtstart - - tzid - skipRecurrences: - items: - description: Skips recurrence of rule on this date. - type: string - type: array - required: - - duration - - rRule - type: array - tags: - items: - description: The tags for the rule. - type: string - type: array - throttle: - deprecated: true - description: >- - Deprecated in 8.13.0. Use the `throttle` property in the - action `frequency` object instead. The throttle interval, - which defines how often an alert generates repeated - actions. NOTE: You cannot specify the throttle interval at - both the rule and action level. If you set it at the rule - level then update the rule in Kibana, it is automatically - changed to use action-specific values. - nullable: true - type: string - updated_at: - description: The date and time that the rule was updated most recently. - type: string - updated_by: - description: >- - The identifier for the user that updated this rule most - recently. - nullable: true - type: string - view_in_app_relative_url: - description: Relative URL to view rule in the app. - nullable: true - type: string - required: - - id - - enabled - - name - - tags - - rule_type_id - - consumer - - schedule - - actions - - params - - created_by - - updated_by - - created_at - - updated_at - - api_key_owner - - mute_all - - muted_alert_ids - - execution_status - - revision - description: Indicates a successful call. - '400': - description: Indicates an invalid schema or parameters. - '403': - description: Indicates that this call is forbidden. - '409': - description: Indicates that the rule id is already in use. - summary: Create a rule - tags: - - alerting - put: - operationId: '%2Fapi%2Falerting%2Frule%2F%7Bid%7D#1' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - description: The identifier for the rule. - in: path - name: id - required: true - schema: - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - actions: - default: [] - items: - additionalProperties: false - description: An action that runs under defined conditions. - type: object - properties: - alerts_filter: - additionalProperties: false - type: object - properties: - query: - additionalProperties: false - type: object - properties: - dsl: - description: >- - A filter written in Elasticsearch Query Domain - Specific Language (DSL). - type: string - filters: - description: >- - A filter written in Elasticsearch Query Domain - Specific Language (DSL) as defined in the - `kbn-es-query` package. - items: - additionalProperties: false - type: object - properties: - $state: - additionalProperties: false - type: object - properties: - store: - description: >- - A filter can be either specific to an - application context or applied globally. - enum: - - appState - - globalState - type: string - required: - - store - meta: - additionalProperties: {} - type: object - query: - additionalProperties: {} - type: object - required: - - meta - type: array - kql: - description: >- - A filter written in Kibana Query Language - (KQL). - type: string - required: - - kql - - filters - timeframe: - additionalProperties: false - description: >- - Defines a period that limits whether the action - runs. - type: object - properties: - days: - description: >- - Defines the days of the week that the action - can run, represented as an array of numbers. - For example, `1` represents Monday. An empty - array is equivalent to specifying all the days - of the week. - items: - enum: - - 1 - - 2 - - 3 - - 4 - - 5 - - 6 - - 7 - type: integer - type: array - hours: - additionalProperties: false - description: >- - Defines the range of time in a day that the - action can run. If the `start` value is - `00:00` and the `end` value is `24:00`, - actions be generated all day. - type: object - properties: - end: - description: >- - The end of the time frame in 24-hour - notation (`hh:mm`). - type: string - start: - description: >- - The start of the time frame in 24-hour - notation (`hh:mm`). - type: string - required: - - start - - end - timezone: - description: >- - The ISO time zone for the `hours` values. - Values such as `UTC` and `UTC+1` also work but - lack built-in daylight savings time support - and are not recommended. - type: string - required: - - days - - hours - - timezone - frequency: - additionalProperties: false - type: object - properties: - notify_when: - description: >- - Indicates how often alerts generate actions. Valid - values include: `onActionGroupChange`: Actions run - when the alert status changes; `onActiveAlert`: - Actions run when the alert becomes active and at - each check interval while the rule conditions are - met; `onThrottleInterval`: Actions run when the - alert becomes active and at the interval specified - in the throttle property while the rule conditions - are met. NOTE: You cannot specify `notify_when` at - both the rule and action level. The recommended - method is to set it for each action. If you set it - at the rule level then update the rule in Kibana, - it is automatically changed to use action-specific - values. - enum: - - onActionGroupChange - - onActiveAlert - - onThrottleInterval - type: string - summary: - description: Indicates whether the action is a summary. - type: boolean - throttle: - description: >- - The throttle interval, which defines how often an - alert generates repeated actions. It is specified - in seconds, minutes, hours, or days and is - applicable only if `notify_when` is set to - `onThrottleInterval`. NOTE: You cannot specify the - throttle interval at both the rule and action - level. The recommended method is to set it for - each action. If you set it at the rule level then - update the rule in Kibana, it is automatically - changed to use action-specific values. - nullable: true - type: string - required: - - summary - - notify_when - - throttle - group: - description: >- - The group name, which affects when the action runs - (for example, when the threshold is met or when the - alert is recovered). Each rule type has a list of - valid action group names. If you don't need to group - actions, set to `default`. - type: string - id: - description: The identifier for the connector saved object. - type: string - params: - additionalProperties: {} - default: {} - description: >- - The parameters for the action, which are sent to the - connector. The `params` are handled as Mustache - templates and passed a default set of context. - type: object - use_alert_data_for_template: - description: Indicates whether to use alert data as a template. - type: boolean - uuid: - description: A universally unique identifier (UUID) for the action. - type: string - required: - - id - type: array - alert_delay: - additionalProperties: false - description: >- - Indicates that an alert occurs only when the specified - number of consecutive runs met the rule conditions. - type: object - properties: - active: - description: >- - The number of consecutive runs that must meet the rule - conditions. - type: number - required: - - active - flapping: - additionalProperties: false - nullable: true - type: object - properties: - look_back_window: - maximum: 20 - minimum: 2 - type: number - status_change_threshold: - maximum: 20 - minimum: 2 - type: number - required: - - look_back_window - - status_change_threshold - name: - description: >- - The name of the rule. While this name does not have to be - unique, a distinctive name can help you identify a rule. - type: string - notify_when: - description: >- - Indicates how often alerts generate actions. Valid values - include: `onActionGroupChange`: Actions run when the alert - status changes; `onActiveAlert`: Actions run when the alert - becomes active and at each check interval while the rule - conditions are met; `onThrottleInterval`: Actions run when - the alert becomes active and at the interval specified in - the throttle property while the rule conditions are met. - NOTE: You cannot specify `notify_when` at both the rule and - action level. The recommended method is to set it for each - action. If you set it at the rule level then update the rule - in Kibana, it is automatically changed to use - action-specific values. - enum: - - onActionGroupChange - - onActiveAlert - - onThrottleInterval - nullable: true - type: string - params: - additionalProperties: {} - default: {} - description: The parameters for the rule. - type: object - schedule: - additionalProperties: false - type: object - properties: - interval: - description: >- - The interval is specified in seconds, minutes, hours, or - days. - type: string - required: - - interval - tags: - default: [] - items: - description: The tags for the rule. - type: string - type: array - throttle: - description: >- - Use the `throttle` property in the action `frequency` object - instead. The throttle interval, which defines how often an - alert generates repeated actions. NOTE: You cannot specify - the throttle interval at both the rule and action level. If - you set it at the rule level then update the rule in Kibana, - it is automatically changed to use action-specific values. - nullable: true - type: string - required: - - name - - schedule - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - actions: - items: - additionalProperties: false - type: object - properties: - alerts_filter: - additionalProperties: false - description: >- - Defines a period that limits whether the action - runs. - type: object - properties: - query: - additionalProperties: false - type: object - properties: - dsl: - description: >- - A filter written in Elasticsearch Query - Domain Specific Language (DSL). - type: string - filters: - description: >- - A filter written in Elasticsearch Query - Domain Specific Language (DSL) as defined in - the `kbn-es-query` package. - items: - additionalProperties: false - type: object - properties: - $state: - additionalProperties: false - type: object - properties: - store: - description: >- - A filter can be either specific to an - application context or applied globally. - enum: - - appState - - globalState - type: string - required: - - store - meta: - additionalProperties: {} - type: object - query: - additionalProperties: {} - type: object - required: - - meta - type: array - kql: - description: >- - A filter written in Kibana Query Language - (KQL). - type: string - required: - - kql - - filters - timeframe: - additionalProperties: false - type: object - properties: - days: - description: >- - Defines the days of the week that the action - can run, represented as an array of numbers. - For example, `1` represents Monday. An empty - array is equivalent to specifying all the - days of the week. - items: - enum: - - 1 - - 2 - - 3 - - 4 - - 5 - - 6 - - 7 - type: integer - type: array - hours: - additionalProperties: false - type: object - properties: - end: - description: >- - The end of the time frame in 24-hour - notation (`hh:mm`). - type: string - start: - description: >- - The start of the time frame in 24-hour - notation (`hh:mm`). - type: string - required: - - start - - end - timezone: - description: >- - The ISO time zone for the `hours` values. - Values such as `UTC` and `UTC+1` also work - but lack built-in daylight savings time - support and are not recommended. - type: string - required: - - days - - hours - - timezone - connector_type_id: - description: >- - The type of connector. This property appears in - responses but cannot be set in requests. - type: string - frequency: - additionalProperties: false - type: object - properties: - notify_when: - description: >- - Indicates how often alerts generate actions. - Valid values include: `onActionGroupChange`: - Actions run when the alert status changes; - `onActiveAlert`: Actions run when the alert - becomes active and at each check interval while - the rule conditions are met; - `onThrottleInterval`: Actions run when the alert - becomes active and at the interval specified in - the throttle property while the rule conditions - are met. NOTE: You cannot specify `notify_when` - at both the rule and action level. The - recommended method is to set it for each action. - If you set it at the rule level then update the - rule in Kibana, it is automatically changed to - use action-specific values. - enum: - - onActionGroupChange - - onActiveAlert - - onThrottleInterval - type: string - summary: - description: Indicates whether the action is a summary. - type: boolean - throttle: - description: >- - The throttle interval, which defines how often - an alert generates repeated actions. It is - specified in seconds, minutes, hours, or days - and is applicable only if 'notify_when' is set - to 'onThrottleInterval'. NOTE: You cannot - specify the throttle interval at both the rule - and action level. The recommended method is to - set it for each action. If you set it at the - rule level then update the rule in Kibana, it is - automatically changed to use action-specific - values. - nullable: true - type: string - required: - - summary - - notify_when - - throttle - group: - description: >- - The group name, which affects when the action runs - (for example, when the threshold is met or when the - alert is recovered). Each rule type has a list of - valid action group names. If you don't need to group - actions, set to `default`. - type: string - id: - description: The identifier for the connector saved object. - type: string - params: - additionalProperties: {} - description: >- - The parameters for the action, which are sent to the - connector. The `params` are handled as Mustache - templates and passed a default set of context. - type: object - use_alert_data_for_template: - description: Indicates whether to use alert data as a template. - type: boolean - uuid: - description: >- - A universally unique identifier (UUID) for the - action. - type: string - required: - - id - - connector_type_id - - params - type: array - active_snoozes: - items: - description: List of active snoozes for the rule. - type: string - type: array - alert_delay: - additionalProperties: false - description: >- - Indicates that an alert occurs only when the specified - number of consecutive runs met the rule conditions. - type: object - properties: - active: - description: >- - The number of consecutive runs that must meet the rule - conditions. - type: number - required: - - active - api_key_created_by_user: - description: >- - Indicates whether the API key that is associated with the - rule was created by the user. - nullable: true - type: boolean - api_key_owner: - description: >- - The owner of the API key that is associated with the rule - and used to run background tasks. - nullable: true - type: string - consumer: - description: >- - The name of the application or feature that owns the rule. - For example: `alerts`, `apm`, `discover`, - `infrastructure`, `logs`, `metrics`, `ml`, `monitoring`, - `securitySolution`, `siem`, `stackAlerts`, or `uptime`. - type: string - created_at: - description: The date and time that the rule was created. - type: string - created_by: - description: The identifier for the user that created the rule. - nullable: true - type: string - enabled: - description: >- - Indicates whether you want to run the rule on an interval - basis after it is created. - type: boolean - execution_status: - additionalProperties: false - type: object - properties: - error: - additionalProperties: false - type: object - properties: - message: - description: Error message. - type: string - reason: - description: Reason for error. - enum: - - read - - decrypt - - execute - - unknown - - license - - timeout - - disabled - - validate - type: string - required: - - reason - - message - last_duration: - description: Duration of last execution of the rule. - type: number - last_execution_date: - description: The date and time when rule was executed last. - type: string - status: - description: Status of rule execution. - enum: - - ok - - active - - error - - warning - - pending - - unknown - type: string - warning: - additionalProperties: false - type: object - properties: - message: - description: Warning message. - type: string - reason: - description: Reason for warning. - enum: - - maxExecutableActions - - maxAlerts - - maxQueuedActions - - ruleExecution - type: string - required: - - reason - - message - required: - - status - - last_execution_date - flapping: - additionalProperties: false - nullable: true - type: object - properties: - look_back_window: - maximum: 20 - minimum: 2 - type: number - status_change_threshold: - maximum: 20 - minimum: 2 - type: number - required: - - look_back_window - - status_change_threshold - id: - description: The identifier for the rule. - type: string - is_snoozed_until: - description: The date when the rule will no longer be snoozed. - nullable: true - type: string - last_run: - additionalProperties: false - nullable: true - type: object - properties: - alerts_count: - additionalProperties: false - type: object - properties: - active: - description: Number of active alerts during last run. - nullable: true - type: number - ignored: - description: Number of ignored alerts during last run. - nullable: true - type: number - new: - description: Number of new alerts during last run. - nullable: true - type: number - recovered: - description: Number of recovered alerts during last run. - nullable: true - type: number - outcome: - description: >- - Outcome of last run of the rule. Value could be - succeeded, warning or failed. - enum: - - succeeded - - warning - - failed - type: string - outcome_msg: - items: - description: Outcome message generated during last rule run. - type: string - nullable: true - type: array - outcome_order: - description: Order of the outcome. - type: number - warning: - description: Warning of last rule execution. - enum: - - read - - decrypt - - execute - - unknown - - license - - timeout - - disabled - - validate - - maxExecutableActions - - maxAlerts - - maxQueuedActions - - ruleExecution - nullable: true - type: string - required: - - outcome - - alerts_count - mapped_params: - additionalProperties: {} - type: object - monitoring: - additionalProperties: false - description: Monitoring details of the rule. - type: object - properties: - run: - additionalProperties: false - description: Rule run details. - type: object - properties: - calculated_metrics: - additionalProperties: false - description: >- - Calculation of different percentiles and success - ratio. - type: object - properties: - p50: - type: number - p95: - type: number - p99: - type: number - success_ratio: - type: number - required: - - success_ratio - history: - description: History of the rule run. - items: - additionalProperties: false - type: object - properties: - duration: - description: Duration of the rule run. - type: number - outcome: - additionalProperties: false - type: object - properties: - alerts_count: - additionalProperties: false - type: object - properties: - active: - description: Number of active alerts during last run. - nullable: true - type: number - ignored: - description: >- - Number of ignored alerts during last - run. - nullable: true - type: number - new: - description: Number of new alerts during last run. - nullable: true - type: number - recovered: - description: >- - Number of recovered alerts during last - run. - nullable: true - type: number - outcome: - description: >- - Outcome of last run of the rule. Value - could be succeeded, warning or failed. - enum: - - succeeded - - warning - - failed - type: string - outcome_msg: - items: - description: >- - Outcome message generated during last - rule run. - type: string - nullable: true - type: array - outcome_order: - description: Order of the outcome. - type: number - warning: - description: Warning of last rule execution. - enum: - - read - - decrypt - - execute - - unknown - - license - - timeout - - disabled - - validate - - maxExecutableActions - - maxAlerts - - maxQueuedActions - - ruleExecution - nullable: true - type: string - required: - - outcome - - alerts_count - success: - description: >- - Indicates whether the rule run was - successful. - type: boolean - timestamp: - description: Time of rule run. - type: number - required: - - success - - timestamp - type: array - last_run: - additionalProperties: false - type: object - properties: - metrics: - additionalProperties: false - type: object - properties: - duration: - description: Duration of most recent rule run. - type: number - gap_duration_s: - description: Duration in seconds of rule run gap. - nullable: true - type: number - total_alerts_created: - description: >- - Total number of alerts created during last - rule run. - nullable: true - type: number - total_alerts_detected: - description: >- - Total number of alerts detected during - last rule run. - nullable: true - type: number - total_indexing_duration_ms: - description: >- - Total time spent indexing documents during - last rule run in milliseconds. - nullable: true - type: number - total_search_duration_ms: - description: >- - Total time spent performing Elasticsearch - searches as measured by Kibana; includes - network latency and time spent serializing - or deserializing the request and response. - nullable: true - type: number - timestamp: - description: Time of the most recent rule run. - type: string - required: - - timestamp - - metrics - required: - - history - - calculated_metrics - - last_run - required: - - run - mute_all: - description: Indicates whether all alerts are muted. - type: boolean - muted_alert_ids: - items: - description: 'List of identifiers of muted alerts. ' - type: string - type: array - name: - description: ' The name of the rule.' - type: string - next_run: - description: Date and time of the next run of the rule. - nullable: true - type: string - notify_when: - description: >- - Indicates how often alerts generate actions. Valid values - include: `onActionGroupChange`: Actions run when the alert - status changes; `onActiveAlert`: Actions run when the - alert becomes active and at each check interval while the - rule conditions are met; `onThrottleInterval`: Actions run - when the alert becomes active and at the interval - specified in the throttle property while the rule - conditions are met. NOTE: You cannot specify `notify_when` - at both the rule and action level. The recommended method - is to set it for each action. If you set it at the rule - level then update the rule in Kibana, it is automatically - changed to use action-specific values. - enum: - - onActionGroupChange - - onActiveAlert - - onThrottleInterval - nullable: true - type: string - params: - additionalProperties: {} - description: The parameters for the rule. - type: object - revision: - description: The rule revision number. - type: number - rule_type_id: - description: The rule type identifier. - type: string - running: - description: Indicates whether the rule is running. - nullable: true - type: boolean - schedule: - additionalProperties: false - type: object - properties: - interval: - description: >- - The interval is specified in seconds, minutes, hours, - or days. - type: string - required: - - interval - scheduled_task_id: - description: Identifier of the scheduled task. - type: string - snooze_schedule: - items: - additionalProperties: false - type: object - properties: - duration: - description: Duration of the rule snooze schedule. - type: number - id: - description: Identifier of the rule snooze schedule. - type: string - rRule: - additionalProperties: false - type: object - properties: - byhour: - items: - description: Indicates hours of the day to recur. - type: number - type: array - byminute: - items: - description: Indicates minutes of the hour to recur. - type: number - type: array - bymonth: - items: - description: >- - Indicates months of the year that this rule - should recur. - type: number - type: array - bymonthday: - items: - description: Indicates the days of the month to recur. - type: number - type: array - bysecond: - items: - description: Indicates seconds of the day to recur. - type: number - type: array - bysetpos: - items: - description: >- - A positive or negative integer affecting the - nth day of the month. For example, -2 combined - with `byweekday` of FR is 2nd to last Friday - of the month. It is recommended to not set - this manually and just use `byweekday`. - type: number - type: array - byweekday: - items: - anyOf: - - type: string - - type: number - description: >- - Indicates the days of the week to recur or - else nth-day-of-month strings. For example, - "+2TU" second Tuesday of month, "-1FR" last - Friday of the month, which are internally - converted to a `byweekday/bysetpos` - combination. - type: array - byweekno: - items: - description: Indicates number of the week hours to recur. - type: number - type: array - byyearday: - items: - description: >- - Indicates the days of the year that this rule - should recur. - type: number - type: array - count: - description: >- - Number of times the rule should recur until it - stops. - type: number - dtstart: - description: >- - Rule start date in Coordinated Universal Time - (UTC). - type: string - freq: - description: >- - Indicates frequency of the rule. Options are - YEARLY, MONTHLY, WEEKLY, DAILY. - enum: - - 0 - - 1 - - 2 - - 3 - - 4 - - 5 - - 6 - type: integer - interval: - description: >- - Indicates the interval of frequency. For - example, 1 and YEARLY is every 1 year, 2 and - WEEKLY is every 2 weeks. - type: number - tzid: - description: Indicates timezone abbreviation. - type: string - until: - description: Recur the rule until this date. - type: string - wkst: - description: Indicates the start of week, defaults to Monday. - enum: - - MO - - TU - - WE - - TH - - FR - - SA - - SU - type: string - required: - - dtstart - - tzid - skipRecurrences: - items: - description: Skips recurrence of rule on this date. - type: string - type: array - required: - - duration - - rRule - type: array - tags: - items: - description: The tags for the rule. - type: string - type: array - throttle: - deprecated: true - description: >- - Deprecated in 8.13.0. Use the `throttle` property in the - action `frequency` object instead. The throttle interval, - which defines how often an alert generates repeated - actions. NOTE: You cannot specify the throttle interval at - both the rule and action level. If you set it at the rule - level then update the rule in Kibana, it is automatically - changed to use action-specific values. - nullable: true - type: string - updated_at: - description: The date and time that the rule was updated most recently. - type: string - updated_by: - description: >- - The identifier for the user that updated this rule most - recently. - nullable: true - type: string - view_in_app_relative_url: - description: Relative URL to view rule in the app. - nullable: true - type: string - required: - - id - - enabled - - name - - tags - - rule_type_id - - consumer - - schedule - - actions - - params - - created_by - - updated_by - - created_at - - updated_at - - api_key_owner - - mute_all - - muted_alert_ids - - execution_status - - revision - description: Indicates a successful call. - '400': - description: Indicates an invalid schema or parameters. - '403': - description: Indicates that this call is forbidden. - '404': - description: Indicates a rule with the given ID does not exist. - '409': - description: Indicates that the rule has already been updated by another user. - summary: Update a rule - tags: - - alerting - /api/alerting/rule/{id}/_disable: - post: - operationId: '%2Fapi%2Falerting%2Frule%2F%7Bid%7D%2F_disable#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - description: The identifier for the rule. - in: path - name: id - required: true - schema: - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - nullable: true - type: object - properties: - untrack: - description: Defines whether this rule's alerts should be untracked. - type: boolean - x-oas-optional: true - responses: - '204': - description: Indicates a successful call. - '400': - description: Indicates an invalid schema. - '403': - description: Indicates that this call is forbidden. - '404': - description: Indicates a rule with the given ID does not exist. - summary: Disable a rule - tags: - - alerting - /api/alerting/rule/{id}/_enable: - post: - operationId: '%2Fapi%2Falerting%2Frule%2F%7Bid%7D%2F_enable#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - description: The identifier for the rule. - in: path - name: id - required: true - schema: - type: string - responses: - '204': - description: Indicates a successful call. - '400': - description: Indicates an invalid schema or parameters. - '403': - description: Indicates that this call is forbidden. - '404': - description: Indicates a rule with the given ID does not exist. - summary: Enable a rule - tags: - - alerting - /api/alerting/rule/{id}/_mute_all: - post: - operationId: '%2Fapi%2Falerting%2Frule%2F%7Bid%7D%2F_mute_all#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - description: The identifier for the rule. - in: path - name: id - required: true - schema: - type: string - responses: - '204': - description: Indicates a successful call. - '400': - description: Indicates an invalid schema or parameters. - '403': - description: Indicates that this call is forbidden. - '404': - description: Indicates a rule with the given ID does not exist. - summary: Mute all alerts - tags: - - alerting - /api/alerting/rule/{id}/_unmute_all: - post: - operationId: '%2Fapi%2Falerting%2Frule%2F%7Bid%7D%2F_unmute_all#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - description: The identifier for the rule. - in: path - name: id - required: true - schema: - type: string - responses: - '204': - description: Indicates a successful call. - '400': - description: Indicates an invalid schema or parameters. - '403': - description: Indicates that this call is forbidden. - '404': - description: Indicates a rule with the given ID does not exist. - summary: Unmute all alerts - tags: - - alerting - /api/alerting/rule/{id}/_update_api_key: - post: - operationId: '%2Fapi%2Falerting%2Frule%2F%7Bid%7D%2F_update_api_key#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - description: The identifier for the rule. - in: path - name: id - required: true - schema: - type: string - responses: - '204': - description: Indicates a successful call. - '400': - description: Indicates an invalid schema or parameters. - '403': - description: Indicates that this call is forbidden. - '404': - description: Indicates a rule with the given ID does not exist. - '409': - description: Indicates that the rule has already been updated by another user. - summary: Update the API key for a rule - tags: - - alerting - /api/alerting/rule/{rule_id}/alert/{alert_id}/_mute: - post: - operationId: >- - %2Fapi%2Falerting%2Frule%2F%7Brule_id%7D%2Falert%2F%7Balert_id%7D%2F_mute#0 - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - description: The identifier for the rule. - in: path - name: rule_id - required: true - schema: - type: string - - description: The identifier for the alert. - in: path - name: alert_id - required: true - schema: - type: string - responses: - '204': - description: Indicates a successful call. - '400': - description: Indicates an invalid schema or parameters. - '403': - description: Indicates that this call is forbidden. - '404': - description: Indicates a rule or alert with the given ID does not exist. - summary: Mute an alert - tags: - - alerting - /api/alerting/rule/{rule_id}/alert/{alert_id}/_unmute: - post: - operationId: >- - %2Fapi%2Falerting%2Frule%2F%7Brule_id%7D%2Falert%2F%7Balert_id%7D%2F_unmute#0 - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - description: The identifier for the rule. - in: path - name: rule_id - required: true - schema: - type: string - - description: The identifier for the alert. - in: path - name: alert_id - required: true - schema: - type: string - responses: - '204': - description: Indicates a successful call. - '400': - description: Indicates an invalid schema or parameters. - '403': - description: Indicates that this call is forbidden. - '404': - description: Indicates a rule or alert with the given ID does not exist. - summary: Unmute an alert - tags: - - alerting - /api/alerting/rules/_find: - get: - operationId: '%2Fapi%2Falerting%2Frules%2F_find#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: The number of rules to return per page. - in: query - name: per_page - required: false - schema: - default: 10 - minimum: 0 - type: number - - description: The page number to return. - in: query - name: page - required: false - schema: - default: 1 - minimum: 1 - type: number - - description: >- - An Elasticsearch simple_query_string query that filters the objects - in the response. - in: query - name: search - required: false - schema: - type: string - - description: The default operator to use for the simple_query_string. - in: query - name: default_search_operator - required: false - schema: - default: OR - enum: - - OR - - AND - type: string - - description: The fields to perform the simple_query_string parsed query against. - in: query - name: search_fields - required: false - schema: - anyOf: - - items: - type: string - type: array - - type: string - - description: >- - Determines which field is used to sort the results. The field must - exist in the `attributes` key of the response. - in: query - name: sort_field - required: false - schema: - type: string - - description: Determines the sort order. - in: query - name: sort_order - required: false - schema: - enum: - - asc - - desc - type: string - - description: >- - Filters the rules that have a relation with the reference objects - with a specific type and identifier. - in: query - name: has_reference - required: false - schema: - additionalProperties: false - nullable: true - type: object - properties: - id: - type: string - type: - type: string - required: - - type - - id - - in: query - name: fields - required: false - schema: - items: - description: The fields to return in the `attributes` key of the response. - type: string - type: array - - description: >- - A KQL string that you filter with an attribute from your saved - object. It should look like `savedObjectType.attributes.title: - "myTitle"`. However, if you used a direct attribute of a saved - object, such as `updatedAt`, you must define your filter, for - example, `savedObjectType.updatedAt > 2018-12-22`. - in: query - name: filter - required: false - schema: - type: string - - in: query - name: filter_consumers - required: false - schema: - items: - description: List of consumers to filter. - type: string - type: array - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - actions: - items: - additionalProperties: false - type: object - properties: - alerts_filter: - additionalProperties: false - description: >- - Defines a period that limits whether the action - runs. - type: object - properties: - query: - additionalProperties: false - type: object - properties: - dsl: - description: >- - A filter written in Elasticsearch Query - Domain Specific Language (DSL). - type: string - filters: - description: >- - A filter written in Elasticsearch Query - Domain Specific Language (DSL) as defined in - the `kbn-es-query` package. - items: - additionalProperties: false - type: object - properties: - $state: - additionalProperties: false - type: object - properties: - store: - description: >- - A filter can be either specific to an - application context or applied globally. - enum: - - appState - - globalState - type: string - required: - - store - meta: - additionalProperties: {} - type: object - query: - additionalProperties: {} - type: object - required: - - meta - type: array - kql: - description: >- - A filter written in Kibana Query Language - (KQL). - type: string - required: - - kql - - filters - timeframe: - additionalProperties: false - type: object - properties: - days: - description: >- - Defines the days of the week that the action - can run, represented as an array of numbers. - For example, `1` represents Monday. An empty - array is equivalent to specifying all the - days of the week. - items: - enum: - - 1 - - 2 - - 3 - - 4 - - 5 - - 6 - - 7 - type: integer - type: array - hours: - additionalProperties: false - type: object - properties: - end: - description: >- - The end of the time frame in 24-hour - notation (`hh:mm`). - type: string - start: - description: >- - The start of the time frame in 24-hour - notation (`hh:mm`). - type: string - required: - - start - - end - timezone: - description: >- - The ISO time zone for the `hours` values. - Values such as `UTC` and `UTC+1` also work - but lack built-in daylight savings time - support and are not recommended. - type: string - required: - - days - - hours - - timezone - connector_type_id: - description: >- - The type of connector. This property appears in - responses but cannot be set in requests. - type: string - frequency: - additionalProperties: false - type: object - properties: - notify_when: - description: >- - Indicates how often alerts generate actions. - Valid values include: `onActionGroupChange`: - Actions run when the alert status changes; - `onActiveAlert`: Actions run when the alert - becomes active and at each check interval while - the rule conditions are met; - `onThrottleInterval`: Actions run when the alert - becomes active and at the interval specified in - the throttle property while the rule conditions - are met. NOTE: You cannot specify `notify_when` - at both the rule and action level. The - recommended method is to set it for each action. - If you set it at the rule level then update the - rule in Kibana, it is automatically changed to - use action-specific values. - enum: - - onActionGroupChange - - onActiveAlert - - onThrottleInterval - type: string - summary: - description: Indicates whether the action is a summary. - type: boolean - throttle: - description: >- - The throttle interval, which defines how often - an alert generates repeated actions. It is - specified in seconds, minutes, hours, or days - and is applicable only if 'notify_when' is set - to 'onThrottleInterval'. NOTE: You cannot - specify the throttle interval at both the rule - and action level. The recommended method is to - set it for each action. If you set it at the - rule level then update the rule in Kibana, it is - automatically changed to use action-specific - values. - nullable: true - type: string - required: - - summary - - notify_when - - throttle - group: - description: >- - The group name, which affects when the action runs - (for example, when the threshold is met or when the - alert is recovered). Each rule type has a list of - valid action group names. If you don't need to group - actions, set to `default`. - type: string - id: - description: The identifier for the connector saved object. - type: string - params: - additionalProperties: {} - description: >- - The parameters for the action, which are sent to the - connector. The `params` are handled as Mustache - templates and passed a default set of context. - type: object - use_alert_data_for_template: - description: Indicates whether to use alert data as a template. - type: boolean - uuid: - description: >- - A universally unique identifier (UUID) for the - action. - type: string - required: - - id - - connector_type_id - - params - type: array - active_snoozes: - items: - description: List of active snoozes for the rule. - type: string - type: array - alert_delay: - additionalProperties: false - description: >- - Indicates that an alert occurs only when the specified - number of consecutive runs met the rule conditions. - type: object - properties: - active: - description: >- - The number of consecutive runs that must meet the rule - conditions. - type: number - required: - - active - api_key_created_by_user: - description: >- - Indicates whether the API key that is associated with the - rule was created by the user. - nullable: true - type: boolean - api_key_owner: - description: >- - The owner of the API key that is associated with the rule - and used to run background tasks. - nullable: true - type: string - consumer: - description: >- - The name of the application or feature that owns the rule. - For example: `alerts`, `apm`, `discover`, - `infrastructure`, `logs`, `metrics`, `ml`, `monitoring`, - `securitySolution`, `siem`, `stackAlerts`, or `uptime`. - type: string - created_at: - description: The date and time that the rule was created. - type: string - created_by: - description: The identifier for the user that created the rule. - nullable: true - type: string - enabled: - description: >- - Indicates whether you want to run the rule on an interval - basis after it is created. - type: boolean - execution_status: - additionalProperties: false - type: object - properties: - error: - additionalProperties: false - type: object - properties: - message: - description: Error message. - type: string - reason: - description: Reason for error. - enum: - - read - - decrypt - - execute - - unknown - - license - - timeout - - disabled - - validate - type: string - required: - - reason - - message - last_duration: - description: Duration of last execution of the rule. - type: number - last_execution_date: - description: The date and time when rule was executed last. - type: string - status: - description: Status of rule execution. - enum: - - ok - - active - - error - - warning - - pending - - unknown - type: string - warning: - additionalProperties: false - type: object - properties: - message: - description: Warning message. - type: string - reason: - description: Reason for warning. - enum: - - maxExecutableActions - - maxAlerts - - maxQueuedActions - - ruleExecution - type: string - required: - - reason - - message - required: - - status - - last_execution_date - flapping: - additionalProperties: false - nullable: true - type: object - properties: - look_back_window: - maximum: 20 - minimum: 2 - type: number - status_change_threshold: - maximum: 20 - minimum: 2 - type: number - required: - - look_back_window - - status_change_threshold - id: - description: The identifier for the rule. - type: string - is_snoozed_until: - description: The date when the rule will no longer be snoozed. - nullable: true - type: string - last_run: - additionalProperties: false - nullable: true - type: object - properties: - alerts_count: - additionalProperties: false - type: object - properties: - active: - description: Number of active alerts during last run. - nullable: true - type: number - ignored: - description: Number of ignored alerts during last run. - nullable: true - type: number - new: - description: Number of new alerts during last run. - nullable: true - type: number - recovered: - description: Number of recovered alerts during last run. - nullable: true - type: number - outcome: - description: >- - Outcome of last run of the rule. Value could be - succeeded, warning or failed. - enum: - - succeeded - - warning - - failed - type: string - outcome_msg: - items: - description: Outcome message generated during last rule run. - type: string - nullable: true - type: array - outcome_order: - description: Order of the outcome. - type: number - warning: - description: Warning of last rule execution. - enum: - - read - - decrypt - - execute - - unknown - - license - - timeout - - disabled - - validate - - maxExecutableActions - - maxAlerts - - maxQueuedActions - - ruleExecution - nullable: true - type: string - required: - - outcome - - alerts_count - mapped_params: - additionalProperties: {} - type: object - monitoring: - additionalProperties: false - description: Monitoring details of the rule. - type: object - properties: - run: - additionalProperties: false - description: Rule run details. - type: object - properties: - calculated_metrics: - additionalProperties: false - description: >- - Calculation of different percentiles and success - ratio. - type: object - properties: - p50: - type: number - p95: - type: number - p99: - type: number - success_ratio: - type: number - required: - - success_ratio - history: - description: History of the rule run. - items: - additionalProperties: false - type: object - properties: - duration: - description: Duration of the rule run. - type: number - outcome: - additionalProperties: false - type: object - properties: - alerts_count: - additionalProperties: false - type: object - properties: - active: - description: Number of active alerts during last run. - nullable: true - type: number - ignored: - description: >- - Number of ignored alerts during last - run. - nullable: true - type: number - new: - description: Number of new alerts during last run. - nullable: true - type: number - recovered: - description: >- - Number of recovered alerts during last - run. - nullable: true - type: number - outcome: - description: >- - Outcome of last run of the rule. Value - could be succeeded, warning or failed. - enum: - - succeeded - - warning - - failed - type: string - outcome_msg: - items: - description: >- - Outcome message generated during last - rule run. - type: string - nullable: true - type: array - outcome_order: - description: Order of the outcome. - type: number - warning: - description: Warning of last rule execution. - enum: - - read - - decrypt - - execute - - unknown - - license - - timeout - - disabled - - validate - - maxExecutableActions - - maxAlerts - - maxQueuedActions - - ruleExecution - nullable: true - type: string - required: - - outcome - - alerts_count - success: - description: >- - Indicates whether the rule run was - successful. - type: boolean - timestamp: - description: Time of rule run. - type: number - required: - - success - - timestamp - type: array - last_run: - additionalProperties: false - type: object - properties: - metrics: - additionalProperties: false - type: object - properties: - duration: - description: Duration of most recent rule run. - type: number - gap_duration_s: - description: Duration in seconds of rule run gap. - nullable: true - type: number - total_alerts_created: - description: >- - Total number of alerts created during last - rule run. - nullable: true - type: number - total_alerts_detected: - description: >- - Total number of alerts detected during - last rule run. - nullable: true - type: number - total_indexing_duration_ms: - description: >- - Total time spent indexing documents during - last rule run in milliseconds. - nullable: true - type: number - total_search_duration_ms: - description: >- - Total time spent performing Elasticsearch - searches as measured by Kibana; includes - network latency and time spent serializing - or deserializing the request and response. - nullable: true - type: number - timestamp: - description: Time of the most recent rule run. - type: string - required: - - timestamp - - metrics - required: - - history - - calculated_metrics - - last_run - required: - - run - mute_all: - description: Indicates whether all alerts are muted. - type: boolean - muted_alert_ids: - items: - description: 'List of identifiers of muted alerts. ' - type: string - type: array - name: - description: ' The name of the rule.' - type: string - next_run: - description: Date and time of the next run of the rule. - nullable: true - type: string - notify_when: - description: >- - Indicates how often alerts generate actions. Valid values - include: `onActionGroupChange`: Actions run when the alert - status changes; `onActiveAlert`: Actions run when the - alert becomes active and at each check interval while the - rule conditions are met; `onThrottleInterval`: Actions run - when the alert becomes active and at the interval - specified in the throttle property while the rule - conditions are met. NOTE: You cannot specify `notify_when` - at both the rule and action level. The recommended method - is to set it for each action. If you set it at the rule - level then update the rule in Kibana, it is automatically - changed to use action-specific values. - enum: - - onActionGroupChange - - onActiveAlert - - onThrottleInterval - nullable: true - type: string - params: - additionalProperties: {} - description: The parameters for the rule. - type: object - revision: - description: The rule revision number. - type: number - rule_type_id: - description: The rule type identifier. - type: string - running: - description: Indicates whether the rule is running. - nullable: true - type: boolean - schedule: - additionalProperties: false - type: object - properties: - interval: - description: >- - The interval is specified in seconds, minutes, hours, - or days. - type: string - required: - - interval - scheduled_task_id: - description: Identifier of the scheduled task. - type: string - snooze_schedule: - items: - additionalProperties: false - type: object - properties: - duration: - description: Duration of the rule snooze schedule. - type: number - id: - description: Identifier of the rule snooze schedule. - type: string - rRule: - additionalProperties: false - type: object - properties: - byhour: - items: - description: Indicates hours of the day to recur. - type: number - type: array - byminute: - items: - description: Indicates minutes of the hour to recur. - type: number - type: array - bymonth: - items: - description: >- - Indicates months of the year that this rule - should recur. - type: number - type: array - bymonthday: - items: - description: Indicates the days of the month to recur. - type: number - type: array - bysecond: - items: - description: Indicates seconds of the day to recur. - type: number - type: array - bysetpos: - items: - description: >- - A positive or negative integer affecting the - nth day of the month. For example, -2 combined - with `byweekday` of FR is 2nd to last Friday - of the month. It is recommended to not set - this manually and just use `byweekday`. - type: number - type: array - byweekday: - items: - anyOf: - - type: string - - type: number - description: >- - Indicates the days of the week to recur or - else nth-day-of-month strings. For example, - "+2TU" second Tuesday of month, "-1FR" last - Friday of the month, which are internally - converted to a `byweekday/bysetpos` - combination. - type: array - byweekno: - items: - description: Indicates number of the week hours to recur. - type: number - type: array - byyearday: - items: - description: >- - Indicates the days of the year that this rule - should recur. - type: number - type: array - count: - description: >- - Number of times the rule should recur until it - stops. - type: number - dtstart: - description: >- - Rule start date in Coordinated Universal Time - (UTC). - type: string - freq: - description: >- - Indicates frequency of the rule. Options are - YEARLY, MONTHLY, WEEKLY, DAILY. - enum: - - 0 - - 1 - - 2 - - 3 - - 4 - - 5 - - 6 - type: integer - interval: - description: >- - Indicates the interval of frequency. For - example, 1 and YEARLY is every 1 year, 2 and - WEEKLY is every 2 weeks. - type: number - tzid: - description: Indicates timezone abbreviation. - type: string - until: - description: Recur the rule until this date. - type: string - wkst: - description: Indicates the start of week, defaults to Monday. - enum: - - MO - - TU - - WE - - TH - - FR - - SA - - SU - type: string - required: - - dtstart - - tzid - skipRecurrences: - items: - description: Skips recurrence of rule on this date. - type: string - type: array - required: - - duration - - rRule - type: array - tags: - items: - description: The tags for the rule. - type: string - type: array - throttle: - deprecated: true - description: >- - Deprecated in 8.13.0. Use the `throttle` property in the - action `frequency` object instead. The throttle interval, - which defines how often an alert generates repeated - actions. NOTE: You cannot specify the throttle interval at - both the rule and action level. If you set it at the rule - level then update the rule in Kibana, it is automatically - changed to use action-specific values. - nullable: true - type: string - updated_at: - description: The date and time that the rule was updated most recently. - type: string - updated_by: - description: >- - The identifier for the user that updated this rule most - recently. - nullable: true - type: string - view_in_app_relative_url: - description: Relative URL to view rule in the app. - nullable: true - type: string - required: - - id - - enabled - - name - - tags - - rule_type_id - - consumer - - schedule - - actions - - params - - created_by - - updated_by - - created_at - - updated_at - - api_key_owner - - mute_all - - muted_alert_ids - - execution_status - - revision - description: Indicates a successful call. - '400': - description: Indicates an invalid schema or parameters. - '403': - description: Indicates that this call is forbidden. - summary: Get information about rules - tags: - - alerting - /api/apm/agent_keys: - post: - description: Create a new agent key for APM. - operationId: createAgentKey - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - name: - type: string - privileges: - items: - enum: - - event:write - - config_agent:read - type: string - type: array - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - api_key: - type: string - encoded: - type: string - expiration: - format: int64 - type: integer - id: - type: string - name: - type: string - description: Agent key created successfully - summary: Create an APM agent key - tags: - - APM agent keys - /api/apm/services/{serviceName}/annotation: - post: - description: Create a new annotation for a specific service. - operationId: createAnnotation - parameters: - - description: The name of the service - in: path - name: serviceName - required: true - schema: - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - '@timestamp': - type: string - message: - type: string - service: - type: object - properties: - environment: - type: string - version: - type: string - tags: - items: - type: string - type: array - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - _id: - type: string - _index: - type: string - _source: - type: object - properties: - '@timestamp': - type: string - annotation: - type: string - event: - type: object - properties: - created: - type: string - message: - type: string - service: - type: object - properties: - environment: - type: string - name: - type: string - version: - type: string - tags: - items: - type: string - type: array - description: Annotation created successfully - summary: Create a service annotation - tags: - - APM annotations - /api/apm/services/{serviceName}/annotation/search: - get: - description: Search for annotations related to a specific service. - operationId: getAnnotation - parameters: - - description: The name of the service - in: path - name: serviceName - required: true - schema: - type: string - - description: The environment to filter annotations by - in: query - name: environment - required: false - schema: - type: string - - description: The start date for the search - in: query - name: start - required: false - schema: - type: string - - description: The end date for the search - in: query - name: end - required: false - schema: - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - annotations: - items: - type: object - properties: - '@timestamp': - type: number - id: - type: string - text: - type: string - type: - enum: - - version - type: string - type: array - description: Successful response - summary: Search for annotations - tags: - - APM annotations - /api/asset_criticality: - delete: - description: Delete the asset criticality record for a specific entity. - operationId: DeleteAssetCriticalityRecord - parameters: - - description: The ID value of the asset. - in: query - name: id_value - required: true - schema: - type: string - - description: The field representing the ID. - example: host.name - in: query - name: id_field - required: true - schema: - $ref: '#/components/schemas/Security_Entity_Analytics_API_IdField' - - description: If 'wait_for' the request will wait for the index refresh. - in: query - name: refresh - required: false - schema: - enum: - - wait_for - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - deleted: - description: >- - True if the record was deleted or false if the record did - not exist. - type: boolean - record: - $ref: >- - #/components/schemas/Security_Entity_Analytics_API_AssetCriticalityRecord - description: The deleted record if it existed. - required: - - deleted - description: Successful response - '400': - description: Invalid request - summary: Delete an asset criticality record - tags: - - Security Entity Analytics API - get: - description: Get the asset criticality record for a specific entity. - operationId: GetAssetCriticalityRecord - parameters: - - description: The ID value of the asset. - in: query - name: id_value - required: true - schema: - type: string - - description: The field representing the ID. - example: host.name - in: query - name: id_field - required: true - schema: - $ref: '#/components/schemas/Security_Entity_Analytics_API_IdField' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Entity_Analytics_API_AssetCriticalityRecord - description: Successful response - '400': - description: Invalid request - '404': - description: Criticality record not found - summary: Get an asset criticality record - tags: - - Security Entity Analytics API - post: - description: > - Create or update an asset criticality record for a specific entity. - - - If a record already exists for the specified entity, that record is - overwritten with the specified value. If a record doesn't exist for the - specified entity, a new record is created. - operationId: CreateAssetCriticalityRecord - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - allOf: - - $ref: >- - #/components/schemas/Security_Entity_Analytics_API_CreateAssetCriticalityRecord - - type: object - properties: - refresh: - description: >- - If 'wait_for' the request will wait for the index - refresh. - enum: - - wait_for - type: string - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Entity_Analytics_API_AssetCriticalityRecord - description: Successful response - '400': - description: Invalid request - summary: Upsert an asset criticality record - tags: - - Security Entity Analytics API - /api/asset_criticality/bulk: - post: - description: > - Bulk upsert up to 1000 asset criticality records. - - - If asset criticality records already exist for the specified entities, - those records are overwritten with the specified values. If asset - criticality records don't exist for the specified entities, new records - are created. - operationId: BulkUpsertAssetCriticalityRecords - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - example: - records: - - criticality_level: low_impact - id_field: host.name - id_value: host-1 - - criticality_level: medium_impact - id_field: host.name - id_value: host-2 - type: object - properties: - records: - items: - $ref: >- - #/components/schemas/Security_Entity_Analytics_API_CreateAssetCriticalityRecord - maxItems: 1000 - minItems: 1 - type: array - required: - - records - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - example: - errors: - - index: 0 - message: Invalid ID field - stats: - failed: 1 - successful: 1 - total: 2 - type: object - properties: - errors: - items: - $ref: >- - #/components/schemas/Security_Entity_Analytics_API_AssetCriticalityBulkUploadErrorItem - type: array - stats: - $ref: >- - #/components/schemas/Security_Entity_Analytics_API_AssetCriticalityBulkUploadStats - required: - - errors - - stats - description: Bulk upload successful - '413': - description: File too large - summary: Bulk upsert asset criticality records - tags: - - Security Entity Analytics API - /api/asset_criticality/list: - get: - description: List asset criticality records, paging, sorting and filtering as needed. - operationId: FindAssetCriticalityRecords - parameters: - - description: The field to sort by. - in: query - name: sort_field - required: false - schema: - enum: - - id_value - - id_field - - criticality_level - - \@timestamp - type: string - - description: The order to sort by. - in: query - name: sort_direction - required: false - schema: - enum: - - asc - - desc - type: string - - description: The page number to return. - in: query - name: page - required: false - schema: - minimum: 1 - type: integer - - description: The number of records to return per page. - in: query - name: per_page - required: false - schema: - maximum: 1000 - minimum: 1 - type: integer - - description: The kuery to filter by. - in: query - name: kuery - required: false - schema: - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - page: - minimum: 1 - type: integer - per_page: - maximum: 1000 - minimum: 1 - type: integer - records: - items: - $ref: >- - #/components/schemas/Security_Entity_Analytics_API_AssetCriticalityRecord - type: array - total: - minimum: 0 - type: integer - required: - - records - - page - - per_page - - total - description: Bulk upload successful - summary: List asset criticality records - tags: - - Security Entity Analytics API - /api/data_views: - get: - operationId: getAllDataViewsDefault - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - examples: - getAllDataViewsResponse: - $ref: '#/components/examples/Data_views_get_data_views_response' - schema: - type: object - properties: - data_view: - items: - type: object - properties: - id: - type: string - name: - type: string - namespaces: - items: - type: string - type: array - title: - type: string - typeMeta: - type: object - type: array - description: Indicates a successful call. - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Data_views_400_response' - description: Bad request - summary: Get all data views - tags: - - data views - /api/data_views/data_view: - post: - operationId: createDataViewDefaultw - parameters: - - $ref: '#/components/parameters/Data_views_kbn_xsrf' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - examples: - createDataViewRequest: - $ref: '#/components/examples/Data_views_create_data_view_request' - schema: - $ref: '#/components/schemas/Data_views_create_data_view_request_object' - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Data_views_data_view_response_object' - description: Indicates a successful call. - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Data_views_400_response' - description: Bad request - summary: Create a data view - tags: - - data views - /api/data_views/data_view/{viewId}: - delete: - description: | - WARNING: When you delete a data view, it cannot be recovered. - operationId: deleteDataViewDefault - parameters: - - $ref: '#/components/parameters/Data_views_kbn_xsrf' - - $ref: '#/components/parameters/Data_views_view_id' - responses: - '204': - description: Indicates a successful call. - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Data_views_404_response' - description: Object is not found. - summary: Delete a data view - tags: - - data views - get: - operationId: getDataViewDefault - parameters: - - $ref: '#/components/parameters/Data_views_view_id' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - examples: - getDataViewResponse: - $ref: '#/components/examples/Data_views_get_data_view_response' - schema: - $ref: '#/components/schemas/Data_views_data_view_response_object' - description: Indicates a successful call. - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Data_views_404_response' - description: Object is not found. - summary: Get a data view - tags: - - data views - post: - operationId: updateDataViewDefault - parameters: - - $ref: '#/components/parameters/Data_views_kbn_xsrf' - - $ref: '#/components/parameters/Data_views_view_id' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - examples: - updateDataViewRequest: - $ref: '#/components/examples/Data_views_update_data_view_request' - schema: - $ref: '#/components/schemas/Data_views_update_data_view_request_object' - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Data_views_data_view_response_object' - description: Indicates a successful call. - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Data_views_400_response' - description: Bad request - summary: Update a data view - tags: - - data views - /api/data_views/data_view/{viewId}/fields: - post: - description: > - Update fields presentation metadata such as count, customLabel, - customDescription, and format. - operationId: updateFieldsMetadataDefault - parameters: - - $ref: '#/components/parameters/Data_views_kbn_xsrf' - - $ref: '#/components/parameters/Data_views_view_id' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - examples: - updateFieldsMetadataRequest: - $ref: '#/components/examples/Data_views_update_field_metadata_request' - schema: - type: object - properties: - fields: - description: The field object. - type: object - required: - - fields - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - acknowledged: - type: boolean - description: Indicates a successful call. - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Data_views_400_response' - description: Bad request - summary: Update data view fields metadata - tags: - - data views - /api/data_views/data_view/{viewId}/runtime_field: - post: - operationId: createRuntimeFieldDefault - parameters: - - $ref: '#/components/parameters/Data_views_kbn_xsrf' - - $ref: '#/components/parameters/Data_views_view_id' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - examples: - createRuntimeFieldRequest: - $ref: '#/components/examples/Data_views_create_runtime_field_request' - schema: - type: object - properties: - name: - description: | - The name for a runtime field. - type: string - runtimeField: - description: | - The runtime field definition object. - type: object - required: - - name - - runtimeField - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - description: Indicates a successful call. - summary: Create a runtime field - tags: - - data views - put: - operationId: createUpdateRuntimeFieldDefault - parameters: - - $ref: '#/components/parameters/Data_views_kbn_xsrf' - - description: | - The ID of the data view fields you want to update. - in: path - name: viewId - required: true - schema: - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - examples: - updateRuntimeFieldRequest: - $ref: '#/components/examples/Data_views_create_runtime_field_request' - schema: - type: object - properties: - name: - description: | - The name for a runtime field. - type: string - runtimeField: - description: | - The runtime field definition object. - type: object - required: - - name - - runtimeField - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - data_view: - type: object - fields: - items: - type: object - type: array - description: Indicates a successful call. - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Data_views_400_response' - description: Bad request - summary: Create or update a runtime field - tags: - - data views - /api/data_views/data_view/{viewId}/runtime_field/{fieldName}: - delete: - operationId: deleteRuntimeFieldDefault - parameters: - - $ref: '#/components/parameters/Data_views_field_name' - - $ref: '#/components/parameters/Data_views_view_id' - responses: - '200': - description: Indicates a successful call. - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Data_views_404_response' - description: Object is not found. - summary: Delete a runtime field from a data view - tags: - - data views - get: - operationId: getRuntimeFieldDefault - parameters: - - $ref: '#/components/parameters/Data_views_field_name' - - $ref: '#/components/parameters/Data_views_view_id' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - examples: - getRuntimeFieldResponse: - $ref: '#/components/examples/Data_views_get_runtime_field_response' - schema: - type: object - properties: - data_view: - type: object - fields: - items: - type: object - type: array - description: Indicates a successful call. - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Data_views_404_response' - description: Object is not found. - summary: Get a runtime field - tags: - - data views - post: - operationId: updateRuntimeFieldDefault - parameters: - - $ref: '#/components/parameters/Data_views_field_name' - - $ref: '#/components/parameters/Data_views_view_id' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - examples: - updateRuntimeFieldRequest: - $ref: '#/components/examples/Data_views_update_runtime_field_request' - schema: - type: object - properties: - runtimeField: - description: | - The runtime field definition object. - - You can update following fields: - - - `type` - - `script` - type: object - required: - - runtimeField - required: true - responses: - '200': - description: Indicates a successful call. - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Data_views_400_response' - description: Bad request - summary: Update a runtime field - tags: - - data views - /api/data_views/default: - get: - operationId: getDefaultDataViewDefault - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - examples: - getDefaultDataViewResponse: - $ref: >- - #/components/examples/Data_views_get_default_data_view_response - schema: - type: object - properties: - data_view_id: - type: string - description: Indicates a successful call. - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Data_views_400_response' - description: Bad request - summary: Get the default data view - tags: - - data views - post: - operationId: setDefaultDatailViewDefault - parameters: - - $ref: '#/components/parameters/Data_views_kbn_xsrf' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - examples: - setDefaultDataViewRequest: - $ref: '#/components/examples/Data_views_set_default_data_view_request' - schema: - type: object - properties: - data_view_id: - description: > - The data view identifier. NOTE: The API does not validate - whether it is a valid identifier. Use `null` to unset the - default data view. - nullable: true - type: string - force: - default: false - description: Update an existing default data view identifier. - type: boolean - required: - - data_view_id - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - acknowledged: - type: boolean - description: Indicates a successful call. - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Data_views_400_response' - description: Bad request - summary: Set the default data view - tags: - - data views - /api/data_views/swap_references: - post: - description: > - Changes saved object references from one data view identifier to - another. WARNING: Misuse can break large numbers of saved objects! - Practicing with a backup is recommended. - operationId: swapDataViewsDefault - parameters: - - $ref: '#/components/parameters/Data_views_kbn_xsrf' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - examples: - swapDataViewRequest: - $ref: '#/components/examples/Data_views_swap_data_view_request' - schema: - $ref: '#/components/schemas/Data_views_swap_data_view_request_object' - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - deleteStatus: - type: object - properties: - deletePerformed: - type: boolean - remainingRefs: - type: integer - result: - items: - type: object - properties: - id: - description: A saved object identifier. - type: string - type: - description: The saved object type. - type: string - type: array - description: Indicates a successful call. - summary: Swap saved object references - tags: - - data views - /api/data_views/swap_references/_preview: - post: - description: > - Preview the impact of swapping saved object references from one data - view identifier to another. - operationId: previewSwapDataViewsDefault - parameters: - - $ref: '#/components/parameters/Data_views_kbn_xsrf' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - examples: - previewSwapDataViewRequest: - $ref: >- - #/components/examples/Data_views_preview_swap_data_view_request - schema: - $ref: '#/components/schemas/Data_views_swap_data_view_request_object' - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - result: - items: - type: object - properties: - id: - description: A saved object identifier. - type: string - type: - description: The saved object type. - type: string - type: array - description: Indicates a successful call. - summary: Preview a saved object reference swap - tags: - - data views - /api/detection_engine/privileges: - get: - description: > - Retrieves whether or not the user is authenticated, and the user's - Kibana - - space and index privileges, which determine if the user can create an - - index for the Elastic Security alerts generated by - - detection engine rules. - operationId: ReadPrivileges - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - has_encryption_key: - type: boolean - is_authenticated: - type: boolean - required: - - is_authenticated - - has_encryption_key - description: Successful response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Detections_API_PlatformErrorResponse - description: Unsuccessful authentication response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Detections_API_SiemErrorResponse' - description: Internal server error response - summary: Returns user privileges for the Kibana space - tags: - - Security Detections API - - Privileges API - /api/detection_engine/rules: - delete: - description: Delete a detection rule using the `rule_id` or `id` field. - operationId: DeleteRule - parameters: - - description: The rule's `id` value. - in: query - name: id - required: false - schema: - $ref: '#/components/schemas/Security_Detections_API_RuleObjectId' - - description: The rule's `rule_id` value. - in: query - name: rule_id - required: false - schema: - $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Detections_API_RuleResponse' - description: Indicates a successful call. - summary: Delete a detection rule - tags: - - Security Detections API - - Rules API - get: - description: Retrieve a detection rule using the `rule_id` or `id` field. - operationId: ReadRule - parameters: - - description: The rule's `id` value. - in: query - name: id - required: false - schema: - $ref: '#/components/schemas/Security_Detections_API_RuleObjectId' - - description: The rule's `rule_id` value. - in: query - name: rule_id - required: false - schema: - $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Detections_API_RuleResponse' - description: Indicates a successful call. - summary: Retrieve a detection rule - tags: - - Security Detections API - - Rules API - patch: - description: >- - Update specific fields of an existing detection rule using the `rule_id` - or `id` field. - operationId: PatchRule - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Detections_API_RulePatchProps' - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Detections_API_RuleResponse' - description: Indicates a successful call. - summary: Patch a detection rule - tags: - - Security Detections API - - Rules API - post: - description: Create a new detection rule. - operationId: CreateRule - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Detections_API_RuleCreateProps' - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Detections_API_RuleResponse' - description: Indicates a successful call. - summary: Create a detection rule - tags: - - Security Detections API - - Rules API - put: - description: > - Update a detection rule using the `rule_id` or `id` field. The original - rule is replaced, and all unspecified fields are deleted. - - > info - - > You cannot modify the `id` or `rule_id` values. - operationId: UpdateRule - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Detections_API_RuleUpdateProps' - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Detections_API_RuleResponse' - description: Indicates a successful call. - summary: Update a detection rule - tags: - - Security Detections API - - Rules API - /api/detection_engine/rules/_bulk_action: - post: - description: >- - Apply a bulk action, such as bulk edit, duplicate, or delete, to - multiple detection rules. The bulk action is applied to all rules that - match the query or to the rules listed by their IDs. - operationId: PerformRulesBulkAction - parameters: - - description: Enables dry run mode for the request call. - in: query - name: dry_run - required: false - schema: - type: boolean - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: '#/components/schemas/Security_Detections_API_BulkDeleteRules' - - $ref: >- - #/components/schemas/Security_Detections_API_BulkDisableRules - - $ref: '#/components/schemas/Security_Detections_API_BulkEnableRules' - - $ref: '#/components/schemas/Security_Detections_API_BulkExportRules' - - $ref: >- - #/components/schemas/Security_Detections_API_BulkDuplicateRules - - $ref: >- - #/components/schemas/Security_Detections_API_BulkManualRuleRun - - $ref: '#/components/schemas/Security_Detections_API_BulkEditRules' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Detections_API_BulkEditActionResponse - - $ref: >- - #/components/schemas/Security_Detections_API_BulkExportActionResponse - description: OK - summary: Apply a bulk action to detection rules - tags: - - Security Detections API - - Bulk API - /api/detection_engine/rules/_export: - post: - description: > - Export detection rules to an `.ndjson` file. The following configuration - items are also included in the `.ndjson` file: - - - Actions - - - Exception lists - - > info - - > You cannot export prebuilt rules. - operationId: ExportRules - parameters: - - description: Determines whether a summary of the exported rules is returned. - in: query - name: exclude_export_details - required: false - schema: - default: false - type: boolean - - description: File name for saving the exported rules. - in: query - name: file_name - required: false - schema: - default: export.ndjson - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - nullable: true - type: object - properties: - objects: - description: >- - Array of `rule_id` fields. Exports all rules when - unspecified. - items: - type: object - properties: - rule_id: - $ref: >- - #/components/schemas/Security_Detections_API_RuleSignatureId - required: - - rule_id - type: array - required: - - objects - required: false - responses: - '200': - content: - application/ndjson; Elastic-Api-Version=2023-10-31: - schema: - description: An `.ndjson` file containing the returned rules. - format: binary - type: string - description: Indicates a successful call. - summary: Export detection rules - tags: - - Security Detections API - - Import/Export API - /api/detection_engine/rules/_find: - get: - description: >- - Retrieve a paginated list of detection rules. By default, the first page - is returned, with 20 results per page. - operationId: FindRules - parameters: - - in: query - name: fields - required: false - schema: - items: - type: string - type: array - - description: Search query - in: query - name: filter - required: false - schema: - type: string - - description: Field to sort by - in: query - name: sort_field - required: false - schema: - $ref: '#/components/schemas/Security_Detections_API_FindRulesSortField' - - description: Sort order - in: query - name: sort_order - required: false - schema: - $ref: '#/components/schemas/Security_Detections_API_SortOrder' - - description: Page number - in: query - name: page - required: false - schema: - default: 1 - minimum: 1 - type: integer - - description: Rules per page - in: query - name: per_page - required: false - schema: - default: 20 - minimum: 0 - type: integer - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - data: - items: - $ref: >- - #/components/schemas/Security_Detections_API_RuleResponse - type: array - page: - type: integer - perPage: - type: integer - total: - type: integer - required: - - page - - perPage - - total - - data - description: Successful response - summary: List all detection rules - tags: - - Security Detections API - - Rules API - /api/detection_engine/rules/_import: - post: - description: > - Import detection rules from an `.ndjson` file, including actions and - exception lists. The request must include: - - - The `Content-Type: multipart/form-data` HTTP header. - - - A link to the `.ndjson` file containing the rules. - operationId: ImportRules - parameters: - - description: >- - Determines whether existing rules with the same `rule_id` are - overwritten. - in: query - name: overwrite - required: false - schema: - default: false - type: boolean - - description: >- - Determines whether existing exception lists with the same `list_id` - are overwritten. - in: query - name: overwrite_exceptions - required: false - schema: - default: false - type: boolean - - description: >- - Determines whether existing actions with the same - `kibana.alert.rule.actions.id` are overwritten. - in: query - name: overwrite_action_connectors - required: false - schema: - default: false - type: boolean - - description: Generates a new list ID for each imported exception list. - in: query - name: as_new_list - required: false - schema: - default: false - type: boolean - requestBody: - content: - multipart/form-data; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - file: - description: The `.ndjson` file containing the rules. - format: binary - type: string - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - action_connectors_errors: - items: - $ref: '#/components/schemas/Security_Detections_API_ErrorSchema' - type: array - action_connectors_success: - type: boolean - action_connectors_success_count: - minimum: 0 - type: integer - action_connectors_warnings: - items: - $ref: >- - #/components/schemas/Security_Detections_API_WarningSchema - type: array - errors: - items: - $ref: '#/components/schemas/Security_Detections_API_ErrorSchema' - type: array - exceptions_errors: - items: - $ref: '#/components/schemas/Security_Detections_API_ErrorSchema' - type: array - exceptions_success: - type: boolean - exceptions_success_count: - minimum: 0 - type: integer - rules_count: - minimum: 0 - type: integer - success: - type: boolean - success_count: - minimum: 0 - type: integer - required: - - exceptions_success - - exceptions_success_count - - exceptions_errors - - rules_count - - success - - success_count - - errors - - action_connectors_errors - - action_connectors_warnings - - action_connectors_success - - action_connectors_success_count - description: Indicates a successful call. - summary: Import detection rules - tags: - - Security Detections API - - Import/Export API - /api/detection_engine/rules/{id}/exceptions: - post: - description: Create exception items that apply to a single detection rule. - operationId: CreateRuleExceptionListItems - parameters: - - description: Detection rule's identifier - in: path - name: id - required: true - schema: - $ref: '#/components/schemas/Security_Exceptions_API_RuleId' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - items: - items: - $ref: >- - #/components/schemas/Security_Exceptions_API_CreateRuleExceptionListItemProps - type: array - required: - - items - description: Rule exception list items - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - items: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListItem - type: array - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Exceptions_API_PlatformErrorResponse - - $ref: >- - #/components/schemas/Security_Exceptions_API_SiemErrorResponse - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Exceptions_API_PlatformErrorResponse - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Exceptions_API_PlatformErrorResponse - description: Not enough privileges response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' - description: Internal server error response - summary: Create rule exception list items - tags: - - Security Exceptions API - /api/detection_engine/rules/preview: - post: - operationId: RulePreview - parameters: - - description: >- - Enables logging and returning in response ES queries, performed - during rule execution - in: query - name: enable_logged_requests - required: false - schema: - type: boolean - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - anyOf: - - allOf: - - $ref: >- - #/components/schemas/Security_Detections_API_EqlRuleCreateProps - - $ref: >- - #/components/schemas/Security_Detections_API_RulePreviewParams - - allOf: - - $ref: >- - #/components/schemas/Security_Detections_API_QueryRuleCreateProps - - $ref: >- - #/components/schemas/Security_Detections_API_RulePreviewParams - - allOf: - - $ref: >- - #/components/schemas/Security_Detections_API_SavedQueryRuleCreateProps - - $ref: >- - #/components/schemas/Security_Detections_API_RulePreviewParams - - allOf: - - $ref: >- - #/components/schemas/Security_Detections_API_ThresholdRuleCreateProps - - $ref: >- - #/components/schemas/Security_Detections_API_RulePreviewParams - - allOf: - - $ref: >- - #/components/schemas/Security_Detections_API_ThreatMatchRuleCreateProps - - $ref: >- - #/components/schemas/Security_Detections_API_RulePreviewParams - - allOf: - - $ref: >- - #/components/schemas/Security_Detections_API_MachineLearningRuleCreateProps - - $ref: >- - #/components/schemas/Security_Detections_API_RulePreviewParams - - allOf: - - $ref: >- - #/components/schemas/Security_Detections_API_NewTermsRuleCreateProps - - $ref: >- - #/components/schemas/Security_Detections_API_RulePreviewParams - - allOf: - - $ref: >- - #/components/schemas/Security_Detections_API_EsqlRuleCreateProps - - $ref: >- - #/components/schemas/Security_Detections_API_RulePreviewParams - discriminator: - propertyName: type - description: >- - An object containing tags to add or remove and alert ids the changes - will be applied - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - isAborted: - type: boolean - logs: - items: - $ref: >- - #/components/schemas/Security_Detections_API_RulePreviewLogs - type: array - previewId: - $ref: >- - #/components/schemas/Security_Detections_API_NonEmptyString - required: - - logs - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Detections_API_PlatformErrorResponse - - $ref: >- - #/components/schemas/Security_Detections_API_SiemErrorResponse - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Detections_API_PlatformErrorResponse - description: Unsuccessful authentication response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Detections_API_SiemErrorResponse' - description: Internal server error response - summary: Preview rule alerts generated on specified time range - tags: - - Security Detections API - - Rule preview API - /api/detection_engine/signals/assignees: - post: - description: | - Assign users to detection alerts, and unassign them from alerts. - > info - > You cannot add and remove the same assignee in the same request. - operationId: SetAlertAssignees - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - assignees: - $ref: '#/components/schemas/Security_Detections_API_AlertAssignees' - description: Details about the assignees to assign and unassign. - ids: - $ref: '#/components/schemas/Security_Detections_API_AlertIds' - description: List of alerts ids to assign and unassign passed assignees. - required: - - assignees - - ids - required: true - responses: - '200': - description: Indicates a successful call. - '400': - description: Invalid request. - summary: Assign and unassign users from detection alerts - tags: - - Security Detections API - /api/detection_engine/signals/search: - post: - description: Find and/or aggregate detection alerts that match the given query. - operationId: SearchAlerts - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - description: Elasticsearch query and aggregation request - type: object - properties: - _source: - oneOf: - - type: boolean - - type: string - - items: - type: string - type: array - aggs: - additionalProperties: true - type: object - fields: - items: - type: string - type: array - query: - additionalProperties: true - type: object - runtime_mappings: - additionalProperties: true - type: object - size: - minimum: 0 - type: integer - sort: - $ref: '#/components/schemas/Security_Detections_API_AlertsSort' - track_total_hits: - type: boolean - description: Search and/or aggregation query - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: true - description: Elasticsearch search response - type: object - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Detections_API_PlatformErrorResponse - - $ref: >- - #/components/schemas/Security_Detections_API_SiemErrorResponse - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Detections_API_PlatformErrorResponse - description: Unsuccessful authentication response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Detections_API_SiemErrorResponse' - description: Internal server error response - summary: Find and/or aggregate detection alerts - tags: - - Security Detections API - - Alerts API - /api/detection_engine/signals/status: - post: - description: Set the status of one or more detection alerts. - operationId: SetAlertsStatus - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Detections_API_SetAlertsStatusByIds - - $ref: >- - #/components/schemas/Security_Detections_API_SetAlertsStatusByQuery - description: >- - An object containing desired status and explicit alert ids or a query - to select alerts - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: true - description: Elasticsearch update by query response - type: object - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Detections_API_PlatformErrorResponse - - $ref: >- - #/components/schemas/Security_Detections_API_SiemErrorResponse - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Detections_API_PlatformErrorResponse - description: Unsuccessful authentication response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Detections_API_SiemErrorResponse' - description: Internal server error response - summary: Set a detection alert status - tags: - - Security Detections API - - Alerts API - /api/detection_engine/signals/tags: - post: - description: | - And tags to detection alerts, and remove them from alerts. - > info - > You cannot add and remove the same alert tag in the same request. - operationId: SetAlertTags - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - ids: - $ref: '#/components/schemas/Security_Detections_API_AlertIds' - tags: - $ref: '#/components/schemas/Security_Detections_API_SetAlertTags' - required: - - ids - - tags - description: >- - An object containing tags to add or remove and alert ids the changes - will be applied - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: true - description: Elasticsearch update by query response - type: object - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Detections_API_PlatformErrorResponse - - $ref: >- - #/components/schemas/Security_Detections_API_SiemErrorResponse - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Detections_API_PlatformErrorResponse - description: Unsuccessful authentication response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Detections_API_SiemErrorResponse' - description: Internal server error response - summary: Add and remove detection alert tags - tags: - - Security Detections API - - Alerts API - /api/detection_engine/tags: - get: - description: List all unique tags from all detection rules. - operationId: ReadTags - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' - description: Indicates a successful call - summary: List all detection rule tags - tags: - - Security Detections API - - Tags API - /api/endpoint_list: - post: - description: >- - Create an endpoint exception list, which groups endpoint exception list - items. If an endpoint exception list already exists, an empty response - is returned. - operationId: CreateEndpointList - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_EndpointList - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_PlatformErrorResponse - - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_SiemErrorResponse - description: Invalid input data - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_PlatformErrorResponse - description: Unsuccessful authentication - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_PlatformErrorResponse - description: Insufficient privileges - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_SiemErrorResponse - description: Internal server error - summary: Create an endpoint exception list - tags: - - Security Endpoint Exceptions API - /api/endpoint_list/items: - delete: - description: >- - Delete an endpoint exception list item using the `id` or `item_id` - field. - operationId: DeleteEndpointListItem - parameters: - - description: Either `id` or `item_id` must be specified - in: query - name: id - required: false - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemId - - description: Either `id` or `item_id` must be specified - in: query - name: item_id - required: false - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemHumanId - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_EndpointListItem - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_PlatformErrorResponse - - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_SiemErrorResponse - description: Invalid input data - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_PlatformErrorResponse - description: Unsuccessful authentication - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_PlatformErrorResponse - description: Insufficient privileges - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_SiemErrorResponse - description: Endpoint list item not found - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_SiemErrorResponse - description: Internal server error - summary: Delete an endpoint exception list item - tags: - - Security Endpoint Exceptions API - get: - description: >- - Get the details of an endpoint exception list item using the `id` or - `item_id` field. - operationId: ReadEndpointListItem - parameters: - - description: Either `id` or `item_id` must be specified - in: query - name: id - required: false - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemId - - description: Either `id` or `item_id` must be specified - in: query - name: item_id - required: false - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemHumanId - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - items: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_EndpointListItem - type: array - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_PlatformErrorResponse - - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_SiemErrorResponse - description: Invalid input data - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_PlatformErrorResponse - description: Unsuccessful authentication - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_PlatformErrorResponse - description: Insufficient privileges - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_SiemErrorResponse - description: Endpoint list item not found - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_SiemErrorResponse - description: Internal server error - summary: Get an endpoint exception list item - tags: - - Security Endpoint Exceptions API - post: - description: >- - Create an endpoint exception list item, and associate it with the - endpoint exception list. - operationId: CreateEndpointListItem - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - comments: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemCommentArray - default: [] - description: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemDescription - entries: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemEntryArray - item_id: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemHumanId - meta: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemMeta - name: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemName - os_types: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemOsTypeArray - default: [] - tags: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemTags - default: [] - type: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemType - required: - - type - - name - - description - - entries - description: Exception list item's properties - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_EndpointListItem - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_PlatformErrorResponse - - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_SiemErrorResponse - description: Invalid input data - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_PlatformErrorResponse - description: Unsuccessful authentication - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_PlatformErrorResponse - description: Insufficient privileges - '409': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_SiemErrorResponse - description: Endpoint list item already exists - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_SiemErrorResponse - description: Internal server error - summary: Create an endpoint exception list item - tags: - - Security Endpoint Exceptions API - put: - description: >- - Update an endpoint exception list item using the `id` or `item_id` - field. - operationId: UpdateEndpointListItem - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - _version: - type: string - comments: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemCommentArray - default: [] - description: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemDescription - entries: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemEntryArray - id: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemId - description: Either `id` or `item_id` must be specified - item_id: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemHumanId - description: Either `id` or `item_id` must be specified - meta: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemMeta - name: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemName - os_types: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemOsTypeArray - default: [] - tags: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemTags - type: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemType - required: - - type - - name - - description - - entries - description: Exception list item's properties - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_EndpointListItem - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_PlatformErrorResponse - - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_SiemErrorResponse - description: Invalid input data - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_PlatformErrorResponse - description: Unsuccessful authentication - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_PlatformErrorResponse - description: Insufficient privileges - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_SiemErrorResponse - description: Endpoint list item not found - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_SiemErrorResponse - description: Internal server error - summary: Update an endpoint exception list item - tags: - - Security Endpoint Exceptions API - /api/endpoint_list/items/_find: - get: - description: Get a list of all endpoint exception list items. - operationId: FindEndpointListItems - parameters: - - description: > - Filters the returned results according to the value of the specified - field, - - using the `:` syntax. - in: query - name: filter - required: false - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_FindEndpointListItemsFilter - - description: The page number to return - in: query - name: page - required: false - schema: - minimum: 0 - type: integer - - description: The number of exception list items to return per page - in: query - name: per_page - required: false - schema: - minimum: 0 - type: integer - - description: Determines which field is used to sort the results - in: query - name: sort_field - required: false - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_NonEmptyString - - description: Determines the sort order, which can be `desc` or `asc` - in: query - name: sort_order - required: false - schema: - enum: - - desc - - asc - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - data: - items: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_EndpointListItem - type: array - page: - minimum: 0 - type: integer - per_page: - minimum: 0 - type: integer - pit: - type: string - total: - minimum: 0 - type: integer - required: - - data - - page - - per_page - - total - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_PlatformErrorResponse - - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_SiemErrorResponse - description: Invalid input data - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_PlatformErrorResponse - description: Unsuccessful authentication - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_PlatformErrorResponse - description: Insufficient privileges - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_SiemErrorResponse - description: Endpoint list not found - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_SiemErrorResponse - description: Internal server error - summary: Get endpoint exception list items - tags: - - Security Endpoint Exceptions API - /api/endpoint/action: - get: - description: Get a list of all response actions. - operationId: EndpointGetActionsList - parameters: - - in: query - name: query - required: true - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_GetEndpointActionListRouteQuery - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_SuccessResponse - description: OK - summary: Get response actions - tags: - - Security Endpoint Management API - /api/endpoint/action_log/{agent_id}: - get: - deprecated: true - description: Get an action request log for the specified agent ID. - operationId: EndpointGetActionLog - parameters: - - in: path - name: agent_id - required: true - schema: - $ref: '#/components/schemas/Security_Endpoint_Management_API_AgentId' - - in: query - name: query - required: true - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_ActionLogRequestQuery - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_SuccessResponse - description: OK - summary: Get an action request log - tags: - - Security Endpoint Management API - /api/endpoint/action_status: - get: - description: Get the status of response actions for the specified agent IDs. - operationId: EndpointGetActionsStatus - parameters: - - in: query - name: query - required: true - schema: - type: object - properties: - agent_ids: - $ref: '#/components/schemas/Security_Endpoint_Management_API_AgentIds' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_ActionStatusSuccessResponse - description: OK - summary: Get response actions status - tags: - - Security Endpoint Management API - /api/endpoint/action/{action_id}: - get: - description: Get the details of a response action using the action ID. - operationId: EndpointGetActionsDetails - parameters: - - in: path - name: action_id - required: true - schema: - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_SuccessResponse - description: OK - summary: Get action details - tags: - - Security Endpoint Management API - /api/endpoint/action/{action_id}/file/{file_id}: - get: - description: Get information for the specified file using the file ID. - operationId: EndpointFileInfo - parameters: - - in: path - name: action_id - required: true - schema: - type: string - - in: path - name: file_id - required: true - schema: - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_SuccessResponse - description: OK - summary: Get file information - tags: - - Security Endpoint Management API - /api/endpoint/action/{action_id}/file/{file_id}/download: - get: - description: Download a file from an endpoint. - operationId: EndpointFileDownload - parameters: - - in: path - name: action_id - required: true - schema: - type: string - - in: path - name: file_id - required: true - schema: - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_SuccessResponse - description: OK - summary: Download a file - tags: - - Security Endpoint Management API - /api/endpoint/action/execute: - post: - description: Run a shell command on an endpoint. - operationId: EndpointExecuteAction - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_ExecuteRouteRequestBody - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_SuccessResponse - description: OK - summary: Run a command - tags: - - Security Endpoint Management API - /api/endpoint/action/get_file: - post: - description: Get a file from an endpoint. - operationId: EndpointGetFileAction - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_GetFileRouteRequestBody - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_SuccessResponse - description: OK - summary: Get a file - tags: - - Security Endpoint Management API - /api/endpoint/action/isolate: - post: - description: >- - Isolate an endpoint from the network. The endpoint remains isolated - until it's released. - operationId: EndpointIsolateAction - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_IsolateRouteRequestBody - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_SuccessResponse - description: OK - summary: Isolate an endpoint - tags: - - Security Endpoint Management API - /api/endpoint/action/kill_process: - post: - description: Terminate a running process on an endpoint. - operationId: EndpointKillProcessAction - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_KillProcessRouteRequestBody - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_SuccessResponse - description: OK - summary: Terminate a process - tags: - - Security Endpoint Management API - /api/endpoint/action/running_procs: - post: - description: Get a list of all processes running on an endpoint. - operationId: EndpointGetProcessesAction - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_GetProcessesRouteRequestBody - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_SuccessResponse - description: OK - summary: Get running processes - tags: - - Security Endpoint Management API - /api/endpoint/action/scan: - post: - description: Scan a specific file or directory on an endpoint for malware. - operationId: EndpointScanAction - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_ScanRouteRequestBody - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_SuccessResponse - description: OK - summary: Scan a file or directory - tags: - - Security Endpoint Management API - /api/endpoint/action/state: - get: - description: >- - Get a response actions state, which reports whether encryption is - enabled. - operationId: EndpointGetActionsState - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_ActionStateSuccessResponse - description: OK - summary: Get actions state - tags: - - Security Endpoint Management API - /api/endpoint/action/suspend_process: - post: - description: Suspend a running process on an endpoint. - operationId: EndpointSuspendProcessAction - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_SuspendProcessRouteRequestBody - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_SuccessResponse - description: OK - summary: Suspend a process - tags: - - Security Endpoint Management API - /api/endpoint/action/unisolate: - post: - description: Release an isolated endpoint, allowing it to rejoin a network. - operationId: EndpointUnisolateAction - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_UnisolateRouteRequestBody - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_SuccessResponse - description: OK - summary: Release an isolated endpoint - tags: - - Security Endpoint Management API - /api/endpoint/action/upload: - post: - description: Upload a file to an endpoint. - operationId: EndpointUploadAction - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_UploadRouteRequestBody - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_SuccessResponse - description: OK - summary: Upload a file - tags: - - Security Endpoint Management API - /api/endpoint/metadata: - get: - operationId: GetEndpointMetadataList - parameters: - - in: query - name: query - required: true - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_ListRequestQuery - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_SuccessResponse - description: OK - summary: Get a metadata list - tags: - - Security Endpoint Management API - /api/endpoint/metadata/{id}: - get: - operationId: GetEndpointMetadata - parameters: - - in: path - name: id - required: true - schema: - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_SuccessResponse - description: OK - summary: Get metadata - tags: - - Security Endpoint Management API - /api/endpoint/metadata/transforms: - get: - deprecated: true - operationId: GetEndpointMetadataTransform - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_SuccessResponse - description: OK - summary: Get metadata transforms - tags: - - Security Endpoint Management API - /api/endpoint/policy_response: - get: - operationId: GetPolicyResponse - parameters: - - in: query - name: query - required: true - schema: - type: object - properties: - agentId: - $ref: '#/components/schemas/Security_Endpoint_Management_API_AgentId' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_SuccessResponse - description: OK - summary: Get a policy response - tags: - - Security Endpoint Management API - /api/endpoint/policy/summaries: - get: - deprecated: true - operationId: GetAgentPolicySummary - parameters: - - in: query - name: query - required: true - schema: - type: object - properties: - package_name: - type: string - policy_id: - nullable: true - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_SuccessResponse - description: OK - summary: Get an agent policy summary - tags: - - Security Endpoint Management API - /api/endpoint/protection_updates_note/{package_policy_id}: - get: - operationId: GetProtectionUpdatesNote - parameters: - - in: path - name: package_policy_id - required: true - schema: - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_ProtectionUpdatesNoteResponse - description: OK - summary: Get a protection updates note - tags: - - Security Endpoint Management API - post: - operationId: CreateUpdateProtectionUpdatesNote - parameters: - - in: path - name: package_policy_id - required: true - schema: - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - note: - type: string - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_ProtectionUpdatesNoteResponse - description: OK - summary: Create or update a protection updates note - tags: - - Security Endpoint Management API - /api/endpoint/suggestions/{suggestion_type}: - post: - deprecated: true - operationId: GetEndpointSuggestions - parameters: - - in: path - name: suggestion_type - required: true - schema: - enum: - - eventFilters - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - field: - type: string - fieldMeta: {} - filters: {} - query: - type: string - required: - - parameters - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_SuccessResponse - description: OK - summary: Get suggestions - tags: - - Security Endpoint Management API - /api/entity_store/engines: - get: - operationId: ListEntityEngines - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - count: - type: integer - engines: - items: - $ref: >- - #/components/schemas/Security_Entity_Analytics_API_EngineDescriptor - type: array - description: Successful response - summary: List the Entity Engines - tags: - - Security Entity Analytics API - /api/entity_store/engines/{entityType}: - delete: - operationId: DeleteEntityEngine - parameters: - - description: The entity type of the engine (either 'user' or 'host'). - in: path - name: entityType - required: true - schema: - $ref: '#/components/schemas/Security_Entity_Analytics_API_EntityType' - - description: Control flag to also delete the entity data. - in: query - name: data - required: false - schema: - type: boolean - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - deleted: - type: boolean - description: Successful response - summary: Delete the Entity Engine - tags: - - Security Entity Analytics API - get: - operationId: GetEntityEngine - parameters: - - description: The entity type of the engine (either 'user' or 'host'). - in: path - name: entityType - required: true - schema: - $ref: '#/components/schemas/Security_Entity_Analytics_API_EntityType' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Entity_Analytics_API_EngineDescriptor - description: Successful response - summary: Get an Entity Engine - tags: - - Security Entity Analytics API - /api/entity_store/engines/{entityType}/init: - post: - operationId: InitEntityEngine - parameters: - - description: The entity type of the engine (either 'user' or 'host'). - in: path - name: entityType - required: true - schema: - $ref: '#/components/schemas/Security_Entity_Analytics_API_EntityType' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - fieldHistoryLength: - default: 10 - description: The number of historical values to keep for each field. - type: integer - filter: - type: string - indexPattern: - $ref: >- - #/components/schemas/Security_Entity_Analytics_API_IndexPattern - description: Schema for the engine initialization - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Entity_Analytics_API_EngineDescriptor - description: Successful response - summary: Initialize an Entity Engine - tags: - - Security Entity Analytics API - /api/entity_store/engines/{entityType}/start: - post: - operationId: StartEntityEngine - parameters: - - description: The entity type of the engine (either 'user' or 'host'). - in: path - name: entityType - required: true - schema: - $ref: '#/components/schemas/Security_Entity_Analytics_API_EntityType' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - started: - type: boolean - description: Successful response - summary: Start an Entity Engine - tags: - - Security Entity Analytics API - /api/entity_store/engines/{entityType}/stats: - post: - operationId: GetEntityEngineStats - parameters: - - description: The entity type of the engine (either 'user' or 'host'). - in: path - name: entityType - required: true - schema: - $ref: '#/components/schemas/Security_Entity_Analytics_API_EntityType' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - indexPattern: - $ref: >- - #/components/schemas/Security_Entity_Analytics_API_IndexPattern - indices: - items: - type: object - type: array - status: - $ref: >- - #/components/schemas/Security_Entity_Analytics_API_EngineStatus - transforms: - items: - type: object - type: array - type: - $ref: >- - #/components/schemas/Security_Entity_Analytics_API_EntityType - description: Successful response - summary: Get Entity Engine stats - tags: - - Security Entity Analytics API - /api/entity_store/engines/{entityType}/stop: - post: - operationId: StopEntityEngine - parameters: - - description: The entity type of the engine (either 'user' or 'host'). - in: path - name: entityType - required: true - schema: - $ref: '#/components/schemas/Security_Entity_Analytics_API_EntityType' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - stopped: - type: boolean - description: Successful response - summary: Stop an Entity Engine - tags: - - Security Entity Analytics API - /api/entity_store/engines/apply_dataview_indices: - post: - operationId: ApplyEntityEngineDataviewIndices - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - result: - items: - $ref: >- - #/components/schemas/Security_Entity_Analytics_API_EngineDataviewUpdateResult - type: array - success: - type: boolean - description: Successful response - '207': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - errors: - items: - type: string - type: array - result: - items: - $ref: >- - #/components/schemas/Security_Entity_Analytics_API_EngineDataviewUpdateResult - type: array - success: - type: boolean - description: Partial successful response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - body: - type: string - statusCode: - type: number - description: Error response - summary: Apply DataView indices to all installed engines - tags: - - Security Entity Analytics API - /api/entity_store/entities/list: - get: - description: List entities records, paging, sorting and filtering as needed. - operationId: ListEntities - parameters: - - in: query - name: sort_field - required: false - schema: - type: string - - in: query - name: sort_order - required: false - schema: - enum: - - asc - - desc - type: string - - in: query - name: page - required: false - schema: - minimum: 1 - type: integer - - in: query - name: per_page - required: false - schema: - maximum: 10000 - minimum: 1 - type: integer - - description: An ES query to filter by. - in: query - name: filterQuery - required: false - schema: - type: string - - in: query - name: entities_types - required: true - schema: - items: - $ref: '#/components/schemas/Security_Entity_Analytics_API_EntityType' - type: array - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - inspect: - $ref: >- - #/components/schemas/Security_Entity_Analytics_API_InspectQuery - page: - minimum: 1 - type: integer - per_page: - maximum: 1000 - minimum: 1 - type: integer - records: - items: - $ref: >- - #/components/schemas/Security_Entity_Analytics_API_Entity - type: array - total: - minimum: 0 - type: integer - required: - - records - - page - - per_page - - total - description: Entities returned successfully - summary: List Entity Store Entities - tags: - - Security Entity Analytics API - /api/exception_lists: - delete: - description: Delete an exception list using the `id` or `list_id` field. - operationId: DeleteExceptionList - parameters: - - description: Either `id` or `list_id` must be specified - in: query - name: id - required: false - schema: - $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListId' - - description: Either `id` or `list_id` must be specified - in: query - name: list_id - required: false - schema: - $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListHumanId' - - in: query - name: namespace_type - required: false - schema: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionNamespaceType - default: single - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Exceptions_API_ExceptionList' - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Exceptions_API_PlatformErrorResponse - - $ref: >- - #/components/schemas/Security_Exceptions_API_SiemErrorResponse - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Exceptions_API_PlatformErrorResponse - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Exceptions_API_PlatformErrorResponse - description: Not enough privileges response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' - description: Exception list not found response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' - description: Internal server error response - summary: Delete an exception list - tags: - - Security Exceptions API - get: - description: Get the details of an exception list using the `id` or `list_id` field. - operationId: ReadExceptionList - parameters: - - description: Either `id` or `list_id` must be specified - in: query - name: id - required: false - schema: - $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListId' - - description: Either `id` or `list_id` must be specified - in: query - name: list_id - required: false - schema: - $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListHumanId' - - in: query - name: namespace_type - required: false - schema: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionNamespaceType - default: single - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Exceptions_API_ExceptionList' - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Exceptions_API_PlatformErrorResponse - - $ref: >- - #/components/schemas/Security_Exceptions_API_SiemErrorResponse - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Exceptions_API_PlatformErrorResponse - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Exceptions_API_PlatformErrorResponse - description: Not enough privileges response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' - description: Exception list item not found response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' - description: Internal server error response - summary: Get exception list details - tags: - - Security Exceptions API - post: - description: > - An exception list groups exception items and can be associated with - detection rules. You can assign detection rules with multiple exception - lists. - - > info - - > All exception items added to the same list are evaluated using `OR` - logic. That is, if any of the items in a list evaluate to `true`, the - exception prevents the rule from generating an alert. Likewise, `OR` - logic is used for evaluating exceptions when more than one exception - list is assigned to a rule. To use the `AND` operator, you can define - multiple clauses (`entries`) in a single exception item. - operationId: CreateExceptionList - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - description: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListDescription - list_id: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListHumanId - meta: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListMeta - name: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListName - namespace_type: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionNamespaceType - default: single - os_types: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListOsTypeArray - tags: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListTags - default: [] - type: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListType - version: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListVersion - default: 1 - required: - - name - - description - - type - description: Exception list's properties - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Exceptions_API_ExceptionList' - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Exceptions_API_PlatformErrorResponse - - $ref: >- - #/components/schemas/Security_Exceptions_API_SiemErrorResponse - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Exceptions_API_PlatformErrorResponse - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Exceptions_API_PlatformErrorResponse - description: Not enough privileges response - '409': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' - description: Exception list already exists response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' - description: Internal server error response - summary: Create an exception list - tags: - - Security Exceptions API - put: - description: Update an exception list using the `id` or `list_id` field. - operationId: UpdateExceptionList - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - _version: - type: string - description: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListDescription - id: - $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListId' - list_id: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListHumanId - meta: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListMeta - name: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListName - namespace_type: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionNamespaceType - default: single - os_types: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListOsTypeArray - default: [] - tags: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListTags - type: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListType - version: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListVersion - required: - - name - - description - - type - description: Exception list's properties - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Exceptions_API_ExceptionList' - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Exceptions_API_PlatformErrorResponse - - $ref: >- - #/components/schemas/Security_Exceptions_API_SiemErrorResponse - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Exceptions_API_PlatformErrorResponse - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Exceptions_API_PlatformErrorResponse - description: Not enough privileges response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' - description: Exception list not found response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' - description: Internal server error response - summary: Update an exception list - tags: - - Security Exceptions API - /api/exception_lists/_duplicate: - post: - description: Duplicate an existing exception list. - operationId: DuplicateExceptionList - parameters: - - description: Exception list's human identifier - in: query - name: list_id - required: true - schema: - $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListHumanId' - - in: query - name: namespace_type - required: true - schema: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionNamespaceType - - description: >- - Determines whether to include expired exceptions in the exported - list - in: query - name: include_expired_exceptions - required: true - schema: - default: 'true' - enum: - - 'true' - - 'false' - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Exceptions_API_ExceptionList' - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Exceptions_API_PlatformErrorResponse - - $ref: >- - #/components/schemas/Security_Exceptions_API_SiemErrorResponse - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Exceptions_API_PlatformErrorResponse - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Exceptions_API_PlatformErrorResponse - description: Not enough privileges response - '405': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' - description: Exception list to duplicate not found response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' - description: Internal server error response - summary: Duplicate an exception list - tags: - - Security Exceptions API - /api/exception_lists/_export: - post: - description: Export an exception list and its associated items to an NDJSON file. - operationId: ExportExceptionList - parameters: - - description: Exception list's identifier - in: query - name: id - required: true - schema: - $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListId' - - description: Exception list's human identifier - in: query - name: list_id - required: true - schema: - $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListHumanId' - - in: query - name: namespace_type - required: true - schema: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionNamespaceType - - description: >- - Determines whether to include expired exceptions in the exported - list - in: query - name: include_expired_exceptions - required: true - schema: - default: 'true' - enum: - - 'true' - - 'false' - type: string - responses: - '200': - content: - application/ndjson; Elastic-Api-Version=2023-10-31: - schema: - description: >- - A `.ndjson` file containing specified exception list and its - items - format: binary - type: string - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Exceptions_API_PlatformErrorResponse - - $ref: >- - #/components/schemas/Security_Exceptions_API_SiemErrorResponse - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Exceptions_API_PlatformErrorResponse - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Exceptions_API_PlatformErrorResponse - description: Not enough privileges response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' - description: Exception list not found response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' - description: Internal server error response - summary: Export an exception list - tags: - - Security Exceptions API - /api/exception_lists/_find: - get: - description: Get a list of all exception lists. - operationId: FindExceptionLists - parameters: - - description: > - Filters the returned results according to the value of the specified - field. - - - Uses the `so type.field name:field` value syntax, where `so type` - can be: - - - - `exception-list`: Specify a space-aware exception list. - - - `exception-list-agnostic`: Specify an exception list that is - shared across spaces. - in: query - name: filter - required: false - schema: - $ref: >- - #/components/schemas/Security_Exceptions_API_FindExceptionListsFilter - - description: > - Determines whether the returned containers are Kibana associated - with a Kibana space - - or available in all spaces (`agnostic` or `single`) - in: query - name: namespace_type - required: false - schema: - default: - - single - items: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionNamespaceType - type: array - - description: The page number to return - in: query - name: page - required: false - schema: - minimum: 1 - type: integer - - description: The number of exception lists to return per page - in: query - name: per_page - required: false - schema: - minimum: 1 - type: integer - - description: Determines which field is used to sort the results - in: query - name: sort_field - required: false - schema: - type: string - - description: Determines the sort order, which can be `desc` or `asc` - in: query - name: sort_order - required: false - schema: - enum: - - desc - - asc - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - data: - items: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionList - type: array - page: - minimum: 1 - type: integer - per_page: - minimum: 1 - type: integer - total: - minimum: 0 - type: integer - required: - - data - - page - - per_page - - total - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Exceptions_API_PlatformErrorResponse - - $ref: >- - #/components/schemas/Security_Exceptions_API_SiemErrorResponse - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Exceptions_API_PlatformErrorResponse - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Exceptions_API_PlatformErrorResponse - description: Not enough privileges response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' - description: Internal server error response - summary: Get exception lists - tags: - - Security Exceptions API - /api/exception_lists/_import: - post: - description: Import an exception list and its associated items from an NDJSON file. - operationId: ImportExceptionList - parameters: - - description: > - Determines whether existing exception lists with the same `list_id` - are overwritten. - - If any exception items have the same `item_id`, those are also - overwritten. - in: query - name: overwrite - required: false - schema: - default: false - type: boolean - - in: query - name: overwrite_exceptions - required: false - schema: - default: false - type: boolean - - in: query - name: overwrite_action_connectors - required: false - schema: - default: false - type: boolean - - description: > - Determines whether the list being imported will have a new `list_id` - generated. - - Additional `item_id`'s are generated for each exception item. Both - the exception - - list and its items are overwritten. - in: query - name: as_new_list - required: false - schema: - default: false - type: boolean - requestBody: - content: - multipart/form-data; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - file: - description: A `.ndjson` file containing the exception list - format: binary - type: string - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - errors: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListsImportBulkErrorArray - success: - type: boolean - success_count: - minimum: 0 - type: integer - success_count_exception_list_items: - minimum: 0 - type: integer - success_count_exception_lists: - minimum: 0 - type: integer - success_exception_list_items: - type: boolean - success_exception_lists: - type: boolean - required: - - errors - - success - - success_count - - success_exception_lists - - success_count_exception_lists - - success_exception_list_items - - success_count_exception_list_items - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Exceptions_API_PlatformErrorResponse - - $ref: >- - #/components/schemas/Security_Exceptions_API_SiemErrorResponse - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Exceptions_API_PlatformErrorResponse - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Exceptions_API_PlatformErrorResponse - description: Not enough privileges response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' - description: Internal server error response - summary: Import an exception list - tags: - - Security Exceptions API - /api/exception_lists/items: - delete: - description: Delete an exception list item using the `id` or `item_id` field. - operationId: DeleteExceptionListItem - parameters: - - description: Either `id` or `item_id` must be specified - in: query - name: id - required: false - schema: - $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListItemId' - - description: Either `id` or `item_id` must be specified - in: query - name: item_id - required: false - schema: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListItemHumanId - - in: query - name: namespace_type - required: false - schema: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionNamespaceType - default: single - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListItem' - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Exceptions_API_PlatformErrorResponse - - $ref: >- - #/components/schemas/Security_Exceptions_API_SiemErrorResponse - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Exceptions_API_PlatformErrorResponse - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Exceptions_API_PlatformErrorResponse - description: Not enough privileges response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' - description: Exception list item not found response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' - description: Internal server error response - summary: Delete an exception list item - tags: - - Security Exceptions API - get: - description: >- - Get the details of an exception list item using the `id` or `item_id` - field. - operationId: ReadExceptionListItem - parameters: - - description: Either `id` or `item_id` must be specified - in: query - name: id - required: false - schema: - $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListItemId' - - description: Either `id` or `item_id` must be specified - in: query - name: item_id - required: false - schema: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListItemHumanId - - in: query - name: namespace_type - required: false - schema: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionNamespaceType - default: single - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListItem' - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Exceptions_API_PlatformErrorResponse - - $ref: >- - #/components/schemas/Security_Exceptions_API_SiemErrorResponse - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Exceptions_API_PlatformErrorResponse - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Exceptions_API_PlatformErrorResponse - description: Not enough privileges response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' - description: Exception list item not found response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' - description: Internal server error response - summary: Get an exception list item - tags: - - Security Exceptions API - post: - description: > - Create an exception item and associate it with the specified exception - list. - - > info - - > Before creating exception items, you must create an exception list. - operationId: CreateExceptionListItem - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - comments: - $ref: >- - #/components/schemas/Security_Exceptions_API_CreateExceptionListItemCommentArray - default: [] - description: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListItemDescription - entries: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListItemEntryArray - expire_time: - format: date-time - type: string - item_id: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListItemHumanId - list_id: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListHumanId - meta: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListItemMeta - name: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListItemName - namespace_type: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionNamespaceType - default: single - os_types: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListItemOsTypeArray - default: [] - tags: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListItemTags - default: [] - type: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListItemType - required: - - list_id - - type - - name - - description - - entries - description: Exception list item's properties - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListItem' - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Exceptions_API_PlatformErrorResponse - - $ref: >- - #/components/schemas/Security_Exceptions_API_SiemErrorResponse - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Exceptions_API_PlatformErrorResponse - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Exceptions_API_PlatformErrorResponse - description: Not enough privileges response - '409': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' - description: Exception list item already exists response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' - description: Internal server error response - summary: Create an exception list item - tags: - - Security Exceptions API - put: - description: Update an exception list item using the `id` or `item_id` field. - operationId: UpdateExceptionListItem - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - _version: - type: string - comments: - $ref: >- - #/components/schemas/Security_Exceptions_API_UpdateExceptionListItemCommentArray - default: [] - description: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListItemDescription - entries: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListItemEntryArray - expire_time: - format: date-time - type: string - id: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListItemId - description: Either `id` or `item_id` must be specified - item_id: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListItemHumanId - description: Either `id` or `item_id` must be specified - list_id: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListHumanId - meta: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListItemMeta - name: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListItemName - namespace_type: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionNamespaceType - default: single - os_types: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListItemOsTypeArray - default: [] - tags: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListItemTags - type: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListItemType - required: - - type - - name - - description - - entries - description: Exception list item's properties - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListItem' - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Exceptions_API_PlatformErrorResponse - - $ref: >- - #/components/schemas/Security_Exceptions_API_SiemErrorResponse - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Exceptions_API_PlatformErrorResponse - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Exceptions_API_PlatformErrorResponse - description: Not enough privileges response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' - description: Exception list item not found response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' - description: Internal server error response - summary: Update an exception list item - tags: - - Security Exceptions API - /api/exception_lists/items/_find: - get: - description: Get a list of all exception list items in the specified list. - operationId: FindExceptionListItems - parameters: - - description: List's id - in: query - name: list_id - required: true - schema: - items: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListHumanId - type: array - - description: > - Filters the returned results according to the value of the specified - field, - - using the `:` syntax. - in: query - name: filter - required: false - schema: - default: [] - items: - $ref: >- - #/components/schemas/Security_Exceptions_API_FindExceptionListItemsFilter - type: array - - description: > - Determines whether the returned containers are Kibana associated - with a Kibana space - - or available in all spaces (`agnostic` or `single`) - in: query - name: namespace_type - required: false - schema: - default: - - single - items: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionNamespaceType - type: array - - in: query - name: search - required: false - schema: - type: string - - description: The page number to return - in: query - name: page - required: false - schema: - minimum: 0 - type: integer - - description: The number of exception list items to return per page - in: query - name: per_page - required: false - schema: - minimum: 0 - type: integer - - description: Determines which field is used to sort the results - in: query - name: sort_field - required: false - schema: - $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' - - description: Determines the sort order, which can be `desc` or `asc` - in: query - name: sort_order - required: false - schema: - enum: - - desc - - asc - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - data: - items: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListItem - type: array - page: - minimum: 1 - type: integer - per_page: - minimum: 1 - type: integer - pit: - type: string - total: - minimum: 0 - type: integer - required: - - data - - page - - per_page - - total - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Exceptions_API_PlatformErrorResponse - - $ref: >- - #/components/schemas/Security_Exceptions_API_SiemErrorResponse - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Exceptions_API_PlatformErrorResponse - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Exceptions_API_PlatformErrorResponse - description: Not enough privileges response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' - description: Exception list not found response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' - description: Internal server error response - summary: Get exception list items - tags: - - Security Exceptions API - /api/exception_lists/summary: - get: - description: Get a summary of the specified exception list. - operationId: ReadExceptionListSummary - parameters: - - description: Exception list's identifier generated upon creation - in: query - name: id - required: false - schema: - $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListId' - - description: Exception list's human readable identifier - in: query - name: list_id - required: false - schema: - $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListHumanId' - - in: query - name: namespace_type - required: false - schema: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionNamespaceType - default: single - - description: Search filter clause - in: query - name: filter - required: false - schema: - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - linux: - minimum: 0 - type: integer - macos: - minimum: 0 - type: integer - total: - minimum: 0 - type: integer - windows: - minimum: 0 - type: integer - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Exceptions_API_PlatformErrorResponse - - $ref: >- - #/components/schemas/Security_Exceptions_API_SiemErrorResponse - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Exceptions_API_PlatformErrorResponse - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Exceptions_API_PlatformErrorResponse - description: Not enough privileges response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' - description: Exception list not found response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' - description: Internal server error response - summary: Get an exception list summary - tags: - - Security Exceptions API - /api/exceptions/shared: - post: - description: > - An exception list groups exception items and can be associated with - detection rules. A shared exception list can apply to multiple detection - rules. - - > info - - > All exception items added to the same list are evaluated using `OR` - logic. That is, if any of the items in a list evaluate to `true`, the - exception prevents the rule from generating an alert. Likewise, `OR` - logic is used for evaluating exceptions when more than one exception - list is assigned to a rule. To use the `AND` operator, you can define - multiple clauses (`entries`) in a single exception item. - operationId: CreateSharedExceptionList - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - description: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListDescription - name: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListName - required: - - name - - description - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Exceptions_API_ExceptionList' - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Exceptions_API_PlatformErrorResponse - - $ref: >- - #/components/schemas/Security_Exceptions_API_SiemErrorResponse - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Exceptions_API_PlatformErrorResponse - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Exceptions_API_PlatformErrorResponse - description: Not enough privileges response - '409': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' - description: Exception list already exists response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' - description: Internal server error response - summary: Create a shared exception list - tags: - - Security Exceptions API - /api/fleet/agent_download_sources: - get: - description: List agent binary download sources - operationId: '%2Fapi%2Ffleet%2Fagent_download_sources#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - items: - items: - additionalProperties: false - type: object - properties: - host: - format: uri - type: string - id: - type: string - is_default: - default: false - type: boolean - name: - type: string - proxy_id: - description: >- - The ID of the proxy to use for this download source. - See the proxies API for more information. - nullable: true - type: string - required: - - id - - name - - host - type: array - page: - type: number - perPage: - type: number - total: - type: number - required: - - items - - total - - page - - perPage - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Agent binary download sources - post: - description: Create agent binary download source - operationId: '%2Fapi%2Ffleet%2Fagent_download_sources#1' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - host: - format: uri - type: string - id: - type: string - is_default: - default: false - type: boolean - name: - type: string - proxy_id: - description: >- - The ID of the proxy to use for this download source. See the - proxies API for more information. - nullable: true - type: string - required: - - name - - host - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - item: - additionalProperties: false - type: object - properties: - host: - format: uri - type: string - id: - type: string - is_default: - default: false - type: boolean - name: - type: string - proxy_id: - description: >- - The ID of the proxy to use for this download source. - See the proxies API for more information. - nullable: true - type: string - required: - - id - - name - - host - required: - - item - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Agent binary download sources - /api/fleet/agent_download_sources/{sourceId}: - delete: - description: Delete agent binary download source by ID - operationId: '%2Fapi%2Ffleet%2Fagent_download_sources%2F%7BsourceId%7D#2' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - in: path - name: sourceId - required: true - schema: - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - id: - type: string - required: - - id - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Agent binary download sources - get: - description: Get agent binary download source by ID - operationId: '%2Fapi%2Ffleet%2Fagent_download_sources%2F%7BsourceId%7D#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - in: path - name: sourceId - required: true - schema: - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - item: - additionalProperties: false - type: object - properties: - host: - format: uri - type: string - id: - type: string - is_default: - default: false - type: boolean - name: - type: string - proxy_id: - description: >- - The ID of the proxy to use for this download source. - See the proxies API for more information. - nullable: true - type: string - required: - - id - - name - - host - required: - - item - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Agent binary download sources - put: - description: Update agent binary download source by ID - operationId: '%2Fapi%2Ffleet%2Fagent_download_sources%2F%7BsourceId%7D#1' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - in: path - name: sourceId - required: true - schema: - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - host: - format: uri - type: string - id: - type: string - is_default: - default: false - type: boolean - name: - type: string - proxy_id: - description: >- - The ID of the proxy to use for this download source. See the - proxies API for more information. - nullable: true - type: string - required: - - name - - host - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - item: - additionalProperties: false - type: object - properties: - host: - format: uri - type: string - id: - type: string - is_default: - default: false - type: boolean - name: - type: string - proxy_id: - description: >- - The ID of the proxy to use for this download source. - See the proxies API for more information. - nullable: true - type: string - required: - - id - - name - - host - required: - - item - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Agent binary download sources - /api/fleet/agent_policies: - get: - description: List agent policies - operationId: '%2Fapi%2Ffleet%2Fagent_policies#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - in: query - name: page - required: false - schema: - type: number - - in: query - name: perPage - required: false - schema: - type: number - - in: query - name: sortField - required: false - schema: - type: string - - in: query - name: sortOrder - required: false - schema: - enum: - - desc - - asc - type: string - - in: query - name: showUpgradeable - required: false - schema: - type: boolean - - in: query - name: kuery - required: false - schema: - type: string - - description: use withAgentCount instead - in: query - name: noAgentCount - required: false - schema: - deprecated: true - type: boolean - - description: get policies with agent count - in: query - name: withAgentCount - required: false - schema: - type: boolean - - description: get full policies with package policies populated - in: query - name: full - required: false - schema: - type: boolean - - in: query - name: format - required: false - schema: - enum: - - simplified - - legacy - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - items: - items: - additionalProperties: false - type: object - properties: - advanced_settings: - additionalProperties: false - type: object - properties: - agent_download_target_directory: - nullable: true - agent_download_timeout: - default: 2h - nullable: true - agent_limits_go_max_procs: - nullable: true - agent_logging_level: - default: info - nullable: true - agent_logging_metrics_period: - default: 30s - nullable: true - agent_features: - items: - additionalProperties: false - type: object - properties: - enabled: - type: boolean - name: - type: string - required: - - name - - enabled - type: array - agents: - type: number - data_output_id: - nullable: true - type: string - description: - type: string - download_source_id: - nullable: true - type: string - fleet_server_host_id: - nullable: true - type: string - global_data_tags: - description: >- - User defined data tags that are added to all of the - inputs. The values can be strings or numbers. - items: - additionalProperties: false - type: object - properties: - name: - type: string - value: - anyOf: - - type: string - - type: number - required: - - name - - value - type: array - has_fleet_server: - type: boolean - id: - type: string - inactivity_timeout: - default: 1209600 - minimum: 0 - type: number - is_default: - type: boolean - is_default_fleet_server: - type: boolean - is_managed: - type: boolean - is_preconfigured: - type: boolean - is_protected: - description: >- - Indicates whether the agent policy has tamper - protection enabled. Default false. - type: boolean - keep_monitoring_alive: - default: false - description: >- - When set to true, monitoring will be enabled but - logs/metrics collection will be disabled - nullable: true - type: boolean - monitoring_diagnostics: - additionalProperties: false - type: object - properties: - limit: - additionalProperties: false - type: object - properties: - burst: - type: number - interval: - type: string - uploader: - additionalProperties: false - type: object - properties: - init_dur: - type: string - max_dur: - type: string - max_retries: - type: number - monitoring_enabled: - items: - enum: - - logs - - metrics - - traces - type: string - type: array - monitoring_http: - additionalProperties: false - type: object - properties: - buffer: - additionalProperties: false - type: object - properties: - enabled: - default: false - type: boolean - enabled: - type: boolean - host: - type: string - port: - maximum: 65353 - minimum: 0 - type: number - required: - - enabled - monitoring_output_id: - nullable: true - type: string - monitoring_pprof_enabled: - type: boolean - name: - minLength: 1 - type: string - namespace: - minLength: 1 - type: string - overrides: - additionalProperties: {} - description: >- - Override settings that are defined in the agent - policy. Input settings cannot be overridden. The - override option should be used only in unusual - circumstances and not as a routine procedure. - nullable: true - type: object - package_policies: - anyOf: - - items: - type: string - type: array - - description: >- - This field is present only when retrieving a - single agent policy, or when retrieving a list - of agent policies with the ?full=true parameter - items: - additionalProperties: false - type: object - properties: - created_at: - type: string - created_by: - type: string - description: - description: Package policy description - type: string - elasticsearch: - additionalProperties: true - type: object - properties: - privileges: - additionalProperties: true - type: object - properties: - cluster: - items: - type: string - type: array - enabled: - type: boolean - id: - type: string - inputs: - items: - additionalProperties: false - type: object - properties: - compiled_input: {} - config: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - enabled: - type: boolean - id: - type: string - keep_enabled: - type: boolean - policy_template: - type: string - streams: - items: - additionalProperties: false - type: object - properties: - compiled_stream: {} - config: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - data_stream: - additionalProperties: false - type: object - properties: - dataset: - type: string - elasticsearch: - additionalProperties: false - type: object - properties: - dynamic_dataset: - type: boolean - dynamic_namespace: - type: boolean - privileges: - additionalProperties: false - type: object - properties: - indices: - items: - type: string - type: array - type: - type: string - required: - - dataset - - type - enabled: - type: boolean - id: - type: string - keep_enabled: - type: boolean - release: - enum: - - ga - - beta - - experimental - type: string - vars: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - required: - - enabled - - data_stream - - compiled_stream - type: array - type: - type: string - vars: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - required: - - type - - enabled - - streams - - compiled_input - type: array - is_managed: - type: boolean - name: - description: Package policy name (should be unique) - type: string - namespace: - description: >- - The package policy namespace. Leave blank - to inherit the agent policy's namespace. - type: string - output_id: - nullable: true - type: string - overrides: - additionalProperties: false - description: >- - Override settings that are defined in the - package policy. The override option should - be used only in unusual circumstances and - not as a routine procedure. - nullable: true - type: object - properties: - inputs: - additionalProperties: {} - type: object - package: - additionalProperties: false - type: object - properties: - experimental_data_stream_features: - items: - additionalProperties: false - type: object - properties: - data_stream: - type: string - features: - additionalProperties: false - type: object - properties: - doc_value_only_numeric: - type: boolean - doc_value_only_other: - type: boolean - synthetic_source: - type: boolean - tsdb: - type: boolean - required: - - data_stream - - features - type: array - name: - description: Package name - type: string - requires_root: - type: boolean - title: - type: string - version: - description: Package version - type: string - required: - - name - - version - policy_id: - deprecated: true - description: >- - Agent policy ID where that package policy - will be added - nullable: true - type: string - policy_ids: - items: - description: >- - Agent policy IDs where that package - policy will be added - type: string - type: array - revision: - type: number - secret_references: - items: - additionalProperties: false - type: object - properties: - id: - type: string - required: - - id - type: array - updated_at: - type: string - updated_by: - type: string - vars: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - version: - type: string - required: - - name - - enabled - - inputs - - id - - revision - - updated_at - - updated_by - - created_at - - created_by - type: array - revision: - type: number - schema_version: - type: string - space_ids: - items: - type: string - type: array - status: - enum: - - active - - inactive - type: string - supports_agentless: - default: false - description: >- - Indicates whether the agent policy supports - agentless integrations. - nullable: true - type: boolean - unenroll_timeout: - minimum: 0 - type: number - unprivileged_agents: - type: number - updated_at: - type: string - updated_by: - type: string - version: - type: string - required: - - id - - name - - namespace - - is_managed - - is_protected - - status - - updated_at - - updated_by - - revision - type: array - page: - type: number - perPage: - type: number - total: - type: number - required: - - items - - total - - page - - perPage - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Agent policies - post: - description: Create an agent policy - operationId: '%2Fapi%2Ffleet%2Fagent_policies#1' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - in: query - name: sys_monitoring - required: false - schema: - type: boolean - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - advanced_settings: - additionalProperties: false - type: object - properties: - agent_download_target_directory: - nullable: true - agent_download_timeout: - default: 2h - nullable: true - agent_limits_go_max_procs: - nullable: true - agent_logging_level: - default: info - nullable: true - agent_logging_metrics_period: - default: 30s - nullable: true - agent_features: - items: - additionalProperties: false - type: object - properties: - enabled: - type: boolean - name: - type: string - required: - - name - - enabled - type: array - data_output_id: - nullable: true - type: string - description: - type: string - download_source_id: - nullable: true - type: string - fleet_server_host_id: - nullable: true - type: string - force: - type: boolean - global_data_tags: - description: >- - User defined data tags that are added to all of the inputs. - The values can be strings or numbers. - items: - additionalProperties: false - type: object - properties: - name: - type: string - value: - anyOf: - - type: string - - type: number - required: - - name - - value - type: array - has_fleet_server: - type: boolean - id: - type: string - inactivity_timeout: - default: 1209600 - minimum: 0 - type: number - is_default: - type: boolean - is_default_fleet_server: - type: boolean - is_managed: - type: boolean - is_protected: - type: boolean - keep_monitoring_alive: - default: false - description: >- - When set to true, monitoring will be enabled but - logs/metrics collection will be disabled - nullable: true - type: boolean - monitoring_diagnostics: - additionalProperties: false - type: object - properties: - limit: - additionalProperties: false - type: object - properties: - burst: - type: number - interval: - type: string - uploader: - additionalProperties: false - type: object - properties: - init_dur: - type: string - max_dur: - type: string - max_retries: - type: number - monitoring_enabled: - items: - enum: - - logs - - metrics - - traces - type: string - type: array - monitoring_http: - additionalProperties: false - type: object - properties: - buffer: - additionalProperties: false - type: object - properties: - enabled: - default: false - type: boolean - enabled: - type: boolean - host: - type: string - port: - maximum: 65353 - minimum: 0 - type: number - required: - - enabled - monitoring_output_id: - nullable: true - type: string - monitoring_pprof_enabled: - type: boolean - name: - minLength: 1 - type: string - namespace: - minLength: 1 - type: string - overrides: - additionalProperties: {} - description: >- - Override settings that are defined in the agent policy. - Input settings cannot be overridden. The override option - should be used only in unusual circumstances and not as a - routine procedure. - nullable: true - type: object - space_ids: - items: - type: string - type: array - supports_agentless: - default: false - description: >- - Indicates whether the agent policy supports agentless - integrations. - nullable: true - type: boolean - unenroll_timeout: - minimum: 0 - type: number - required: - - name - - namespace - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - item: - additionalProperties: false - type: object - properties: - advanced_settings: - additionalProperties: false - type: object - properties: - agent_download_target_directory: - nullable: true - agent_download_timeout: - default: 2h - nullable: true - agent_limits_go_max_procs: - nullable: true - agent_logging_level: - default: info - nullable: true - agent_logging_metrics_period: - default: 30s - nullable: true - agent_features: - items: - additionalProperties: false - type: object - properties: - enabled: - type: boolean - name: - type: string - required: - - name - - enabled - type: array - agents: - type: number - data_output_id: - nullable: true - type: string - description: - type: string - download_source_id: - nullable: true - type: string - fleet_server_host_id: - nullable: true - type: string - global_data_tags: - description: >- - User defined data tags that are added to all of the - inputs. The values can be strings or numbers. - items: - additionalProperties: false - type: object - properties: - name: - type: string - value: - anyOf: - - type: string - - type: number - required: - - name - - value - type: array - has_fleet_server: - type: boolean - id: - type: string - inactivity_timeout: - default: 1209600 - minimum: 0 - type: number - is_default: - type: boolean - is_default_fleet_server: - type: boolean - is_managed: - type: boolean - is_preconfigured: - type: boolean - is_protected: - description: >- - Indicates whether the agent policy has tamper - protection enabled. Default false. - type: boolean - keep_monitoring_alive: - default: false - description: >- - When set to true, monitoring will be enabled but - logs/metrics collection will be disabled - nullable: true - type: boolean - monitoring_diagnostics: - additionalProperties: false - type: object - properties: - limit: - additionalProperties: false - type: object - properties: - burst: - type: number - interval: - type: string - uploader: - additionalProperties: false - type: object - properties: - init_dur: - type: string - max_dur: - type: string - max_retries: - type: number - monitoring_enabled: - items: - enum: - - logs - - metrics - - traces - type: string - type: array - monitoring_http: - additionalProperties: false - type: object - properties: - buffer: - additionalProperties: false - type: object - properties: - enabled: - default: false - type: boolean - enabled: - type: boolean - host: - type: string - port: - maximum: 65353 - minimum: 0 - type: number - required: - - enabled - monitoring_output_id: - nullable: true - type: string - monitoring_pprof_enabled: - type: boolean - name: - minLength: 1 - type: string - namespace: - minLength: 1 - type: string - overrides: - additionalProperties: {} - description: >- - Override settings that are defined in the agent - policy. Input settings cannot be overridden. The - override option should be used only in unusual - circumstances and not as a routine procedure. - nullable: true - type: object - package_policies: - anyOf: - - items: - type: string - type: array - - description: >- - This field is present only when retrieving a - single agent policy, or when retrieving a list of - agent policies with the ?full=true parameter - items: - additionalProperties: false - type: object - properties: - created_at: - type: string - created_by: - type: string - description: - description: Package policy description - type: string - elasticsearch: - additionalProperties: true - type: object - properties: - privileges: - additionalProperties: true - type: object - properties: - cluster: - items: - type: string - type: array - enabled: - type: boolean - id: - type: string - inputs: - items: - additionalProperties: false - type: object - properties: - compiled_input: {} - config: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - enabled: - type: boolean - id: - type: string - keep_enabled: - type: boolean - policy_template: - type: string - streams: - items: - additionalProperties: false - type: object - properties: - compiled_stream: {} - config: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - data_stream: - additionalProperties: false - type: object - properties: - dataset: - type: string - elasticsearch: - additionalProperties: false - type: object - properties: - dynamic_dataset: - type: boolean - dynamic_namespace: - type: boolean - privileges: - additionalProperties: false - type: object - properties: - indices: - items: - type: string - type: array - type: - type: string - required: - - dataset - - type - enabled: - type: boolean - id: - type: string - keep_enabled: - type: boolean - release: - enum: - - ga - - beta - - experimental - type: string - vars: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - required: - - enabled - - data_stream - - compiled_stream - type: array - type: - type: string - vars: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - required: - - type - - enabled - - streams - - compiled_input - type: array - is_managed: - type: boolean - name: - description: Package policy name (should be unique) - type: string - namespace: - description: >- - The package policy namespace. Leave blank to - inherit the agent policy's namespace. - type: string - output_id: - nullable: true - type: string - overrides: - additionalProperties: false - description: >- - Override settings that are defined in the - package policy. The override option should - be used only in unusual circumstances and - not as a routine procedure. - nullable: true - type: object - properties: - inputs: - additionalProperties: {} - type: object - package: - additionalProperties: false - type: object - properties: - experimental_data_stream_features: - items: - additionalProperties: false - type: object - properties: - data_stream: - type: string - features: - additionalProperties: false - type: object - properties: - doc_value_only_numeric: - type: boolean - doc_value_only_other: - type: boolean - synthetic_source: - type: boolean - tsdb: - type: boolean - required: - - data_stream - - features - type: array - name: - description: Package name - type: string - requires_root: - type: boolean - title: - type: string - version: - description: Package version - type: string - required: - - name - - version - policy_id: - deprecated: true - description: >- - Agent policy ID where that package policy - will be added - nullable: true - type: string - policy_ids: - items: - description: >- - Agent policy IDs where that package policy - will be added - type: string - type: array - revision: - type: number - secret_references: - items: - additionalProperties: false - type: object - properties: - id: - type: string - required: - - id - type: array - updated_at: - type: string - updated_by: - type: string - vars: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - version: - type: string - required: - - name - - enabled - - inputs - - id - - revision - - updated_at - - updated_by - - created_at - - created_by - type: array - revision: - type: number - schema_version: - type: string - space_ids: - items: - type: string - type: array - status: - enum: - - active - - inactive - type: string - supports_agentless: - default: false - description: >- - Indicates whether the agent policy supports agentless - integrations. - nullable: true - type: boolean - unenroll_timeout: - minimum: 0 - type: number - unprivileged_agents: - type: number - updated_at: - type: string - updated_by: - type: string - version: - type: string - required: - - id - - name - - namespace - - is_managed - - is_protected - - status - - updated_at - - updated_by - - revision - required: - - item - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Agent policies - /api/fleet/agent_policies/_bulk_get: - post: - description: Bulk get agent policies - operationId: '%2Fapi%2Ffleet%2Fagent_policies%2F_bulk_get#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - in: query - name: format - required: false - schema: - enum: - - simplified - - legacy - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - full: - description: get full policies with package policies populated - type: boolean - ids: - description: list of package policy ids - items: - type: string - type: array - ignoreMissing: - type: boolean - required: - - ids - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - items: - items: - additionalProperties: false - type: object - properties: - advanced_settings: - additionalProperties: false - type: object - properties: - agent_download_target_directory: - nullable: true - agent_download_timeout: - default: 2h - nullable: true - agent_limits_go_max_procs: - nullable: true - agent_logging_level: - default: info - nullable: true - agent_logging_metrics_period: - default: 30s - nullable: true - agent_features: - items: - additionalProperties: false - type: object - properties: - enabled: - type: boolean - name: - type: string - required: - - name - - enabled - type: array - agents: - type: number - data_output_id: - nullable: true - type: string - description: - type: string - download_source_id: - nullable: true - type: string - fleet_server_host_id: - nullable: true - type: string - global_data_tags: - description: >- - User defined data tags that are added to all of the - inputs. The values can be strings or numbers. - items: - additionalProperties: false - type: object - properties: - name: - type: string - value: - anyOf: - - type: string - - type: number - required: - - name - - value - type: array - has_fleet_server: - type: boolean - id: - type: string - inactivity_timeout: - default: 1209600 - minimum: 0 - type: number - is_default: - type: boolean - is_default_fleet_server: - type: boolean - is_managed: - type: boolean - is_preconfigured: - type: boolean - is_protected: - description: >- - Indicates whether the agent policy has tamper - protection enabled. Default false. - type: boolean - keep_monitoring_alive: - default: false - description: >- - When set to true, monitoring will be enabled but - logs/metrics collection will be disabled - nullable: true - type: boolean - monitoring_diagnostics: - additionalProperties: false - type: object - properties: - limit: - additionalProperties: false - type: object - properties: - burst: - type: number - interval: - type: string - uploader: - additionalProperties: false - type: object - properties: - init_dur: - type: string - max_dur: - type: string - max_retries: - type: number - monitoring_enabled: - items: - enum: - - logs - - metrics - - traces - type: string - type: array - monitoring_http: - additionalProperties: false - type: object - properties: - buffer: - additionalProperties: false - type: object - properties: - enabled: - default: false - type: boolean - enabled: - type: boolean - host: - type: string - port: - maximum: 65353 - minimum: 0 - type: number - required: - - enabled - monitoring_output_id: - nullable: true - type: string - monitoring_pprof_enabled: - type: boolean - name: - minLength: 1 - type: string - namespace: - minLength: 1 - type: string - overrides: - additionalProperties: {} - description: >- - Override settings that are defined in the agent - policy. Input settings cannot be overridden. The - override option should be used only in unusual - circumstances and not as a routine procedure. - nullable: true - type: object - package_policies: - anyOf: - - items: - type: string - type: array - - description: >- - This field is present only when retrieving a - single agent policy, or when retrieving a list - of agent policies with the ?full=true parameter - items: - additionalProperties: false - type: object - properties: - created_at: - type: string - created_by: - type: string - description: - description: Package policy description - type: string - elasticsearch: - additionalProperties: true - type: object - properties: - privileges: - additionalProperties: true - type: object - properties: - cluster: - items: - type: string - type: array - enabled: - type: boolean - id: - type: string - inputs: - items: - additionalProperties: false - type: object - properties: - compiled_input: {} - config: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - enabled: - type: boolean - id: - type: string - keep_enabled: - type: boolean - policy_template: - type: string - streams: - items: - additionalProperties: false - type: object - properties: - compiled_stream: {} - config: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - data_stream: - additionalProperties: false - type: object - properties: - dataset: - type: string - elasticsearch: - additionalProperties: false - type: object - properties: - dynamic_dataset: - type: boolean - dynamic_namespace: - type: boolean - privileges: - additionalProperties: false - type: object - properties: - indices: - items: - type: string - type: array - type: - type: string - required: - - dataset - - type - enabled: - type: boolean - id: - type: string - keep_enabled: - type: boolean - release: - enum: - - ga - - beta - - experimental - type: string - vars: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - required: - - enabled - - data_stream - - compiled_stream - type: array - type: - type: string - vars: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - required: - - type - - enabled - - streams - - compiled_input - type: array - is_managed: - type: boolean - name: - description: Package policy name (should be unique) - type: string - namespace: - description: >- - The package policy namespace. Leave blank - to inherit the agent policy's namespace. - type: string - output_id: - nullable: true - type: string - overrides: - additionalProperties: false - description: >- - Override settings that are defined in the - package policy. The override option should - be used only in unusual circumstances and - not as a routine procedure. - nullable: true - type: object - properties: - inputs: - additionalProperties: {} - type: object - package: - additionalProperties: false - type: object - properties: - experimental_data_stream_features: - items: - additionalProperties: false - type: object - properties: - data_stream: - type: string - features: - additionalProperties: false - type: object - properties: - doc_value_only_numeric: - type: boolean - doc_value_only_other: - type: boolean - synthetic_source: - type: boolean - tsdb: - type: boolean - required: - - data_stream - - features - type: array - name: - description: Package name - type: string - requires_root: - type: boolean - title: - type: string - version: - description: Package version - type: string - required: - - name - - version - policy_id: - deprecated: true - description: >- - Agent policy ID where that package policy - will be added - nullable: true - type: string - policy_ids: - items: - description: >- - Agent policy IDs where that package - policy will be added - type: string - type: array - revision: - type: number - secret_references: - items: - additionalProperties: false - type: object - properties: - id: - type: string - required: - - id - type: array - updated_at: - type: string - updated_by: - type: string - vars: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - version: - type: string - required: - - name - - enabled - - inputs - - id - - revision - - updated_at - - updated_by - - created_at - - created_by - type: array - revision: - type: number - schema_version: - type: string - space_ids: - items: - type: string - type: array - status: - enum: - - active - - inactive - type: string - supports_agentless: - default: false - description: >- - Indicates whether the agent policy supports - agentless integrations. - nullable: true - type: boolean - unenroll_timeout: - minimum: 0 - type: number - unprivileged_agents: - type: number - updated_at: - type: string - updated_by: - type: string - version: - type: string - required: - - id - - name - - namespace - - is_managed - - is_protected - - status - - updated_at - - updated_by - - revision - type: array - required: - - items - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Agent policies - /api/fleet/agent_policies/{agentPolicyId}: - get: - description: Get an agent policy by ID - operationId: '%2Fapi%2Ffleet%2Fagent_policies%2F%7BagentPolicyId%7D#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - in: path - name: agentPolicyId - required: true - schema: - type: string - - in: query - name: format - required: false - schema: - enum: - - simplified - - legacy - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - item: - additionalProperties: false - type: object - properties: - advanced_settings: - additionalProperties: false - type: object - properties: - agent_download_target_directory: - nullable: true - agent_download_timeout: - default: 2h - nullable: true - agent_limits_go_max_procs: - nullable: true - agent_logging_level: - default: info - nullable: true - agent_logging_metrics_period: - default: 30s - nullable: true - agent_features: - items: - additionalProperties: false - type: object - properties: - enabled: - type: boolean - name: - type: string - required: - - name - - enabled - type: array - agents: - type: number - data_output_id: - nullable: true - type: string - description: - type: string - download_source_id: - nullable: true - type: string - fleet_server_host_id: - nullable: true - type: string - global_data_tags: - description: >- - User defined data tags that are added to all of the - inputs. The values can be strings or numbers. - items: - additionalProperties: false - type: object - properties: - name: - type: string - value: - anyOf: - - type: string - - type: number - required: - - name - - value - type: array - has_fleet_server: - type: boolean - id: - type: string - inactivity_timeout: - default: 1209600 - minimum: 0 - type: number - is_default: - type: boolean - is_default_fleet_server: - type: boolean - is_managed: - type: boolean - is_preconfigured: - type: boolean - is_protected: - description: >- - Indicates whether the agent policy has tamper - protection enabled. Default false. - type: boolean - keep_monitoring_alive: - default: false - description: >- - When set to true, monitoring will be enabled but - logs/metrics collection will be disabled - nullable: true - type: boolean - monitoring_diagnostics: - additionalProperties: false - type: object - properties: - limit: - additionalProperties: false - type: object - properties: - burst: - type: number - interval: - type: string - uploader: - additionalProperties: false - type: object - properties: - init_dur: - type: string - max_dur: - type: string - max_retries: - type: number - monitoring_enabled: - items: - enum: - - logs - - metrics - - traces - type: string - type: array - monitoring_http: - additionalProperties: false - type: object - properties: - buffer: - additionalProperties: false - type: object - properties: - enabled: - default: false - type: boolean - enabled: - type: boolean - host: - type: string - port: - maximum: 65353 - minimum: 0 - type: number - required: - - enabled - monitoring_output_id: - nullable: true - type: string - monitoring_pprof_enabled: - type: boolean - name: - minLength: 1 - type: string - namespace: - minLength: 1 - type: string - overrides: - additionalProperties: {} - description: >- - Override settings that are defined in the agent - policy. Input settings cannot be overridden. The - override option should be used only in unusual - circumstances and not as a routine procedure. - nullable: true - type: object - package_policies: - anyOf: - - items: - type: string - type: array - - description: >- - This field is present only when retrieving a - single agent policy, or when retrieving a list of - agent policies with the ?full=true parameter - items: - additionalProperties: false - type: object - properties: - created_at: - type: string - created_by: - type: string - description: - description: Package policy description - type: string - elasticsearch: - additionalProperties: true - type: object - properties: - privileges: - additionalProperties: true - type: object - properties: - cluster: - items: - type: string - type: array - enabled: - type: boolean - id: - type: string - inputs: - items: - additionalProperties: false - type: object - properties: - compiled_input: {} - config: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - enabled: - type: boolean - id: - type: string - keep_enabled: - type: boolean - policy_template: - type: string - streams: - items: - additionalProperties: false - type: object - properties: - compiled_stream: {} - config: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - data_stream: - additionalProperties: false - type: object - properties: - dataset: - type: string - elasticsearch: - additionalProperties: false - type: object - properties: - dynamic_dataset: - type: boolean - dynamic_namespace: - type: boolean - privileges: - additionalProperties: false - type: object - properties: - indices: - items: - type: string - type: array - type: - type: string - required: - - dataset - - type - enabled: - type: boolean - id: - type: string - keep_enabled: - type: boolean - release: - enum: - - ga - - beta - - experimental - type: string - vars: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - required: - - enabled - - data_stream - - compiled_stream - type: array - type: - type: string - vars: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - required: - - type - - enabled - - streams - - compiled_input - type: array - is_managed: - type: boolean - name: - description: Package policy name (should be unique) - type: string - namespace: - description: >- - The package policy namespace. Leave blank to - inherit the agent policy's namespace. - type: string - output_id: - nullable: true - type: string - overrides: - additionalProperties: false - description: >- - Override settings that are defined in the - package policy. The override option should - be used only in unusual circumstances and - not as a routine procedure. - nullable: true - type: object - properties: - inputs: - additionalProperties: {} - type: object - package: - additionalProperties: false - type: object - properties: - experimental_data_stream_features: - items: - additionalProperties: false - type: object - properties: - data_stream: - type: string - features: - additionalProperties: false - type: object - properties: - doc_value_only_numeric: - type: boolean - doc_value_only_other: - type: boolean - synthetic_source: - type: boolean - tsdb: - type: boolean - required: - - data_stream - - features - type: array - name: - description: Package name - type: string - requires_root: - type: boolean - title: - type: string - version: - description: Package version - type: string - required: - - name - - version - policy_id: - deprecated: true - description: >- - Agent policy ID where that package policy - will be added - nullable: true - type: string - policy_ids: - items: - description: >- - Agent policy IDs where that package policy - will be added - type: string - type: array - revision: - type: number - secret_references: - items: - additionalProperties: false - type: object - properties: - id: - type: string - required: - - id - type: array - updated_at: - type: string - updated_by: - type: string - vars: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - version: - type: string - required: - - name - - enabled - - inputs - - id - - revision - - updated_at - - updated_by - - created_at - - created_by - type: array - revision: - type: number - schema_version: - type: string - space_ids: - items: - type: string - type: array - status: - enum: - - active - - inactive - type: string - supports_agentless: - default: false - description: >- - Indicates whether the agent policy supports agentless - integrations. - nullable: true - type: boolean - unenroll_timeout: - minimum: 0 - type: number - unprivileged_agents: - type: number - updated_at: - type: string - updated_by: - type: string - version: - type: string - required: - - id - - name - - namespace - - is_managed - - is_protected - - status - - updated_at - - updated_by - - revision - required: - - item - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Agent policies - put: - description: Update an agent policy by ID - operationId: '%2Fapi%2Ffleet%2Fagent_policies%2F%7BagentPolicyId%7D#1' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - in: path - name: agentPolicyId - required: true - schema: - type: string - - in: query - name: format - required: false - schema: - enum: - - simplified - - legacy - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - advanced_settings: - additionalProperties: false - type: object - properties: - agent_download_target_directory: - nullable: true - agent_download_timeout: - default: 2h - nullable: true - agent_limits_go_max_procs: - nullable: true - agent_logging_level: - default: info - nullable: true - agent_logging_metrics_period: - default: 30s - nullable: true - agent_features: - items: - additionalProperties: false - type: object - properties: - enabled: - type: boolean - name: - type: string - required: - - name - - enabled - type: array - data_output_id: - nullable: true - type: string - description: - type: string - download_source_id: - nullable: true - type: string - fleet_server_host_id: - nullable: true - type: string - force: - type: boolean - global_data_tags: - description: >- - User defined data tags that are added to all of the inputs. - The values can be strings or numbers. - items: - additionalProperties: false - type: object - properties: - name: - type: string - value: - anyOf: - - type: string - - type: number - required: - - name - - value - type: array - has_fleet_server: - type: boolean - id: - type: string - inactivity_timeout: - default: 1209600 - minimum: 0 - type: number - is_default: - type: boolean - is_default_fleet_server: - type: boolean - is_managed: - type: boolean - is_protected: - type: boolean - keep_monitoring_alive: - default: false - description: >- - When set to true, monitoring will be enabled but - logs/metrics collection will be disabled - nullable: true - type: boolean - monitoring_diagnostics: - additionalProperties: false - type: object - properties: - limit: - additionalProperties: false - type: object - properties: - burst: - type: number - interval: - type: string - uploader: - additionalProperties: false - type: object - properties: - init_dur: - type: string - max_dur: - type: string - max_retries: - type: number - monitoring_enabled: - items: - enum: - - logs - - metrics - - traces - type: string - type: array - monitoring_http: - additionalProperties: false - type: object - properties: - buffer: - additionalProperties: false - type: object - properties: - enabled: - default: false - type: boolean - enabled: - type: boolean - host: - type: string - port: - maximum: 65353 - minimum: 0 - type: number - required: - - enabled - monitoring_output_id: - nullable: true - type: string - monitoring_pprof_enabled: - type: boolean - name: - minLength: 1 - type: string - namespace: - minLength: 1 - type: string - overrides: - additionalProperties: {} - description: >- - Override settings that are defined in the agent policy. - Input settings cannot be overridden. The override option - should be used only in unusual circumstances and not as a - routine procedure. - nullable: true - type: object - space_ids: - items: - type: string - type: array - supports_agentless: - default: false - description: >- - Indicates whether the agent policy supports agentless - integrations. - nullable: true - type: boolean - unenroll_timeout: - minimum: 0 - type: number - required: - - name - - namespace - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - item: - additionalProperties: false - type: object - properties: - advanced_settings: - additionalProperties: false - type: object - properties: - agent_download_target_directory: - nullable: true - agent_download_timeout: - default: 2h - nullable: true - agent_limits_go_max_procs: - nullable: true - agent_logging_level: - default: info - nullable: true - agent_logging_metrics_period: - default: 30s - nullable: true - agent_features: - items: - additionalProperties: false - type: object - properties: - enabled: - type: boolean - name: - type: string - required: - - name - - enabled - type: array - agents: - type: number - data_output_id: - nullable: true - type: string - description: - type: string - download_source_id: - nullable: true - type: string - fleet_server_host_id: - nullable: true - type: string - global_data_tags: - description: >- - User defined data tags that are added to all of the - inputs. The values can be strings or numbers. - items: - additionalProperties: false - type: object - properties: - name: - type: string - value: - anyOf: - - type: string - - type: number - required: - - name - - value - type: array - has_fleet_server: - type: boolean - id: - type: string - inactivity_timeout: - default: 1209600 - minimum: 0 - type: number - is_default: - type: boolean - is_default_fleet_server: - type: boolean - is_managed: - type: boolean - is_preconfigured: - type: boolean - is_protected: - description: >- - Indicates whether the agent policy has tamper - protection enabled. Default false. - type: boolean - keep_monitoring_alive: - default: false - description: >- - When set to true, monitoring will be enabled but - logs/metrics collection will be disabled - nullable: true - type: boolean - monitoring_diagnostics: - additionalProperties: false - type: object - properties: - limit: - additionalProperties: false - type: object - properties: - burst: - type: number - interval: - type: string - uploader: - additionalProperties: false - type: object - properties: - init_dur: - type: string - max_dur: - type: string - max_retries: - type: number - monitoring_enabled: - items: - enum: - - logs - - metrics - - traces - type: string - type: array - monitoring_http: - additionalProperties: false - type: object - properties: - buffer: - additionalProperties: false - type: object - properties: - enabled: - default: false - type: boolean - enabled: - type: boolean - host: - type: string - port: - maximum: 65353 - minimum: 0 - type: number - required: - - enabled - monitoring_output_id: - nullable: true - type: string - monitoring_pprof_enabled: - type: boolean - name: - minLength: 1 - type: string - namespace: - minLength: 1 - type: string - overrides: - additionalProperties: {} - description: >- - Override settings that are defined in the agent - policy. Input settings cannot be overridden. The - override option should be used only in unusual - circumstances and not as a routine procedure. - nullable: true - type: object - package_policies: - anyOf: - - items: - type: string - type: array - - description: >- - This field is present only when retrieving a - single agent policy, or when retrieving a list of - agent policies with the ?full=true parameter - items: - additionalProperties: false - type: object - properties: - created_at: - type: string - created_by: - type: string - description: - description: Package policy description - type: string - elasticsearch: - additionalProperties: true - type: object - properties: - privileges: - additionalProperties: true - type: object - properties: - cluster: - items: - type: string - type: array - enabled: - type: boolean - id: - type: string - inputs: - items: - additionalProperties: false - type: object - properties: - compiled_input: {} - config: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - enabled: - type: boolean - id: - type: string - keep_enabled: - type: boolean - policy_template: - type: string - streams: - items: - additionalProperties: false - type: object - properties: - compiled_stream: {} - config: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - data_stream: - additionalProperties: false - type: object - properties: - dataset: - type: string - elasticsearch: - additionalProperties: false - type: object - properties: - dynamic_dataset: - type: boolean - dynamic_namespace: - type: boolean - privileges: - additionalProperties: false - type: object - properties: - indices: - items: - type: string - type: array - type: - type: string - required: - - dataset - - type - enabled: - type: boolean - id: - type: string - keep_enabled: - type: boolean - release: - enum: - - ga - - beta - - experimental - type: string - vars: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - required: - - enabled - - data_stream - - compiled_stream - type: array - type: - type: string - vars: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - required: - - type - - enabled - - streams - - compiled_input - type: array - is_managed: - type: boolean - name: - description: Package policy name (should be unique) - type: string - namespace: - description: >- - The package policy namespace. Leave blank to - inherit the agent policy's namespace. - type: string - output_id: - nullable: true - type: string - overrides: - additionalProperties: false - description: >- - Override settings that are defined in the - package policy. The override option should - be used only in unusual circumstances and - not as a routine procedure. - nullable: true - type: object - properties: - inputs: - additionalProperties: {} - type: object - package: - additionalProperties: false - type: object - properties: - experimental_data_stream_features: - items: - additionalProperties: false - type: object - properties: - data_stream: - type: string - features: - additionalProperties: false - type: object - properties: - doc_value_only_numeric: - type: boolean - doc_value_only_other: - type: boolean - synthetic_source: - type: boolean - tsdb: - type: boolean - required: - - data_stream - - features - type: array - name: - description: Package name - type: string - requires_root: - type: boolean - title: - type: string - version: - description: Package version - type: string - required: - - name - - version - policy_id: - deprecated: true - description: >- - Agent policy ID where that package policy - will be added - nullable: true - type: string - policy_ids: - items: - description: >- - Agent policy IDs where that package policy - will be added - type: string - type: array - revision: - type: number - secret_references: - items: - additionalProperties: false - type: object - properties: - id: - type: string - required: - - id - type: array - updated_at: - type: string - updated_by: - type: string - vars: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - version: - type: string - required: - - name - - enabled - - inputs - - id - - revision - - updated_at - - updated_by - - created_at - - created_by - type: array - revision: - type: number - schema_version: - type: string - space_ids: - items: - type: string - type: array - status: - enum: - - active - - inactive - type: string - supports_agentless: - default: false - description: >- - Indicates whether the agent policy supports agentless - integrations. - nullable: true - type: boolean - unenroll_timeout: - minimum: 0 - type: number - unprivileged_agents: - type: number - updated_at: - type: string - updated_by: - type: string - version: - type: string - required: - - id - - name - - namespace - - is_managed - - is_protected - - status - - updated_at - - updated_by - - revision - required: - - item - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Agent policies - /api/fleet/agent_policies/{agentPolicyId}/copy: - post: - description: Copy an agent policy by ID - operationId: '%2Fapi%2Ffleet%2Fagent_policies%2F%7BagentPolicyId%7D%2Fcopy#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - in: path - name: agentPolicyId - required: true - schema: - type: string - - in: query - name: format - required: false - schema: - enum: - - simplified - - legacy - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - description: - type: string - name: - minLength: 1 - type: string - required: - - name - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - item: - additionalProperties: false - type: object - properties: - advanced_settings: - additionalProperties: false - type: object - properties: - agent_download_target_directory: - nullable: true - agent_download_timeout: - default: 2h - nullable: true - agent_limits_go_max_procs: - nullable: true - agent_logging_level: - default: info - nullable: true - agent_logging_metrics_period: - default: 30s - nullable: true - agent_features: - items: - additionalProperties: false - type: object - properties: - enabled: - type: boolean - name: - type: string - required: - - name - - enabled - type: array - agents: - type: number - data_output_id: - nullable: true - type: string - description: - type: string - download_source_id: - nullable: true - type: string - fleet_server_host_id: - nullable: true - type: string - global_data_tags: - description: >- - User defined data tags that are added to all of the - inputs. The values can be strings or numbers. - items: - additionalProperties: false - type: object - properties: - name: - type: string - value: - anyOf: - - type: string - - type: number - required: - - name - - value - type: array - has_fleet_server: - type: boolean - id: - type: string - inactivity_timeout: - default: 1209600 - minimum: 0 - type: number - is_default: - type: boolean - is_default_fleet_server: - type: boolean - is_managed: - type: boolean - is_preconfigured: - type: boolean - is_protected: - description: >- - Indicates whether the agent policy has tamper - protection enabled. Default false. - type: boolean - keep_monitoring_alive: - default: false - description: >- - When set to true, monitoring will be enabled but - logs/metrics collection will be disabled - nullable: true - type: boolean - monitoring_diagnostics: - additionalProperties: false - type: object - properties: - limit: - additionalProperties: false - type: object - properties: - burst: - type: number - interval: - type: string - uploader: - additionalProperties: false - type: object - properties: - init_dur: - type: string - max_dur: - type: string - max_retries: - type: number - monitoring_enabled: - items: - enum: - - logs - - metrics - - traces - type: string - type: array - monitoring_http: - additionalProperties: false - type: object - properties: - buffer: - additionalProperties: false - type: object - properties: - enabled: - default: false - type: boolean - enabled: - type: boolean - host: - type: string - port: - maximum: 65353 - minimum: 0 - type: number - required: - - enabled - monitoring_output_id: - nullable: true - type: string - monitoring_pprof_enabled: - type: boolean - name: - minLength: 1 - type: string - namespace: - minLength: 1 - type: string - overrides: - additionalProperties: {} - description: >- - Override settings that are defined in the agent - policy. Input settings cannot be overridden. The - override option should be used only in unusual - circumstances and not as a routine procedure. - nullable: true - type: object - package_policies: - anyOf: - - items: - type: string - type: array - - description: >- - This field is present only when retrieving a - single agent policy, or when retrieving a list of - agent policies with the ?full=true parameter - items: - additionalProperties: false - type: object - properties: - created_at: - type: string - created_by: - type: string - description: - description: Package policy description - type: string - elasticsearch: - additionalProperties: true - type: object - properties: - privileges: - additionalProperties: true - type: object - properties: - cluster: - items: - type: string - type: array - enabled: - type: boolean - id: - type: string - inputs: - items: - additionalProperties: false - type: object - properties: - compiled_input: {} - config: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - enabled: - type: boolean - id: - type: string - keep_enabled: - type: boolean - policy_template: - type: string - streams: - items: - additionalProperties: false - type: object - properties: - compiled_stream: {} - config: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - data_stream: - additionalProperties: false - type: object - properties: - dataset: - type: string - elasticsearch: - additionalProperties: false - type: object - properties: - dynamic_dataset: - type: boolean - dynamic_namespace: - type: boolean - privileges: - additionalProperties: false - type: object - properties: - indices: - items: - type: string - type: array - type: - type: string - required: - - dataset - - type - enabled: - type: boolean - id: - type: string - keep_enabled: - type: boolean - release: - enum: - - ga - - beta - - experimental - type: string - vars: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - required: - - enabled - - data_stream - - compiled_stream - type: array - type: - type: string - vars: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - required: - - type - - enabled - - streams - - compiled_input - type: array - is_managed: - type: boolean - name: - description: Package policy name (should be unique) - type: string - namespace: - description: >- - The package policy namespace. Leave blank to - inherit the agent policy's namespace. - type: string - output_id: - nullable: true - type: string - overrides: - additionalProperties: false - description: >- - Override settings that are defined in the - package policy. The override option should - be used only in unusual circumstances and - not as a routine procedure. - nullable: true - type: object - properties: - inputs: - additionalProperties: {} - type: object - package: - additionalProperties: false - type: object - properties: - experimental_data_stream_features: - items: - additionalProperties: false - type: object - properties: - data_stream: - type: string - features: - additionalProperties: false - type: object - properties: - doc_value_only_numeric: - type: boolean - doc_value_only_other: - type: boolean - synthetic_source: - type: boolean - tsdb: - type: boolean - required: - - data_stream - - features - type: array - name: - description: Package name - type: string - requires_root: - type: boolean - title: - type: string - version: - description: Package version - type: string - required: - - name - - version - policy_id: - deprecated: true - description: >- - Agent policy ID where that package policy - will be added - nullable: true - type: string - policy_ids: - items: - description: >- - Agent policy IDs where that package policy - will be added - type: string - type: array - revision: - type: number - secret_references: - items: - additionalProperties: false - type: object - properties: - id: - type: string - required: - - id - type: array - updated_at: - type: string - updated_by: - type: string - vars: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - version: - type: string - required: - - name - - enabled - - inputs - - id - - revision - - updated_at - - updated_by - - created_at - - created_by - type: array - revision: - type: number - schema_version: - type: string - space_ids: - items: - type: string - type: array - status: - enum: - - active - - inactive - type: string - supports_agentless: - default: false - description: >- - Indicates whether the agent policy supports agentless - integrations. - nullable: true - type: boolean - unenroll_timeout: - minimum: 0 - type: number - unprivileged_agents: - type: number - updated_at: - type: string - updated_by: - type: string - version: - type: string - required: - - id - - name - - namespace - - is_managed - - is_protected - - status - - updated_at - - updated_by - - revision - required: - - item - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Agent policies - /api/fleet/agent_policies/{agentPolicyId}/download: - get: - description: Download an agent policy by ID - operationId: '%2Fapi%2Ffleet%2Fagent_policies%2F%7BagentPolicyId%7D%2Fdownload#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - in: path - name: agentPolicyId - required: true - schema: - type: string - - in: query - name: download - required: false - schema: - type: boolean - - in: query - name: standalone - required: false - schema: - type: boolean - - in: query - name: kubernetes - required: false - schema: - type: boolean - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: string - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Agent policies - /api/fleet/agent_policies/{agentPolicyId}/full: - get: - description: Get a full agent policy by ID - operationId: '%2Fapi%2Ffleet%2Fagent_policies%2F%7BagentPolicyId%7D%2Ffull#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - in: path - name: agentPolicyId - required: true - schema: - type: string - - in: query - name: download - required: false - schema: - type: boolean - - in: query - name: standalone - required: false - schema: - type: boolean - - in: query - name: kubernetes - required: false - schema: - type: boolean - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - item: - anyOf: - - type: string - - additionalProperties: false - type: object - properties: - agent: - additionalProperties: false - type: object - properties: - download: - additionalProperties: false - type: object - properties: - sourceURI: - type: string - required: - - sourceURI - features: - additionalProperties: - additionalProperties: false - type: object - properties: - enabled: - type: boolean - required: - - enabled - type: object - monitoring: - additionalProperties: false - type: object - properties: - enabled: - type: boolean - logs: - type: boolean - metrics: - type: boolean - namespace: - type: string - traces: - type: boolean - use_output: - type: string - required: - - enabled - - metrics - - logs - - traces - protection: - additionalProperties: false - type: object - properties: - enabled: - type: boolean - signing_key: - type: string - uninstall_token_hash: - type: string - required: - - enabled - - uninstall_token_hash - - signing_key - required: - - monitoring - - download - - features - fleet: - anyOf: - - additionalProperties: false - type: object - properties: - hosts: - items: - type: string - type: array - proxy_headers: {} - proxy_url: - type: string - ssl: - additionalProperties: false - type: object - properties: - certificate: - type: string - certificate_authorities: - items: - type: string - type: array - key: - type: string - renegotiation: - type: string - verification_mode: - type: string - required: - - hosts - - proxy_headers - - additionalProperties: false - type: object - properties: - kibana: - additionalProperties: false - type: object - properties: - hosts: - items: - type: string - type: array - path: - type: string - protocol: - type: string - required: - - hosts - - protocol - required: - - kibana - id: - type: string - inputs: - items: - additionalProperties: true - type: object - properties: - data_stream: - additionalProperties: true - type: object - properties: - namespace: - type: string - required: - - namespace - id: - type: string - meta: - additionalProperties: true - type: object - properties: - package: - additionalProperties: true - type: object - properties: - name: - type: string - version: - type: string - required: - - name - - version - name: - type: string - package_policy_id: - type: string - processors: - items: - additionalProperties: true - type: object - properties: - add_fields: - additionalProperties: true - type: object - properties: - fields: - additionalProperties: - anyOf: - - type: string - - type: number - type: object - target: - type: string - required: - - target - - fields - required: - - add_fields - type: array - revision: - type: number - streams: - items: - additionalProperties: true - type: object - properties: - data_stream: - additionalProperties: true - type: object - properties: - dataset: - type: string - type: - type: string - required: - - dataset - id: - type: string - required: - - id - - data_stream - type: array - type: - type: string - use_output: - type: string - required: - - id - - name - - revision - - type - - data_stream - - use_output - - package_policy_id - type: array - namespaces: - items: - type: string - type: array - output_permissions: - additionalProperties: - additionalProperties: {} - type: object - type: object - outputs: - additionalProperties: - additionalProperties: true - type: object - properties: - ca_sha256: - nullable: true - type: string - hosts: - items: - type: string - type: array - proxy_headers: {} - proxy_url: - type: string - type: - type: string - required: - - type - - proxy_headers - type: object - revision: - type: number - secret_references: - items: - additionalProperties: false - type: object - properties: - id: - type: string - required: - - id - type: array - signed: - additionalProperties: false - type: object - properties: - data: - type: string - signature: - type: string - required: - - data - - signature - required: - - id - - outputs - - inputs - required: - - item - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Agent policies - /api/fleet/agent_policies/{agentPolicyId}/outputs: - get: - description: Get list of outputs associated with agent policy by policy id - operationId: '%2Fapi%2Ffleet%2Fagent_policies%2F%7BagentPolicyId%7D%2Foutputs#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - in: path - name: agentPolicyId - required: true - schema: - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - item: - additionalProperties: false - type: object - properties: - agentPolicyId: - type: string - data: - additionalProperties: false - type: object - properties: - integrations: - items: - additionalProperties: false - type: object - properties: - id: - type: string - integrationPolicyName: - type: string - name: - type: string - pkgName: - type: string - type: array - output: - additionalProperties: false - type: object - properties: - id: - type: string - name: - type: string - required: - - id - - name - required: - - output - monitoring: - additionalProperties: false - type: object - properties: - output: - additionalProperties: false - type: object - properties: - id: - type: string - name: - type: string - required: - - id - - name - required: - - output - required: - - monitoring - - data - required: - - item - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Agent policies - /api/fleet/agent_policies/delete: - post: - description: Delete agent policy by ID - operationId: '%2Fapi%2Ffleet%2Fagent_policies%2Fdelete#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - agentPolicyId: - type: string - force: - description: >- - bypass validation checks that can prevent agent policy - deletion - type: boolean - required: - - agentPolicyId - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - id: - type: string - name: - type: string - required: - - id - - name - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Agent policies - /api/fleet/agent_policies/outputs: - post: - description: Get list of outputs associated with agent policies - operationId: '%2Fapi%2Ffleet%2Fagent_policies%2Foutputs#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - ids: - description: list of package policy ids - items: - type: string - type: array - required: - - ids - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - items: - items: - additionalProperties: false - type: object - properties: - agentPolicyId: - type: string - data: - additionalProperties: false - type: object - properties: - integrations: - items: - additionalProperties: false - type: object - properties: - id: - type: string - integrationPolicyName: - type: string - name: - type: string - pkgName: - type: string - type: array - output: - additionalProperties: false - type: object - properties: - id: - type: string - name: - type: string - required: - - id - - name - required: - - output - monitoring: - additionalProperties: false - type: object - properties: - output: - additionalProperties: false - type: object - properties: - id: - type: string - name: - type: string - required: - - id - - name - required: - - output - required: - - monitoring - - data - type: array - required: - - items - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Agent policies - /api/fleet/agent_status: - get: - description: Get agent status summary - operationId: '%2Fapi%2Ffleet%2Fagent_status#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - in: query - name: policyId - required: false - schema: - type: string - - in: query - name: policyIds - required: false - schema: - anyOf: - - items: - type: string - type: array - - type: string - - in: query - name: kuery - required: false - schema: - deprecated: true - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - results: - additionalProperties: false - type: object - properties: - active: - type: number - all: - type: number - error: - type: number - events: - type: number - inactive: - type: number - offline: - type: number - online: - type: number - other: - type: number - total: - deprecated: true - type: number - unenrolled: - type: number - updating: - type: number - required: - - events - - total - - online - - error - - offline - - other - - updating - - inactive - - unenrolled - - all - - active - required: - - results - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Agent status - /api/fleet/agent_status/data: - get: - description: Get incoming agent data - operationId: '%2Fapi%2Ffleet%2Fagent_status%2Fdata#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - in: query - name: agentsIds - required: true - schema: - anyOf: - - items: - type: string - type: array - - type: string - - in: query - name: previewData - required: false - schema: - default: false - type: boolean - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - dataPreview: - items: {} - type: array - items: - items: - additionalProperties: - additionalProperties: false - type: object - properties: - data: - type: boolean - required: - - data - type: object - type: array - required: - - items - - dataPreview - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Agents - /api/fleet/agent-status: - get: - deprecated: true - operationId: '%2Fapi%2Ffleet%2Fagent-status#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - in: query - name: policyId - required: false - schema: - type: string - - in: query - name: policyIds - required: false - schema: - anyOf: - - items: - type: string - type: array - - type: string - - in: query - name: kuery - required: false - schema: - deprecated: true - type: string - responses: {} - summary: '' - tags: [] - /api/fleet/agents: - get: - description: List agents - operationId: '%2Fapi%2Ffleet%2Fagents#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - in: query - name: page - required: false - schema: - default: 1 - type: number - - in: query - name: perPage - required: false - schema: - default: 20 - type: number - - in: query - name: kuery - required: false - schema: - type: string - - in: query - name: showInactive - required: false - schema: - default: false - type: boolean - - in: query - name: withMetrics - required: false - schema: - default: false - type: boolean - - in: query - name: showUpgradeable - required: false - schema: - default: false - type: boolean - - in: query - name: getStatusSummary - required: false - schema: - default: false - type: boolean - - in: query - name: sortField - required: false - schema: - type: string - - in: query - name: sortOrder - required: false - schema: - enum: - - asc - - desc - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - items: - items: - additionalProperties: false - type: object - properties: - access_api_key: - type: string - access_api_key_id: - type: string - active: - type: boolean - agent: - additionalProperties: true - type: object - properties: - id: - type: string - version: - type: string - required: - - id - - version - components: - items: - additionalProperties: false - type: object - properties: - id: - type: string - message: - type: string - status: - enum: - - STARTING - - CONFIGURING - - HEALTHY - - DEGRADED - - FAILED - - STOPPING - - STOPPED - type: string - type: - type: string - units: - items: - additionalProperties: false - type: object - properties: - id: - type: string - message: - type: string - payload: - additionalProperties: {} - type: object - status: - enum: - - STARTING - - CONFIGURING - - HEALTHY - - DEGRADED - - FAILED - - STOPPING - - STOPPED - type: string - type: - enum: - - input - - output - type: string - required: - - id - - type - - status - - message - type: array - required: - - id - - type - - status - - message - type: array - default_api_key: - type: string - default_api_key_history: - items: - additionalProperties: false - deprecated: true - type: object - properties: - id: - type: string - retired_at: - type: string - required: - - id - - retired_at - type: array - default_api_key_id: - type: string - enrolled_at: - type: string - id: - type: string - last_checkin: - type: string - last_checkin_message: - type: string - last_checkin_status: - enum: - - error - - online - - degraded - - updating - - starting - type: string - local_metadata: - additionalProperties: {} - type: object - metrics: - additionalProperties: false - type: object - properties: - cpu_avg: - type: number - memory_size_byte_avg: - type: number - namespaces: - items: - type: string - type: array - outputs: - additionalProperties: - additionalProperties: false - type: object - properties: - api_key_id: - type: string - to_retire_api_key_ids: - items: - additionalProperties: false - type: object - properties: - id: - type: string - retired_at: - type: string - required: - - id - - retired_at - type: array - type: - type: string - required: - - api_key_id - - type - type: object - packages: - items: - type: string - type: array - policy_id: - type: string - policy_revision: - nullable: true - type: number - sort: - items: - anyOf: - - type: number - - type: string - - enum: [] - nullable: true - type: array - status: - enum: - - offline - - error - - online - - inactive - - enrolling - - unenrolling - - unenrolled - - updating - - degraded - type: string - tags: - items: - type: string - type: array - type: - enum: - - PERMANENT - - EPHEMERAL - - TEMPORARY - type: string - unenrolled_at: - type: string - unenrollment_started_at: - type: string - unhealthy_reason: - items: - enum: - - input - - output - - other - type: string - nullable: true - type: array - upgrade_details: - additionalProperties: false - type: object - properties: - action_id: - type: string - metadata: - additionalProperties: false - type: object - properties: - download_percent: - type: number - download_rate: - type: number - error_msg: - type: string - failed_state: - enum: - - UPG_REQUESTED - - UPG_SCHEDULED - - UPG_DOWNLOADING - - UPG_EXTRACTING - - UPG_REPLACING - - UPG_RESTARTING - - UPG_FAILED - - UPG_WATCHING - - UPG_ROLLBACK - type: string - retry_error_msg: - type: string - retry_until: - type: string - scheduled_at: - type: string - state: - enum: - - UPG_REQUESTED - - UPG_SCHEDULED - - UPG_DOWNLOADING - - UPG_EXTRACTING - - UPG_REPLACING - - UPG_RESTARTING - - UPG_FAILED - - UPG_WATCHING - - UPG_ROLLBACK - type: string - target_version: - type: string - required: - - target_version - - action_id - - state - upgrade_started_at: - nullable: true - type: string - upgraded_at: - nullable: true - type: string - user_provided_metadata: - additionalProperties: {} - type: object - required: - - id - - packages - - type - - active - - enrolled_at - - local_metadata - type: array - list: - deprecated: true - items: - additionalProperties: false - type: object - properties: - access_api_key: - type: string - access_api_key_id: - type: string - active: - type: boolean - agent: - additionalProperties: true - type: object - properties: - id: - type: string - version: - type: string - required: - - id - - version - components: - items: - additionalProperties: false - type: object - properties: - id: - type: string - message: - type: string - status: - enum: - - STARTING - - CONFIGURING - - HEALTHY - - DEGRADED - - FAILED - - STOPPING - - STOPPED - type: string - type: - type: string - units: - items: - additionalProperties: false - type: object - properties: - id: - type: string - message: - type: string - payload: - additionalProperties: {} - type: object - status: - enum: - - STARTING - - CONFIGURING - - HEALTHY - - DEGRADED - - FAILED - - STOPPING - - STOPPED - type: string - type: - enum: - - input - - output - type: string - required: - - id - - type - - status - - message - type: array - required: - - id - - type - - status - - message - type: array - default_api_key: - type: string - default_api_key_history: - items: - additionalProperties: false - deprecated: true - type: object - properties: - id: - type: string - retired_at: - type: string - required: - - id - - retired_at - type: array - default_api_key_id: - type: string - enrolled_at: - type: string - id: - type: string - last_checkin: - type: string - last_checkin_message: - type: string - last_checkin_status: - enum: - - error - - online - - degraded - - updating - - starting - type: string - local_metadata: - additionalProperties: {} - type: object - metrics: - additionalProperties: false - type: object - properties: - cpu_avg: - type: number - memory_size_byte_avg: - type: number - namespaces: - items: - type: string - type: array - outputs: - additionalProperties: - additionalProperties: false - type: object - properties: - api_key_id: - type: string - to_retire_api_key_ids: - items: - additionalProperties: false - type: object - properties: - id: - type: string - retired_at: - type: string - required: - - id - - retired_at - type: array - type: - type: string - required: - - api_key_id - - type - type: object - packages: - items: - type: string - type: array - policy_id: - type: string - policy_revision: - nullable: true - type: number - sort: - items: - anyOf: - - type: number - - type: string - - enum: [] - nullable: true - type: array - status: - enum: - - offline - - error - - online - - inactive - - enrolling - - unenrolling - - unenrolled - - updating - - degraded - type: string - tags: - items: - type: string - type: array - type: - enum: - - PERMANENT - - EPHEMERAL - - TEMPORARY - type: string - unenrolled_at: - type: string - unenrollment_started_at: - type: string - unhealthy_reason: - items: - enum: - - input - - output - - other - type: string - nullable: true - type: array - upgrade_details: - additionalProperties: false - type: object - properties: - action_id: - type: string - metadata: - additionalProperties: false - type: object - properties: - download_percent: - type: number - download_rate: - type: number - error_msg: - type: string - failed_state: - enum: - - UPG_REQUESTED - - UPG_SCHEDULED - - UPG_DOWNLOADING - - UPG_EXTRACTING - - UPG_REPLACING - - UPG_RESTARTING - - UPG_FAILED - - UPG_WATCHING - - UPG_ROLLBACK - type: string - retry_error_msg: - type: string - retry_until: - type: string - scheduled_at: - type: string - state: - enum: - - UPG_REQUESTED - - UPG_SCHEDULED - - UPG_DOWNLOADING - - UPG_EXTRACTING - - UPG_REPLACING - - UPG_RESTARTING - - UPG_FAILED - - UPG_WATCHING - - UPG_ROLLBACK - type: string - target_version: - type: string - required: - - target_version - - action_id - - state - upgrade_started_at: - nullable: true - type: string - upgraded_at: - nullable: true - type: string - user_provided_metadata: - additionalProperties: {} - type: object - required: - - id - - packages - - type - - active - - enrolled_at - - local_metadata - type: array - page: - type: number - perPage: - type: number - statusSummary: - additionalProperties: - type: number - type: object - total: - type: number - required: - - items - - total - - page - - perPage - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Agents - post: - description: List agents by action ids - operationId: '%2Fapi%2Ffleet%2Fagents#1' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - actionIds: - items: - type: string - type: array - required: - - actionIds - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - items: - items: - type: string - type: array - required: - - items - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Agents - /api/fleet/agents/{agentId}: - delete: - description: Delete agent by ID - operationId: '%2Fapi%2Ffleet%2Fagents%2F%7BagentId%7D#2' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - in: path - name: agentId - required: true - schema: - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - action: - enum: - - deleted - type: string - required: - - action - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Agents - get: - description: Get agent by ID - operationId: '%2Fapi%2Ffleet%2Fagents%2F%7BagentId%7D#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - in: path - name: agentId - required: true - schema: - type: string - - in: query - name: withMetrics - required: false - schema: - default: false - type: boolean - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - item: - additionalProperties: false - type: object - properties: - access_api_key: - type: string - access_api_key_id: - type: string - active: - type: boolean - agent: - additionalProperties: true - type: object - properties: - id: - type: string - version: - type: string - required: - - id - - version - components: - items: - additionalProperties: false - type: object - properties: - id: - type: string - message: - type: string - status: - enum: - - STARTING - - CONFIGURING - - HEALTHY - - DEGRADED - - FAILED - - STOPPING - - STOPPED - type: string - type: - type: string - units: - items: - additionalProperties: false - type: object - properties: - id: - type: string - message: - type: string - payload: - additionalProperties: {} - type: object - status: - enum: - - STARTING - - CONFIGURING - - HEALTHY - - DEGRADED - - FAILED - - STOPPING - - STOPPED - type: string - type: - enum: - - input - - output - type: string - required: - - id - - type - - status - - message - type: array - required: - - id - - type - - status - - message - type: array - default_api_key: - type: string - default_api_key_history: - items: - additionalProperties: false - deprecated: true - type: object - properties: - id: - type: string - retired_at: - type: string - required: - - id - - retired_at - type: array - default_api_key_id: - type: string - enrolled_at: - type: string - id: - type: string - last_checkin: - type: string - last_checkin_message: - type: string - last_checkin_status: - enum: - - error - - online - - degraded - - updating - - starting - type: string - local_metadata: - additionalProperties: {} - type: object - metrics: - additionalProperties: false - type: object - properties: - cpu_avg: - type: number - memory_size_byte_avg: - type: number - namespaces: - items: - type: string - type: array - outputs: - additionalProperties: - additionalProperties: false - type: object - properties: - api_key_id: - type: string - to_retire_api_key_ids: - items: - additionalProperties: false - type: object - properties: - id: - type: string - retired_at: - type: string - required: - - id - - retired_at - type: array - type: - type: string - required: - - api_key_id - - type - type: object - packages: - items: - type: string - type: array - policy_id: - type: string - policy_revision: - nullable: true - type: number - sort: - items: - anyOf: - - type: number - - type: string - - enum: [] - nullable: true - type: array - status: - enum: - - offline - - error - - online - - inactive - - enrolling - - unenrolling - - unenrolled - - updating - - degraded - type: string - tags: - items: - type: string - type: array - type: - enum: - - PERMANENT - - EPHEMERAL - - TEMPORARY - type: string - unenrolled_at: - type: string - unenrollment_started_at: - type: string - unhealthy_reason: - items: - enum: - - input - - output - - other - type: string - nullable: true - type: array - upgrade_details: - additionalProperties: false - type: object - properties: - action_id: - type: string - metadata: - additionalProperties: false - type: object - properties: - download_percent: - type: number - download_rate: - type: number - error_msg: - type: string - failed_state: - enum: - - UPG_REQUESTED - - UPG_SCHEDULED - - UPG_DOWNLOADING - - UPG_EXTRACTING - - UPG_REPLACING - - UPG_RESTARTING - - UPG_FAILED - - UPG_WATCHING - - UPG_ROLLBACK - type: string - retry_error_msg: - type: string - retry_until: - type: string - scheduled_at: - type: string - state: - enum: - - UPG_REQUESTED - - UPG_SCHEDULED - - UPG_DOWNLOADING - - UPG_EXTRACTING - - UPG_REPLACING - - UPG_RESTARTING - - UPG_FAILED - - UPG_WATCHING - - UPG_ROLLBACK - type: string - target_version: - type: string - required: - - target_version - - action_id - - state - upgrade_started_at: - nullable: true - type: string - upgraded_at: - nullable: true - type: string - user_provided_metadata: - additionalProperties: {} - type: object - required: - - id - - packages - - type - - active - - enrolled_at - - local_metadata - required: - - item - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Agents - put: - description: Update agent by ID - operationId: '%2Fapi%2Ffleet%2Fagents%2F%7BagentId%7D#1' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - in: path - name: agentId - required: true - schema: - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - tags: - items: - type: string - type: array - user_provided_metadata: - additionalProperties: {} - type: object - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - item: - additionalProperties: false - type: object - properties: - access_api_key: - type: string - access_api_key_id: - type: string - active: - type: boolean - agent: - additionalProperties: true - type: object - properties: - id: - type: string - version: - type: string - required: - - id - - version - components: - items: - additionalProperties: false - type: object - properties: - id: - type: string - message: - type: string - status: - enum: - - STARTING - - CONFIGURING - - HEALTHY - - DEGRADED - - FAILED - - STOPPING - - STOPPED - type: string - type: - type: string - units: - items: - additionalProperties: false - type: object - properties: - id: - type: string - message: - type: string - payload: - additionalProperties: {} - type: object - status: - enum: - - STARTING - - CONFIGURING - - HEALTHY - - DEGRADED - - FAILED - - STOPPING - - STOPPED - type: string - type: - enum: - - input - - output - type: string - required: - - id - - type - - status - - message - type: array - required: - - id - - type - - status - - message - type: array - default_api_key: - type: string - default_api_key_history: - items: - additionalProperties: false - deprecated: true - type: object - properties: - id: - type: string - retired_at: - type: string - required: - - id - - retired_at - type: array - default_api_key_id: - type: string - enrolled_at: - type: string - id: - type: string - last_checkin: - type: string - last_checkin_message: - type: string - last_checkin_status: - enum: - - error - - online - - degraded - - updating - - starting - type: string - local_metadata: - additionalProperties: {} - type: object - metrics: - additionalProperties: false - type: object - properties: - cpu_avg: - type: number - memory_size_byte_avg: - type: number - namespaces: - items: - type: string - type: array - outputs: - additionalProperties: - additionalProperties: false - type: object - properties: - api_key_id: - type: string - to_retire_api_key_ids: - items: - additionalProperties: false - type: object - properties: - id: - type: string - retired_at: - type: string - required: - - id - - retired_at - type: array - type: - type: string - required: - - api_key_id - - type - type: object - packages: - items: - type: string - type: array - policy_id: - type: string - policy_revision: - nullable: true - type: number - sort: - items: - anyOf: - - type: number - - type: string - - enum: [] - nullable: true - type: array - status: - enum: - - offline - - error - - online - - inactive - - enrolling - - unenrolling - - unenrolled - - updating - - degraded - type: string - tags: - items: - type: string - type: array - type: - enum: - - PERMANENT - - EPHEMERAL - - TEMPORARY - type: string - unenrolled_at: - type: string - unenrollment_started_at: - type: string - unhealthy_reason: - items: - enum: - - input - - output - - other - type: string - nullable: true - type: array - upgrade_details: - additionalProperties: false - type: object - properties: - action_id: - type: string - metadata: - additionalProperties: false - type: object - properties: - download_percent: - type: number - download_rate: - type: number - error_msg: - type: string - failed_state: - enum: - - UPG_REQUESTED - - UPG_SCHEDULED - - UPG_DOWNLOADING - - UPG_EXTRACTING - - UPG_REPLACING - - UPG_RESTARTING - - UPG_FAILED - - UPG_WATCHING - - UPG_ROLLBACK - type: string - retry_error_msg: - type: string - retry_until: - type: string - scheduled_at: - type: string - state: - enum: - - UPG_REQUESTED - - UPG_SCHEDULED - - UPG_DOWNLOADING - - UPG_EXTRACTING - - UPG_REPLACING - - UPG_RESTARTING - - UPG_FAILED - - UPG_WATCHING - - UPG_ROLLBACK - type: string - target_version: - type: string - required: - - target_version - - action_id - - state - upgrade_started_at: - nullable: true - type: string - upgraded_at: - nullable: true - type: string - user_provided_metadata: - additionalProperties: {} - type: object - required: - - id - - packages - - type - - active - - enrolled_at - - local_metadata - required: - - item - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Agents - /api/fleet/agents/{agentId}/actions: - post: - description: Create agent action - operationId: '%2Fapi%2Ffleet%2Fagents%2F%7BagentId%7D%2Factions#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - in: path - name: agentId - required: true - schema: - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - action: - anyOf: - - additionalProperties: false - type: object - properties: - ack_data: {} - data: {} - type: - enum: - - UNENROLL - - UPGRADE - - POLICY_REASSIGN - type: string - required: - - type - - data - - ack_data - - additionalProperties: false - type: object - properties: - data: - additionalProperties: false - type: object - properties: - log_level: - enum: - - debug - - info - - warning - - error - nullable: true - type: string - required: - - log_level - type: - enum: - - SETTINGS - type: string - required: - - type - - data - required: - - action - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - item: - additionalProperties: false - type: object - properties: - ack_data: {} - agents: - items: - type: string - type: array - created_at: - type: string - data: {} - expiration: - type: string - id: - type: string - minimum_execution_duration: - type: number - namespaces: - items: - type: string - type: array - rollout_duration_seconds: - type: number - sent_at: - type: string - source_uri: - type: string - start_time: - type: string - total: - type: number - type: - type: string - required: - - id - - type - - data - - created_at - - ack_data - - agents - required: - - item - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Agent actions - /api/fleet/agents/{agentId}/reassign: - post: - description: Reassign agent - operationId: '%2Fapi%2Ffleet%2Fagents%2F%7BagentId%7D%2Freassign#1' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - in: path - name: agentId - required: true - schema: - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - policy_id: - type: string - required: - - policy_id - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: {} - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Agent actions - put: - deprecated: true - operationId: '%2Fapi%2Ffleet%2Fagents%2F%7BagentId%7D%2Freassign#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - in: path - name: agentId - required: true - schema: - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - policy_id: - type: string - required: - - policy_id - responses: {} - summary: '' - tags: [] - /api/fleet/agents/{agentId}/request_diagnostics: - post: - description: Request agent diagnostics - operationId: '%2Fapi%2Ffleet%2Fagents%2F%7BagentId%7D%2Frequest_diagnostics#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - in: path - name: agentId - required: true - schema: - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - nullable: true - type: object - properties: - additional_metrics: - items: - enum: - - CPU - type: string - type: array - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - actionId: - type: string - required: - - actionId - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Agent actions - /api/fleet/agents/{agentId}/unenroll: - post: - description: Unenroll agent - operationId: '%2Fapi%2Ffleet%2Fagents%2F%7BagentId%7D%2Funenroll#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - in: path - name: agentId - required: true - schema: - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - nullable: true - type: object - properties: - force: - type: boolean - revoke: - type: boolean - responses: {} - summary: '' - tags: - - Elastic Agent actions - /api/fleet/agents/{agentId}/upgrade: - post: - description: Upgrade agent - operationId: '%2Fapi%2Ffleet%2Fagents%2F%7BagentId%7D%2Fupgrade#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - in: path - name: agentId - required: true - schema: - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - force: - type: boolean - skipRateLimitCheck: - type: boolean - source_uri: - type: string - version: - type: string - required: - - version - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: {} - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Agent actions - /api/fleet/agents/{agentId}/uploads: - get: - description: List agent uploads - operationId: '%2Fapi%2Ffleet%2Fagents%2F%7BagentId%7D%2Fuploads#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - in: path - name: agentId - required: true - schema: - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - items: - items: - additionalProperties: false - type: object - properties: - actionId: - type: string - createTime: - type: string - error: - type: string - filePath: - type: string - id: - type: string - name: - type: string - status: - enum: - - READY - - AWAITING_UPLOAD - - DELETED - - EXPIRED - - IN_PROGRESS - - FAILED - type: string - required: - - id - - name - - filePath - - createTime - - status - - actionId - type: array - required: - - items - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Agents - /api/fleet/agents/action_status: - get: - description: Get agent action status - operationId: '%2Fapi%2Ffleet%2Fagents%2Faction_status#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - in: query - name: page - required: false - schema: - default: 0 - type: number - - in: query - name: perPage - required: false - schema: - default: 20 - type: number - - in: query - name: date - required: false - schema: - type: string - - in: query - name: latest - required: false - schema: - type: number - - in: query - name: errorSize - required: false - schema: - default: 5 - type: number - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - items: - items: - additionalProperties: false - type: object - properties: - actionId: - type: string - cancellationTime: - type: string - completionTime: - type: string - creationTime: - description: creation time of action - type: string - expiration: - type: string - hasRolloutPeriod: - type: boolean - latestErrors: - items: - additionalProperties: false - description: >- - latest errors that happened when the agents - executed the action - type: object - properties: - agentId: - type: string - error: - type: string - hostname: - type: string - timestamp: - type: string - required: - - agentId - - error - - timestamp - type: array - nbAgentsAck: - description: number of agents that acknowledged the action - type: number - nbAgentsActionCreated: - description: number of agents included in action from kibana - type: number - nbAgentsActioned: - description: number of agents actioned - type: number - nbAgentsFailed: - description: number of agents that failed to execute the action - type: number - newPolicyId: - description: new policy id (POLICY_REASSIGN action) - type: string - policyId: - description: policy id (POLICY_CHANGE action) - type: string - revision: - description: new policy revision (POLICY_CHANGE action) - type: number - startTime: - description: start time of action (scheduled actions) - type: string - status: - enum: - - COMPLETE - - EXPIRED - - CANCELLED - - FAILED - - IN_PROGRESS - - ROLLOUT_PASSED - type: string - type: - enum: - - UPGRADE - - UNENROLL - - SETTINGS - - POLICY_REASSIGN - - CANCEL - - FORCE_UNENROLL - - REQUEST_DIAGNOSTICS - - UPDATE_TAGS - - POLICY_CHANGE - - INPUT_ACTION - type: string - version: - description: agent version number (UPGRADE action) - type: string - required: - - actionId - - nbAgentsActionCreated - - nbAgentsAck - - nbAgentsFailed - - type - - nbAgentsActioned - - status - - creationTime - type: array - required: - - items - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Agent actions - /api/fleet/agents/actions/{actionId}/cancel: - post: - description: Cancel agent action - operationId: '%2Fapi%2Ffleet%2Fagents%2Factions%2F%7BactionId%7D%2Fcancel#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - in: path - name: actionId - required: true - schema: - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - item: - additionalProperties: false - type: object - properties: - ack_data: {} - agents: - items: - type: string - type: array - created_at: - type: string - data: {} - expiration: - type: string - id: - type: string - minimum_execution_duration: - type: number - namespaces: - items: - type: string - type: array - rollout_duration_seconds: - type: number - sent_at: - type: string - source_uri: - type: string - start_time: - type: string - total: - type: number - type: - type: string - required: - - id - - type - - data - - created_at - - ack_data - - agents - required: - - item - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Agent actions - /api/fleet/agents/available_versions: - get: - description: Get available agent versions - operationId: '%2Fapi%2Ffleet%2Fagents%2Favailable_versions#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - items: - items: - type: string - type: array - required: - - items - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Agents - /api/fleet/agents/bulk_reassign: - post: - description: Bulk reassign agents - operationId: '%2Fapi%2Ffleet%2Fagents%2Fbulk_reassign#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - agents: - anyOf: - - items: - type: string - type: array - - type: string - batchSize: - type: number - includeInactive: - default: false - type: boolean - policy_id: - type: string - required: - - policy_id - - agents - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - actionId: - type: string - required: - - actionId - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Agent actions - /api/fleet/agents/bulk_request_diagnostics: - post: - description: Bulk request diagnostics from agents - operationId: '%2Fapi%2Ffleet%2Fagents%2Fbulk_request_diagnostics#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - additional_metrics: - items: - enum: - - CPU - type: string - type: array - agents: - anyOf: - - items: - type: string - type: array - - type: string - batchSize: - type: number - required: - - agents - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - actionId: - type: string - required: - - actionId - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Agent actions - /api/fleet/agents/bulk_unenroll: - post: - description: Bulk unenroll agents - operationId: '%2Fapi%2Ffleet%2Fagents%2Fbulk_unenroll#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - agents: - anyOf: - - items: - description: KQL query string, leave empty to action all agents - type: string - type: array - - description: list of agent IDs - type: string - batchSize: - type: number - force: - description: Unenrolls hosted agents too - type: boolean - includeInactive: - description: >- - When passing agents by KQL query, unenrolls inactive agents - too - type: boolean - revoke: - description: Revokes API keys of agents - type: boolean - required: - - agents - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - actionId: - type: string - required: - - actionId - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Agent actions - /api/fleet/agents/bulk_update_agent_tags: - post: - description: Bulk update agent tags - operationId: '%2Fapi%2Ffleet%2Fagents%2Fbulk_update_agent_tags#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - agents: - anyOf: - - items: - type: string - type: array - - type: string - batchSize: - type: number - includeInactive: - default: false - type: boolean - tagsToAdd: - items: - type: string - type: array - tagsToRemove: - items: - type: string - type: array - required: - - agents - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - actionId: - type: string - required: - - actionId - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Agent actions - /api/fleet/agents/bulk_upgrade: - post: - description: Bulk upgrade agents - operationId: '%2Fapi%2Ffleet%2Fagents%2Fbulk_upgrade#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - agents: - anyOf: - - items: - type: string - type: array - - type: string - batchSize: - type: number - force: - type: boolean - includeInactive: - default: false - type: boolean - rollout_duration_seconds: - minimum: 600 - type: number - skipRateLimitCheck: - type: boolean - source_uri: - type: string - start_time: - type: string - version: - type: string - required: - - agents - - version - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - actionId: - type: string - required: - - actionId - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Agent actions - /api/fleet/agents/files/{fileId}: - delete: - description: Delete file uploaded by agent - operationId: '%2Fapi%2Ffleet%2Fagents%2Ffiles%2F%7BfileId%7D#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - in: path - name: fileId - required: true - schema: - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - deleted: - type: boolean - id: - type: string - required: - - id - - deleted - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Agents - /api/fleet/agents/files/{fileId}/{fileName}: - get: - description: Get file uploaded by agent - operationId: '%2Fapi%2Ffleet%2Fagents%2Ffiles%2F%7BfileId%7D%2F%7BfileName%7D#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - in: path - name: fileId - required: true - schema: - type: string - - in: path - name: fileName - required: true - schema: - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Agents - /api/fleet/agents/setup: - get: - description: Get agent setup info - operationId: '%2Fapi%2Ffleet%2Fagents%2Fsetup#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: >- - A summary of the agent setup status. `isReady` indicates - whether the setup is ready. If the setup is not ready, - `missing_requirements` lists which requirements are missing. - type: object - properties: - is_secrets_storage_enabled: - type: boolean - is_space_awareness_enabled: - type: boolean - isReady: - type: boolean - missing_optional_features: - items: - enum: - - encrypted_saved_object_encryption_key_required - type: string - type: array - missing_requirements: - items: - enum: - - security_required - - tls_required - - api_keys - - fleet_admin_user - - fleet_server - type: string - type: array - package_verification_key_id: - type: string - required: - - isReady - - missing_requirements - - missing_optional_features - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Agents - post: - description: Initiate agent setup - operationId: '%2Fapi%2Ffleet%2Fagents%2Fsetup#1' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: >- - A summary of the result of Fleet's `setup` lifecycle. If - `isInitialized` is true, Fleet is ready to accept agent - enrollment. `nonFatalErrors` may include useful insight into - non-blocking issues with Fleet setup. - type: object - properties: - isInitialized: - type: boolean - nonFatalErrors: - items: - additionalProperties: false - type: object - properties: - message: - type: string - name: - type: string - required: - - name - - message - type: array - required: - - isInitialized - - nonFatalErrors - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Agents - /api/fleet/agents/tags: - get: - description: List agent tags - operationId: '%2Fapi%2Ffleet%2Fagents%2Ftags#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - in: query - name: kuery - required: false - schema: - type: string - - in: query - name: showInactive - required: false - schema: - default: false - type: boolean - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - items: - items: - type: string - type: array - required: - - items - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Agents - /api/fleet/check-permissions: - get: - description: Check permissions - operationId: '%2Fapi%2Ffleet%2Fcheck-permissions#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - in: query - name: fleetServerSetup - required: false - schema: - type: boolean - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - error: - enum: - - MISSING_SECURITY - - MISSING_PRIVILEGES - - MISSING_FLEET_SERVER_SETUP_PRIVILEGES - type: string - success: - type: boolean - required: - - success - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Fleet internals - /api/fleet/data_streams: - get: - description: List data streams - operationId: '%2Fapi%2Ffleet%2Fdata_streams#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - data_streams: - items: - additionalProperties: false - type: object - properties: - dashboards: - items: - additionalProperties: false - type: object - properties: - id: - type: string - title: - type: string - required: - - id - - title - type: array - dataset: - type: string - index: - type: string - last_activity_ms: - type: number - namespace: - type: string - package: - type: string - package_version: - type: string - serviceDetails: - additionalProperties: false - nullable: true - type: object - properties: - environment: - type: string - serviceName: - type: string - required: - - environment - - serviceName - size_in_bytes: - type: number - size_in_bytes_formatted: - anyOf: - - type: number - - type: string - type: - type: string - required: - - index - - dataset - - namespace - - type - - package - - package_version - - last_activity_ms - - size_in_bytes - - size_in_bytes_formatted - - dashboards - - serviceDetails - type: array - required: - - data_streams - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Data streams - /api/fleet/enrollment_api_keys: - get: - description: List enrollment API keys - operationId: '%2Fapi%2Ffleet%2Fenrollment_api_keys#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - in: query - name: page - required: false - schema: - default: 1 - type: number - - in: query - name: perPage - required: false - schema: - default: 20 - type: number - - in: query - name: kuery - required: false - schema: - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - items: - items: - additionalProperties: false - type: object - properties: - active: - description: >- - When false, the enrollment API key is revoked and - cannot be used for enrolling Elastic Agents. - type: boolean - api_key: - description: >- - The enrollment API key (token) used for enrolling - Elastic Agents. - type: string - api_key_id: - description: The ID of the API key in the Security API. - type: string - created_at: - type: string - id: - type: string - name: - description: The name of the enrollment API key. - type: string - policy_id: - description: >- - The ID of the agent policy the Elastic Agent will be - enrolled in. - type: string - required: - - id - - api_key_id - - api_key - - active - - created_at - type: array - list: - deprecated: true - items: - additionalProperties: false - type: object - properties: - active: - description: >- - When false, the enrollment API key is revoked and - cannot be used for enrolling Elastic Agents. - type: boolean - api_key: - description: >- - The enrollment API key (token) used for enrolling - Elastic Agents. - type: string - api_key_id: - description: The ID of the API key in the Security API. - type: string - created_at: - type: string - id: - type: string - name: - description: The name of the enrollment API key. - type: string - policy_id: - description: >- - The ID of the agent policy the Elastic Agent will be - enrolled in. - type: string - required: - - id - - api_key_id - - api_key - - active - - created_at - type: array - page: - type: number - perPage: - type: number - total: - type: number - required: - - items - - total - - page - - perPage - - list - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Fleet enrollment API keys - post: - description: Create enrollment API key - operationId: '%2Fapi%2Ffleet%2Fenrollment_api_keys#1' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - expiration: - type: string - name: - type: string - policy_id: - type: string - required: - - policy_id - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - action: - enum: - - created - type: string - item: - additionalProperties: false - type: object - properties: - active: - description: >- - When false, the enrollment API key is revoked and - cannot be used for enrolling Elastic Agents. - type: boolean - api_key: - description: >- - The enrollment API key (token) used for enrolling - Elastic Agents. - type: string - api_key_id: - description: The ID of the API key in the Security API. - type: string - created_at: - type: string - id: - type: string - name: - description: The name of the enrollment API key. - type: string - policy_id: - description: >- - The ID of the agent policy the Elastic Agent will be - enrolled in. - type: string - required: - - id - - api_key_id - - api_key - - active - - created_at - required: - - item - - action - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Fleet enrollment API keys - /api/fleet/enrollment_api_keys/{keyId}: - delete: - description: Revoke enrollment API key by ID by marking it as inactive - operationId: '%2Fapi%2Ffleet%2Fenrollment_api_keys%2F%7BkeyId%7D#1' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - in: path - name: keyId - required: true - schema: - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - action: - enum: - - deleted - type: string - required: - - action - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Fleet enrollment API keys - get: - description: Get enrollment API key by ID - operationId: '%2Fapi%2Ffleet%2Fenrollment_api_keys%2F%7BkeyId%7D#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - in: path - name: keyId - required: true - schema: - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - item: - additionalProperties: false - type: object - properties: - active: - description: >- - When false, the enrollment API key is revoked and - cannot be used for enrolling Elastic Agents. - type: boolean - api_key: - description: >- - The enrollment API key (token) used for enrolling - Elastic Agents. - type: string - api_key_id: - description: The ID of the API key in the Security API. - type: string - created_at: - type: string - id: - type: string - name: - description: The name of the enrollment API key. - type: string - policy_id: - description: >- - The ID of the agent policy the Elastic Agent will be - enrolled in. - type: string - required: - - id - - api_key_id - - api_key - - active - - created_at - required: - - item - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Fleet enrollment API keys - /api/fleet/enrollment-api-keys: - get: - deprecated: true - operationId: '%2Fapi%2Ffleet%2Fenrollment-api-keys#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - in: query - name: page - required: false - schema: - default: 1 - type: number - - in: query - name: perPage - required: false - schema: - default: 20 - type: number - - in: query - name: kuery - required: false - schema: - type: string - responses: {} - summary: '' - tags: [] - post: - deprecated: true - operationId: '%2Fapi%2Ffleet%2Fenrollment-api-keys#1' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - expiration: - type: string - name: - type: string - policy_id: - type: string - required: - - policy_id - responses: {} - summary: '' - tags: [] - /api/fleet/enrollment-api-keys/{keyId}: - delete: - deprecated: true - operationId: '%2Fapi%2Ffleet%2Fenrollment-api-keys%2F%7BkeyId%7D#1' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - in: path - name: keyId - required: true - schema: - type: string - responses: {} - summary: '' - tags: [] - get: - deprecated: true - operationId: '%2Fapi%2Ffleet%2Fenrollment-api-keys%2F%7BkeyId%7D#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - in: path - name: keyId - required: true - schema: - type: string - responses: {} - summary: '' - tags: [] - /api/fleet/epm/bulk_assets: - post: - description: Bulk get assets - operationId: '%2Fapi%2Ffleet%2Fepm%2Fbulk_assets#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - assetIds: - items: - additionalProperties: false - type: object - properties: - id: - type: string - type: - type: string - required: - - id - - type - type: array - required: - - assetIds - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - items: - items: - additionalProperties: false - type: object - properties: - appLink: - type: string - attributes: - additionalProperties: false - type: object - properties: - description: - type: string - service: - type: string - title: - type: string - id: - type: string - type: - type: string - updatedAt: - type: string - required: - - id - - type - - attributes - type: array - required: - - items - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Package Manager (EPM) - /api/fleet/epm/categories: - get: - description: List package categories - operationId: '%2Fapi%2Ffleet%2Fepm%2Fcategories#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - in: query - name: prerelease - required: false - schema: - type: boolean - - in: query - name: experimental - required: false - schema: - type: boolean - - in: query - name: include_policy_templates - required: false - schema: - type: boolean - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - items: - items: - additionalProperties: false - type: object - properties: - count: - type: number - id: - type: string - parent_id: - type: string - parent_title: - type: string - title: - type: string - required: - - id - - title - - count - type: array - response: - items: - additionalProperties: false - deprecated: true - type: object - properties: - count: - type: number - id: - type: string - parent_id: - type: string - parent_title: - type: string - title: - type: string - required: - - id - - title - - count - type: array - required: - - items - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Package Manager (EPM) - /api/fleet/epm/custom_integrations: - post: - description: Create custom integration - operationId: '%2Fapi%2Ffleet%2Fepm%2Fcustom_integrations#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - datasets: - items: - additionalProperties: false - type: object - properties: - name: - type: string - type: - enum: - - logs - - metrics - - traces - - synthetics - - profiling - type: string - required: - - name - - type - type: array - force: - type: boolean - integrationName: - type: string - required: - - integrationName - - datasets - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - _meta: - additionalProperties: false - type: object - properties: - install_source: - type: string - required: - - install_source - items: - items: - anyOf: - - additionalProperties: false - type: object - properties: - id: - type: string - originId: - type: string - type: - enum: - - dashboard - - lens - - visualization - - search - - index-pattern - - map - - ml-module - - security-rule - - csp-rule-template - - osquery-pack-asset - - osquery-saved-query - - tag - type: string - required: - - id - - type - - additionalProperties: false - type: object - properties: - deferred: - type: boolean - id: - type: string - type: - enum: - - index - - index_template - - component_template - - ingest_pipeline - - ilm_policy - - data_stream_ilm_policy - - transform - - ml_model - type: string - version: - type: string - required: - - id - - type - type: array - response: - deprecated: true - items: - anyOf: - - additionalProperties: false - type: object - properties: - id: - type: string - originId: - type: string - type: - enum: - - dashboard - - lens - - visualization - - search - - index-pattern - - map - - ml-module - - security-rule - - csp-rule-template - - osquery-pack-asset - - osquery-saved-query - - tag - type: string - required: - - id - - type - - additionalProperties: false - type: object - properties: - deferred: - type: boolean - id: - type: string - type: - enum: - - index - - index_template - - component_template - - ingest_pipeline - - ilm_policy - - data_stream_ilm_policy - - transform - - ml_model - type: string - version: - type: string - required: - - id - - type - type: array - required: - - items - - _meta - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Package Manager (EPM) - /api/fleet/epm/data_streams: - get: - description: List data streams - operationId: '%2Fapi%2Ffleet%2Fepm%2Fdata_streams#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - in: query - name: type - required: false - schema: - enum: - - logs - - metrics - - traces - - synthetics - - profiling - type: string - - in: query - name: datasetQuery - required: false - schema: - type: string - - in: query - name: sortOrder - required: false - schema: - default: asc - enum: - - asc - - desc - type: string - - in: query - name: uncategorisedOnly - required: false - schema: - default: false - type: boolean - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - items: - items: - additionalProperties: false - type: object - properties: - name: - type: string - required: - - name - type: array - required: - - items - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Data streams - /api/fleet/epm/packages: - get: - description: List packages - operationId: '%2Fapi%2Ffleet%2Fepm%2Fpackages#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - in: query - name: category - required: false - schema: - type: string - - in: query - name: prerelease - required: false - schema: - type: boolean - - in: query - name: experimental - required: false - schema: - type: boolean - - in: query - name: excludeInstallStatus - required: false - schema: - type: boolean - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - items: - items: - additionalProperties: true - type: object - properties: - categories: - items: - type: string - type: array - conditions: - additionalProperties: true - type: object - properties: - elastic: - additionalProperties: true - type: object - properties: - capabilities: - items: - type: string - type: array - subscription: - type: string - kibana: - additionalProperties: true - type: object - properties: - version: - type: string - data_streams: - items: - additionalProperties: {} - type: object - type: array - description: - type: string - discovery: - additionalProperties: true - type: object - properties: - fields: - items: - additionalProperties: true - type: object - properties: - name: - type: string - required: - - name - type: array - download: - type: string - format_version: - type: string - icons: - items: - additionalProperties: true - type: object - properties: - dark_mode: - type: boolean - path: - type: string - size: - type: string - src: - type: string - title: - type: string - type: - type: string - required: - - src - type: array - id: - type: string - installationInfo: - additionalProperties: true - type: object - properties: - additional_spaces_installed_kibana: - additionalProperties: - items: - additionalProperties: true - type: object - properties: - id: - type: string - originId: - type: string - type: - enum: - - dashboard - - lens - - visualization - - search - - index-pattern - - map - - ml-module - - security-rule - - csp-rule-template - - osquery-pack-asset - - osquery-saved-query - - tag - type: string - required: - - id - - type - type: array - type: object - created_at: - type: string - experimental_data_stream_features: - items: - additionalProperties: true - type: object - properties: - data_stream: - type: string - features: - additionalProperties: true - type: object - properties: - doc_value_only_numeric: - type: boolean - doc_value_only_other: - type: boolean - synthetic_source: - type: boolean - tsdb: - type: boolean - required: - - data_stream - - features - type: array - install_format_schema_version: - type: string - install_source: - enum: - - registry - - upload - - bundled - - custom - type: string - install_status: - enum: - - installed - - installing - - install_failed - type: string - installed_es: - items: - additionalProperties: true - type: object - properties: - deferred: - type: boolean - id: - type: string - type: - enum: - - index - - index_template - - component_template - - ingest_pipeline - - ilm_policy - - data_stream_ilm_policy - - transform - - ml_model - type: string - version: - type: string - required: - - id - - type - type: array - installed_kibana: - items: - additionalProperties: true - type: object - properties: - id: - type: string - originId: - type: string - type: - enum: - - dashboard - - lens - - visualization - - search - - index-pattern - - map - - ml-module - - security-rule - - csp-rule-template - - osquery-pack-asset - - osquery-saved-query - - tag - type: string - required: - - id - - type - type: array - installed_kibana_space_id: - type: string - latest_executed_state: - additionalProperties: true - type: object - properties: - error: - type: string - name: - type: string - started_at: - type: string - required: - - name - - started_at - latest_install_failed_attempts: - items: - additionalProperties: true - type: object - properties: - created_at: - type: string - error: - additionalProperties: true - type: object - properties: - message: - type: string - name: - type: string - stack: - type: string - required: - - name - - message - target_version: - type: string - required: - - created_at - - target_version - - error - type: array - name: - type: string - namespaces: - items: - type: string - type: array - type: - type: string - updated_at: - type: string - verification_key_id: - nullable: true - type: string - verification_status: - enum: - - unverified - - verified - - unknown - type: string - version: - type: string - required: - - type - - installed_kibana - - installed_es - - name - - version - - install_status - - install_source - - verification_status - integration: - type: string - internal: - type: boolean - latestVersion: - type: string - name: - type: string - owner: - additionalProperties: true - type: object - properties: - github: - type: string - type: - enum: - - elastic - - partner - - community - type: string - path: - type: string - policy_templates: - items: - additionalProperties: {} - type: object - type: array - readme: - type: string - release: - enum: - - ga - - beta - - experimental - type: string - savedObject: {} - signature_path: - type: string - source: - additionalProperties: true - type: object - properties: - license: - type: string - required: - - license - status: - type: string - title: - type: string - type: - enum: - - integration - - input - - content - type: string - vars: - items: - additionalProperties: {} - type: object - type: array - version: - type: string - required: - - savedObject - - name - - version - - title - - id - type: array - response: - items: - additionalProperties: true - deprecated: true - type: object - properties: - categories: - items: - type: string - type: array - conditions: - additionalProperties: true - type: object - properties: - elastic: - additionalProperties: true - type: object - properties: - capabilities: - items: - type: string - type: array - subscription: - type: string - kibana: - additionalProperties: true - type: object - properties: - version: - type: string - data_streams: - items: - additionalProperties: {} - type: object - type: array - description: - type: string - discovery: - additionalProperties: true - type: object - properties: - fields: - items: - additionalProperties: true - type: object - properties: - name: - type: string - required: - - name - type: array - download: - type: string - format_version: - type: string - icons: - items: - additionalProperties: true - type: object - properties: - dark_mode: - type: boolean - path: - type: string - size: - type: string - src: - type: string - title: - type: string - type: - type: string - required: - - src - type: array - id: - type: string - installationInfo: - additionalProperties: true - type: object - properties: - additional_spaces_installed_kibana: - additionalProperties: - items: - additionalProperties: true - type: object - properties: - id: - type: string - originId: - type: string - type: - enum: - - dashboard - - lens - - visualization - - search - - index-pattern - - map - - ml-module - - security-rule - - csp-rule-template - - osquery-pack-asset - - osquery-saved-query - - tag - type: string - required: - - id - - type - type: array - type: object - created_at: - type: string - experimental_data_stream_features: - items: - additionalProperties: true - type: object - properties: - data_stream: - type: string - features: - additionalProperties: true - type: object - properties: - doc_value_only_numeric: - type: boolean - doc_value_only_other: - type: boolean - synthetic_source: - type: boolean - tsdb: - type: boolean - required: - - data_stream - - features - type: array - install_format_schema_version: - type: string - install_source: - enum: - - registry - - upload - - bundled - - custom - type: string - install_status: - enum: - - installed - - installing - - install_failed - type: string - installed_es: - items: - additionalProperties: true - type: object - properties: - deferred: - type: boolean - id: - type: string - type: - enum: - - index - - index_template - - component_template - - ingest_pipeline - - ilm_policy - - data_stream_ilm_policy - - transform - - ml_model - type: string - version: - type: string - required: - - id - - type - type: array - installed_kibana: - items: - additionalProperties: true - type: object - properties: - id: - type: string - originId: - type: string - type: - enum: - - dashboard - - lens - - visualization - - search - - index-pattern - - map - - ml-module - - security-rule - - csp-rule-template - - osquery-pack-asset - - osquery-saved-query - - tag - type: string - required: - - id - - type - type: array - installed_kibana_space_id: - type: string - latest_executed_state: - additionalProperties: true - type: object - properties: - error: - type: string - name: - type: string - started_at: - type: string - required: - - name - - started_at - latest_install_failed_attempts: - items: - additionalProperties: true - type: object - properties: - created_at: - type: string - error: - additionalProperties: true - type: object - properties: - message: - type: string - name: - type: string - stack: - type: string - required: - - name - - message - target_version: - type: string - required: - - created_at - - target_version - - error - type: array - name: - type: string - namespaces: - items: - type: string - type: array - type: - type: string - updated_at: - type: string - verification_key_id: - nullable: true - type: string - verification_status: - enum: - - unverified - - verified - - unknown - type: string - version: - type: string - required: - - type - - installed_kibana - - installed_es - - name - - version - - install_status - - install_source - - verification_status - integration: - type: string - internal: - type: boolean - latestVersion: - type: string - name: - type: string - owner: - additionalProperties: true - type: object - properties: - github: - type: string - type: - enum: - - elastic - - partner - - community - type: string - path: - type: string - policy_templates: - items: - additionalProperties: {} - type: object - type: array - readme: - type: string - release: - enum: - - ga - - beta - - experimental - type: string - savedObject: {} - signature_path: - type: string - source: - additionalProperties: true - type: object - properties: - license: - type: string - required: - - license - status: - type: string - title: - type: string - type: - enum: - - integration - - input - - content - type: string - vars: - items: - additionalProperties: {} - type: object - type: array - version: - type: string - required: - - savedObject - - name - - version - - title - - id - type: array - required: - - items - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Package Manager (EPM) - post: - description: Install package by upload - operationId: '%2Fapi%2Ffleet%2Fepm%2Fpackages#1' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - in: query - name: ignoreMappingUpdateErrors - required: false - schema: - default: false - type: boolean - - in: query - name: skipDataStreamRollover - required: false - schema: - default: false - type: boolean - requestBody: - content: - application/gzip; application/zip; Elastic-Api-Version=2023-10-31: - schema: - format: binary - type: string - responses: - '200': - content: - application/gzip; application/zip; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - _meta: - additionalProperties: false - type: object - properties: - install_source: - type: string - required: - - install_source - items: - items: - anyOf: - - additionalProperties: false - type: object - properties: - id: - type: string - originId: - type: string - type: - enum: - - dashboard - - lens - - visualization - - search - - index-pattern - - map - - ml-module - - security-rule - - csp-rule-template - - osquery-pack-asset - - osquery-saved-query - - tag - type: string - required: - - id - - type - - additionalProperties: false - type: object - properties: - deferred: - type: boolean - id: - type: string - type: - enum: - - index - - index_template - - component_template - - ingest_pipeline - - ilm_policy - - data_stream_ilm_policy - - transform - - ml_model - type: string - version: - type: string - required: - - id - - type - type: array - response: - deprecated: true - items: - anyOf: - - additionalProperties: false - type: object - properties: - id: - type: string - originId: - type: string - type: - enum: - - dashboard - - lens - - visualization - - search - - index-pattern - - map - - ml-module - - security-rule - - csp-rule-template - - osquery-pack-asset - - osquery-saved-query - - tag - type: string - required: - - id - - type - - additionalProperties: false - type: object - properties: - deferred: - type: boolean - id: - type: string - type: - enum: - - index - - index_template - - component_template - - ingest_pipeline - - ilm_policy - - data_stream_ilm_policy - - transform - - ml_model - type: string - version: - type: string - required: - - id - - type - type: array - required: - - items - - _meta - '400': - content: - application/gzip; application/zip; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Package Manager (EPM) - /api/fleet/epm/packages/_bulk: - post: - description: Bulk install packages - operationId: '%2Fapi%2Ffleet%2Fepm%2Fpackages%2F_bulk#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - in: query - name: prerelease - required: false - schema: - type: boolean - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - force: - default: false - type: boolean - packages: - items: - anyOf: - - type: string - - additionalProperties: false - type: object - properties: - name: - type: string - prerelease: - type: boolean - version: - type: string - required: - - name - - version - minItems: 1 - type: array - required: - - packages - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - items: - items: - anyOf: - - additionalProperties: false - type: object - properties: - name: - type: string - result: - additionalProperties: false - type: object - properties: - assets: - items: - anyOf: - - additionalProperties: false - type: object - properties: - id: - type: string - originId: - type: string - type: - enum: - - dashboard - - lens - - visualization - - search - - index-pattern - - map - - ml-module - - security-rule - - csp-rule-template - - osquery-pack-asset - - osquery-saved-query - - tag - type: string - required: - - id - - type - - additionalProperties: false - type: object - properties: - deferred: - type: boolean - id: - type: string - type: - enum: - - index - - index_template - - component_template - - ingest_pipeline - - ilm_policy - - data_stream_ilm_policy - - transform - - ml_model - type: string - version: - type: string - required: - - id - - type - type: array - error: {} - installSource: - type: string - installType: - type: string - status: - enum: - - installed - - already_installed - type: string - required: - - error - - installType - version: - type: string - required: - - name - - version - - result - - additionalProperties: false - type: object - properties: - error: - anyOf: - - type: string - - {} - name: - type: string - statusCode: - type: number - required: - - name - - statusCode - - error - type: array - response: - deprecated: true - items: - anyOf: - - additionalProperties: false - type: object - properties: - name: - type: string - result: - additionalProperties: false - type: object - properties: - assets: - items: - anyOf: - - additionalProperties: false - type: object - properties: - id: - type: string - originId: - type: string - type: - enum: - - dashboard - - lens - - visualization - - search - - index-pattern - - map - - ml-module - - security-rule - - csp-rule-template - - osquery-pack-asset - - osquery-saved-query - - tag - type: string - required: - - id - - type - - additionalProperties: false - type: object - properties: - deferred: - type: boolean - id: - type: string - type: - enum: - - index - - index_template - - component_template - - ingest_pipeline - - ilm_policy - - data_stream_ilm_policy - - transform - - ml_model - type: string - version: - type: string - required: - - id - - type - type: array - error: {} - installSource: - type: string - installType: - type: string - status: - enum: - - installed - - already_installed - type: string - required: - - error - - installType - version: - type: string - required: - - name - - version - - result - - additionalProperties: false - type: object - properties: - error: - anyOf: - - type: string - - {} - name: - type: string - statusCode: - type: number - required: - - name - - statusCode - - error - type: array - required: - - items - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Package Manager (EPM) - /api/fleet/epm/packages/{pkgkey}: - delete: - deprecated: true - operationId: '%2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7Bpkgkey%7D#3' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - in: path - name: pkgkey - required: true - schema: - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - nullable: true - type: object - properties: - force: - type: boolean - required: - - force - responses: {} - summary: '' - tags: [] - get: - deprecated: true - operationId: '%2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7Bpkgkey%7D#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - in: path - name: pkgkey - required: true - schema: - type: string - - in: query - name: ignoreUnverified - required: false - schema: - type: boolean - - in: query - name: prerelease - required: false - schema: - type: boolean - - in: query - name: full - required: false - schema: - type: boolean - - in: query - name: withMetadata - required: false - schema: - default: false - type: boolean - responses: {} - summary: '' - tags: [] - post: - deprecated: true - operationId: '%2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7Bpkgkey%7D#2' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - in: path - name: pkgkey - required: true - schema: - type: string - - in: query - name: prerelease - required: false - schema: - type: boolean - - in: query - name: ignoreMappingUpdateErrors - required: false - schema: - default: false - type: boolean - - in: query - name: skipDataStreamRollover - required: false - schema: - default: false - type: boolean - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - nullable: true - type: object - properties: - force: - type: boolean - required: - - force - responses: {} - summary: '' - tags: [] - put: - deprecated: true - operationId: '%2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7Bpkgkey%7D#1' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - in: path - name: pkgkey - required: true - schema: - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - keepPoliciesUpToDate: - type: boolean - required: - - keepPoliciesUpToDate - responses: {} - summary: '' - tags: [] - /api/fleet/epm/packages/{pkgName}/{pkgVersion}: - delete: - description: Delete package - operationId: '%2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7BpkgName%7D%2F%7BpkgVersion%7D#3' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - in: path - name: pkgName - required: true - schema: - type: string - - in: path - name: pkgVersion - required: true - schema: - type: string - - in: query - name: force - required: false - schema: - type: boolean - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - nullable: true - type: object - properties: - force: - type: boolean - required: - - force - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - items: - items: - anyOf: - - additionalProperties: false - type: object - properties: - id: - type: string - originId: - type: string - type: - enum: - - dashboard - - lens - - visualization - - search - - index-pattern - - map - - ml-module - - security-rule - - csp-rule-template - - osquery-pack-asset - - osquery-saved-query - - tag - type: string - required: - - id - - type - - additionalProperties: false - type: object - properties: - deferred: - type: boolean - id: - type: string - type: - enum: - - index - - index_template - - component_template - - ingest_pipeline - - ilm_policy - - data_stream_ilm_policy - - transform - - ml_model - type: string - version: - type: string - required: - - id - - type - type: array - response: - deprecated: true - items: - anyOf: - - additionalProperties: false - type: object - properties: - id: - type: string - originId: - type: string - type: - enum: - - dashboard - - lens - - visualization - - search - - index-pattern - - map - - ml-module - - security-rule - - csp-rule-template - - osquery-pack-asset - - osquery-saved-query - - tag - type: string - required: - - id - - type - - additionalProperties: false - type: object - properties: - deferred: - type: boolean - id: - type: string - type: - enum: - - index - - index_template - - component_template - - ingest_pipeline - - ilm_policy - - data_stream_ilm_policy - - transform - - ml_model - type: string - version: - type: string - required: - - id - - type - type: array - required: - - items - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Package Manager (EPM) - get: - description: Get package - operationId: '%2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7BpkgName%7D%2F%7BpkgVersion%7D#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - in: path - name: pkgName - required: true - schema: - type: string - - in: path - name: pkgVersion - required: true - schema: - type: string - - in: query - name: ignoreUnverified - required: false - schema: - type: boolean - - in: query - name: prerelease - required: false - schema: - type: boolean - - in: query - name: full - required: false - schema: - type: boolean - - in: query - name: withMetadata - required: false - schema: - default: false - type: boolean - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - item: - additionalProperties: true - type: object - properties: - agent: - additionalProperties: false - type: object - properties: - privileges: - additionalProperties: false - type: object - properties: - root: - type: boolean - asset_tags: - items: - additionalProperties: false - type: object - properties: - asset_ids: - items: - type: string - type: array - asset_types: - items: - type: string - type: array - text: - type: string - required: - - text - type: array - assets: - additionalProperties: {} - type: object - categories: - items: - type: string - type: array - conditions: - additionalProperties: true - type: object - properties: - elastic: - additionalProperties: true - type: object - properties: - capabilities: - items: - type: string - type: array - subscription: - type: string - kibana: - additionalProperties: true - type: object - properties: - version: - type: string - data_streams: - items: - additionalProperties: {} - type: object - type: array - description: - type: string - discovery: - additionalProperties: true - type: object - properties: - fields: - items: - additionalProperties: true - type: object - properties: - name: - type: string - required: - - name - type: array - download: - type: string - elasticsearch: - additionalProperties: {} - type: object - format_version: - type: string - icons: - items: - additionalProperties: true - type: object - properties: - dark_mode: - type: boolean - path: - type: string - size: - type: string - src: - type: string - title: - type: string - type: - type: string - required: - - src - type: array - installationInfo: - additionalProperties: true - type: object - properties: - additional_spaces_installed_kibana: - additionalProperties: - items: - additionalProperties: true - type: object - properties: - id: - type: string - originId: - type: string - type: - enum: - - dashboard - - lens - - visualization - - search - - index-pattern - - map - - ml-module - - security-rule - - csp-rule-template - - osquery-pack-asset - - osquery-saved-query - - tag - type: string - required: - - id - - type - type: array - type: object - created_at: - type: string - experimental_data_stream_features: - items: - additionalProperties: true - type: object - properties: - data_stream: - type: string - features: - additionalProperties: true - type: object - properties: - doc_value_only_numeric: - type: boolean - doc_value_only_other: - type: boolean - synthetic_source: - type: boolean - tsdb: - type: boolean - required: - - data_stream - - features - type: array - install_format_schema_version: - type: string - install_source: - enum: - - registry - - upload - - bundled - - custom - type: string - install_status: - enum: - - installed - - installing - - install_failed - type: string - installed_es: - items: - additionalProperties: true - type: object - properties: - deferred: - type: boolean - id: - type: string - type: - enum: - - index - - index_template - - component_template - - ingest_pipeline - - ilm_policy - - data_stream_ilm_policy - - transform - - ml_model - type: string - version: - type: string - required: - - id - - type - type: array - installed_kibana: - items: - additionalProperties: true - type: object - properties: - id: - type: string - originId: - type: string - type: - enum: - - dashboard - - lens - - visualization - - search - - index-pattern - - map - - ml-module - - security-rule - - csp-rule-template - - osquery-pack-asset - - osquery-saved-query - - tag - type: string - required: - - id - - type - type: array - installed_kibana_space_id: - type: string - latest_executed_state: - additionalProperties: true - type: object - properties: - error: - type: string - name: - type: string - started_at: - type: string - required: - - name - - started_at - latest_install_failed_attempts: - items: - additionalProperties: true - type: object - properties: - created_at: - type: string - error: - additionalProperties: true - type: object - properties: - message: - type: string - name: - type: string - stack: - type: string - required: - - name - - message - target_version: - type: string - required: - - created_at - - target_version - - error - type: array - name: - type: string - namespaces: - items: - type: string - type: array - type: - type: string - updated_at: - type: string - verification_key_id: - nullable: true - type: string - verification_status: - enum: - - unverified - - verified - - unknown - type: string - version: - type: string - required: - - type - - installed_kibana - - installed_es - - name - - version - - install_status - - install_source - - verification_status - internal: - type: boolean - keepPoliciesUpToDate: - type: boolean - latestVersion: - type: string - license: - type: string - licensePath: - type: string - name: - type: string - notice: - type: string - owner: - additionalProperties: true - type: object - properties: - github: - type: string - type: - enum: - - elastic - - partner - - community - type: string - path: - type: string - policy_templates: - items: - additionalProperties: {} - type: object - type: array - readme: - type: string - release: - enum: - - ga - - beta - - experimental - type: string - savedObject: {} - screenshots: - items: - additionalProperties: false - type: object - properties: - dark_mode: - type: boolean - path: - type: string - size: - type: string - src: - type: string - title: - type: string - type: - type: string - required: - - src - type: array - signature_path: - type: string - source: - additionalProperties: true - type: object - properties: - license: - type: string - required: - - license - status: - type: string - title: - type: string - type: - enum: - - integration - - input - - content - type: string - vars: - items: - additionalProperties: {} - type: object - type: array - version: - type: string - required: - - savedObject - - name - - version - - title - - assets - metadata: - additionalProperties: false - type: object - properties: - has_policies: - type: boolean - required: - - has_policies - response: - additionalProperties: true - deprecated: true - type: object - properties: - agent: - additionalProperties: false - type: object - properties: - privileges: - additionalProperties: false - type: object - properties: - root: - type: boolean - asset_tags: - items: - additionalProperties: false - type: object - properties: - asset_ids: - items: - type: string - type: array - asset_types: - items: - type: string - type: array - text: - type: string - required: - - text - type: array - assets: - additionalProperties: {} - type: object - categories: - items: - type: string - type: array - conditions: - additionalProperties: true - type: object - properties: - elastic: - additionalProperties: true - type: object - properties: - capabilities: - items: - type: string - type: array - subscription: - type: string - kibana: - additionalProperties: true - type: object - properties: - version: - type: string - data_streams: - items: - additionalProperties: {} - type: object - type: array - description: - type: string - discovery: - additionalProperties: true - type: object - properties: - fields: - items: - additionalProperties: true - type: object - properties: - name: - type: string - required: - - name - type: array - download: - type: string - elasticsearch: - additionalProperties: {} - type: object - format_version: - type: string - icons: - items: - additionalProperties: true - type: object - properties: - dark_mode: - type: boolean - path: - type: string - size: - type: string - src: - type: string - title: - type: string - type: - type: string - required: - - src - type: array - installationInfo: - additionalProperties: true - type: object - properties: - additional_spaces_installed_kibana: - additionalProperties: - items: - additionalProperties: true - type: object - properties: - id: - type: string - originId: - type: string - type: - enum: - - dashboard - - lens - - visualization - - search - - index-pattern - - map - - ml-module - - security-rule - - csp-rule-template - - osquery-pack-asset - - osquery-saved-query - - tag - type: string - required: - - id - - type - type: array - type: object - created_at: - type: string - experimental_data_stream_features: - items: - additionalProperties: true - type: object - properties: - data_stream: - type: string - features: - additionalProperties: true - type: object - properties: - doc_value_only_numeric: - type: boolean - doc_value_only_other: - type: boolean - synthetic_source: - type: boolean - tsdb: - type: boolean - required: - - data_stream - - features - type: array - install_format_schema_version: - type: string - install_source: - enum: - - registry - - upload - - bundled - - custom - type: string - install_status: - enum: - - installed - - installing - - install_failed - type: string - installed_es: - items: - additionalProperties: true - type: object - properties: - deferred: - type: boolean - id: - type: string - type: - enum: - - index - - index_template - - component_template - - ingest_pipeline - - ilm_policy - - data_stream_ilm_policy - - transform - - ml_model - type: string - version: - type: string - required: - - id - - type - type: array - installed_kibana: - items: - additionalProperties: true - type: object - properties: - id: - type: string - originId: - type: string - type: - enum: - - dashboard - - lens - - visualization - - search - - index-pattern - - map - - ml-module - - security-rule - - csp-rule-template - - osquery-pack-asset - - osquery-saved-query - - tag - type: string - required: - - id - - type - type: array - installed_kibana_space_id: - type: string - latest_executed_state: - additionalProperties: true - type: object - properties: - error: - type: string - name: - type: string - started_at: - type: string - required: - - name - - started_at - latest_install_failed_attempts: - items: - additionalProperties: true - type: object - properties: - created_at: - type: string - error: - additionalProperties: true - type: object - properties: - message: - type: string - name: - type: string - stack: - type: string - required: - - name - - message - target_version: - type: string - required: - - created_at - - target_version - - error - type: array - name: - type: string - namespaces: - items: - type: string - type: array - type: - type: string - updated_at: - type: string - verification_key_id: - nullable: true - type: string - verification_status: - enum: - - unverified - - verified - - unknown - type: string - version: - type: string - required: - - type - - installed_kibana - - installed_es - - name - - version - - install_status - - install_source - - verification_status - internal: - type: boolean - keepPoliciesUpToDate: - type: boolean - latestVersion: - type: string - license: - type: string - licensePath: - type: string - name: - type: string - notice: - type: string - owner: - additionalProperties: true - type: object - properties: - github: - type: string - type: - enum: - - elastic - - partner - - community - type: string - path: - type: string - policy_templates: - items: - additionalProperties: {} - type: object - type: array - readme: - type: string - release: - enum: - - ga - - beta - - experimental - type: string - savedObject: {} - screenshots: - items: - additionalProperties: false - type: object - properties: - dark_mode: - type: boolean - path: - type: string - size: - type: string - src: - type: string - title: - type: string - type: - type: string - required: - - src - type: array - signature_path: - type: string - source: - additionalProperties: true - type: object - properties: - license: - type: string - required: - - license - status: - type: string - title: - type: string - type: - enum: - - integration - - input - - content - type: string - vars: - items: - additionalProperties: {} - type: object - type: array - version: - type: string - required: - - savedObject - - name - - version - - title - - assets - required: - - item - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Package Manager (EPM) - post: - description: Install package from registry - operationId: '%2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7BpkgName%7D%2F%7BpkgVersion%7D#2' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - in: path - name: pkgName - required: true - schema: - type: string - - in: path - name: pkgVersion - required: true - schema: - type: string - - in: query - name: prerelease - required: false - schema: - type: boolean - - in: query - name: ignoreMappingUpdateErrors - required: false - schema: - default: false - type: boolean - - in: query - name: skipDataStreamRollover - required: false - schema: - default: false - type: boolean - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - nullable: true - type: object - properties: - force: - default: false - type: boolean - ignore_constraints: - default: false - type: boolean - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - _meta: - additionalProperties: false - type: object - properties: - install_source: - type: string - required: - - install_source - items: - items: - anyOf: - - additionalProperties: false - type: object - properties: - id: - type: string - originId: - type: string - type: - enum: - - dashboard - - lens - - visualization - - search - - index-pattern - - map - - ml-module - - security-rule - - csp-rule-template - - osquery-pack-asset - - osquery-saved-query - - tag - type: string - required: - - id - - type - - additionalProperties: false - type: object - properties: - deferred: - type: boolean - id: - type: string - type: - enum: - - index - - index_template - - component_template - - ingest_pipeline - - ilm_policy - - data_stream_ilm_policy - - transform - - ml_model - type: string - version: - type: string - required: - - id - - type - type: array - response: - deprecated: true - items: - anyOf: - - additionalProperties: false - type: object - properties: - id: - type: string - originId: - type: string - type: - enum: - - dashboard - - lens - - visualization - - search - - index-pattern - - map - - ml-module - - security-rule - - csp-rule-template - - osquery-pack-asset - - osquery-saved-query - - tag - type: string - required: - - id - - type - - additionalProperties: false - type: object - properties: - deferred: - type: boolean - id: - type: string - type: - enum: - - index - - index_template - - component_template - - ingest_pipeline - - ilm_policy - - data_stream_ilm_policy - - transform - - ml_model - type: string - version: - type: string - required: - - id - - type - type: array - required: - - items - - _meta - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Package Manager (EPM) - put: - description: Update package settings - operationId: '%2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7BpkgName%7D%2F%7BpkgVersion%7D#1' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - in: path - name: pkgName - required: true - schema: - type: string - - in: path - name: pkgVersion - required: true - schema: - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - keepPoliciesUpToDate: - type: boolean - required: - - keepPoliciesUpToDate - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - item: - additionalProperties: true - type: object - properties: - agent: - additionalProperties: false - type: object - properties: - privileges: - additionalProperties: false - type: object - properties: - root: - type: boolean - asset_tags: - items: - additionalProperties: false - type: object - properties: - asset_ids: - items: - type: string - type: array - asset_types: - items: - type: string - type: array - text: - type: string - required: - - text - type: array - assets: - additionalProperties: {} - type: object - categories: - items: - type: string - type: array - conditions: - additionalProperties: true - type: object - properties: - elastic: - additionalProperties: true - type: object - properties: - capabilities: - items: - type: string - type: array - subscription: - type: string - kibana: - additionalProperties: true - type: object - properties: - version: - type: string - data_streams: - items: - additionalProperties: {} - type: object - type: array - description: - type: string - discovery: - additionalProperties: true - type: object - properties: - fields: - items: - additionalProperties: true - type: object - properties: - name: - type: string - required: - - name - type: array - download: - type: string - elasticsearch: - additionalProperties: {} - type: object - format_version: - type: string - icons: - items: - additionalProperties: true - type: object - properties: - dark_mode: - type: boolean - path: - type: string - size: - type: string - src: - type: string - title: - type: string - type: - type: string - required: - - src - type: array - installationInfo: - additionalProperties: true - type: object - properties: - additional_spaces_installed_kibana: - additionalProperties: - items: - additionalProperties: true - type: object - properties: - id: - type: string - originId: - type: string - type: - enum: - - dashboard - - lens - - visualization - - search - - index-pattern - - map - - ml-module - - security-rule - - csp-rule-template - - osquery-pack-asset - - osquery-saved-query - - tag - type: string - required: - - id - - type - type: array - type: object - created_at: - type: string - experimental_data_stream_features: - items: - additionalProperties: true - type: object - properties: - data_stream: - type: string - features: - additionalProperties: true - type: object - properties: - doc_value_only_numeric: - type: boolean - doc_value_only_other: - type: boolean - synthetic_source: - type: boolean - tsdb: - type: boolean - required: - - data_stream - - features - type: array - install_format_schema_version: - type: string - install_source: - enum: - - registry - - upload - - bundled - - custom - type: string - install_status: - enum: - - installed - - installing - - install_failed - type: string - installed_es: - items: - additionalProperties: true - type: object - properties: - deferred: - type: boolean - id: - type: string - type: - enum: - - index - - index_template - - component_template - - ingest_pipeline - - ilm_policy - - data_stream_ilm_policy - - transform - - ml_model - type: string - version: - type: string - required: - - id - - type - type: array - installed_kibana: - items: - additionalProperties: true - type: object - properties: - id: - type: string - originId: - type: string - type: - enum: - - dashboard - - lens - - visualization - - search - - index-pattern - - map - - ml-module - - security-rule - - csp-rule-template - - osquery-pack-asset - - osquery-saved-query - - tag - type: string - required: - - id - - type - type: array - installed_kibana_space_id: - type: string - latest_executed_state: - additionalProperties: true - type: object - properties: - error: - type: string - name: - type: string - started_at: - type: string - required: - - name - - started_at - latest_install_failed_attempts: - items: - additionalProperties: true - type: object - properties: - created_at: - type: string - error: - additionalProperties: true - type: object - properties: - message: - type: string - name: - type: string - stack: - type: string - required: - - name - - message - target_version: - type: string - required: - - created_at - - target_version - - error - type: array - name: - type: string - namespaces: - items: - type: string - type: array - type: - type: string - updated_at: - type: string - verification_key_id: - nullable: true - type: string - verification_status: - enum: - - unverified - - verified - - unknown - type: string - version: - type: string - required: - - type - - installed_kibana - - installed_es - - name - - version - - install_status - - install_source - - verification_status - internal: - type: boolean - keepPoliciesUpToDate: - type: boolean - latestVersion: - type: string - license: - type: string - licensePath: - type: string - name: - type: string - notice: - type: string - owner: - additionalProperties: true - type: object - properties: - github: - type: string - type: - enum: - - elastic - - partner - - community - type: string - path: - type: string - policy_templates: - items: - additionalProperties: {} - type: object - type: array - readme: - type: string - release: - enum: - - ga - - beta - - experimental - type: string - savedObject: {} - screenshots: - items: - additionalProperties: false - type: object - properties: - dark_mode: - type: boolean - path: - type: string - size: - type: string - src: - type: string - title: - type: string - type: - type: string - required: - - src - type: array - signature_path: - type: string - source: - additionalProperties: true - type: object - properties: - license: - type: string - required: - - license - status: - type: string - title: - type: string - type: - enum: - - integration - - input - - content - type: string - vars: - items: - additionalProperties: {} - type: object - type: array - version: - type: string - required: - - savedObject - - name - - version - - title - - assets - response: - additionalProperties: true - deprecated: true - type: object - properties: - agent: - additionalProperties: false - type: object - properties: - privileges: - additionalProperties: false - type: object - properties: - root: - type: boolean - asset_tags: - items: - additionalProperties: false - type: object - properties: - asset_ids: - items: - type: string - type: array - asset_types: - items: - type: string - type: array - text: - type: string - required: - - text - type: array - assets: - additionalProperties: {} - type: object - categories: - items: - type: string - type: array - conditions: - additionalProperties: true - type: object - properties: - elastic: - additionalProperties: true - type: object - properties: - capabilities: - items: - type: string - type: array - subscription: - type: string - kibana: - additionalProperties: true - type: object - properties: - version: - type: string - data_streams: - items: - additionalProperties: {} - type: object - type: array - description: - type: string - discovery: - additionalProperties: true - type: object - properties: - fields: - items: - additionalProperties: true - type: object - properties: - name: - type: string - required: - - name - type: array - download: - type: string - elasticsearch: - additionalProperties: {} - type: object - format_version: - type: string - icons: - items: - additionalProperties: true - type: object - properties: - dark_mode: - type: boolean - path: - type: string - size: - type: string - src: - type: string - title: - type: string - type: - type: string - required: - - src - type: array - installationInfo: - additionalProperties: true - type: object - properties: - additional_spaces_installed_kibana: - additionalProperties: - items: - additionalProperties: true - type: object - properties: - id: - type: string - originId: - type: string - type: - enum: - - dashboard - - lens - - visualization - - search - - index-pattern - - map - - ml-module - - security-rule - - csp-rule-template - - osquery-pack-asset - - osquery-saved-query - - tag - type: string - required: - - id - - type - type: array - type: object - created_at: - type: string - experimental_data_stream_features: - items: - additionalProperties: true - type: object - properties: - data_stream: - type: string - features: - additionalProperties: true - type: object - properties: - doc_value_only_numeric: - type: boolean - doc_value_only_other: - type: boolean - synthetic_source: - type: boolean - tsdb: - type: boolean - required: - - data_stream - - features - type: array - install_format_schema_version: - type: string - install_source: - enum: - - registry - - upload - - bundled - - custom - type: string - install_status: - enum: - - installed - - installing - - install_failed - type: string - installed_es: - items: - additionalProperties: true - type: object - properties: - deferred: - type: boolean - id: - type: string - type: - enum: - - index - - index_template - - component_template - - ingest_pipeline - - ilm_policy - - data_stream_ilm_policy - - transform - - ml_model - type: string - version: - type: string - required: - - id - - type - type: array - installed_kibana: - items: - additionalProperties: true - type: object - properties: - id: - type: string - originId: - type: string - type: - enum: - - dashboard - - lens - - visualization - - search - - index-pattern - - map - - ml-module - - security-rule - - csp-rule-template - - osquery-pack-asset - - osquery-saved-query - - tag - type: string - required: - - id - - type - type: array - installed_kibana_space_id: - type: string - latest_executed_state: - additionalProperties: true - type: object - properties: - error: - type: string - name: - type: string - started_at: - type: string - required: - - name - - started_at - latest_install_failed_attempts: - items: - additionalProperties: true - type: object - properties: - created_at: - type: string - error: - additionalProperties: true - type: object - properties: - message: - type: string - name: - type: string - stack: - type: string - required: - - name - - message - target_version: - type: string - required: - - created_at - - target_version - - error - type: array - name: - type: string - namespaces: - items: - type: string - type: array - type: - type: string - updated_at: - type: string - verification_key_id: - nullable: true - type: string - verification_status: - enum: - - unverified - - verified - - unknown - type: string - version: - type: string - required: - - type - - installed_kibana - - installed_es - - name - - version - - install_status - - install_source - - verification_status - internal: - type: boolean - keepPoliciesUpToDate: - type: boolean - latestVersion: - type: string - license: - type: string - licensePath: - type: string - name: - type: string - notice: - type: string - owner: - additionalProperties: true - type: object - properties: - github: - type: string - type: - enum: - - elastic - - partner - - community - type: string - path: - type: string - policy_templates: - items: - additionalProperties: {} - type: object - type: array - readme: - type: string - release: - enum: - - ga - - beta - - experimental - type: string - savedObject: {} - screenshots: - items: - additionalProperties: false - type: object - properties: - dark_mode: - type: boolean - path: - type: string - size: - type: string - src: - type: string - title: - type: string - type: - type: string - required: - - src - type: array - signature_path: - type: string - source: - additionalProperties: true - type: object - properties: - license: - type: string - required: - - license - status: - type: string - title: - type: string - type: - enum: - - integration - - input - - content - type: string - vars: - items: - additionalProperties: {} - type: object - type: array - version: - type: string - required: - - savedObject - - name - - version - - title - - assets - required: - - item - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Package Manager (EPM) - /api/fleet/epm/packages/{pkgName}/{pkgVersion}/{filePath*}: - get: - description: Get package file - operationId: >- - %2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7BpkgName%7D%2F%7BpkgVersion%7D%2F%7BfilePath*%7D#0 - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - in: path - name: pkgName - required: true - schema: - type: string - - in: path - name: pkgVersion - required: true - schema: - type: string - - in: path - name: filePath - required: true - schema: - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: {} - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Package Manager (EPM) - /api/fleet/epm/packages/{pkgName}/{pkgVersion}/transforms/authorize: - post: - description: Authorize transforms - operationId: >- - %2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7BpkgName%7D%2F%7BpkgVersion%7D%2Ftransforms%2Fauthorize#0 - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - in: path - name: pkgName - required: true - schema: - type: string - - in: path - name: pkgVersion - required: true - schema: - type: string - - in: query - name: prerelease - required: false - schema: - type: boolean - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - transforms: - items: - additionalProperties: false - type: object - properties: - transformId: - type: string - required: - - transformId - type: array - required: - - transforms - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - items: - additionalProperties: false - type: object - properties: - error: - nullable: true - success: - type: boolean - transformId: - type: string - required: - - transformId - - success - - error - type: array - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Package Manager (EPM) - /api/fleet/epm/packages/{pkgName}/stats: - get: - description: Get package stats - operationId: '%2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7BpkgName%7D%2Fstats#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - in: path - name: pkgName - required: true - schema: - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - response: - additionalProperties: false - type: object - properties: - agent_policy_count: - type: number - required: - - agent_policy_count - required: - - response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Package Manager (EPM) - /api/fleet/epm/packages/installed: - get: - description: Get installed packages - operationId: '%2Fapi%2Ffleet%2Fepm%2Fpackages%2Finstalled#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - in: query - name: dataStreamType - required: false - schema: - enum: - - logs - - metrics - - traces - - synthetics - - profiling - type: string - - in: query - name: showOnlyActiveDataStreams - required: false - schema: - type: boolean - - in: query - name: nameQuery - required: false - schema: - type: string - - in: query - name: searchAfter - required: false - schema: - items: - anyOf: - - type: string - - type: number - type: array - - in: query - name: perPage - required: false - schema: - default: 15 - type: number - - in: query - name: sortOrder - required: false - schema: - default: asc - enum: - - asc - - desc - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - items: - items: - additionalProperties: false - type: object - properties: - dataStreams: - items: - additionalProperties: false - type: object - properties: - name: - type: string - title: - type: string - required: - - name - - title - type: array - description: - type: string - icons: - items: - additionalProperties: false - type: object - properties: - dark_mode: - type: boolean - path: - type: string - size: - type: string - src: - type: string - title: - type: string - type: - type: string - required: - - src - type: array - name: - type: string - status: - type: string - title: - type: string - version: - type: string - required: - - name - - version - - status - - dataStreams - type: array - searchAfter: - items: - anyOf: - - type: string - - type: number - - type: boolean - - enum: [] - nullable: true - - {} - type: array - total: - type: number - required: - - items - - total - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Package Manager (EPM) - /api/fleet/epm/packages/limited: - get: - description: Get limited package list - operationId: '%2Fapi%2Ffleet%2Fepm%2Fpackages%2Flimited#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - items: - items: - type: string - type: array - response: - deprecated: true - items: - type: string - type: array - required: - - items - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Package Manager (EPM) - /api/fleet/epm/templates/{pkgName}/{pkgVersion}/inputs: - get: - description: Get inputs template - operationId: >- - %2Fapi%2Ffleet%2Fepm%2Ftemplates%2F%7BpkgName%7D%2F%7BpkgVersion%7D%2Finputs#0 - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - in: path - name: pkgName - required: true - schema: - type: string - - in: path - name: pkgVersion - required: true - schema: - type: string - - in: query - name: format - required: false - schema: - default: json - enum: - - json - - yml - - yaml - type: string - - in: query - name: prerelease - required: false - schema: - type: boolean - - in: query - name: ignoreUnverified - required: false - schema: - type: boolean - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - anyOf: - - type: string - - additionalProperties: false - type: object - properties: - inputs: - items: - additionalProperties: false - type: object - properties: - id: - type: string - streams: - items: - additionalProperties: true - type: object - properties: - data_stream: - additionalProperties: true - type: object - properties: - dataset: - type: string - type: - type: string - required: - - dataset - id: - type: string - required: - - id - - data_stream - type: array - type: - type: string - required: - - id - - type - type: array - required: - - inputs - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Package Manager (EPM) - /api/fleet/epm/verification_key_id: - get: - description: Get a package signature verification key ID - operationId: '%2Fapi%2Ffleet%2Fepm%2Fverification_key_id#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - id: - nullable: true - type: string - required: - - id - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Package Manager (EPM) - /api/fleet/fleet_server_hosts: - get: - description: List Fleet Server hosts - operationId: '%2Fapi%2Ffleet%2Ffleet_server_hosts#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - items: - items: - additionalProperties: false - type: object - properties: - host_urls: - items: - type: string - minItems: 1 - type: array - id: - type: string - is_default: - default: false - type: boolean - is_internal: - type: boolean - is_preconfigured: - default: false - type: boolean - name: - type: string - proxy_id: - nullable: true - type: string - required: - - id - - name - - host_urls - type: array - page: - type: number - perPage: - type: number - total: - type: number - required: - - items - - total - - page - - perPage - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Fleet Server hosts - post: - description: Create Fleet Server host - operationId: '%2Fapi%2Ffleet%2Ffleet_server_hosts#1' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - host_urls: - items: - type: string - minItems: 1 - type: array - id: - type: string - is_default: - default: false - type: boolean - is_internal: - type: boolean - is_preconfigured: - default: false - type: boolean - name: - type: string - proxy_id: - nullable: true - type: string - required: - - name - - host_urls - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - item: - additionalProperties: false - type: object - properties: - host_urls: - items: - type: string - minItems: 1 - type: array - id: - type: string - is_default: - default: false - type: boolean - is_internal: - type: boolean - is_preconfigured: - default: false - type: boolean - name: - type: string - proxy_id: - nullable: true - type: string - required: - - id - - name - - host_urls - required: - - item - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Fleet Server hosts - /api/fleet/fleet_server_hosts/{itemId}: - delete: - description: Delete Fleet Server host by ID - operationId: '%2Fapi%2Ffleet%2Ffleet_server_hosts%2F%7BitemId%7D#1' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - in: path - name: itemId - required: true - schema: - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - id: - type: string - required: - - id - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Fleet Server hosts - get: - description: Get Fleet Server host by ID - operationId: '%2Fapi%2Ffleet%2Ffleet_server_hosts%2F%7BitemId%7D#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - in: path - name: itemId - required: true - schema: - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - item: - additionalProperties: false - type: object - properties: - host_urls: - items: - type: string - minItems: 1 - type: array - id: - type: string - is_default: - default: false - type: boolean - is_internal: - type: boolean - is_preconfigured: - default: false - type: boolean - name: - type: string - proxy_id: - nullable: true - type: string - required: - - id - - name - - host_urls - required: - - item - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Fleet Server hosts - put: - description: Update Fleet Server host by ID - operationId: '%2Fapi%2Ffleet%2Ffleet_server_hosts%2F%7BitemId%7D#2' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - in: path - name: itemId - required: true - schema: - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - host_urls: - items: - type: string - minItems: 1 - type: array - is_default: - type: boolean - is_internal: - type: boolean - name: - type: string - proxy_id: - nullable: true - type: string - required: - - proxy_id - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - item: - additionalProperties: false - type: object - properties: - host_urls: - items: - type: string - minItems: 1 - type: array - id: - type: string - is_default: - default: false - type: boolean - is_internal: - type: boolean - is_preconfigured: - default: false - type: boolean - name: - type: string - proxy_id: - nullable: true - type: string - required: - - id - - name - - host_urls - required: - - item - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Fleet Server hosts - /api/fleet/health_check: - post: - description: Check Fleet Server health - operationId: '%2Fapi%2Ffleet%2Fhealth_check#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - host: - format: uri - type: string - id: - type: string - required: - - id - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - host: - deprecated: true - type: string - host_id: - type: string - name: - type: string - status: - type: string - required: - - status - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Fleet internals - /api/fleet/kubernetes: - get: - description: Get full K8s agent manifest - operationId: '%2Fapi%2Ffleet%2Fkubernetes#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - in: query - name: download - required: false - schema: - type: boolean - - in: query - name: fleetServer - required: false - schema: - type: string - - in: query - name: enrolToken - required: false - schema: - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - item: - type: string - required: - - item - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Agent policies - /api/fleet/kubernetes/download: - get: - operationId: '%2Fapi%2Ffleet%2Fkubernetes%2Fdownload#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - in: query - name: download - required: false - schema: - type: boolean - - in: query - name: fleetServer - required: false - schema: - type: string - - in: query - name: enrolToken - required: false - schema: - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: string - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Agent policies - /api/fleet/logstash_api_keys: - post: - description: Generate Logstash API key - operationId: '%2Fapi%2Ffleet%2Flogstash_api_keys#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - api_key: - type: string - required: - - api_key - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Fleet outputs - /api/fleet/message_signing_service/rotate_key_pair: - post: - description: Rotate fleet message signing key pair - operationId: '%2Fapi%2Ffleet%2Fmessage_signing_service%2Frotate_key_pair#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - in: query - name: acknowledge - required: false - schema: - default: false - type: boolean - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - message: - type: string - required: - - message - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Message Signing Service - /api/fleet/outputs: - get: - description: List outputs - operationId: '%2Fapi%2Ffleet%2Foutputs#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - items: - items: - anyOf: - - additionalProperties: true - type: object - properties: - allow_edit: - items: - type: string - type: array - ca_sha256: - nullable: true - type: string - ca_trusted_fingerprint: - nullable: true - type: string - config_yaml: - nullable: true - type: string - hosts: - items: - format: uri - type: string - minItems: 1 - type: array - id: - type: string - is_default: - default: false - type: boolean - is_default_monitoring: - default: false - type: boolean - is_internal: - type: boolean - is_preconfigured: - type: boolean - name: - type: string - preset: - enum: - - balanced - - custom - - throughput - - scale - - latency - type: string - proxy_id: - nullable: true - type: string - shipper: - additionalProperties: true - nullable: true - type: object - properties: - compression_level: - nullable: true - type: number - disk_queue_compression_enabled: - nullable: true - type: boolean - disk_queue_enabled: - default: false - nullable: true - type: boolean - disk_queue_encryption_enabled: - nullable: true - type: boolean - disk_queue_max_size: - nullable: true - type: number - disk_queue_path: - nullable: true - type: string - loadbalance: - nullable: true - type: boolean - max_batch_bytes: - nullable: true - type: number - mem_queue_events: - nullable: true - type: number - queue_flush_timeout: - nullable: true - type: number - required: - - disk_queue_path - - disk_queue_max_size - - disk_queue_encryption_enabled - - disk_queue_compression_enabled - - compression_level - - loadbalance - - mem_queue_events - - queue_flush_timeout - - max_batch_bytes - ssl: - additionalProperties: true - nullable: true - type: object - properties: - certificate: - type: string - certificate_authorities: - items: - type: string - type: array - key: - type: string - verification_mode: - enum: - - full - - none - - certificate - - strict - type: string - type: - enum: - - elasticsearch - type: string - required: - - name - - type - - hosts - - additionalProperties: true - type: object - properties: - allow_edit: - items: - type: string - type: array - ca_sha256: - nullable: true - type: string - ca_trusted_fingerprint: - nullable: true - type: string - config_yaml: - nullable: true - type: string - hosts: - items: - format: uri - type: string - minItems: 1 - type: array - id: - type: string - is_default: - default: false - type: boolean - is_default_monitoring: - default: false - type: boolean - is_internal: - type: boolean - is_preconfigured: - type: boolean - name: - type: string - preset: - enum: - - balanced - - custom - - throughput - - scale - - latency - type: string - proxy_id: - nullable: true - type: string - secrets: - additionalProperties: true - type: object - properties: - service_token: - anyOf: - - additionalProperties: true - type: object - properties: - id: - type: string - required: - - id - - type: string - service_token: - nullable: true - type: string - shipper: - additionalProperties: true - nullable: true - type: object - properties: - compression_level: - nullable: true - type: number - disk_queue_compression_enabled: - nullable: true - type: boolean - disk_queue_enabled: - default: false - nullable: true - type: boolean - disk_queue_encryption_enabled: - nullable: true - type: boolean - disk_queue_max_size: - nullable: true - type: number - disk_queue_path: - nullable: true - type: string - loadbalance: - nullable: true - type: boolean - max_batch_bytes: - nullable: true - type: number - mem_queue_events: - nullable: true - type: number - queue_flush_timeout: - nullable: true - type: number - required: - - disk_queue_path - - disk_queue_max_size - - disk_queue_encryption_enabled - - disk_queue_compression_enabled - - compression_level - - loadbalance - - mem_queue_events - - queue_flush_timeout - - max_batch_bytes - ssl: - additionalProperties: true - nullable: true - type: object - properties: - certificate: - type: string - certificate_authorities: - items: - type: string - type: array - key: - type: string - verification_mode: - enum: - - full - - none - - certificate - - strict - type: string - type: - enum: - - remote_elasticsearch - type: string - required: - - name - - type - - hosts - - additionalProperties: true - type: object - properties: - allow_edit: - items: - type: string - type: array - ca_sha256: - nullable: true - type: string - ca_trusted_fingerprint: - nullable: true - type: string - config_yaml: - nullable: true - type: string - hosts: - items: - type: string - minItems: 1 - type: array - id: - type: string - is_default: - default: false - type: boolean - is_default_monitoring: - default: false - type: boolean - is_internal: - type: boolean - is_preconfigured: - type: boolean - name: - type: string - proxy_id: - nullable: true - type: string - secrets: - additionalProperties: true - type: object - properties: - ssl: - additionalProperties: true - type: object - properties: - key: - anyOf: - - additionalProperties: true - type: object - properties: - id: - type: string - required: - - id - - type: string - shipper: - additionalProperties: true - nullable: true - type: object - properties: - compression_level: - nullable: true - type: number - disk_queue_compression_enabled: - nullable: true - type: boolean - disk_queue_enabled: - default: false - nullable: true - type: boolean - disk_queue_encryption_enabled: - nullable: true - type: boolean - disk_queue_max_size: - nullable: true - type: number - disk_queue_path: - nullable: true - type: string - loadbalance: - nullable: true - type: boolean - max_batch_bytes: - nullable: true - type: number - mem_queue_events: - nullable: true - type: number - queue_flush_timeout: - nullable: true - type: number - required: - - disk_queue_path - - disk_queue_max_size - - disk_queue_encryption_enabled - - disk_queue_compression_enabled - - compression_level - - loadbalance - - mem_queue_events - - queue_flush_timeout - - max_batch_bytes - ssl: - additionalProperties: true - nullable: true - type: object - properties: - certificate: - type: string - certificate_authorities: - items: - type: string - type: array - key: - type: string - verification_mode: - enum: - - full - - none - - certificate - - strict - type: string - type: - enum: - - logstash - type: string - required: - - name - - type - - hosts - - additionalProperties: true - type: object - properties: - allow_edit: - items: - type: string - type: array - auth_type: - enum: - - none - - user_pass - - ssl - - kerberos - type: string - broker_timeout: - type: number - ca_sha256: - nullable: true - type: string - ca_trusted_fingerprint: - nullable: true - type: string - client_id: - type: string - compression: - enum: - - gzip - - snappy - - lz4 - - none - type: string - compression_level: - anyOf: - - items: {} - type: array - - type: boolean - - type: number - - type: object - - type: string - nullable: true - oneOf: - - type: number - - not: {} - config_yaml: - nullable: true - type: string - connection_type: - anyOf: - - items: {} - type: array - - type: boolean - - type: number - - type: object - - type: string - nullable: true - oneOf: - - enum: - - plaintext - - encryption - type: string - - not: {} - hash: - additionalProperties: true - type: object - properties: - hash: - type: string - random: - type: boolean - headers: - items: - additionalProperties: true - type: object - properties: - key: - type: string - value: - type: string - required: - - key - - value - type: array - hosts: - items: - type: string - minItems: 1 - type: array - id: - type: string - is_default: - default: false - type: boolean - is_default_monitoring: - default: false - type: boolean - is_internal: - type: boolean - is_preconfigured: - type: boolean - key: - type: string - name: - type: string - partition: - enum: - - random - - round_robin - - hash - type: string - password: - anyOf: - - items: {} - type: array - - type: boolean - - type: number - - type: object - - type: string - nullable: true - oneOf: - - not: {} - - anyOf: - - items: {} - type: array - - type: boolean - - type: number - - type: object - - type: string - nullable: true - oneOf: - - type: string - - not: {} - proxy_id: - nullable: true - type: string - random: - additionalProperties: true - type: object - properties: - group_events: - type: number - required_acks: - enum: - - 1 - - 0 - - -1 - type: integer - round_robin: - additionalProperties: true - type: object - properties: - group_events: - type: number - sasl: - additionalProperties: true - nullable: true - type: object - properties: - mechanism: - enum: - - PLAIN - - SCRAM-SHA-256 - - SCRAM-SHA-512 - type: string - secrets: - additionalProperties: true - type: object - properties: - password: - anyOf: - - additionalProperties: true - type: object - properties: - id: - type: string - required: - - id - - type: string - ssl: - additionalProperties: true - type: object - properties: - key: - anyOf: - - additionalProperties: true - type: object - properties: - id: - type: string - required: - - id - - type: string - required: - - key - shipper: - additionalProperties: true - nullable: true - type: object - properties: - compression_level: - nullable: true - type: number - disk_queue_compression_enabled: - nullable: true - type: boolean - disk_queue_enabled: - default: false - nullable: true - type: boolean - disk_queue_encryption_enabled: - nullable: true - type: boolean - disk_queue_max_size: - nullable: true - type: number - disk_queue_path: - nullable: true - type: string - loadbalance: - nullable: true - type: boolean - max_batch_bytes: - nullable: true - type: number - mem_queue_events: - nullable: true - type: number - queue_flush_timeout: - nullable: true - type: number - required: - - disk_queue_path - - disk_queue_max_size - - disk_queue_encryption_enabled - - disk_queue_compression_enabled - - compression_level - - loadbalance - - mem_queue_events - - queue_flush_timeout - - max_batch_bytes - ssl: - additionalProperties: true - nullable: true - type: object - properties: - certificate: - type: string - certificate_authorities: - items: - type: string - type: array - key: - type: string - verification_mode: - enum: - - full - - none - - certificate - - strict - type: string - timeout: - type: number - topic: - type: string - topics: - items: - additionalProperties: true - type: object - properties: - topic: - type: string - when: - additionalProperties: true - type: object - properties: - condition: - type: string - type: - enum: - - equals - - contains - - regexp - type: string - required: - - topic - minItems: 1 - type: array - type: - enum: - - kafka - type: string - username: - anyOf: - - items: {} - type: array - - type: boolean - - type: number - - type: object - - type: string - nullable: true - oneOf: - - type: string - - not: {} - version: - type: string - required: - - name - - type - - hosts - - compression_level - - auth_type - - connection_type - - username - - password - type: array - page: - type: number - perPage: - type: number - total: - type: number - required: - - items - - total - - page - - perPage - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Fleet outputs - post: - description: Create output - operationId: '%2Fapi%2Ffleet%2Foutputs#1' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - anyOf: - - additionalProperties: false - type: object - properties: - allow_edit: - items: - type: string - type: array - ca_sha256: - nullable: true - type: string - ca_trusted_fingerprint: - nullable: true - type: string - config_yaml: - nullable: true - type: string - hosts: - items: - format: uri - type: string - minItems: 1 - type: array - id: - type: string - is_default: - default: false - type: boolean - is_default_monitoring: - default: false - type: boolean - is_internal: - type: boolean - is_preconfigured: - type: boolean - name: - type: string - preset: - enum: - - balanced - - custom - - throughput - - scale - - latency - type: string - proxy_id: - nullable: true - type: string - shipper: - additionalProperties: false - nullable: true - type: object - properties: - compression_level: - nullable: true - type: number - disk_queue_compression_enabled: - nullable: true - type: boolean - disk_queue_enabled: - default: false - nullable: true - type: boolean - disk_queue_encryption_enabled: - nullable: true - type: boolean - disk_queue_max_size: - nullable: true - type: number - disk_queue_path: - nullable: true - type: string - loadbalance: - nullable: true - type: boolean - max_batch_bytes: - nullable: true - type: number - mem_queue_events: - nullable: true - type: number - queue_flush_timeout: - nullable: true - type: number - required: - - disk_queue_path - - disk_queue_max_size - - disk_queue_encryption_enabled - - disk_queue_compression_enabled - - compression_level - - loadbalance - - mem_queue_events - - queue_flush_timeout - - max_batch_bytes - ssl: - additionalProperties: false - nullable: true - type: object - properties: - certificate: - type: string - certificate_authorities: - items: - type: string - type: array - key: - type: string - verification_mode: - enum: - - full - - none - - certificate - - strict - type: string - type: - enum: - - elasticsearch - type: string - required: - - name - - type - - hosts - - additionalProperties: false - type: object - properties: - allow_edit: - items: - type: string - type: array - ca_sha256: - nullable: true - type: string - ca_trusted_fingerprint: - nullable: true - type: string - config_yaml: - nullable: true - type: string - hosts: - items: - format: uri - type: string - minItems: 1 - type: array - id: - type: string - is_default: - default: false - type: boolean - is_default_monitoring: - default: false - type: boolean - is_internal: - type: boolean - is_preconfigured: - type: boolean - name: - type: string - preset: - enum: - - balanced - - custom - - throughput - - scale - - latency - type: string - proxy_id: - nullable: true - type: string - secrets: - additionalProperties: false - type: object - properties: - service_token: - anyOf: - - additionalProperties: false - type: object - properties: - id: - type: string - required: - - id - - type: string - service_token: - nullable: true - type: string - shipper: - additionalProperties: false - nullable: true - type: object - properties: - compression_level: - nullable: true - type: number - disk_queue_compression_enabled: - nullable: true - type: boolean - disk_queue_enabled: - default: false - nullable: true - type: boolean - disk_queue_encryption_enabled: - nullable: true - type: boolean - disk_queue_max_size: - nullable: true - type: number - disk_queue_path: - nullable: true - type: string - loadbalance: - nullable: true - type: boolean - max_batch_bytes: - nullable: true - type: number - mem_queue_events: - nullable: true - type: number - queue_flush_timeout: - nullable: true - type: number - required: - - disk_queue_path - - disk_queue_max_size - - disk_queue_encryption_enabled - - disk_queue_compression_enabled - - compression_level - - loadbalance - - mem_queue_events - - queue_flush_timeout - - max_batch_bytes - ssl: - additionalProperties: false - nullable: true - type: object - properties: - certificate: - type: string - certificate_authorities: - items: - type: string - type: array - key: - type: string - verification_mode: - enum: - - full - - none - - certificate - - strict - type: string - type: - enum: - - remote_elasticsearch - type: string - required: - - name - - type - - hosts - - additionalProperties: false - type: object - properties: - allow_edit: - items: - type: string - type: array - ca_sha256: - nullable: true - type: string - ca_trusted_fingerprint: - nullable: true - type: string - config_yaml: - nullable: true - type: string - hosts: - items: - type: string - minItems: 1 - type: array - id: - type: string - is_default: - default: false - type: boolean - is_default_monitoring: - default: false - type: boolean - is_internal: - type: boolean - is_preconfigured: - type: boolean - name: - type: string - proxy_id: - nullable: true - type: string - secrets: - additionalProperties: false - type: object - properties: - ssl: - additionalProperties: false - type: object - properties: - key: - anyOf: - - additionalProperties: false - type: object - properties: - id: - type: string - required: - - id - - type: string - shipper: - additionalProperties: false - nullable: true - type: object - properties: - compression_level: - nullable: true - type: number - disk_queue_compression_enabled: - nullable: true - type: boolean - disk_queue_enabled: - default: false - nullable: true - type: boolean - disk_queue_encryption_enabled: - nullable: true - type: boolean - disk_queue_max_size: - nullable: true - type: number - disk_queue_path: - nullable: true - type: string - loadbalance: - nullable: true - type: boolean - max_batch_bytes: - nullable: true - type: number - mem_queue_events: - nullable: true - type: number - queue_flush_timeout: - nullable: true - type: number - required: - - disk_queue_path - - disk_queue_max_size - - disk_queue_encryption_enabled - - disk_queue_compression_enabled - - compression_level - - loadbalance - - mem_queue_events - - queue_flush_timeout - - max_batch_bytes - ssl: - additionalProperties: false - nullable: true - type: object - properties: - certificate: - type: string - certificate_authorities: - items: - type: string - type: array - key: - type: string - verification_mode: - enum: - - full - - none - - certificate - - strict - type: string - type: - enum: - - logstash - type: string - required: - - name - - type - - hosts - - additionalProperties: false - type: object - properties: - allow_edit: - items: - type: string - type: array - auth_type: - enum: - - none - - user_pass - - ssl - - kerberos - type: string - broker_timeout: - type: number - ca_sha256: - nullable: true - type: string - ca_trusted_fingerprint: - nullable: true - type: string - client_id: - type: string - compression: - enum: - - gzip - - snappy - - lz4 - - none - type: string - compression_level: - anyOf: - - items: {} - type: array - - type: boolean - - type: number - - type: object - - type: string - nullable: true - oneOf: - - type: number - - not: {} - config_yaml: - nullable: true - type: string - connection_type: - anyOf: - - items: {} - type: array - - type: boolean - - type: number - - type: object - - type: string - nullable: true - oneOf: - - enum: - - plaintext - - encryption - type: string - - not: {} - hash: - additionalProperties: false - type: object - properties: - hash: - type: string - random: - type: boolean - headers: - items: - additionalProperties: false - type: object - properties: - key: - type: string - value: - type: string - required: - - key - - value - type: array - hosts: - items: - type: string - minItems: 1 - type: array - id: - type: string - is_default: - default: false - type: boolean - is_default_monitoring: - default: false - type: boolean - is_internal: - type: boolean - is_preconfigured: - type: boolean - key: - type: string - name: - type: string - partition: - enum: - - random - - round_robin - - hash - type: string - password: - anyOf: - - items: {} - type: array - - type: boolean - - type: number - - type: object - - type: string - nullable: true - oneOf: - - not: {} - - anyOf: - - items: {} - type: array - - type: boolean - - type: number - - type: object - - type: string - nullable: true - oneOf: - - type: string - - not: {} - proxy_id: - nullable: true - type: string - random: - additionalProperties: false - type: object - properties: - group_events: - type: number - required_acks: - enum: - - 1 - - 0 - - -1 - type: integer - round_robin: - additionalProperties: false - type: object - properties: - group_events: - type: number - sasl: - additionalProperties: false - nullable: true - type: object - properties: - mechanism: - enum: - - PLAIN - - SCRAM-SHA-256 - - SCRAM-SHA-512 - type: string - secrets: - additionalProperties: false - type: object - properties: - password: - anyOf: - - additionalProperties: false - type: object - properties: - id: - type: string - required: - - id - - type: string - ssl: - additionalProperties: false - type: object - properties: - key: - anyOf: - - additionalProperties: false - type: object - properties: - id: - type: string - required: - - id - - type: string - required: - - key - shipper: - additionalProperties: false - nullable: true - type: object - properties: - compression_level: - nullable: true - type: number - disk_queue_compression_enabled: - nullable: true - type: boolean - disk_queue_enabled: - default: false - nullable: true - type: boolean - disk_queue_encryption_enabled: - nullable: true - type: boolean - disk_queue_max_size: - nullable: true - type: number - disk_queue_path: - nullable: true - type: string - loadbalance: - nullable: true - type: boolean - max_batch_bytes: - nullable: true - type: number - mem_queue_events: - nullable: true - type: number - queue_flush_timeout: - nullable: true - type: number - required: - - disk_queue_path - - disk_queue_max_size - - disk_queue_encryption_enabled - - disk_queue_compression_enabled - - compression_level - - loadbalance - - mem_queue_events - - queue_flush_timeout - - max_batch_bytes - ssl: - additionalProperties: false - nullable: true - type: object - properties: - certificate: - type: string - certificate_authorities: - items: - type: string - type: array - key: - type: string - verification_mode: - enum: - - full - - none - - certificate - - strict - type: string - timeout: - type: number - topic: - type: string - topics: - items: - additionalProperties: false - type: object - properties: - topic: - type: string - when: - additionalProperties: false - type: object - properties: - condition: - type: string - type: - enum: - - equals - - contains - - regexp - type: string - required: - - topic - minItems: 1 - type: array - type: - enum: - - kafka - type: string - username: - anyOf: - - items: {} - type: array - - type: boolean - - type: number - - type: object - - type: string - nullable: true - oneOf: - - type: string - - not: {} - version: - type: string - required: - - name - - type - - hosts - - compression_level - - auth_type - - connection_type - - username - - password - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - item: - anyOf: - - additionalProperties: true - type: object - properties: - allow_edit: - items: - type: string - type: array - ca_sha256: - nullable: true - type: string - ca_trusted_fingerprint: - nullable: true - type: string - config_yaml: - nullable: true - type: string - hosts: - items: - format: uri - type: string - minItems: 1 - type: array - id: - type: string - is_default: - default: false - type: boolean - is_default_monitoring: - default: false - type: boolean - is_internal: - type: boolean - is_preconfigured: - type: boolean - name: - type: string - preset: - enum: - - balanced - - custom - - throughput - - scale - - latency - type: string - proxy_id: - nullable: true - type: string - shipper: - additionalProperties: true - nullable: true - type: object - properties: - compression_level: - nullable: true - type: number - disk_queue_compression_enabled: - nullable: true - type: boolean - disk_queue_enabled: - default: false - nullable: true - type: boolean - disk_queue_encryption_enabled: - nullable: true - type: boolean - disk_queue_max_size: - nullable: true - type: number - disk_queue_path: - nullable: true - type: string - loadbalance: - nullable: true - type: boolean - max_batch_bytes: - nullable: true - type: number - mem_queue_events: - nullable: true - type: number - queue_flush_timeout: - nullable: true - type: number - required: - - disk_queue_path - - disk_queue_max_size - - disk_queue_encryption_enabled - - disk_queue_compression_enabled - - compression_level - - loadbalance - - mem_queue_events - - queue_flush_timeout - - max_batch_bytes - ssl: - additionalProperties: true - nullable: true - type: object - properties: - certificate: - type: string - certificate_authorities: - items: - type: string - type: array - key: - type: string - verification_mode: - enum: - - full - - none - - certificate - - strict - type: string - type: - enum: - - elasticsearch - type: string - required: - - name - - type - - hosts - - additionalProperties: true - type: object - properties: - allow_edit: - items: - type: string - type: array - ca_sha256: - nullable: true - type: string - ca_trusted_fingerprint: - nullable: true - type: string - config_yaml: - nullable: true - type: string - hosts: - items: - format: uri - type: string - minItems: 1 - type: array - id: - type: string - is_default: - default: false - type: boolean - is_default_monitoring: - default: false - type: boolean - is_internal: - type: boolean - is_preconfigured: - type: boolean - name: - type: string - preset: - enum: - - balanced - - custom - - throughput - - scale - - latency - type: string - proxy_id: - nullable: true - type: string - secrets: - additionalProperties: true - type: object - properties: - service_token: - anyOf: - - additionalProperties: true - type: object - properties: - id: - type: string - required: - - id - - type: string - service_token: - nullable: true - type: string - shipper: - additionalProperties: true - nullable: true - type: object - properties: - compression_level: - nullable: true - type: number - disk_queue_compression_enabled: - nullable: true - type: boolean - disk_queue_enabled: - default: false - nullable: true - type: boolean - disk_queue_encryption_enabled: - nullable: true - type: boolean - disk_queue_max_size: - nullable: true - type: number - disk_queue_path: - nullable: true - type: string - loadbalance: - nullable: true - type: boolean - max_batch_bytes: - nullable: true - type: number - mem_queue_events: - nullable: true - type: number - queue_flush_timeout: - nullable: true - type: number - required: - - disk_queue_path - - disk_queue_max_size - - disk_queue_encryption_enabled - - disk_queue_compression_enabled - - compression_level - - loadbalance - - mem_queue_events - - queue_flush_timeout - - max_batch_bytes - ssl: - additionalProperties: true - nullable: true - type: object - properties: - certificate: - type: string - certificate_authorities: - items: - type: string - type: array - key: - type: string - verification_mode: - enum: - - full - - none - - certificate - - strict - type: string - type: - enum: - - remote_elasticsearch - type: string - required: - - name - - type - - hosts - - additionalProperties: true - type: object - properties: - allow_edit: - items: - type: string - type: array - ca_sha256: - nullable: true - type: string - ca_trusted_fingerprint: - nullable: true - type: string - config_yaml: - nullable: true - type: string - hosts: - items: - type: string - minItems: 1 - type: array - id: - type: string - is_default: - default: false - type: boolean - is_default_monitoring: - default: false - type: boolean - is_internal: - type: boolean - is_preconfigured: - type: boolean - name: - type: string - proxy_id: - nullable: true - type: string - secrets: - additionalProperties: true - type: object - properties: - ssl: - additionalProperties: true - type: object - properties: - key: - anyOf: - - additionalProperties: true - type: object - properties: - id: - type: string - required: - - id - - type: string - shipper: - additionalProperties: true - nullable: true - type: object - properties: - compression_level: - nullable: true - type: number - disk_queue_compression_enabled: - nullable: true - type: boolean - disk_queue_enabled: - default: false - nullable: true - type: boolean - disk_queue_encryption_enabled: - nullable: true - type: boolean - disk_queue_max_size: - nullable: true - type: number - disk_queue_path: - nullable: true - type: string - loadbalance: - nullable: true - type: boolean - max_batch_bytes: - nullable: true - type: number - mem_queue_events: - nullable: true - type: number - queue_flush_timeout: - nullable: true - type: number - required: - - disk_queue_path - - disk_queue_max_size - - disk_queue_encryption_enabled - - disk_queue_compression_enabled - - compression_level - - loadbalance - - mem_queue_events - - queue_flush_timeout - - max_batch_bytes - ssl: - additionalProperties: true - nullable: true - type: object - properties: - certificate: - type: string - certificate_authorities: - items: - type: string - type: array - key: - type: string - verification_mode: - enum: - - full - - none - - certificate - - strict - type: string - type: - enum: - - logstash - type: string - required: - - name - - type - - hosts - - additionalProperties: true - type: object - properties: - allow_edit: - items: - type: string - type: array - auth_type: - enum: - - none - - user_pass - - ssl - - kerberos - type: string - broker_timeout: - type: number - ca_sha256: - nullable: true - type: string - ca_trusted_fingerprint: - nullable: true - type: string - client_id: - type: string - compression: - enum: - - gzip - - snappy - - lz4 - - none - type: string - compression_level: - anyOf: - - items: {} - type: array - - type: boolean - - type: number - - type: object - - type: string - nullable: true - oneOf: - - type: number - - not: {} - config_yaml: - nullable: true - type: string - connection_type: - anyOf: - - items: {} - type: array - - type: boolean - - type: number - - type: object - - type: string - nullable: true - oneOf: - - enum: - - plaintext - - encryption - type: string - - not: {} - hash: - additionalProperties: true - type: object - properties: - hash: - type: string - random: - type: boolean - headers: - items: - additionalProperties: true - type: object - properties: - key: - type: string - value: - type: string - required: - - key - - value - type: array - hosts: - items: - type: string - minItems: 1 - type: array - id: - type: string - is_default: - default: false - type: boolean - is_default_monitoring: - default: false - type: boolean - is_internal: - type: boolean - is_preconfigured: - type: boolean - key: - type: string - name: - type: string - partition: - enum: - - random - - round_robin - - hash - type: string - password: - anyOf: - - items: {} - type: array - - type: boolean - - type: number - - type: object - - type: string - nullable: true - oneOf: - - not: {} - - anyOf: - - items: {} - type: array - - type: boolean - - type: number - - type: object - - type: string - nullable: true - oneOf: - - type: string - - not: {} - proxy_id: - nullable: true - type: string - random: - additionalProperties: true - type: object - properties: - group_events: - type: number - required_acks: - enum: - - 1 - - 0 - - -1 - type: integer - round_robin: - additionalProperties: true - type: object - properties: - group_events: - type: number - sasl: - additionalProperties: true - nullable: true - type: object - properties: - mechanism: - enum: - - PLAIN - - SCRAM-SHA-256 - - SCRAM-SHA-512 - type: string - secrets: - additionalProperties: true - type: object - properties: - password: - anyOf: - - additionalProperties: true - type: object - properties: - id: - type: string - required: - - id - - type: string - ssl: - additionalProperties: true - type: object - properties: - key: - anyOf: - - additionalProperties: true - type: object - properties: - id: - type: string - required: - - id - - type: string - required: - - key - shipper: - additionalProperties: true - nullable: true - type: object - properties: - compression_level: - nullable: true - type: number - disk_queue_compression_enabled: - nullable: true - type: boolean - disk_queue_enabled: - default: false - nullable: true - type: boolean - disk_queue_encryption_enabled: - nullable: true - type: boolean - disk_queue_max_size: - nullable: true - type: number - disk_queue_path: - nullable: true - type: string - loadbalance: - nullable: true - type: boolean - max_batch_bytes: - nullable: true - type: number - mem_queue_events: - nullable: true - type: number - queue_flush_timeout: - nullable: true - type: number - required: - - disk_queue_path - - disk_queue_max_size - - disk_queue_encryption_enabled - - disk_queue_compression_enabled - - compression_level - - loadbalance - - mem_queue_events - - queue_flush_timeout - - max_batch_bytes - ssl: - additionalProperties: true - nullable: true - type: object - properties: - certificate: - type: string - certificate_authorities: - items: - type: string - type: array - key: - type: string - verification_mode: - enum: - - full - - none - - certificate - - strict - type: string - timeout: - type: number - topic: - type: string - topics: - items: - additionalProperties: true - type: object - properties: - topic: - type: string - when: - additionalProperties: true - type: object - properties: - condition: - type: string - type: - enum: - - equals - - contains - - regexp - type: string - required: - - topic - minItems: 1 - type: array - type: - enum: - - kafka - type: string - username: - anyOf: - - items: {} - type: array - - type: boolean - - type: number - - type: object - - type: string - nullable: true - oneOf: - - type: string - - not: {} - version: - type: string - required: - - name - - type - - hosts - - compression_level - - auth_type - - connection_type - - username - - password - required: - - item - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Fleet outputs - /api/fleet/outputs/{outputId}: - delete: - description: Delete output by ID - operationId: '%2Fapi%2Ffleet%2Foutputs%2F%7BoutputId%7D#2' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - in: path - name: outputId - required: true - schema: - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - id: - type: string - required: - - id - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Fleet outputs - get: - description: Get output by ID - operationId: '%2Fapi%2Ffleet%2Foutputs%2F%7BoutputId%7D#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - in: path - name: outputId - required: true - schema: - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - item: - anyOf: - - additionalProperties: true - type: object - properties: - allow_edit: - items: - type: string - type: array - ca_sha256: - nullable: true - type: string - ca_trusted_fingerprint: - nullable: true - type: string - config_yaml: - nullable: true - type: string - hosts: - items: - format: uri - type: string - minItems: 1 - type: array - id: - type: string - is_default: - default: false - type: boolean - is_default_monitoring: - default: false - type: boolean - is_internal: - type: boolean - is_preconfigured: - type: boolean - name: - type: string - preset: - enum: - - balanced - - custom - - throughput - - scale - - latency - type: string - proxy_id: - nullable: true - type: string - shipper: - additionalProperties: true - nullable: true - type: object - properties: - compression_level: - nullable: true - type: number - disk_queue_compression_enabled: - nullable: true - type: boolean - disk_queue_enabled: - default: false - nullable: true - type: boolean - disk_queue_encryption_enabled: - nullable: true - type: boolean - disk_queue_max_size: - nullable: true - type: number - disk_queue_path: - nullable: true - type: string - loadbalance: - nullable: true - type: boolean - max_batch_bytes: - nullable: true - type: number - mem_queue_events: - nullable: true - type: number - queue_flush_timeout: - nullable: true - type: number - required: - - disk_queue_path - - disk_queue_max_size - - disk_queue_encryption_enabled - - disk_queue_compression_enabled - - compression_level - - loadbalance - - mem_queue_events - - queue_flush_timeout - - max_batch_bytes - ssl: - additionalProperties: true - nullable: true - type: object - properties: - certificate: - type: string - certificate_authorities: - items: - type: string - type: array - key: - type: string - verification_mode: - enum: - - full - - none - - certificate - - strict - type: string - type: - enum: - - elasticsearch - type: string - required: - - name - - type - - hosts - - additionalProperties: true - type: object - properties: - allow_edit: - items: - type: string - type: array - ca_sha256: - nullable: true - type: string - ca_trusted_fingerprint: - nullable: true - type: string - config_yaml: - nullable: true - type: string - hosts: - items: - format: uri - type: string - minItems: 1 - type: array - id: - type: string - is_default: - default: false - type: boolean - is_default_monitoring: - default: false - type: boolean - is_internal: - type: boolean - is_preconfigured: - type: boolean - name: - type: string - preset: - enum: - - balanced - - custom - - throughput - - scale - - latency - type: string - proxy_id: - nullable: true - type: string - secrets: - additionalProperties: true - type: object - properties: - service_token: - anyOf: - - additionalProperties: true - type: object - properties: - id: - type: string - required: - - id - - type: string - service_token: - nullable: true - type: string - shipper: - additionalProperties: true - nullable: true - type: object - properties: - compression_level: - nullable: true - type: number - disk_queue_compression_enabled: - nullable: true - type: boolean - disk_queue_enabled: - default: false - nullable: true - type: boolean - disk_queue_encryption_enabled: - nullable: true - type: boolean - disk_queue_max_size: - nullable: true - type: number - disk_queue_path: - nullable: true - type: string - loadbalance: - nullable: true - type: boolean - max_batch_bytes: - nullable: true - type: number - mem_queue_events: - nullable: true - type: number - queue_flush_timeout: - nullable: true - type: number - required: - - disk_queue_path - - disk_queue_max_size - - disk_queue_encryption_enabled - - disk_queue_compression_enabled - - compression_level - - loadbalance - - mem_queue_events - - queue_flush_timeout - - max_batch_bytes - ssl: - additionalProperties: true - nullable: true - type: object - properties: - certificate: - type: string - certificate_authorities: - items: - type: string - type: array - key: - type: string - verification_mode: - enum: - - full - - none - - certificate - - strict - type: string - type: - enum: - - remote_elasticsearch - type: string - required: - - name - - type - - hosts - - additionalProperties: true - type: object - properties: - allow_edit: - items: - type: string - type: array - ca_sha256: - nullable: true - type: string - ca_trusted_fingerprint: - nullable: true - type: string - config_yaml: - nullable: true - type: string - hosts: - items: - type: string - minItems: 1 - type: array - id: - type: string - is_default: - default: false - type: boolean - is_default_monitoring: - default: false - type: boolean - is_internal: - type: boolean - is_preconfigured: - type: boolean - name: - type: string - proxy_id: - nullable: true - type: string - secrets: - additionalProperties: true - type: object - properties: - ssl: - additionalProperties: true - type: object - properties: - key: - anyOf: - - additionalProperties: true - type: object - properties: - id: - type: string - required: - - id - - type: string - shipper: - additionalProperties: true - nullable: true - type: object - properties: - compression_level: - nullable: true - type: number - disk_queue_compression_enabled: - nullable: true - type: boolean - disk_queue_enabled: - default: false - nullable: true - type: boolean - disk_queue_encryption_enabled: - nullable: true - type: boolean - disk_queue_max_size: - nullable: true - type: number - disk_queue_path: - nullable: true - type: string - loadbalance: - nullable: true - type: boolean - max_batch_bytes: - nullable: true - type: number - mem_queue_events: - nullable: true - type: number - queue_flush_timeout: - nullable: true - type: number - required: - - disk_queue_path - - disk_queue_max_size - - disk_queue_encryption_enabled - - disk_queue_compression_enabled - - compression_level - - loadbalance - - mem_queue_events - - queue_flush_timeout - - max_batch_bytes - ssl: - additionalProperties: true - nullable: true - type: object - properties: - certificate: - type: string - certificate_authorities: - items: - type: string - type: array - key: - type: string - verification_mode: - enum: - - full - - none - - certificate - - strict - type: string - type: - enum: - - logstash - type: string - required: - - name - - type - - hosts - - additionalProperties: true - type: object - properties: - allow_edit: - items: - type: string - type: array - auth_type: - enum: - - none - - user_pass - - ssl - - kerberos - type: string - broker_timeout: - type: number - ca_sha256: - nullable: true - type: string - ca_trusted_fingerprint: - nullable: true - type: string - client_id: - type: string - compression: - enum: - - gzip - - snappy - - lz4 - - none - type: string - compression_level: - anyOf: - - items: {} - type: array - - type: boolean - - type: number - - type: object - - type: string - nullable: true - oneOf: - - type: number - - not: {} - config_yaml: - nullable: true - type: string - connection_type: - anyOf: - - items: {} - type: array - - type: boolean - - type: number - - type: object - - type: string - nullable: true - oneOf: - - enum: - - plaintext - - encryption - type: string - - not: {} - hash: - additionalProperties: true - type: object - properties: - hash: - type: string - random: - type: boolean - headers: - items: - additionalProperties: true - type: object - properties: - key: - type: string - value: - type: string - required: - - key - - value - type: array - hosts: - items: - type: string - minItems: 1 - type: array - id: - type: string - is_default: - default: false - type: boolean - is_default_monitoring: - default: false - type: boolean - is_internal: - type: boolean - is_preconfigured: - type: boolean - key: - type: string - name: - type: string - partition: - enum: - - random - - round_robin - - hash - type: string - password: - anyOf: - - items: {} - type: array - - type: boolean - - type: number - - type: object - - type: string - nullable: true - oneOf: - - not: {} - - anyOf: - - items: {} - type: array - - type: boolean - - type: number - - type: object - - type: string - nullable: true - oneOf: - - type: string - - not: {} - proxy_id: - nullable: true - type: string - random: - additionalProperties: true - type: object - properties: - group_events: - type: number - required_acks: - enum: - - 1 - - 0 - - -1 - type: integer - round_robin: - additionalProperties: true - type: object - properties: - group_events: - type: number - sasl: - additionalProperties: true - nullable: true - type: object - properties: - mechanism: - enum: - - PLAIN - - SCRAM-SHA-256 - - SCRAM-SHA-512 - type: string - secrets: - additionalProperties: true - type: object - properties: - password: - anyOf: - - additionalProperties: true - type: object - properties: - id: - type: string - required: - - id - - type: string - ssl: - additionalProperties: true - type: object - properties: - key: - anyOf: - - additionalProperties: true - type: object - properties: - id: - type: string - required: - - id - - type: string - required: - - key - shipper: - additionalProperties: true - nullable: true - type: object - properties: - compression_level: - nullable: true - type: number - disk_queue_compression_enabled: - nullable: true - type: boolean - disk_queue_enabled: - default: false - nullable: true - type: boolean - disk_queue_encryption_enabled: - nullable: true - type: boolean - disk_queue_max_size: - nullable: true - type: number - disk_queue_path: - nullable: true - type: string - loadbalance: - nullable: true - type: boolean - max_batch_bytes: - nullable: true - type: number - mem_queue_events: - nullable: true - type: number - queue_flush_timeout: - nullable: true - type: number - required: - - disk_queue_path - - disk_queue_max_size - - disk_queue_encryption_enabled - - disk_queue_compression_enabled - - compression_level - - loadbalance - - mem_queue_events - - queue_flush_timeout - - max_batch_bytes - ssl: - additionalProperties: true - nullable: true - type: object - properties: - certificate: - type: string - certificate_authorities: - items: - type: string - type: array - key: - type: string - verification_mode: - enum: - - full - - none - - certificate - - strict - type: string - timeout: - type: number - topic: - type: string - topics: - items: - additionalProperties: true - type: object - properties: - topic: - type: string - when: - additionalProperties: true - type: object - properties: - condition: - type: string - type: - enum: - - equals - - contains - - regexp - type: string - required: - - topic - minItems: 1 - type: array - type: - enum: - - kafka - type: string - username: - anyOf: - - items: {} - type: array - - type: boolean - - type: number - - type: object - - type: string - nullable: true - oneOf: - - type: string - - not: {} - version: - type: string - required: - - name - - type - - hosts - - compression_level - - auth_type - - connection_type - - username - - password - required: - - item - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Fleet outputs - put: - description: Update output by ID - operationId: '%2Fapi%2Ffleet%2Foutputs%2F%7BoutputId%7D#1' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - in: path - name: outputId - required: true - schema: - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - anyOf: - - additionalProperties: false - type: object - properties: - allow_edit: - items: - type: string - type: array - ca_sha256: - nullable: true - type: string - ca_trusted_fingerprint: - nullable: true - type: string - config_yaml: - nullable: true - type: string - hosts: - items: - format: uri - type: string - minItems: 1 - type: array - id: - type: string - is_default: - type: boolean - is_default_monitoring: - type: boolean - is_internal: - type: boolean - is_preconfigured: - type: boolean - name: - type: string - preset: - enum: - - balanced - - custom - - throughput - - scale - - latency - type: string - proxy_id: - nullable: true - type: string - shipper: - additionalProperties: false - nullable: true - type: object - properties: - compression_level: - nullable: true - type: number - disk_queue_compression_enabled: - nullable: true - type: boolean - disk_queue_enabled: - default: false - nullable: true - type: boolean - disk_queue_encryption_enabled: - nullable: true - type: boolean - disk_queue_max_size: - nullable: true - type: number - disk_queue_path: - nullable: true - type: string - loadbalance: - nullable: true - type: boolean - max_batch_bytes: - nullable: true - type: number - mem_queue_events: - nullable: true - type: number - queue_flush_timeout: - nullable: true - type: number - required: - - disk_queue_path - - disk_queue_max_size - - disk_queue_encryption_enabled - - disk_queue_compression_enabled - - compression_level - - loadbalance - - mem_queue_events - - queue_flush_timeout - - max_batch_bytes - ssl: - additionalProperties: false - nullable: true - type: object - properties: - certificate: - type: string - certificate_authorities: - items: - type: string - type: array - key: - type: string - verification_mode: - enum: - - full - - none - - certificate - - strict - type: string - type: - enum: - - elasticsearch - type: string - - additionalProperties: false - type: object - properties: - allow_edit: - items: - type: string - type: array - ca_sha256: - nullable: true - type: string - ca_trusted_fingerprint: - nullable: true - type: string - config_yaml: - nullable: true - type: string - hosts: - items: - format: uri - type: string - minItems: 1 - type: array - id: - type: string - is_default: - type: boolean - is_default_monitoring: - type: boolean - is_internal: - type: boolean - is_preconfigured: - type: boolean - name: - type: string - preset: - enum: - - balanced - - custom - - throughput - - scale - - latency - type: string - proxy_id: - nullable: true - type: string - secrets: - additionalProperties: false - type: object - properties: - service_token: - anyOf: - - additionalProperties: false - type: object - properties: - id: - type: string - required: - - id - - type: string - service_token: - nullable: true - type: string - shipper: - additionalProperties: false - nullable: true - type: object - properties: - compression_level: - nullable: true - type: number - disk_queue_compression_enabled: - nullable: true - type: boolean - disk_queue_enabled: - default: false - nullable: true - type: boolean - disk_queue_encryption_enabled: - nullable: true - type: boolean - disk_queue_max_size: - nullable: true - type: number - disk_queue_path: - nullable: true - type: string - loadbalance: - nullable: true - type: boolean - max_batch_bytes: - nullable: true - type: number - mem_queue_events: - nullable: true - type: number - queue_flush_timeout: - nullable: true - type: number - required: - - disk_queue_path - - disk_queue_max_size - - disk_queue_encryption_enabled - - disk_queue_compression_enabled - - compression_level - - loadbalance - - mem_queue_events - - queue_flush_timeout - - max_batch_bytes - ssl: - additionalProperties: false - nullable: true - type: object - properties: - certificate: - type: string - certificate_authorities: - items: - type: string - type: array - key: - type: string - verification_mode: - enum: - - full - - none - - certificate - - strict - type: string - type: - enum: - - remote_elasticsearch - type: string - - additionalProperties: false - type: object - properties: - allow_edit: - items: - type: string - type: array - ca_sha256: - nullable: true - type: string - ca_trusted_fingerprint: - nullable: true - type: string - config_yaml: - nullable: true - type: string - hosts: - items: - type: string - minItems: 1 - type: array - id: - type: string - is_default: - type: boolean - is_default_monitoring: - type: boolean - is_internal: - type: boolean - is_preconfigured: - type: boolean - name: - type: string - proxy_id: - nullable: true - type: string - secrets: - additionalProperties: false - type: object - properties: - ssl: - additionalProperties: false - type: object - properties: - key: - anyOf: - - additionalProperties: false - type: object - properties: - id: - type: string - required: - - id - - type: string - shipper: - additionalProperties: false - nullable: true - type: object - properties: - compression_level: - nullable: true - type: number - disk_queue_compression_enabled: - nullable: true - type: boolean - disk_queue_enabled: - default: false - nullable: true - type: boolean - disk_queue_encryption_enabled: - nullable: true - type: boolean - disk_queue_max_size: - nullable: true - type: number - disk_queue_path: - nullable: true - type: string - loadbalance: - nullable: true - type: boolean - max_batch_bytes: - nullable: true - type: number - mem_queue_events: - nullable: true - type: number - queue_flush_timeout: - nullable: true - type: number - required: - - disk_queue_path - - disk_queue_max_size - - disk_queue_encryption_enabled - - disk_queue_compression_enabled - - compression_level - - loadbalance - - mem_queue_events - - queue_flush_timeout - - max_batch_bytes - ssl: - additionalProperties: false - nullable: true - type: object - properties: - certificate: - type: string - certificate_authorities: - items: - type: string - type: array - key: - type: string - verification_mode: - enum: - - full - - none - - certificate - - strict - type: string - type: - enum: - - logstash - type: string - - additionalProperties: false - type: object - properties: - allow_edit: - items: - type: string - type: array - auth_type: - enum: - - none - - user_pass - - ssl - - kerberos - type: string - broker_timeout: - type: number - ca_sha256: - nullable: true - type: string - ca_trusted_fingerprint: - nullable: true - type: string - client_id: - type: string - compression: - enum: - - gzip - - snappy - - lz4 - - none - type: string - compression_level: - anyOf: - - items: {} - type: array - - type: boolean - - type: number - - type: object - - type: string - nullable: true - oneOf: - - type: number - - not: {} - config_yaml: - nullable: true - type: string - connection_type: - anyOf: - - items: {} - type: array - - type: boolean - - type: number - - type: object - - type: string - nullable: true - oneOf: - - enum: - - plaintext - - encryption - type: string - - not: {} - hash: - additionalProperties: false - type: object - properties: - hash: - type: string - random: - type: boolean - headers: - items: - additionalProperties: false - type: object - properties: - key: - type: string - value: - type: string - required: - - key - - value - type: array - hosts: - items: - type: string - minItems: 1 - type: array - id: - type: string - is_default: - default: false - type: boolean - is_default_monitoring: - default: false - type: boolean - is_internal: - type: boolean - is_preconfigured: - type: boolean - key: - type: string - name: - type: string - partition: - enum: - - random - - round_robin - - hash - type: string - password: - anyOf: - - items: {} - type: array - - type: boolean - - type: number - - type: object - - type: string - nullable: true - oneOf: - - not: {} - - anyOf: - - items: {} - type: array - - type: boolean - - type: number - - type: object - - type: string - nullable: true - oneOf: - - type: string - - not: {} - proxy_id: - nullable: true - type: string - random: - additionalProperties: false - type: object - properties: - group_events: - type: number - required_acks: - enum: - - 1 - - 0 - - -1 - type: integer - round_robin: - additionalProperties: false - type: object - properties: - group_events: - type: number - sasl: - additionalProperties: false - nullable: true - type: object - properties: - mechanism: - enum: - - PLAIN - - SCRAM-SHA-256 - - SCRAM-SHA-512 - type: string - secrets: - additionalProperties: false - type: object - properties: - password: - anyOf: - - additionalProperties: false - type: object - properties: - id: - type: string - required: - - id - - type: string - ssl: - additionalProperties: false - type: object - properties: - key: - anyOf: - - additionalProperties: false - type: object - properties: - id: - type: string - required: - - id - - type: string - required: - - key - shipper: - additionalProperties: false - nullable: true - type: object - properties: - compression_level: - nullable: true - type: number - disk_queue_compression_enabled: - nullable: true - type: boolean - disk_queue_enabled: - default: false - nullable: true - type: boolean - disk_queue_encryption_enabled: - nullable: true - type: boolean - disk_queue_max_size: - nullable: true - type: number - disk_queue_path: - nullable: true - type: string - loadbalance: - nullable: true - type: boolean - max_batch_bytes: - nullable: true - type: number - mem_queue_events: - nullable: true - type: number - queue_flush_timeout: - nullable: true - type: number - required: - - disk_queue_path - - disk_queue_max_size - - disk_queue_encryption_enabled - - disk_queue_compression_enabled - - compression_level - - loadbalance - - mem_queue_events - - queue_flush_timeout - - max_batch_bytes - ssl: - additionalProperties: false - nullable: true - type: object - properties: - certificate: - type: string - certificate_authorities: - items: - type: string - type: array - key: - type: string - verification_mode: - enum: - - full - - none - - certificate - - strict - type: string - timeout: - type: number - topic: - type: string - topics: - items: - additionalProperties: false - type: object - properties: - topic: - type: string - when: - additionalProperties: false - type: object - properties: - condition: - type: string - type: - enum: - - equals - - contains - - regexp - type: string - required: - - topic - minItems: 1 - type: array - type: - enum: - - kafka - type: string - username: - anyOf: - - items: {} - type: array - - type: boolean - - type: number - - type: object - - type: string - nullable: true - oneOf: - - type: string - - not: {} - version: - type: string - required: - - name - - compression_level - - connection_type - - username - - password - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - item: - anyOf: - - additionalProperties: true - type: object - properties: - allow_edit: - items: - type: string - type: array - ca_sha256: - nullable: true - type: string - ca_trusted_fingerprint: - nullable: true - type: string - config_yaml: - nullable: true - type: string - hosts: - items: - format: uri - type: string - minItems: 1 - type: array - id: - type: string - is_default: - default: false - type: boolean - is_default_monitoring: - default: false - type: boolean - is_internal: - type: boolean - is_preconfigured: - type: boolean - name: - type: string - preset: - enum: - - balanced - - custom - - throughput - - scale - - latency - type: string - proxy_id: - nullable: true - type: string - shipper: - additionalProperties: true - nullable: true - type: object - properties: - compression_level: - nullable: true - type: number - disk_queue_compression_enabled: - nullable: true - type: boolean - disk_queue_enabled: - default: false - nullable: true - type: boolean - disk_queue_encryption_enabled: - nullable: true - type: boolean - disk_queue_max_size: - nullable: true - type: number - disk_queue_path: - nullable: true - type: string - loadbalance: - nullable: true - type: boolean - max_batch_bytes: - nullable: true - type: number - mem_queue_events: - nullable: true - type: number - queue_flush_timeout: - nullable: true - type: number - required: - - disk_queue_path - - disk_queue_max_size - - disk_queue_encryption_enabled - - disk_queue_compression_enabled - - compression_level - - loadbalance - - mem_queue_events - - queue_flush_timeout - - max_batch_bytes - ssl: - additionalProperties: true - nullable: true - type: object - properties: - certificate: - type: string - certificate_authorities: - items: - type: string - type: array - key: - type: string - verification_mode: - enum: - - full - - none - - certificate - - strict - type: string - type: - enum: - - elasticsearch - type: string - required: - - name - - type - - hosts - - additionalProperties: true - type: object - properties: - allow_edit: - items: - type: string - type: array - ca_sha256: - nullable: true - type: string - ca_trusted_fingerprint: - nullable: true - type: string - config_yaml: - nullable: true - type: string - hosts: - items: - format: uri - type: string - minItems: 1 - type: array - id: - type: string - is_default: - default: false - type: boolean - is_default_monitoring: - default: false - type: boolean - is_internal: - type: boolean - is_preconfigured: - type: boolean - name: - type: string - preset: - enum: - - balanced - - custom - - throughput - - scale - - latency - type: string - proxy_id: - nullable: true - type: string - secrets: - additionalProperties: true - type: object - properties: - service_token: - anyOf: - - additionalProperties: true - type: object - properties: - id: - type: string - required: - - id - - type: string - service_token: - nullable: true - type: string - shipper: - additionalProperties: true - nullable: true - type: object - properties: - compression_level: - nullable: true - type: number - disk_queue_compression_enabled: - nullable: true - type: boolean - disk_queue_enabled: - default: false - nullable: true - type: boolean - disk_queue_encryption_enabled: - nullable: true - type: boolean - disk_queue_max_size: - nullable: true - type: number - disk_queue_path: - nullable: true - type: string - loadbalance: - nullable: true - type: boolean - max_batch_bytes: - nullable: true - type: number - mem_queue_events: - nullable: true - type: number - queue_flush_timeout: - nullable: true - type: number - required: - - disk_queue_path - - disk_queue_max_size - - disk_queue_encryption_enabled - - disk_queue_compression_enabled - - compression_level - - loadbalance - - mem_queue_events - - queue_flush_timeout - - max_batch_bytes - ssl: - additionalProperties: true - nullable: true - type: object - properties: - certificate: - type: string - certificate_authorities: - items: - type: string - type: array - key: - type: string - verification_mode: - enum: - - full - - none - - certificate - - strict - type: string - type: - enum: - - remote_elasticsearch - type: string - required: - - name - - type - - hosts - - additionalProperties: true - type: object - properties: - allow_edit: - items: - type: string - type: array - ca_sha256: - nullable: true - type: string - ca_trusted_fingerprint: - nullable: true - type: string - config_yaml: - nullable: true - type: string - hosts: - items: - type: string - minItems: 1 - type: array - id: - type: string - is_default: - default: false - type: boolean - is_default_monitoring: - default: false - type: boolean - is_internal: - type: boolean - is_preconfigured: - type: boolean - name: - type: string - proxy_id: - nullable: true - type: string - secrets: - additionalProperties: true - type: object - properties: - ssl: - additionalProperties: true - type: object - properties: - key: - anyOf: - - additionalProperties: true - type: object - properties: - id: - type: string - required: - - id - - type: string - shipper: - additionalProperties: true - nullable: true - type: object - properties: - compression_level: - nullable: true - type: number - disk_queue_compression_enabled: - nullable: true - type: boolean - disk_queue_enabled: - default: false - nullable: true - type: boolean - disk_queue_encryption_enabled: - nullable: true - type: boolean - disk_queue_max_size: - nullable: true - type: number - disk_queue_path: - nullable: true - type: string - loadbalance: - nullable: true - type: boolean - max_batch_bytes: - nullable: true - type: number - mem_queue_events: - nullable: true - type: number - queue_flush_timeout: - nullable: true - type: number - required: - - disk_queue_path - - disk_queue_max_size - - disk_queue_encryption_enabled - - disk_queue_compression_enabled - - compression_level - - loadbalance - - mem_queue_events - - queue_flush_timeout - - max_batch_bytes - ssl: - additionalProperties: true - nullable: true - type: object - properties: - certificate: - type: string - certificate_authorities: - items: - type: string - type: array - key: - type: string - verification_mode: - enum: - - full - - none - - certificate - - strict - type: string - type: - enum: - - logstash - type: string - required: - - name - - type - - hosts - - additionalProperties: true - type: object - properties: - allow_edit: - items: - type: string - type: array - auth_type: - enum: - - none - - user_pass - - ssl - - kerberos - type: string - broker_timeout: - type: number - ca_sha256: - nullable: true - type: string - ca_trusted_fingerprint: - nullable: true - type: string - client_id: - type: string - compression: - enum: - - gzip - - snappy - - lz4 - - none - type: string - compression_level: - anyOf: - - items: {} - type: array - - type: boolean - - type: number - - type: object - - type: string - nullable: true - oneOf: - - type: number - - not: {} - config_yaml: - nullable: true - type: string - connection_type: - anyOf: - - items: {} - type: array - - type: boolean - - type: number - - type: object - - type: string - nullable: true - oneOf: - - enum: - - plaintext - - encryption - type: string - - not: {} - hash: - additionalProperties: true - type: object - properties: - hash: - type: string - random: - type: boolean - headers: - items: - additionalProperties: true - type: object - properties: - key: - type: string - value: - type: string - required: - - key - - value - type: array - hosts: - items: - type: string - minItems: 1 - type: array - id: - type: string - is_default: - default: false - type: boolean - is_default_monitoring: - default: false - type: boolean - is_internal: - type: boolean - is_preconfigured: - type: boolean - key: - type: string - name: - type: string - partition: - enum: - - random - - round_robin - - hash - type: string - password: - anyOf: - - items: {} - type: array - - type: boolean - - type: number - - type: object - - type: string - nullable: true - oneOf: - - not: {} - - anyOf: - - items: {} - type: array - - type: boolean - - type: number - - type: object - - type: string - nullable: true - oneOf: - - type: string - - not: {} - proxy_id: - nullable: true - type: string - random: - additionalProperties: true - type: object - properties: - group_events: - type: number - required_acks: - enum: - - 1 - - 0 - - -1 - type: integer - round_robin: - additionalProperties: true - type: object - properties: - group_events: - type: number - sasl: - additionalProperties: true - nullable: true - type: object - properties: - mechanism: - enum: - - PLAIN - - SCRAM-SHA-256 - - SCRAM-SHA-512 - type: string - secrets: - additionalProperties: true - type: object - properties: - password: - anyOf: - - additionalProperties: true - type: object - properties: - id: - type: string - required: - - id - - type: string - ssl: - additionalProperties: true - type: object - properties: - key: - anyOf: - - additionalProperties: true - type: object - properties: - id: - type: string - required: - - id - - type: string - required: - - key - shipper: - additionalProperties: true - nullable: true - type: object - properties: - compression_level: - nullable: true - type: number - disk_queue_compression_enabled: - nullable: true - type: boolean - disk_queue_enabled: - default: false - nullable: true - type: boolean - disk_queue_encryption_enabled: - nullable: true - type: boolean - disk_queue_max_size: - nullable: true - type: number - disk_queue_path: - nullable: true - type: string - loadbalance: - nullable: true - type: boolean - max_batch_bytes: - nullable: true - type: number - mem_queue_events: - nullable: true - type: number - queue_flush_timeout: - nullable: true - type: number - required: - - disk_queue_path - - disk_queue_max_size - - disk_queue_encryption_enabled - - disk_queue_compression_enabled - - compression_level - - loadbalance - - mem_queue_events - - queue_flush_timeout - - max_batch_bytes - ssl: - additionalProperties: true - nullable: true - type: object - properties: - certificate: - type: string - certificate_authorities: - items: - type: string - type: array - key: - type: string - verification_mode: - enum: - - full - - none - - certificate - - strict - type: string - timeout: - type: number - topic: - type: string - topics: - items: - additionalProperties: true - type: object - properties: - topic: - type: string - when: - additionalProperties: true - type: object - properties: - condition: - type: string - type: - enum: - - equals - - contains - - regexp - type: string - required: - - topic - minItems: 1 - type: array - type: - enum: - - kafka - type: string - username: - anyOf: - - items: {} - type: array - - type: boolean - - type: number - - type: object - - type: string - nullable: true - oneOf: - - type: string - - not: {} - version: - type: string - required: - - name - - type - - hosts - - compression_level - - auth_type - - connection_type - - username - - password - required: - - item - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Fleet outputs - /api/fleet/outputs/{outputId}/health: - get: - description: Get latest output health - operationId: '%2Fapi%2Ffleet%2Foutputs%2F%7BoutputId%7D%2Fhealth#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - in: path - name: outputId - required: true - schema: - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - message: - description: long message if unhealthy - type: string - state: - description: state of output, HEALTHY or DEGRADED - type: string - timestamp: - description: timestamp of reported state - type: string - required: - - state - - message - - timestamp - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Fleet outputs - /api/fleet/package_policies: - get: - description: List package policies - operationId: '%2Fapi%2Ffleet%2Fpackage_policies#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - in: query - name: page - required: false - schema: - type: number - - in: query - name: perPage - required: false - schema: - type: number - - in: query - name: sortField - required: false - schema: - type: string - - in: query - name: sortOrder - required: false - schema: - enum: - - desc - - asc - type: string - - in: query - name: showUpgradeable - required: false - schema: - type: boolean - - in: query - name: kuery - required: false - schema: - type: string - - in: query - name: format - required: false - schema: - enum: - - simplified - - legacy - type: string - - in: query - name: withAgentCount - required: false - schema: - type: boolean - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - items: - items: - additionalProperties: false - type: object - properties: - agents: - type: number - created_at: - type: string - created_by: - type: string - description: - description: Package policy description - type: string - elasticsearch: - additionalProperties: true - type: object - properties: - privileges: - additionalProperties: true - type: object - properties: - cluster: - items: - type: string - type: array - enabled: - type: boolean - id: - type: string - inputs: - anyOf: - - items: - additionalProperties: false - type: object - properties: - compiled_input: {} - config: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - enabled: - type: boolean - id: - type: string - keep_enabled: - type: boolean - policy_template: - type: string - streams: - items: - additionalProperties: false - type: object - properties: - compiled_stream: {} - config: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - data_stream: - additionalProperties: false - type: object - properties: - dataset: - type: string - elasticsearch: - additionalProperties: false - type: object - properties: - dynamic_dataset: - type: boolean - dynamic_namespace: - type: boolean - privileges: - additionalProperties: false - type: object - properties: - indices: - items: - type: string - type: array - type: - type: string - required: - - dataset - - type - enabled: - type: boolean - id: - type: string - keep_enabled: - type: boolean - release: - enum: - - ga - - beta - - experimental - type: string - vars: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - required: - - enabled - - data_stream - - compiled_stream - type: array - type: - type: string - vars: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - required: - - type - - enabled - - streams - - compiled_input - type: array - - additionalProperties: - additionalProperties: false - type: object - properties: - enabled: - description: >- - enable or disable that input, (default to - true) - type: boolean - streams: - additionalProperties: - additionalProperties: false - type: object - properties: - enabled: - description: >- - enable or disable that stream, (default - to true) - type: boolean - vars: - additionalProperties: - anyOf: - - type: boolean - - type: string - - type: number - - items: - type: string - type: array - - items: - type: number - type: array - - additionalProperties: false - type: object - properties: - id: - type: string - isSecretRef: - type: boolean - required: - - id - - isSecretRef - nullable: true - description: >- - Input/stream level variable (see - integration documentation for more - information) - type: object - description: >- - Input streams (see integration - documentation to know what streams are - available) - type: object - vars: - additionalProperties: - anyOf: - - type: boolean - - type: string - - type: number - - items: - type: string - type: array - - items: - type: number - type: array - - additionalProperties: false - type: object - properties: - id: - type: string - isSecretRef: - type: boolean - required: - - id - - isSecretRef - nullable: true - description: >- - Input/stream level variable (see - integration documentation for more - information) - type: object - description: >- - Package policy inputs (see integration - documentation to know what inputs are available) - type: object - x-oas-optional: true - is_managed: - type: boolean - name: - description: Package policy name (should be unique) - type: string - namespace: - description: >- - The package policy namespace. Leave blank to inherit - the agent policy's namespace. - type: string - output_id: - nullable: true - type: string - overrides: - additionalProperties: false - description: >- - Override settings that are defined in the package - policy. The override option should be used only in - unusual circumstances and not as a routine - procedure. - nullable: true - type: object - properties: - inputs: - additionalProperties: {} - type: object - package: - additionalProperties: false - type: object - properties: - experimental_data_stream_features: - items: - additionalProperties: false - type: object - properties: - data_stream: - type: string - features: - additionalProperties: false - type: object - properties: - doc_value_only_numeric: - type: boolean - doc_value_only_other: - type: boolean - synthetic_source: - type: boolean - tsdb: - type: boolean - required: - - data_stream - - features - type: array - name: - description: Package name - type: string - requires_root: - type: boolean - title: - type: string - version: - description: Package version - type: string - required: - - name - - version - policy_id: - deprecated: true - description: >- - Agent policy ID where that package policy will be - added - nullable: true - type: string - policy_ids: - items: - description: >- - Agent policy IDs where that package policy will be - added - type: string - type: array - revision: - type: number - secret_references: - items: - additionalProperties: false - type: object - properties: - id: - type: string - required: - - id - type: array - spaceIds: - items: - type: string - type: array - updated_at: - type: string - updated_by: - type: string - vars: - anyOf: - - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration documentation - for more information) - type: object - - additionalProperties: - anyOf: - - type: boolean - - type: string - - type: number - - items: - type: string - type: array - - items: - type: number - type: array - - additionalProperties: false - type: object - properties: - id: - type: string - isSecretRef: - type: boolean - required: - - id - - isSecretRef - nullable: true - description: >- - Input/stream level variable (see integration - documentation for more information) - type: object - x-oas-optional: true - version: - type: string - required: - - name - - enabled - - inputs - - id - - revision - - updated_at - - updated_by - - created_at - - created_by - type: array - page: - type: number - perPage: - type: number - total: - type: number - required: - - items - - total - - page - - perPage - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Fleet package policies - post: - description: Create package policy - operationId: '%2Fapi%2Ffleet%2Fpackage_policies#1' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - in: query - name: format - required: false - schema: - enum: - - simplified - - legacy - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - anyOf: - - additionalProperties: false - type: object - properties: - description: - description: Package policy description - type: string - enabled: - type: boolean - force: - description: >- - Force package policy creation even if package is not - verified, or if the agent policy is managed. - type: boolean - id: - description: Package policy unique identifier - type: string - inputs: - items: - additionalProperties: false - type: object - properties: - config: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration documentation - for more information) - type: object - enabled: - type: boolean - id: - type: string - keep_enabled: - type: boolean - policy_template: - type: string - streams: - items: - additionalProperties: false - type: object - properties: - compiled_stream: {} - config: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - data_stream: - additionalProperties: false - type: object - properties: - dataset: - type: string - elasticsearch: - additionalProperties: false - type: object - properties: - dynamic_dataset: - type: boolean - dynamic_namespace: - type: boolean - privileges: - additionalProperties: false - type: object - properties: - indices: - items: - type: string - type: array - type: - type: string - required: - - dataset - - type - enabled: - type: boolean - id: - type: string - keep_enabled: - type: boolean - release: - enum: - - ga - - beta - - experimental - type: string - vars: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - required: - - enabled - - data_stream - - compiled_stream - type: array - type: - type: string - vars: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration documentation - for more information) - type: object - required: - - type - - enabled - type: array - is_managed: - type: boolean - name: - description: Package policy name (should be unique) - type: string - namespace: - description: >- - The package policy namespace. Leave blank to inherit the - agent policy's namespace. - type: string - output_id: - nullable: true - type: string - overrides: - additionalProperties: false - description: >- - Override settings that are defined in the package - policy. The override option should be used only in - unusual circumstances and not as a routine procedure. - nullable: true - type: object - properties: - inputs: - additionalProperties: {} - type: object - package: - additionalProperties: false - type: object - properties: - experimental_data_stream_features: - items: - additionalProperties: false - type: object - properties: - data_stream: - type: string - features: - additionalProperties: false - type: object - properties: - doc_value_only_numeric: - type: boolean - doc_value_only_other: - type: boolean - synthetic_source: - type: boolean - tsdb: - type: boolean - required: - - data_stream - - features - type: array - name: - description: Package name - type: string - requires_root: - type: boolean - title: - type: string - version: - description: Package version - type: string - required: - - name - - version - policy_id: - deprecated: true - description: Agent policy ID where that package policy will be added - nullable: true - type: string - policy_ids: - items: - description: >- - Agent policy IDs where that package policy will be - added - type: string - type: array - vars: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration documentation for more - information) - type: object - required: - - name - - inputs - - additionalProperties: false - type: object - properties: - description: - type: string - force: - type: boolean - id: - type: string - inputs: - additionalProperties: - additionalProperties: false - type: object - properties: - enabled: - description: enable or disable that input, (default to true) - type: boolean - streams: - additionalProperties: - additionalProperties: false - type: object - properties: - enabled: - description: >- - enable or disable that stream, (default to - true) - type: boolean - vars: - additionalProperties: - anyOf: - - type: boolean - - type: string - - type: number - - items: - type: string - type: array - - items: - type: number - type: array - - additionalProperties: false - type: object - properties: - id: - type: string - isSecretRef: - type: boolean - required: - - id - - isSecretRef - nullable: true - description: >- - Input/stream level variable (see integration - documentation for more information) - type: object - description: >- - Input streams (see integration documentation to - know what streams are available) - type: object - vars: - additionalProperties: - anyOf: - - type: boolean - - type: string - - type: number - - items: - type: string - type: array - - items: - type: number - type: array - - additionalProperties: false - type: object - properties: - id: - type: string - isSecretRef: - type: boolean - required: - - id - - isSecretRef - nullable: true - description: >- - Input/stream level variable (see integration - documentation for more information) - type: object - description: >- - Package policy inputs (see integration documentation to - know what inputs are available) - type: object - name: - type: string - namespace: - type: string - output_id: - nullable: true - type: string - package: - additionalProperties: false - type: object - properties: - experimental_data_stream_features: - items: - additionalProperties: false - type: object - properties: - data_stream: - type: string - features: - additionalProperties: false - type: object - properties: - doc_value_only_numeric: - type: boolean - doc_value_only_other: - type: boolean - synthetic_source: - type: boolean - tsdb: - type: boolean - required: - - data_stream - - features - type: array - name: - description: Package name - type: string - requires_root: - type: boolean - title: - type: string - version: - description: Package version - type: string - required: - - name - - version - policy_id: - nullable: true - type: string - policy_ids: - items: - type: string - type: array - vars: - additionalProperties: - anyOf: - - type: boolean - - type: string - - type: number - - items: - type: string - type: array - - items: - type: number - type: array - - additionalProperties: false - type: object - properties: - id: - type: string - isSecretRef: - type: boolean - required: - - id - - isSecretRef - nullable: true - description: >- - Input/stream level variable (see integration - documentation for more information) - type: object - required: - - name - - package - description: >- - You should use inputs as an object and not use the deprecated - inputs array. - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - item: - additionalProperties: false - type: object - properties: - agents: - type: number - created_at: - type: string - created_by: - type: string - description: - description: Package policy description - type: string - elasticsearch: - additionalProperties: true - type: object - properties: - privileges: - additionalProperties: true - type: object - properties: - cluster: - items: - type: string - type: array - enabled: - type: boolean - id: - type: string - inputs: - anyOf: - - items: - additionalProperties: false - type: object - properties: - compiled_input: {} - config: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - enabled: - type: boolean - id: - type: string - keep_enabled: - type: boolean - policy_template: - type: string - streams: - items: - additionalProperties: false - type: object - properties: - compiled_stream: {} - config: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - data_stream: - additionalProperties: false - type: object - properties: - dataset: - type: string - elasticsearch: - additionalProperties: false - type: object - properties: - dynamic_dataset: - type: boolean - dynamic_namespace: - type: boolean - privileges: - additionalProperties: false - type: object - properties: - indices: - items: - type: string - type: array - type: - type: string - required: - - dataset - - type - enabled: - type: boolean - id: - type: string - keep_enabled: - type: boolean - release: - enum: - - ga - - beta - - experimental - type: string - vars: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - required: - - enabled - - data_stream - - compiled_stream - type: array - type: - type: string - vars: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - required: - - type - - enabled - - streams - - compiled_input - type: array - - additionalProperties: - additionalProperties: false - type: object - properties: - enabled: - description: >- - enable or disable that input, (default to - true) - type: boolean - streams: - additionalProperties: - additionalProperties: false - type: object - properties: - enabled: - description: >- - enable or disable that stream, (default - to true) - type: boolean - vars: - additionalProperties: - anyOf: - - type: boolean - - type: string - - type: number - - items: - type: string - type: array - - items: - type: number - type: array - - additionalProperties: false - type: object - properties: - id: - type: string - isSecretRef: - type: boolean - required: - - id - - isSecretRef - nullable: true - description: >- - Input/stream level variable (see - integration documentation for more - information) - type: object - description: >- - Input streams (see integration documentation - to know what streams are available) - type: object - vars: - additionalProperties: - anyOf: - - type: boolean - - type: string - - type: number - - items: - type: string - type: array - - items: - type: number - type: array - - additionalProperties: false - type: object - properties: - id: - type: string - isSecretRef: - type: boolean - required: - - id - - isSecretRef - nullable: true - description: >- - Input/stream level variable (see integration - documentation for more information) - type: object - description: >- - Package policy inputs (see integration - documentation to know what inputs are available) - type: object - x-oas-optional: true - is_managed: - type: boolean - name: - description: Package policy name (should be unique) - type: string - namespace: - description: >- - The package policy namespace. Leave blank to inherit - the agent policy's namespace. - type: string - output_id: - nullable: true - type: string - overrides: - additionalProperties: false - description: >- - Override settings that are defined in the package - policy. The override option should be used only in - unusual circumstances and not as a routine procedure. - nullable: true - type: object - properties: - inputs: - additionalProperties: {} - type: object - package: - additionalProperties: false - type: object - properties: - experimental_data_stream_features: - items: - additionalProperties: false - type: object - properties: - data_stream: - type: string - features: - additionalProperties: false - type: object - properties: - doc_value_only_numeric: - type: boolean - doc_value_only_other: - type: boolean - synthetic_source: - type: boolean - tsdb: - type: boolean - required: - - data_stream - - features - type: array - name: - description: Package name - type: string - requires_root: - type: boolean - title: - type: string - version: - description: Package version - type: string - required: - - name - - version - policy_id: - deprecated: true - description: >- - Agent policy ID where that package policy will be - added - nullable: true - type: string - policy_ids: - items: - description: >- - Agent policy IDs where that package policy will be - added - type: string - type: array - revision: - type: number - secret_references: - items: - additionalProperties: false - type: object - properties: - id: - type: string - required: - - id - type: array - spaceIds: - items: - type: string - type: array - updated_at: - type: string - updated_by: - type: string - vars: - anyOf: - - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration documentation - for more information) - type: object - - additionalProperties: - anyOf: - - type: boolean - - type: string - - type: number - - items: - type: string - type: array - - items: - type: number - type: array - - additionalProperties: false - type: object - properties: - id: - type: string - isSecretRef: - type: boolean - required: - - id - - isSecretRef - nullable: true - description: >- - Input/stream level variable (see integration - documentation for more information) - type: object - x-oas-optional: true - version: - type: string - required: - - name - - enabled - - inputs - - id - - revision - - updated_at - - updated_by - - created_at - - created_by - required: - - item - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - '409': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Fleet package policies - /api/fleet/package_policies/_bulk_get: - post: - description: Bulk get package policies - operationId: '%2Fapi%2Ffleet%2Fpackage_policies%2F_bulk_get#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - in: query - name: format - required: false - schema: - enum: - - simplified - - legacy - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - ids: - description: list of package policy ids - items: - type: string - type: array - ignoreMissing: - type: boolean - required: - - ids - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - items: - items: - additionalProperties: false - type: object - properties: - agents: - type: number - created_at: - type: string - created_by: - type: string - description: - description: Package policy description - type: string - elasticsearch: - additionalProperties: true - type: object - properties: - privileges: - additionalProperties: true - type: object - properties: - cluster: - items: - type: string - type: array - enabled: - type: boolean - id: - type: string - inputs: - anyOf: - - items: - additionalProperties: false - type: object - properties: - compiled_input: {} - config: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - enabled: - type: boolean - id: - type: string - keep_enabled: - type: boolean - policy_template: - type: string - streams: - items: - additionalProperties: false - type: object - properties: - compiled_stream: {} - config: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - data_stream: - additionalProperties: false - type: object - properties: - dataset: - type: string - elasticsearch: - additionalProperties: false - type: object - properties: - dynamic_dataset: - type: boolean - dynamic_namespace: - type: boolean - privileges: - additionalProperties: false - type: object - properties: - indices: - items: - type: string - type: array - type: - type: string - required: - - dataset - - type - enabled: - type: boolean - id: - type: string - keep_enabled: - type: boolean - release: - enum: - - ga - - beta - - experimental - type: string - vars: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - required: - - enabled - - data_stream - - compiled_stream - type: array - type: - type: string - vars: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - required: - - type - - enabled - - streams - - compiled_input - type: array - - additionalProperties: - additionalProperties: false - type: object - properties: - enabled: - description: >- - enable or disable that input, (default to - true) - type: boolean - streams: - additionalProperties: - additionalProperties: false - type: object - properties: - enabled: - description: >- - enable or disable that stream, (default - to true) - type: boolean - vars: - additionalProperties: - anyOf: - - type: boolean - - type: string - - type: number - - items: - type: string - type: array - - items: - type: number - type: array - - additionalProperties: false - type: object - properties: - id: - type: string - isSecretRef: - type: boolean - required: - - id - - isSecretRef - nullable: true - description: >- - Input/stream level variable (see - integration documentation for more - information) - type: object - description: >- - Input streams (see integration - documentation to know what streams are - available) - type: object - vars: - additionalProperties: - anyOf: - - type: boolean - - type: string - - type: number - - items: - type: string - type: array - - items: - type: number - type: array - - additionalProperties: false - type: object - properties: - id: - type: string - isSecretRef: - type: boolean - required: - - id - - isSecretRef - nullable: true - description: >- - Input/stream level variable (see - integration documentation for more - information) - type: object - description: >- - Package policy inputs (see integration - documentation to know what inputs are available) - type: object - x-oas-optional: true - is_managed: - type: boolean - name: - description: Package policy name (should be unique) - type: string - namespace: - description: >- - The package policy namespace. Leave blank to inherit - the agent policy's namespace. - type: string - output_id: - nullable: true - type: string - overrides: - additionalProperties: false - description: >- - Override settings that are defined in the package - policy. The override option should be used only in - unusual circumstances and not as a routine - procedure. - nullable: true - type: object - properties: - inputs: - additionalProperties: {} - type: object - package: - additionalProperties: false - type: object - properties: - experimental_data_stream_features: - items: - additionalProperties: false - type: object - properties: - data_stream: - type: string - features: - additionalProperties: false - type: object - properties: - doc_value_only_numeric: - type: boolean - doc_value_only_other: - type: boolean - synthetic_source: - type: boolean - tsdb: - type: boolean - required: - - data_stream - - features - type: array - name: - description: Package name - type: string - requires_root: - type: boolean - title: - type: string - version: - description: Package version - type: string - required: - - name - - version - policy_id: - deprecated: true - description: >- - Agent policy ID where that package policy will be - added - nullable: true - type: string - policy_ids: - items: - description: >- - Agent policy IDs where that package policy will be - added - type: string - type: array - revision: - type: number - secret_references: - items: - additionalProperties: false - type: object - properties: - id: - type: string - required: - - id - type: array - spaceIds: - items: - type: string - type: array - updated_at: - type: string - updated_by: - type: string - vars: - anyOf: - - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration documentation - for more information) - type: object - - additionalProperties: - anyOf: - - type: boolean - - type: string - - type: number - - items: - type: string - type: array - - items: - type: number - type: array - - additionalProperties: false - type: object - properties: - id: - type: string - isSecretRef: - type: boolean - required: - - id - - isSecretRef - nullable: true - description: >- - Input/stream level variable (see integration - documentation for more information) - type: object - x-oas-optional: true - version: - type: string - required: - - name - - enabled - - inputs - - id - - revision - - updated_at - - updated_by - - created_at - - created_by - type: array - required: - - items - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - message: - type: string - required: - - message - summary: '' - tags: - - Fleet package policies - /api/fleet/package_policies/{packagePolicyId}: - delete: - description: Delete package policy by ID - operationId: '%2Fapi%2Ffleet%2Fpackage_policies%2F%7BpackagePolicyId%7D#2' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - in: path - name: packagePolicyId - required: true - schema: - type: string - - in: query - name: force - required: false - schema: - type: boolean - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - id: - type: string - required: - - id - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Fleet package policies - get: - description: Get package policy by ID - operationId: '%2Fapi%2Ffleet%2Fpackage_policies%2F%7BpackagePolicyId%7D#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - in: path - name: packagePolicyId - required: true - schema: - type: string - - in: query - name: format - required: false - schema: - enum: - - simplified - - legacy - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - item: - additionalProperties: false - type: object - properties: - agents: - type: number - created_at: - type: string - created_by: - type: string - description: - description: Package policy description - type: string - elasticsearch: - additionalProperties: true - type: object - properties: - privileges: - additionalProperties: true - type: object - properties: - cluster: - items: - type: string - type: array - enabled: - type: boolean - id: - type: string - inputs: - anyOf: - - items: - additionalProperties: false - type: object - properties: - compiled_input: {} - config: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - enabled: - type: boolean - id: - type: string - keep_enabled: - type: boolean - policy_template: - type: string - streams: - items: - additionalProperties: false - type: object - properties: - compiled_stream: {} - config: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - data_stream: - additionalProperties: false - type: object - properties: - dataset: - type: string - elasticsearch: - additionalProperties: false - type: object - properties: - dynamic_dataset: - type: boolean - dynamic_namespace: - type: boolean - privileges: - additionalProperties: false - type: object - properties: - indices: - items: - type: string - type: array - type: - type: string - required: - - dataset - - type - enabled: - type: boolean - id: - type: string - keep_enabled: - type: boolean - release: - enum: - - ga - - beta - - experimental - type: string - vars: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - required: - - enabled - - data_stream - - compiled_stream - type: array - type: - type: string - vars: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - required: - - type - - enabled - - streams - - compiled_input - type: array - - additionalProperties: - additionalProperties: false - type: object - properties: - enabled: - description: >- - enable or disable that input, (default to - true) - type: boolean - streams: - additionalProperties: - additionalProperties: false - type: object - properties: - enabled: - description: >- - enable or disable that stream, (default - to true) - type: boolean - vars: - additionalProperties: - anyOf: - - type: boolean - - type: string - - type: number - - items: - type: string - type: array - - items: - type: number - type: array - - additionalProperties: false - type: object - properties: - id: - type: string - isSecretRef: - type: boolean - required: - - id - - isSecretRef - nullable: true - description: >- - Input/stream level variable (see - integration documentation for more - information) - type: object - description: >- - Input streams (see integration documentation - to know what streams are available) - type: object - vars: - additionalProperties: - anyOf: - - type: boolean - - type: string - - type: number - - items: - type: string - type: array - - items: - type: number - type: array - - additionalProperties: false - type: object - properties: - id: - type: string - isSecretRef: - type: boolean - required: - - id - - isSecretRef - nullable: true - description: >- - Input/stream level variable (see integration - documentation for more information) - type: object - description: >- - Package policy inputs (see integration - documentation to know what inputs are available) - type: object - x-oas-optional: true - is_managed: - type: boolean - name: - description: Package policy name (should be unique) - type: string - namespace: - description: >- - The package policy namespace. Leave blank to inherit - the agent policy's namespace. - type: string - output_id: - nullable: true - type: string - overrides: - additionalProperties: false - description: >- - Override settings that are defined in the package - policy. The override option should be used only in - unusual circumstances and not as a routine procedure. - nullable: true - type: object - properties: - inputs: - additionalProperties: {} - type: object - package: - additionalProperties: false - type: object - properties: - experimental_data_stream_features: - items: - additionalProperties: false - type: object - properties: - data_stream: - type: string - features: - additionalProperties: false - type: object - properties: - doc_value_only_numeric: - type: boolean - doc_value_only_other: - type: boolean - synthetic_source: - type: boolean - tsdb: - type: boolean - required: - - data_stream - - features - type: array - name: - description: Package name - type: string - requires_root: - type: boolean - title: - type: string - version: - description: Package version - type: string - required: - - name - - version - policy_id: - deprecated: true - description: >- - Agent policy ID where that package policy will be - added - nullable: true - type: string - policy_ids: - items: - description: >- - Agent policy IDs where that package policy will be - added - type: string - type: array - revision: - type: number - secret_references: - items: - additionalProperties: false - type: object - properties: - id: - type: string - required: - - id - type: array - spaceIds: - items: - type: string - type: array - updated_at: - type: string - updated_by: - type: string - vars: - anyOf: - - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration documentation - for more information) - type: object - - additionalProperties: - anyOf: - - type: boolean - - type: string - - type: number - - items: - type: string - type: array - - items: - type: number - type: array - - additionalProperties: false - type: object - properties: - id: - type: string - isSecretRef: - type: boolean - required: - - id - - isSecretRef - nullable: true - description: >- - Input/stream level variable (see integration - documentation for more information) - type: object - x-oas-optional: true - version: - type: string - required: - - name - - enabled - - inputs - - id - - revision - - updated_at - - updated_by - - created_at - - created_by - required: - - item - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - message: - type: string - required: - - message - summary: '' - tags: - - Fleet package policies - put: - description: Update package policy by ID - operationId: '%2Fapi%2Ffleet%2Fpackage_policies%2F%7BpackagePolicyId%7D#1' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - in: path - name: packagePolicyId - required: true - schema: - type: string - - in: query - name: format - required: false - schema: - enum: - - simplified - - legacy - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - anyOf: - - additionalProperties: false - type: object - properties: - description: - description: Package policy description - type: string - enabled: - type: boolean - force: - type: boolean - inputs: - items: - additionalProperties: false - type: object - properties: - config: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration documentation - for more information) - type: object - enabled: - type: boolean - id: - type: string - keep_enabled: - type: boolean - policy_template: - type: string - streams: - items: - additionalProperties: false - type: object - properties: - compiled_stream: {} - config: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - data_stream: - additionalProperties: false - type: object - properties: - dataset: - type: string - elasticsearch: - additionalProperties: false - type: object - properties: - dynamic_dataset: - type: boolean - dynamic_namespace: - type: boolean - privileges: - additionalProperties: false - type: object - properties: - indices: - items: - type: string - type: array - type: - type: string - required: - - dataset - - type - enabled: - type: boolean - id: - type: string - keep_enabled: - type: boolean - release: - enum: - - ga - - beta - - experimental - type: string - vars: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - required: - - enabled - - data_stream - - compiled_stream - type: array - type: - type: string - vars: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration documentation - for more information) - type: object - required: - - type - - enabled - type: array - is_managed: - type: boolean - name: - type: string - namespace: - description: >- - The package policy namespace. Leave blank to inherit the - agent policy's namespace. - type: string - output_id: - nullable: true - type: string - overrides: - additionalProperties: false - description: >- - Override settings that are defined in the package - policy. The override option should be used only in - unusual circumstances and not as a routine procedure. - nullable: true - type: object - properties: - inputs: - additionalProperties: {} - type: object - package: - additionalProperties: false - type: object - properties: - experimental_data_stream_features: - items: - additionalProperties: false - type: object - properties: - data_stream: - type: string - features: - additionalProperties: false - type: object - properties: - doc_value_only_numeric: - type: boolean - doc_value_only_other: - type: boolean - synthetic_source: - type: boolean - tsdb: - type: boolean - required: - - data_stream - - features - type: array - name: - description: Package name - type: string - requires_root: - type: boolean - title: - type: string - version: - description: Package version - type: string - required: - - name - - version - policy_id: - deprecated: true - description: Agent policy ID where that package policy will be added - nullable: true - type: string - policy_ids: - items: - description: >- - Agent policy IDs where that package policy will be - added - type: string - type: array - vars: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration documentation for more - information) - type: object - version: - type: string - - additionalProperties: false - type: object - properties: - description: - type: string - force: - type: boolean - id: - type: string - inputs: - additionalProperties: - additionalProperties: false - type: object - properties: - enabled: - description: enable or disable that input, (default to true) - type: boolean - streams: - additionalProperties: - additionalProperties: false - type: object - properties: - enabled: - description: >- - enable or disable that stream, (default to - true) - type: boolean - vars: - additionalProperties: - anyOf: - - type: boolean - - type: string - - type: number - - items: - type: string - type: array - - items: - type: number - type: array - - additionalProperties: false - type: object - properties: - id: - type: string - isSecretRef: - type: boolean - required: - - id - - isSecretRef - nullable: true - description: >- - Input/stream level variable (see integration - documentation for more information) - type: object - description: >- - Input streams (see integration documentation to - know what streams are available) - type: object - vars: - additionalProperties: - anyOf: - - type: boolean - - type: string - - type: number - - items: - type: string - type: array - - items: - type: number - type: array - - additionalProperties: false - type: object - properties: - id: - type: string - isSecretRef: - type: boolean - required: - - id - - isSecretRef - nullable: true - description: >- - Input/stream level variable (see integration - documentation for more information) - type: object - description: >- - Package policy inputs (see integration documentation to - know what inputs are available) - type: object - name: - type: string - namespace: - type: string - output_id: - nullable: true - type: string - package: - additionalProperties: false - type: object - properties: - experimental_data_stream_features: - items: - additionalProperties: false - type: object - properties: - data_stream: - type: string - features: - additionalProperties: false - type: object - properties: - doc_value_only_numeric: - type: boolean - doc_value_only_other: - type: boolean - synthetic_source: - type: boolean - tsdb: - type: boolean - required: - - data_stream - - features - type: array - name: - description: Package name - type: string - requires_root: - type: boolean - title: - type: string - version: - description: Package version - type: string - required: - - name - - version - policy_id: - nullable: true - type: string - policy_ids: - items: - type: string - type: array - vars: - additionalProperties: - anyOf: - - type: boolean - - type: string - - type: number - - items: - type: string - type: array - - items: - type: number - type: array - - additionalProperties: false - type: object - properties: - id: - type: string - isSecretRef: - type: boolean - required: - - id - - isSecretRef - nullable: true - description: >- - Input/stream level variable (see integration - documentation for more information) - type: object - required: - - name - - package - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - item: - additionalProperties: false - type: object - properties: - agents: - type: number - created_at: - type: string - created_by: - type: string - description: - description: Package policy description - type: string - elasticsearch: - additionalProperties: true - type: object - properties: - privileges: - additionalProperties: true - type: object - properties: - cluster: - items: - type: string - type: array - enabled: - type: boolean - id: - type: string - inputs: - anyOf: - - items: - additionalProperties: false - type: object - properties: - compiled_input: {} - config: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - enabled: - type: boolean - id: - type: string - keep_enabled: - type: boolean - policy_template: - type: string - streams: - items: - additionalProperties: false - type: object - properties: - compiled_stream: {} - config: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - data_stream: - additionalProperties: false - type: object - properties: - dataset: - type: string - elasticsearch: - additionalProperties: false - type: object - properties: - dynamic_dataset: - type: boolean - dynamic_namespace: - type: boolean - privileges: - additionalProperties: false - type: object - properties: - indices: - items: - type: string - type: array - type: - type: string - required: - - dataset - - type - enabled: - type: boolean - id: - type: string - keep_enabled: - type: boolean - release: - enum: - - ga - - beta - - experimental - type: string - vars: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - required: - - enabled - - data_stream - - compiled_stream - type: array - type: - type: string - vars: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - required: - - type - - enabled - - streams - - compiled_input - type: array - - additionalProperties: - additionalProperties: false - type: object - properties: - enabled: - description: >- - enable or disable that input, (default to - true) - type: boolean - streams: - additionalProperties: - additionalProperties: false - type: object - properties: - enabled: - description: >- - enable or disable that stream, (default - to true) - type: boolean - vars: - additionalProperties: - anyOf: - - type: boolean - - type: string - - type: number - - items: - type: string - type: array - - items: - type: number - type: array - - additionalProperties: false - type: object - properties: - id: - type: string - isSecretRef: - type: boolean - required: - - id - - isSecretRef - nullable: true - description: >- - Input/stream level variable (see - integration documentation for more - information) - type: object - description: >- - Input streams (see integration documentation - to know what streams are available) - type: object - vars: - additionalProperties: - anyOf: - - type: boolean - - type: string - - type: number - - items: - type: string - type: array - - items: - type: number - type: array - - additionalProperties: false - type: object - properties: - id: - type: string - isSecretRef: - type: boolean - required: - - id - - isSecretRef - nullable: true - description: >- - Input/stream level variable (see integration - documentation for more information) - type: object - description: >- - Package policy inputs (see integration - documentation to know what inputs are available) - type: object - x-oas-optional: true - is_managed: - type: boolean - name: - description: Package policy name (should be unique) - type: string - namespace: - description: >- - The package policy namespace. Leave blank to inherit - the agent policy's namespace. - type: string - output_id: - nullable: true - type: string - overrides: - additionalProperties: false - description: >- - Override settings that are defined in the package - policy. The override option should be used only in - unusual circumstances and not as a routine procedure. - nullable: true - type: object - properties: - inputs: - additionalProperties: {} - type: object - package: - additionalProperties: false - type: object - properties: - experimental_data_stream_features: - items: - additionalProperties: false - type: object - properties: - data_stream: - type: string - features: - additionalProperties: false - type: object - properties: - doc_value_only_numeric: - type: boolean - doc_value_only_other: - type: boolean - synthetic_source: - type: boolean - tsdb: - type: boolean - required: - - data_stream - - features - type: array - name: - description: Package name - type: string - requires_root: - type: boolean - title: - type: string - version: - description: Package version - type: string - required: - - name - - version - policy_id: - deprecated: true - description: >- - Agent policy ID where that package policy will be - added - nullable: true - type: string - policy_ids: - items: - description: >- - Agent policy IDs where that package policy will be - added - type: string - type: array - revision: - type: number - secret_references: - items: - additionalProperties: false - type: object - properties: - id: - type: string - required: - - id - type: array - spaceIds: - items: - type: string - type: array - updated_at: - type: string - updated_by: - type: string - vars: - anyOf: - - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration documentation - for more information) - type: object - - additionalProperties: - anyOf: - - type: boolean - - type: string - - type: number - - items: - type: string - type: array - - items: - type: number - type: array - - additionalProperties: false - type: object - properties: - id: - type: string - isSecretRef: - type: boolean - required: - - id - - isSecretRef - nullable: true - description: >- - Input/stream level variable (see integration - documentation for more information) - type: object - x-oas-optional: true - version: - type: string - required: - - name - - enabled - - inputs - - id - - revision - - updated_at - - updated_by - - created_at - - created_by - required: - - item - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Fleet package policies - /api/fleet/package_policies/delete: - post: - description: Bulk delete package policies - operationId: '%2Fapi%2Ffleet%2Fpackage_policies%2Fdelete#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - force: - type: boolean - packagePolicyIds: - items: - type: string - type: array - required: - - packagePolicyIds - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - items: - additionalProperties: false - type: object - properties: - body: - additionalProperties: false - type: object - properties: - message: - type: string - required: - - message - id: - type: string - name: - type: string - output_id: - nullable: true - type: string - package: - additionalProperties: false - type: object - properties: - experimental_data_stream_features: - items: - additionalProperties: false - type: object - properties: - data_stream: - type: string - features: - additionalProperties: false - type: object - properties: - doc_value_only_numeric: - type: boolean - doc_value_only_other: - type: boolean - synthetic_source: - type: boolean - tsdb: - type: boolean - required: - - data_stream - - features - type: array - name: - description: Package name - type: string - requires_root: - type: boolean - title: - type: string - version: - description: Package version - type: string - required: - - name - - version - policy_id: - deprecated: true - description: Use `policy_ids` instead - nullable: true - type: string - policy_ids: - items: - type: string - type: array - statusCode: - type: number - success: - type: boolean - required: - - id - - success - - policy_ids - - package - type: array - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Fleet package policies - /api/fleet/package_policies/upgrade: - post: - description: Upgrade package policy to a newer package version - operationId: '%2Fapi%2Ffleet%2Fpackage_policies%2Fupgrade#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - packagePolicyIds: - items: - type: string - type: array - required: - - packagePolicyIds - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - items: - additionalProperties: false - type: object - properties: - body: - additionalProperties: false - type: object - properties: - message: - type: string - required: - - message - id: - type: string - name: - type: string - statusCode: - type: number - success: - type: boolean - required: - - id - - success - type: array - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Fleet package policies - /api/fleet/package_policies/upgrade/dryrun: - post: - description: Dry run package policy upgrade - operationId: '%2Fapi%2Ffleet%2Fpackage_policies%2Fupgrade%2Fdryrun#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - packagePolicyIds: - items: - type: string - type: array - packageVersion: - type: string - required: - - packagePolicyIds - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - items: - additionalProperties: false - type: object - properties: - agent_diff: - items: - items: - additionalProperties: true - type: object - properties: - data_stream: - additionalProperties: true - type: object - properties: - namespace: - type: string - required: - - namespace - id: - type: string - meta: - additionalProperties: true - type: object - properties: - package: - additionalProperties: true - type: object - properties: - name: - type: string - version: - type: string - required: - - name - - version - required: - - package - name: - type: string - package_policy_id: - type: string - processors: - items: - additionalProperties: true - type: object - properties: - add_fields: - additionalProperties: true - type: object - properties: - fields: - additionalProperties: - anyOf: - - type: string - - type: number - type: object - target: - type: string - required: - - target - - fields - required: - - add_fields - type: array - revision: - type: number - streams: - items: - additionalProperties: true - type: object - properties: - data_stream: - additionalProperties: true - type: object - properties: - dataset: - type: string - type: - type: string - required: - - dataset - id: - type: string - required: - - id - - data_stream - type: array - type: - type: string - use_output: - type: string - required: - - id - - name - - revision - - type - - data_stream - - use_output - - package_policy_id - type: array - type: array - body: - additionalProperties: false - type: object - properties: - message: - type: string - required: - - message - diff: - items: - anyOf: - - additionalProperties: false - type: object - properties: - agents: - type: number - created_at: - type: string - created_by: - type: string - description: - description: Package policy description - type: string - elasticsearch: - additionalProperties: true - type: object - properties: - privileges: - additionalProperties: true - type: object - properties: - cluster: - items: - type: string - type: array - enabled: - type: boolean - id: - type: string - inputs: - anyOf: - - items: - additionalProperties: false - type: object - properties: - compiled_input: {} - config: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - enabled: - type: boolean - id: - type: string - keep_enabled: - type: boolean - policy_template: - type: string - streams: - items: - additionalProperties: false - type: object - properties: - compiled_stream: {} - config: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - data_stream: - additionalProperties: false - type: object - properties: - dataset: - type: string - elasticsearch: - additionalProperties: false - type: object - properties: - dynamic_dataset: - type: boolean - dynamic_namespace: - type: boolean - privileges: - additionalProperties: false - type: object - properties: - indices: - items: - type: string - type: array - type: - type: string - required: - - dataset - - type - enabled: - type: boolean - id: - type: string - keep_enabled: - type: boolean - release: - enum: - - ga - - beta - - experimental - type: string - vars: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - required: - - enabled - - data_stream - - compiled_stream - type: array - type: - type: string - vars: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - required: - - type - - enabled - - streams - - compiled_input - type: array - - additionalProperties: - additionalProperties: false - type: object - properties: - enabled: - description: >- - enable or disable that input, (default - to true) - type: boolean - streams: - additionalProperties: - additionalProperties: false - type: object - properties: - enabled: - description: >- - enable or disable that stream, (default - to true) - type: boolean - vars: - additionalProperties: - anyOf: - - type: boolean - - type: string - - type: number - - items: - type: string - type: array - - items: - type: number - type: array - - additionalProperties: false - type: object - properties: - id: - type: string - isSecretRef: - type: boolean - required: - - id - - isSecretRef - nullable: true - description: >- - Input/stream level variable (see - integration documentation for more - information) - type: object - description: >- - Input streams (see integration - documentation to know what streams are - available) - type: object - vars: - additionalProperties: - anyOf: - - type: boolean - - type: string - - type: number - - items: - type: string - type: array - - items: - type: number - type: array - - additionalProperties: false - type: object - properties: - id: - type: string - isSecretRef: - type: boolean - required: - - id - - isSecretRef - nullable: true - description: >- - Input/stream level variable (see - integration documentation for more - information) - type: object - description: >- - Package policy inputs (see integration - documentation to know what inputs are - available) - type: object - x-oas-optional: true - is_managed: - type: boolean - name: - description: Package policy name (should be unique) - type: string - namespace: - description: >- - The package policy namespace. Leave blank to - inherit the agent policy's namespace. - type: string - output_id: - nullable: true - type: string - overrides: - additionalProperties: false - description: >- - Override settings that are defined in the - package policy. The override option should be - used only in unusual circumstances and not as - a routine procedure. - nullable: true - type: object - properties: - inputs: - additionalProperties: {} - type: object - package: - additionalProperties: false - type: object - properties: - experimental_data_stream_features: - items: - additionalProperties: false - type: object - properties: - data_stream: - type: string - features: - additionalProperties: false - type: object - properties: - doc_value_only_numeric: - type: boolean - doc_value_only_other: - type: boolean - synthetic_source: - type: boolean - tsdb: - type: boolean - required: - - data_stream - - features - type: array - name: - description: Package name - type: string - requires_root: - type: boolean - title: - type: string - version: - description: Package version - type: string - required: - - name - - version - policy_id: - deprecated: true - description: >- - Agent policy ID where that package policy will - be added - nullable: true - type: string - policy_ids: - items: - description: >- - Agent policy IDs where that package policy - will be added - type: string - type: array - revision: - type: number - secret_references: - items: - additionalProperties: false - type: object - properties: - id: - type: string - required: - - id - type: array - spaceIds: - items: - type: string - type: array - updated_at: - type: string - updated_by: - type: string - vars: - anyOf: - - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - - additionalProperties: - anyOf: - - type: boolean - - type: string - - type: number - - items: - type: string - type: array - - items: - type: number - type: array - - additionalProperties: false - type: object - properties: - id: - type: string - isSecretRef: - type: boolean - required: - - id - - isSecretRef - nullable: true - description: >- - Input/stream level variable (see - integration documentation for more - information) - type: object - x-oas-optional: true - version: - type: string - required: - - name - - enabled - - inputs - - revision - - updated_at - - updated_by - - created_at - - created_by - - additionalProperties: false - type: object - properties: - description: - description: Package policy description - type: string - enabled: - type: boolean - errors: - items: - additionalProperties: false - type: object - properties: - key: - type: string - message: - type: string - required: - - message - type: array - force: - type: boolean - id: - type: string - inputs: - items: - additionalProperties: false - type: object - properties: - config: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - enabled: - type: boolean - id: - type: string - keep_enabled: - type: boolean - policy_template: - type: string - streams: - items: - additionalProperties: false - type: object - properties: - compiled_stream: {} - config: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - data_stream: - additionalProperties: false - type: object - properties: - dataset: - type: string - elasticsearch: - additionalProperties: false - type: object - properties: - dynamic_dataset: - type: boolean - dynamic_namespace: - type: boolean - privileges: - additionalProperties: false - type: object - properties: - indices: - items: - type: string - type: array - type: - type: string - required: - - dataset - - type - enabled: - type: boolean - id: - type: string - keep_enabled: - type: boolean - release: - enum: - - ga - - beta - - experimental - type: string - vars: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - required: - - enabled - - data_stream - - compiled_stream - type: array - type: - type: string - vars: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - required: - - type - - enabled - - streams - type: array - is_managed: - type: boolean - missingVars: - items: - type: string - type: array - name: - description: Package policy name (should be unique) - type: string - namespace: - description: >- - The package policy namespace. Leave blank to - inherit the agent policy's namespace. - type: string - output_id: - nullable: true - type: string - overrides: - additionalProperties: false - description: >- - Override settings that are defined in the - package policy. The override option should be - used only in unusual circumstances and not as - a routine procedure. - nullable: true - type: object - properties: - inputs: - additionalProperties: {} - type: object - package: - additionalProperties: false - type: object - properties: - experimental_data_stream_features: - items: - additionalProperties: false - type: object - properties: - data_stream: - type: string - features: - additionalProperties: false - type: object - properties: - doc_value_only_numeric: - type: boolean - doc_value_only_other: - type: boolean - synthetic_source: - type: boolean - tsdb: - type: boolean - required: - - data_stream - - features - type: array - name: - description: Package name - type: string - requires_root: - type: boolean - title: - type: string - version: - description: Package version - type: string - required: - - name - - version - policy_id: - deprecated: true - description: >- - Agent policy ID where that package policy will - be added - nullable: true - type: string - policy_ids: - items: - description: >- - Agent policy IDs where that package policy - will be added - type: string - type: array - vars: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - required: - - name - - enabled - - inputs - type: array - hasErrors: - type: boolean - name: - type: string - statusCode: - type: number - required: - - hasErrors - type: array - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Fleet package policies - /api/fleet/proxies: - get: - description: List proxies - operationId: '%2Fapi%2Ffleet%2Fproxies#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - items: - items: - additionalProperties: false - type: object - properties: - certificate: - nullable: true - type: string - certificate_authorities: - nullable: true - type: string - certificate_key: - nullable: true - type: string - id: - type: string - is_preconfigured: - default: false - type: boolean - name: - type: string - proxy_headers: - additionalProperties: - anyOf: - - type: string - - type: boolean - - type: number - nullable: true - type: object - url: - type: string - required: - - id - - url - - name - type: array - page: - type: number - perPage: - type: number - total: - type: number - required: - - items - - total - - page - - perPage - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Fleet proxies - post: - description: Create proxy - operationId: '%2Fapi%2Ffleet%2Fproxies#1' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - certificate: - nullable: true - type: string - certificate_authorities: - nullable: true - type: string - certificate_key: - nullable: true - type: string - id: - type: string - is_preconfigured: - default: false - type: boolean - name: - type: string - proxy_headers: - additionalProperties: - anyOf: - - type: string - - type: boolean - - type: number - nullable: true - type: object - url: - type: string - required: - - url - - name - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - item: - additionalProperties: false - type: object - properties: - certificate: - nullable: true - type: string - certificate_authorities: - nullable: true - type: string - certificate_key: - nullable: true - type: string - id: - type: string - is_preconfigured: - default: false - type: boolean - name: - type: string - proxy_headers: - additionalProperties: - anyOf: - - type: string - - type: boolean - - type: number - nullable: true - type: object - url: - type: string - required: - - id - - url - - name - required: - - item - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Fleet proxies - /api/fleet/proxies/{itemId}: - delete: - description: Delete proxy by ID - operationId: '%2Fapi%2Ffleet%2Fproxies%2F%7BitemId%7D#2' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - in: path - name: itemId - required: true - schema: - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - id: - type: string - required: - - id - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Fleet proxies - get: - description: Get proxy by ID - operationId: '%2Fapi%2Ffleet%2Fproxies%2F%7BitemId%7D#1' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - in: path - name: itemId - required: true - schema: - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - item: - additionalProperties: false - type: object - properties: - certificate: - nullable: true - type: string - certificate_authorities: - nullable: true - type: string - certificate_key: - nullable: true - type: string - id: - type: string - is_preconfigured: - default: false - type: boolean - name: - type: string - proxy_headers: - additionalProperties: - anyOf: - - type: string - - type: boolean - - type: number - nullable: true - type: object - url: - type: string - required: - - id - - url - - name - required: - - item - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Fleet proxies - put: - description: Update proxy by ID - operationId: '%2Fapi%2Ffleet%2Fproxies%2F%7BitemId%7D#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - in: path - name: itemId - required: true - schema: - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - certificate: - nullable: true - type: string - certificate_authorities: - nullable: true - type: string - certificate_key: - nullable: true - type: string - name: - type: string - proxy_headers: - additionalProperties: - anyOf: - - type: string - - type: boolean - - type: number - nullable: true - type: object - url: - type: string - required: - - proxy_headers - - certificate_authorities - - certificate - - certificate_key - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - item: - additionalProperties: false - type: object - properties: - certificate: - nullable: true - type: string - certificate_authorities: - nullable: true - type: string - certificate_key: - nullable: true - type: string - id: - type: string - is_preconfigured: - default: false - type: boolean - name: - type: string - proxy_headers: - additionalProperties: - anyOf: - - type: string - - type: boolean - - type: number - nullable: true - type: object - url: - type: string - required: - - id - - url - - name - required: - - item - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Fleet proxies - /api/fleet/service_tokens: - post: - description: Create a service token - operationId: '%2Fapi%2Ffleet%2Fservice_tokens#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - nullable: true - type: object - properties: - remote: - default: false - type: boolean - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - name: - type: string - value: - type: string - required: - - name - - value - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Fleet service tokens - /api/fleet/service-tokens: - post: - deprecated: true - description: Create a service token - operationId: '%2Fapi%2Ffleet%2Fservice-tokens#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - responses: {} - summary: '' - tags: [] - /api/fleet/settings: - get: - description: Get settings - operationId: '%2Fapi%2Ffleet%2Fsettings#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - item: - additionalProperties: false - type: object - properties: - delete_unenrolled_agents: - additionalProperties: false - type: object - properties: - enabled: - type: boolean - is_preconfigured: - type: boolean - required: - - enabled - - is_preconfigured - fleet_server_hosts: - items: - type: string - type: array - has_seen_add_data_notice: - type: boolean - id: - type: string - output_secret_storage_requirements_met: - type: boolean - preconfigured_fields: - items: - enum: - - fleet_server_hosts - type: string - type: array - prerelease_integrations_enabled: - type: boolean - secret_storage_requirements_met: - type: boolean - use_space_awareness_migration_started_at: - type: string - use_space_awareness_migration_status: - enum: - - pending - - success - - error - type: string - version: - type: string - required: - - id - required: - - item - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - message: - type: string - required: - - message - summary: '' - tags: - - Fleet internals - put: - description: Update settings - operationId: '%2Fapi%2Ffleet%2Fsettings#1' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - additional_yaml_config: - type: string - delete_unenrolled_agents: - additionalProperties: false - type: object - properties: - enabled: - type: boolean - is_preconfigured: - type: boolean - required: - - enabled - - is_preconfigured - fleet_server_hosts: - items: - format: uri - type: string - type: array - has_seen_add_data_notice: - type: boolean - kibana_ca_sha256: - type: string - kibana_urls: - items: - format: uri - type: string - type: array - prerelease_integrations_enabled: - type: boolean - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - item: - additionalProperties: false - type: object - properties: - delete_unenrolled_agents: - additionalProperties: false - type: object - properties: - enabled: - type: boolean - is_preconfigured: - type: boolean - required: - - enabled - - is_preconfigured - fleet_server_hosts: - items: - type: string - type: array - has_seen_add_data_notice: - type: boolean - id: - type: string - output_secret_storage_requirements_met: - type: boolean - preconfigured_fields: - items: - enum: - - fleet_server_hosts - type: string - type: array - prerelease_integrations_enabled: - type: boolean - secret_storage_requirements_met: - type: boolean - use_space_awareness_migration_started_at: - type: string - use_space_awareness_migration_status: - enum: - - pending - - success - - error - type: string - version: - type: string - required: - - id - required: - - item - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - message: - type: string - required: - - message - summary: '' - tags: - - Fleet internals - /api/fleet/setup: - post: - description: Initiate Fleet setup - operationId: '%2Fapi%2Ffleet%2Fsetup#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: >- - A summary of the result of Fleet's `setup` lifecycle. If - `isInitialized` is true, Fleet is ready to accept agent - enrollment. `nonFatalErrors` may include useful insight into - non-blocking issues with Fleet setup. - type: object - properties: - isInitialized: - type: boolean - nonFatalErrors: - items: - additionalProperties: false - type: object - properties: - message: - type: string - name: - type: string - required: - - name - - message - type: array - required: - - isInitialized - - nonFatalErrors - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Internal Server Error - type: object - properties: - message: - type: string - required: - - message - summary: '' - tags: - - Fleet internals - /api/fleet/uninstall_tokens: - get: - description: List metadata for latest uninstall tokens per agent policy - operationId: '%2Fapi%2Ffleet%2Funinstall_tokens#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: Partial match filtering for policy IDs - in: query - name: policyId - required: false - schema: - maxLength: 50 - type: string - - in: query - name: search - required: false - schema: - maxLength: 50 - type: string - - description: The number of items to return - in: query - name: perPage - required: false - schema: - minimum: 5 - type: number - - in: query - name: page - required: false - schema: - minimum: 1 - type: number - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - items: - items: - additionalProperties: false - type: object - properties: - created_at: - type: string - id: - type: string - namespaces: - items: - type: string - type: array - policy_id: - type: string - policy_name: - nullable: true - type: string - required: - - id - - policy_id - - created_at - type: array - page: - type: number - perPage: - type: number - total: - type: number - required: - - items - - total - - page - - perPage - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Fleet uninstall tokens - /api/fleet/uninstall_tokens/{uninstallTokenId}: - get: - description: Get one decrypted uninstall token by its ID - operationId: '%2Fapi%2Ffleet%2Funinstall_tokens%2F%7BuninstallTokenId%7D#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - in: path - name: uninstallTokenId - required: true - schema: - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - item: - additionalProperties: false - type: object - properties: - created_at: - type: string - id: - type: string - namespaces: - items: - type: string - type: array - policy_id: - type: string - policy_name: - nullable: true - type: string - token: - type: string - required: - - id - - policy_id - - created_at - - token - required: - - item - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Fleet uninstall tokens - /api/lists: - delete: - description: | - Delete a list using the list ID. - > info - > When you delete a list, all of its list items are also deleted. - operationId: DeleteList - parameters: - - description: List's `id` value - in: query - name: id - required: true - schema: - $ref: '#/components/schemas/Security_Lists_API_ListId' - - in: query - name: deleteReferences - required: false - schema: - default: false - type: boolean - - in: query - name: ignoreReferences - required: false - schema: - default: false - type: boolean - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_List' - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Lists_API_PlatformErrorResponse - - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Not enough privileges response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: List not found response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Internal server error response - summary: Delete a list - tags: - - Security Lists API - get: - description: Get the details of a list using the list ID. - operationId: ReadList - parameters: - - description: List's `id` value - in: query - name: id - required: true - schema: - $ref: '#/components/schemas/Security_Lists_API_ListId' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_List' - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Lists_API_PlatformErrorResponse - - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Not enough privileges response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: List not found response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Internal server error response - summary: Get list details - tags: - - Security Lists API - patch: - description: Update specific fields of an existing list using the list ID. - operationId: PatchList - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - _version: - type: string - description: - $ref: '#/components/schemas/Security_Lists_API_ListDescription' - id: - $ref: '#/components/schemas/Security_Lists_API_ListId' - meta: - $ref: '#/components/schemas/Security_Lists_API_ListMetadata' - name: - $ref: '#/components/schemas/Security_Lists_API_ListName' - version: - minimum: 1 - type: integer - required: - - id - description: List's properties - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_List' - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Lists_API_PlatformErrorResponse - - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Not enough privileges response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: List not found response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Internal server error response - summary: Patch a list - tags: - - Security Lists API - post: - description: Create a new list. - operationId: CreateList - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - description: - $ref: '#/components/schemas/Security_Lists_API_ListDescription' - deserializer: - type: string - id: - $ref: '#/components/schemas/Security_Lists_API_ListId' - meta: - $ref: '#/components/schemas/Security_Lists_API_ListMetadata' - name: - $ref: '#/components/schemas/Security_Lists_API_ListName' - serializer: - type: string - type: - $ref: '#/components/schemas/Security_Lists_API_ListType' - version: - default: 1 - minimum: 1 - type: integer - required: - - name - - description - - type - description: List's properties - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_List' - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Lists_API_PlatformErrorResponse - - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Not enough privileges response - '409': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: List already exists response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Internal server error response - summary: Create a list - tags: - - Security Lists API - put: - description: > - Update a list using the list ID. The original list is replaced, and all - unspecified fields are deleted. - - > info - - > You cannot modify the `id` value. - operationId: UpdateList - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - _version: - type: string - description: - $ref: '#/components/schemas/Security_Lists_API_ListDescription' - id: - $ref: '#/components/schemas/Security_Lists_API_ListId' - meta: - $ref: '#/components/schemas/Security_Lists_API_ListMetadata' - name: - $ref: '#/components/schemas/Security_Lists_API_ListName' - version: - minimum: 1 - type: integer - required: - - id - - name - - description - description: List's properties - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_List' - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Lists_API_PlatformErrorResponse - - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Not enough privileges response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: List not found response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Internal server error response - summary: Update a list - tags: - - Security Lists API - /api/lists/_find: - get: - description: >- - Get a paginated subset of lists. By default, the first page is returned, - with 20 results per page. - operationId: FindLists - parameters: - - description: The page number to return - in: query - name: page - required: false - schema: - type: integer - - description: The number of lists to return per page - in: query - name: per_page - required: false - schema: - type: integer - - description: Determines which field is used to sort the results - in: query - name: sort_field - required: false - schema: - $ref: '#/components/schemas/Security_Lists_API_NonEmptyString' - - description: Determines the sort order, which can be `desc` or `asc` - in: query - name: sort_order - required: false - schema: - enum: - - desc - - asc - type: string - - description: > - Returns the list that come after the last list returned in the - previous call - - (use the cursor value returned in the previous call). This parameter - uses - - the `tie_breaker_id` field to ensure all lists are sorted and - returned correctly. - in: query - name: cursor - required: false - schema: - $ref: '#/components/schemas/Security_Lists_API_FindListsCursor' - - description: > - Filters the returned results according to the value of the specified - field, - - using the : syntax. - in: query - name: filter - required: false - schema: - $ref: '#/components/schemas/Security_Lists_API_FindListsFilter' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - cursor: - $ref: '#/components/schemas/Security_Lists_API_FindListsCursor' - data: - items: - $ref: '#/components/schemas/Security_Lists_API_List' - type: array - page: - minimum: 0 - type: integer - per_page: - minimum: 0 - type: integer - total: - minimum: 0 - type: integer - required: - - data - - page - - per_page - - total - - cursor - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Lists_API_PlatformErrorResponse - - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Not enough privileges response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Internal server error response - summary: Get lists - tags: - - Security Lists API - /api/lists/index: - delete: - description: Delete the `.lists` and `.items` data streams. - operationId: DeleteListIndex - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - acknowledged: - type: boolean - required: - - acknowledged - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Lists_API_PlatformErrorResponse - - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Not enough privileges response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: List data stream not found response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Internal server error response - summary: Delete list data streams - tags: - - Security Lists API - get: - description: Verify that `.lists` and `.items` data streams exist. - operationId: ReadListIndex - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - list_index: - type: boolean - list_item_index: - type: boolean - required: - - list_index - - list_item_index - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Lists_API_PlatformErrorResponse - - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Not enough privileges response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: List data stream(s) not found response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Internal server error response - summary: Get status of list data streams - tags: - - Security Lists API - post: - description: Create `.lists` and `.items` data streams in the relevant space. - operationId: CreateListIndex - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - acknowledged: - type: boolean - required: - - acknowledged - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Lists_API_PlatformErrorResponse - - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Not enough privileges response - '409': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: List data stream exists response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Internal server error response - summary: Create list data streams - tags: - - Security Lists API - /api/lists/items: - delete: - description: Delete a list item using its `id`, or its `list_id` and `value` fields. - operationId: DeleteListItem - parameters: - - description: Required if `list_id` and `value` are not specified - in: query - name: id - required: false - schema: - $ref: '#/components/schemas/Security_Lists_API_ListId' - - description: Required if `id` is not specified - in: query - name: list_id - required: false - schema: - $ref: '#/components/schemas/Security_Lists_API_ListId' - - description: Required if `id` is not specified - in: query - name: value - required: false - schema: - type: string - - description: >- - Determines when changes made by the request are made visible to - search - in: query - name: refresh - required: false - schema: - default: 'false' - enum: - - 'true' - - 'false' - - wait_for - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: '#/components/schemas/Security_Lists_API_ListItem' - - items: - $ref: '#/components/schemas/Security_Lists_API_ListItem' - type: array - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Lists_API_PlatformErrorResponse - - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Not enough privileges response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: List item not found response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Internal server error response - summary: Delete a list item - tags: - - Security Lists API - get: - description: Get the details of a list item. - operationId: ReadListItem - parameters: - - description: Required if `list_id` and `value` are not specified - in: query - name: id - required: false - schema: - $ref: '#/components/schemas/Security_Lists_API_ListId' - - description: Required if `id` is not specified - in: query - name: list_id - required: false - schema: - $ref: '#/components/schemas/Security_Lists_API_ListId' - - description: Required if `id` is not specified - in: query - name: value - required: false - schema: - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: '#/components/schemas/Security_Lists_API_ListItem' - - items: - $ref: '#/components/schemas/Security_Lists_API_ListItem' - type: array - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Lists_API_PlatformErrorResponse - - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Not enough privileges response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: List item not found response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Internal server error response - summary: Get a list item - tags: - - Security Lists API - patch: - description: Update specific fields of an existing list item using the list item ID. - operationId: PatchListItem - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - _version: - type: string - id: - $ref: '#/components/schemas/Security_Lists_API_ListItemId' - meta: - $ref: '#/components/schemas/Security_Lists_API_ListItemMetadata' - refresh: - description: >- - Determines when changes made by the request are made visible - to search - enum: - - 'true' - - 'false' - - wait_for - type: string - value: - $ref: '#/components/schemas/Security_Lists_API_ListItemValue' - required: - - id - description: List item's properties - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_ListItem' - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Lists_API_PlatformErrorResponse - - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Not enough privileges response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: List item not found response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Internal server error response - summary: Patch a list item - tags: - - Security Lists API - post: - description: > - Create a list item and associate it with the specified list. - - - All list items in the same list must be the same type. For example, each - list item in an `ip` list must define a specific IP address. - - > info - - > Before creating a list item, you must create a list. - operationId: CreateListItem - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - id: - $ref: '#/components/schemas/Security_Lists_API_ListItemId' - list_id: - $ref: '#/components/schemas/Security_Lists_API_ListId' - meta: - $ref: '#/components/schemas/Security_Lists_API_ListItemMetadata' - refresh: - description: >- - Determines when changes made by the request are made visible - to search - enum: - - 'true' - - 'false' - - wait_for - type: string - value: - $ref: '#/components/schemas/Security_Lists_API_ListItemValue' - required: - - list_id - - value - description: List item's properties - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_ListItem' - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Lists_API_PlatformErrorResponse - - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Not enough privileges response - '409': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: List item already exists response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Internal server error response - summary: Create a list item - tags: - - Security Lists API - put: - description: > - Update a list item using the list item ID. The original list item is - replaced, and all unspecified fields are deleted. - - > info - - > You cannot modify the `id` value. - operationId: UpdateListItem - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - _version: - type: string - id: - $ref: '#/components/schemas/Security_Lists_API_ListItemId' - meta: - $ref: '#/components/schemas/Security_Lists_API_ListItemMetadata' - value: - $ref: '#/components/schemas/Security_Lists_API_ListItemValue' - required: - - id - - value - description: List item's properties - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_ListItem' - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Lists_API_PlatformErrorResponse - - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Not enough privileges response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: List item not found response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Internal server error response - summary: Update a list item - tags: - - Security Lists API - /api/lists/items/_export: - post: - description: Export list item values from the specified list. - operationId: ExportListItems - parameters: - - description: List's id to export - in: query - name: list_id - required: true - schema: - $ref: '#/components/schemas/Security_Lists_API_ListId' - responses: - '200': - content: - application/ndjson; Elastic-Api-Version=2023-10-31: - schema: - description: A `.txt` file containing list items from the specified list - format: binary - type: string - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Lists_API_PlatformErrorResponse - - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Not enough privileges response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: List not found response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Internal server error response - summary: Export list items - tags: - - Security Lists API - /api/lists/items/_find: - get: - description: Get all list items in the specified list. - operationId: FindListItems - parameters: - - description: List's id - in: query - name: list_id - required: true - schema: - $ref: '#/components/schemas/Security_Lists_API_ListId' - - description: The page number to return - in: query - name: page - required: false - schema: - type: integer - - description: The number of list items to return per page - in: query - name: per_page - required: false - schema: - type: integer - - description: Determines which field is used to sort the results - in: query - name: sort_field - required: false - schema: - $ref: '#/components/schemas/Security_Lists_API_NonEmptyString' - - description: Determines the sort order, which can be `desc` or `asc` - in: query - name: sort_order - required: false - schema: - enum: - - desc - - asc - type: string - - description: > - Returns the list that come after the last list returned in the - previous call - - (use the cursor value returned in the previous call). This parameter - uses - - the `tie_breaker_id` field to ensure all lists are sorted and - returned correctly. - in: query - name: cursor - required: false - schema: - $ref: '#/components/schemas/Security_Lists_API_FindListItemsCursor' - - description: > - Filters the returned results according to the value of the specified - field, - - using the : syntax. - in: query - name: filter - required: false - schema: - $ref: '#/components/schemas/Security_Lists_API_FindListItemsFilter' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - cursor: - $ref: >- - #/components/schemas/Security_Lists_API_FindListItemsCursor - data: - items: - $ref: '#/components/schemas/Security_Lists_API_ListItem' - type: array - page: - minimum: 0 - type: integer - per_page: - minimum: 0 - type: integer - total: - minimum: 0 - type: integer - required: - - data - - page - - per_page - - total - - cursor - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Lists_API_PlatformErrorResponse - - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Not enough privileges response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Internal server error response - summary: Get list items - tags: - - Security Lists API - /api/lists/items/_import: - post: - description: > - Import list items from a TXT or CSV file. The maximum file size is 9 - million bytes. - - - You can import items to a new or existing list. - operationId: ImportListItems - parameters: - - description: | - List's id. - - Required when importing to an existing list. - in: query - name: list_id - required: false - schema: - $ref: '#/components/schemas/Security_Lists_API_ListId' - - description: > - Type of the importing list. - - - Required when importing a new list that is `list_id` is not - specified. - in: query - name: type - required: false - schema: - $ref: '#/components/schemas/Security_Lists_API_ListType' - - in: query - name: serializer - required: false - schema: - type: string - - in: query - name: deserializer - required: false - schema: - type: string - - description: >- - Determines when changes made by the request are made visible to - search - in: query - name: refresh - required: false - schema: - enum: - - 'true' - - 'false' - - wait_for - type: string - requestBody: - content: - multipart/form-data; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - file: - description: >- - A `.txt` or `.csv` file containing newline separated list - items - format: binary - type: string - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_List' - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Lists_API_PlatformErrorResponse - - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Not enough privileges response - '409': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: List with specified list_id does not exist response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Internal server error response - summary: Import list items - tags: - - Security Lists API - /api/lists/privileges: - get: - operationId: ReadListPrivileges - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - is_authenticated: - type: boolean - listItems: - $ref: '#/components/schemas/Security_Lists_API_ListItemPrivileges' - lists: - $ref: '#/components/schemas/Security_Lists_API_ListPrivileges' - required: - - lists - - listItems - - is_authenticated - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Lists_API_PlatformErrorResponse - - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Not enough privileges response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Internal server error response - summary: Get list privileges - tags: - - Security Lists API - /api/ml/saved_objects/sync: - get: - description: > - Synchronizes Kibana saved objects for machine learning jobs and trained - models. This API runs automatically when you start Kibana and - periodically thereafter. - operationId: mlSync - parameters: - - $ref: '#/components/parameters/Machine_learning_APIs_simulateParam' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - examples: - syncExample: - $ref: '#/components/examples/Machine_learning_APIs_mlSyncExample' - schema: - $ref: '#/components/schemas/Machine_learning_APIs_mlSync200Response' - description: Indicates a successful call - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Machine_learning_APIs_mlSync4xxResponse' - description: Authorization information is missing or invalid. - summary: Sync machine learning saved objects - tags: - - ml - /api/note: - delete: - description: Delete a note from a Timeline using the note ID. - operationId: DeleteNote - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - nullable: true - type: object - properties: - noteId: - type: string - required: - - noteId - - nullable: true - type: object - properties: - noteIds: - items: - type: string - nullable: true - type: array - required: - - noteIds - description: The ID of the note to delete. - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - data: - type: object - description: Indicates the note was successfully deleted. - summary: Delete a note - tags: - - Security Timeline API - - access:securitySolution - get: - description: Get all notes for a given document. - operationId: GetNotes - parameters: - - in: query - name: documentIds - schema: - $ref: '#/components/schemas/Security_Timeline_API_DocumentIds' - - in: query - name: savedObjectIds - schema: - $ref: '#/components/schemas/Security_Timeline_API_SavedObjectIds' - - in: query - name: page - schema: - nullable: true - type: string - - in: query - name: perPage - schema: - nullable: true - type: string - - in: query - name: search - schema: - nullable: true - type: string - - in: query - name: sortField - schema: - nullable: true - type: string - - in: query - name: sortOrder - schema: - nullable: true - type: string - - in: query - name: filter - schema: - nullable: true - type: string - - in: query - name: userFilter - schema: - nullable: true - type: string - - in: query - name: associatedFilter - schema: - $ref: '#/components/schemas/Security_Timeline_API_AssociatedFilterType' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: '#/components/schemas/Security_Timeline_API_GetNotesResult' - - type: object - description: Indicates the requested notes were returned. - summary: Get notes - tags: - - Security Timeline API - - access:securitySolution - patch: - description: Add a note to a Timeline or update an existing note. - operationId: PersistNoteRoute - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - eventDataView: - nullable: true - type: string - eventIngested: - nullable: true - type: string - eventTimestamp: - nullable: true - type: string - note: - $ref: '#/components/schemas/Security_Timeline_API_BareNote' - noteId: - nullable: true - type: string - overrideOwner: - nullable: true - type: boolean - version: - nullable: true - type: string - required: - - note - description: The note to add or update, along with additional metadata. - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - data: - type: object - properties: - persistNote: - $ref: >- - #/components/schemas/Security_Timeline_API_ResponseNote - required: - - persistNote - required: - - data - description: Indicates the note was successfully created. - summary: Add or update a note - tags: - - Security Timeline API - - access:securitySolution - /api/osquery/live_queries: - get: - description: Get a list of all live queries. - operationId: OsqueryFindLiveQueries - parameters: - - in: query - name: query - required: true - schema: - $ref: >- - #/components/schemas/Security_Osquery_API_FindLiveQueryRequestQuery - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Osquery_API_DefaultSuccessResponse - description: OK - summary: Get live queries - tags: - - Security Osquery API - post: - description: Create and run a live query. - operationId: OsqueryCreateLiveQuery - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Osquery_API_CreateLiveQueryRequestBody - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Osquery_API_DefaultSuccessResponse - description: OK - summary: Create a live query - tags: - - Security Osquery API - /api/osquery/live_queries/{id}: - get: - description: Get the details of a live query using the query ID. - operationId: OsqueryGetLiveQueryDetails - parameters: - - in: path - name: id - required: true - schema: - $ref: '#/components/schemas/Security_Osquery_API_Id' - - in: query - name: query - schema: - additionalProperties: true - type: object - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Osquery_API_DefaultSuccessResponse - description: OK - summary: Get live query details - tags: - - Security Osquery API - /api/osquery/live_queries/{id}/results/{actionId}: - get: - description: Get the results of a live query using the query action ID. - operationId: OsqueryGetLiveQueryResults - parameters: - - in: path - name: id - required: true - schema: - $ref: '#/components/schemas/Security_Osquery_API_Id' - - in: path - name: actionId - required: true - schema: - $ref: '#/components/schemas/Security_Osquery_API_Id' - - in: query - name: query - required: true - schema: - $ref: >- - #/components/schemas/Security_Osquery_API_GetLiveQueryResultsRequestQuery - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Osquery_API_DefaultSuccessResponse - description: OK - summary: Get live query results - tags: - - Security Osquery API - /api/osquery/packs: - get: - description: Get a list of all query packs. - operationId: OsqueryFindPacks - parameters: - - in: query - name: query - required: true - schema: - $ref: '#/components/schemas/Security_Osquery_API_FindPacksRequestQuery' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Osquery_API_DefaultSuccessResponse - description: OK - summary: Get packs - tags: - - Security Osquery API - post: - description: Create a query pack. - operationId: OsqueryCreatePacks - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Osquery_API_CreatePacksRequestBody' - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Osquery_API_DefaultSuccessResponse - description: OK - summary: Create a pack - tags: - - Security Osquery API - /api/osquery/packs/{id}: - delete: - description: Delete a query pack using the pack ID. - operationId: OsqueryDeletePacks - parameters: - - in: path - name: id - required: true - schema: - $ref: '#/components/schemas/Security_Osquery_API_PackId' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Osquery_API_DefaultSuccessResponse - description: OK - summary: Delete a pack - tags: - - Security Osquery API - get: - description: Get the details of a query pack using the pack ID. - operationId: OsqueryGetPacksDetails - parameters: - - in: path - name: id - required: true - schema: - $ref: '#/components/schemas/Security_Osquery_API_PackId' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Osquery_API_DefaultSuccessResponse - description: OK - summary: Get pack details - tags: - - Security Osquery API - put: - description: | - Update a query pack using the pack ID. - > info - > You cannot update a prebuilt pack. - operationId: OsqueryUpdatePacks - parameters: - - in: path - name: id - required: true - schema: - $ref: '#/components/schemas/Security_Osquery_API_PackId' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Osquery_API_UpdatePacksRequestBody' - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Osquery_API_DefaultSuccessResponse - description: OK - summary: Update a pack - tags: - - Security Osquery API - /api/osquery/saved_queries: - get: - description: Get a list of all saved queries. - operationId: OsqueryFindSavedQueries - parameters: - - in: query - name: query - required: true - schema: - $ref: >- - #/components/schemas/Security_Osquery_API_FindSavedQueryRequestQuery - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Osquery_API_DefaultSuccessResponse - description: OK - summary: Get saved queries - tags: - - Security Osquery API - post: - description: Create and run a saved query. - operationId: OsqueryCreateSavedQuery - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Osquery_API_CreateSavedQueryRequestBody - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Osquery_API_DefaultSuccessResponse - description: OK - summary: Create a saved query - tags: - - Security Osquery API - /api/osquery/saved_queries/{id}: - delete: - description: Delete a saved query using the query ID. - operationId: OsqueryDeleteSavedQuery - parameters: - - in: path - name: id - required: true - schema: - $ref: '#/components/schemas/Security_Osquery_API_SavedQueryId' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Osquery_API_DefaultSuccessResponse - description: OK - summary: Delete a saved query - tags: - - Security Osquery API - get: - description: Get the details of a saved query using the query ID. - operationId: OsqueryGetSavedQueryDetails - parameters: - - in: path - name: id - required: true - schema: - $ref: '#/components/schemas/Security_Osquery_API_SavedQueryId' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Osquery_API_DefaultSuccessResponse - description: OK - summary: Get saved query details - tags: - - Security Osquery API - put: - description: | - Update a saved query using the query ID. - > info - > You cannot update a prebuilt saved query. - operationId: OsqueryUpdateSavedQuery - parameters: - - in: path - name: id - required: true - schema: - $ref: '#/components/schemas/Security_Osquery_API_SavedQueryId' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Osquery_API_UpdateSavedQueryRequestBody - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Osquery_API_DefaultSuccessResponse - description: OK - summary: Update a saved query - tags: - - Security Osquery API - /api/pinned_event: - patch: - description: Pin an event to an existing Timeline. - operationId: PersistPinnedEventRoute - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - eventId: - type: string - pinnedEventId: - nullable: true - type: string - timelineId: - type: string - required: - - eventId - - timelineId - description: The pinned event to add or update, along with additional metadata. - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - data: - type: object - properties: - persistPinnedEventOnTimeline: - $ref: >- - #/components/schemas/Security_Timeline_API_PersistPinnedEventResponse - required: - - persistPinnedEventOnTimeline - required: - - data - description: Indicates the event was successfully pinned to the Timeline. - summary: Pin an event - tags: - - Security Timeline API - - access:securitySolution - /api/risk_score/engine/dangerously_delete_data: - delete: - description: >- - Cleaning up the the Risk Engine by removing the indices, mapping and - transforms - operationId: CleanUpRiskEngine - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - cleanup_successful: - type: boolean - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Entity_Analytics_API_TaskManagerUnavailableResponse - description: Task manager is unavailable - default: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Entity_Analytics_API_CleanUpRiskEngineErrorResponse - description: Unexpected error - summary: Cleanup the Risk Engine - tags: - - Security Entity Analytics API - /api/risk_score/engine/schedule_now: - post: - description: >- - Schedule the risk scoring engine to run as soon as possible. You can use - this to recalculate entity risk scores after updating their asset - criticality. - operationId: ScheduleRiskEngineNow - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: {} - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Entity_Analytics_API_RiskEngineScheduleNowResponse - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Entity_Analytics_API_TaskManagerUnavailableResponse - description: Task manager is unavailable - default: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Entity_Analytics_API_RiskEngineScheduleNowErrorResponse - description: Unexpected error - summary: Run the risk scoring engine - tags: - - Security Entity Analytics API - /api/saved_objects/_export: - post: - description: > - Retrieve sets of saved objects that you want to import into Kibana. - - You must include `type` or `objects` in the request body. - - - Exported saved objects are not backwards compatible and cannot be - imported into an older version of Kibana. - - - NOTE: The `savedObjects.maxImportExportSize` configuration setting - limits the number of saved objects which may be exported. - - - This functionality is in technical preview and may be changed or removed - in a future release. Elastic will work to fix any issues, but features - in technical preview are not subject to the support SLA of official GA - features. - operationId: exportSavedObjectsDefault - parameters: - - $ref: '#/components/parameters/Serverless_saved_objects_kbn_xsrf' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - examples: - exportSavedObjectsRequest: - $ref: >- - #/components/examples/Serverless_saved_objects_export_objects_request - schema: - type: object - properties: - excludeExportDetails: - default: false - description: Do not add export details entry at the end of the stream. - type: boolean - includeReferencesDeep: - description: >- - Includes all of the referenced objects in the exported - objects. - type: boolean - objects: - description: A list of objects to export. - items: - type: object - type: array - type: - description: >- - The saved object types to include in the export. Use `*` to - export all the types. - oneOf: - - type: string - - items: - type: string - type: array - required: true - responses: - '200': - content: - application/x-ndjson; Elastic-Api-Version=2023-10-31: - examples: - exportSavedObjectsResponse: - $ref: >- - #/components/examples/Serverless_saved_objects_export_objects_response - schema: - additionalProperties: true - type: object - description: Indicates a successful call. - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Serverless_saved_objects_400_response' - description: Bad request. - summary: Export saved objects - tags: - - saved objects - /api/saved_objects/_import: - post: - description: > - Create sets of Kibana saved objects from a file created by the export - API. - - Saved objects can be imported only into the same version, a newer minor - on the same major, or the next major. Exported saved objects are not - backwards compatible and cannot be imported into an older version of - Kibana. - - - This functionality is in technical preview and may be changed or removed - in a future release. Elastic will work to fix any issues, but features - in technical preview are not subject to the support SLA of official GA - features. - operationId: importSavedObjectsDefault - parameters: - - $ref: '#/components/parameters/Serverless_saved_objects_kbn_xsrf' - - description: > - Creates copies of saved objects, regenerates each object ID, and - resets the origin. When used, potential conflict errors are avoided. - NOTE: This option cannot be used with the `overwrite` and - `compatibilityMode` options. - in: query - name: createNewCopies - required: false - schema: - type: boolean - - description: > - Overwrites saved objects when they already exist. When used, - potential conflict errors are automatically resolved by overwriting - the destination object. NOTE: This option cannot be used with the - `createNewCopies` option. - in: query - name: overwrite - required: false - schema: - type: boolean - - description: > - Applies various adjustments to the saved objects that are being - imported to maintain compatibility between different Kibana - versions. Use this option only if you encounter issues with imported - saved objects. NOTE: This option cannot be used with the - `createNewCopies` option. - in: query - name: compatibilityMode - required: false - schema: - type: boolean - requestBody: - content: - multipart/form-data; Elastic-Api-Version=2023-10-31: - examples: - importObjectsRequest: - $ref: >- - #/components/examples/Serverless_saved_objects_import_objects_request - schema: - type: object - properties: - file: - description: > - A file exported using the export API. NOTE: The - `savedObjects.maxImportExportSize` configuration setting - limits the number of saved objects which may be included in - this file. Similarly, the - `savedObjects.maxImportPayloadBytes` setting limits the - overall size of the file that can be imported. - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - examples: - importObjectsResponse: - $ref: >- - #/components/examples/Serverless_saved_objects_import_objects_response - schema: - type: object - properties: - errors: - description: > - Indicates the import was unsuccessful and specifies the - objects that failed to import. - - - NOTE: One object may result in multiple errors, which - requires separate steps to resolve. For instance, a - `missing_references` error and conflict error. - items: - type: object - type: array - success: - description: > - Indicates when the import was successfully completed. When - set to false, some objects may not have been created. For - additional information, refer to the `errors` and - `successResults` properties. - type: boolean - successCount: - description: Indicates the number of successfully imported records. - type: integer - successResults: - description: > - Indicates the objects that are successfully imported, with - any metadata if applicable. - - - NOTE: Objects are created only when all resolvable errors - are addressed, including conflicts and missing references. - If objects are created as new copies, each entry in the - `successResults` array includes a `destinationId` - attribute. - items: - type: object - type: array - description: Indicates a successful call. - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Serverless_saved_objects_400_response' - description: Bad request. - summary: Import saved objects - tags: - - saved objects - x-codeSamples: - - label: Import with createNewCopies - lang: cURL - source: | - curl \ - -X POST api/saved_objects/_import?createNewCopies=true - -H "kbn-xsrf: true" - --form file=@file.ndjson - /api/security_ai_assistant/anonymization_fields/_bulk_action: - post: - description: >- - Apply a bulk action to multiple anonymization fields. The bulk action is - applied to all anonymization fields that match the filter or to the list - of anonymization fields by their IDs. - operationId: PerformAnonymizationFieldsBulkAction - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - create: - items: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldCreateProps - type: array - delete: - type: object - properties: - ids: - description: Array of anonymization fields IDs - items: - type: string - minItems: 1 - type: array - query: - description: Query to filter anonymization fields - type: string - update: - items: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldUpdateProps - type: array - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldsBulkCrudActionResponse - description: Indicates a successful call. - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - description: Generic Error - summary: Apply a bulk action to anonymization fields - tags: - - Security AI Assistant API - - Bulk API - /api/security_ai_assistant/anonymization_fields/_find: - get: - description: Get a list of all anonymization fields. - operationId: FindAnonymizationFields - parameters: - - in: query - name: fields - required: false - schema: - items: - type: string - type: array - - description: Search query - in: query - name: filter - required: false - schema: - type: string - - description: Field to sort by - in: query - name: sort_field - required: false - schema: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_FindAnonymizationFieldsSortField - - description: Sort order - in: query - name: sort_order - required: false - schema: - $ref: '#/components/schemas/Security_AI_Assistant_API_SortOrder' - - description: Page number - in: query - name: page - required: false - schema: - default: 1 - minimum: 1 - type: integer - - description: AnonymizationFields per page - in: query - name: per_page - required: false - schema: - default: 20 - minimum: 0 - type: integer - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - data: - items: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldResponse - type: array - page: - type: integer - perPage: - type: integer - total: - type: integer - required: - - page - - perPage - - total - - data - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - description: Generic Error - summary: Get anonymization fields - tags: - - Security AI Assistant API - - AnonymizationFields API - /api/security_ai_assistant/chat/complete: - post: - description: Create a model response for the given chat conversation. - operationId: ChatComplete - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_AI_Assistant_API_ChatCompleteProps' - required: true - responses: - '200': - content: - application/octet-stream; Elastic-Api-Version=2023-10-31: - schema: - format: binary - type: string - description: Indicates a successful call. - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - description: Generic Error - summary: Create a model response - tags: - - Security AI Assistant API - - Chat Complete API - /api/security_ai_assistant/current_user/conversations: - post: - description: Create a new Security AI Assistant conversation. - operationId: CreateConversation - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_ConversationCreateProps - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_ConversationResponse - description: Indicates a successful call. - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - description: Generic Error - summary: Create a conversation - tags: - - Security AI Assistant API - - Conversation API - /api/security_ai_assistant/current_user/conversations/_find: - get: - description: Get a list of all conversations for the current user. - operationId: FindConversations - parameters: - - in: query - name: fields - required: false - schema: - items: - type: string - type: array - - description: Search query - in: query - name: filter - required: false - schema: - type: string - - description: Field to sort by - in: query - name: sort_field - required: false - schema: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_FindConversationsSortField - - description: Sort order - in: query - name: sort_order - required: false - schema: - $ref: '#/components/schemas/Security_AI_Assistant_API_SortOrder' - - description: Page number - in: query - name: page - required: false - schema: - default: 1 - minimum: 1 - type: integer - - description: Conversations per page - in: query - name: per_page - required: false - schema: - default: 20 - minimum: 0 - type: integer - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - data: - items: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_ConversationResponse - type: array - page: - type: integer - perPage: - type: integer - total: - type: integer - required: - - page - - perPage - - total - - data - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - description: Generic Error - summary: Get conversations - tags: - - Security AI Assistant API - - Conversations API - /api/security_ai_assistant/current_user/conversations/{id}: - delete: - description: Delete an existing conversation using the conversation ID. - operationId: DeleteConversation - parameters: - - description: The conversation's `id` value. - in: path - name: id - required: true - schema: - $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_ConversationResponse - description: Indicates a successful call. - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - description: Generic Error - summary: Delete a conversation - tags: - - Security AI Assistant API - - Conversation API - get: - description: Get the details of an existing conversation using the conversation ID. - operationId: ReadConversation - parameters: - - description: The conversation's `id` value. - in: path - name: id - required: true - schema: - $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_ConversationResponse - description: Indicates a successful call. - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - description: Generic Error - summary: Get a conversation - tags: - - Security AI Assistant API - - Conversations API - put: - description: Update an existing conversation using the conversation ID. - operationId: UpdateConversation - parameters: - - description: The conversation's `id` value. - in: path - name: id - required: true - schema: - $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_ConversationUpdateProps - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_ConversationResponse - description: Indicates a successful call. - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - description: Generic Error - summary: Update a conversation - tags: - - Security AI Assistant API - - Conversation API - /api/security_ai_assistant/prompts/_bulk_action: - post: - description: >- - Apply a bulk action to multiple prompts. The bulk action is applied to - all prompts that match the filter or to the list of prompts by their - IDs. - operationId: PerformPromptsBulkAction - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - create: - items: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_PromptCreateProps - type: array - delete: - type: object - properties: - ids: - description: Array of prompts IDs - items: - type: string - minItems: 1 - type: array - query: - description: Query to filter promps - type: string - update: - items: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_PromptUpdateProps - type: array - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_PromptsBulkCrudActionResponse - description: Indicates a successful call. - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - description: Generic Error - summary: Apply a bulk action to prompts - tags: - - Security AI Assistant API - - Bulk API - /api/security_ai_assistant/prompts/_find: - get: - description: Get a list of all prompts. - operationId: FindPrompts - parameters: - - in: query - name: fields - required: false - schema: - items: - type: string - type: array - - description: Search query - in: query - name: filter - required: false - schema: - type: string - - description: Field to sort by - in: query - name: sort_field - required: false - schema: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_FindPromptsSortField - - description: Sort order - in: query - name: sort_order - required: false - schema: - $ref: '#/components/schemas/Security_AI_Assistant_API_SortOrder' - - description: Page number - in: query - name: page - required: false - schema: - default: 1 - minimum: 1 - type: integer - - description: Prompts per page - in: query - name: per_page - required: false - schema: - default: 20 - minimum: 0 - type: integer - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - data: - items: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_PromptResponse - type: array - page: - type: integer - perPage: - type: integer - total: - type: integer - required: - - page - - perPage - - total - - data - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - description: Generic Error - summary: Get prompts - tags: - - Security AI Assistant API - - Prompts API - /api/security/role: - get: - operationId: '%2Fapi%2Fsecurity%2Frole#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - in: query - name: replaceDeprecatedPrivileges - required: false - schema: - type: boolean - responses: {} - summary: Get all roles - tags: - - roles - /api/security/role/{name}: - delete: - operationId: '%2Fapi%2Fsecurity%2Frole%2F%7Bname%7D#1' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - in: path - name: name - required: true - schema: - minLength: 1 - type: string - responses: {} - summary: Delete a role - tags: - - roles - get: - operationId: '%2Fapi%2Fsecurity%2Frole%2F%7Bname%7D#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - in: path - name: name - required: true - schema: - minLength: 1 - type: string - - in: query - name: replaceDeprecatedPrivileges - required: false - schema: - type: boolean - responses: {} - summary: Get a role - tags: - - roles - put: - operationId: '%2Fapi%2Fsecurity%2Frole%2F%7Bname%7D#2' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - in: path - name: name - required: true - schema: - maxLength: 1024 - minLength: 1 - type: string - - in: query - name: createOnly - required: false - schema: - default: false - type: boolean - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - description: - maxLength: 2048 - type: string - elasticsearch: - additionalProperties: false - type: object - properties: - cluster: - items: - type: string - type: array - indices: - items: - additionalProperties: false - type: object - properties: - allow_restricted_indices: - type: boolean - field_security: - additionalProperties: - items: - type: string - type: array - type: object - names: - items: - type: string - minItems: 1 - type: array - privileges: - items: - type: string - minItems: 1 - type: array - query: - type: string - required: - - names - - privileges - type: array - remote_cluster: - items: - additionalProperties: false - type: object - properties: - clusters: - items: - type: string - minItems: 1 - type: array - privileges: - items: - type: string - minItems: 1 - type: array - required: - - privileges - - clusters - type: array - remote_indices: - items: - additionalProperties: false - type: object - properties: - allow_restricted_indices: - type: boolean - clusters: - items: - type: string - minItems: 1 - type: array - field_security: - additionalProperties: - items: - type: string - type: array - type: object - names: - items: - type: string - minItems: 1 - type: array - privileges: - items: - type: string - minItems: 1 - type: array - query: - type: string - required: - - clusters - - names - - privileges - type: array - run_as: - items: - type: string - type: array - kibana: - items: - additionalProperties: false - type: object - properties: - base: - anyOf: - - items: {} - type: array - - type: boolean - - type: number - - type: object - - type: string - nullable: true - oneOf: - - items: - type: string - type: array - - items: - type: string - type: array - feature: - additionalProperties: - items: - type: string - type: array - type: object - spaces: - anyOf: - - items: - enum: - - '*' - type: string - maxItems: 1 - minItems: 1 - type: array - - items: - type: string - type: array - default: - - '*' - required: - - base - type: array - metadata: - additionalProperties: {} - type: object - required: - - elasticsearch - responses: {} - summary: Create or update a role - tags: - - roles - /api/security/roles: - post: - operationId: '%2Fapi%2Fsecurity%2Froles#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - roles: - additionalProperties: - additionalProperties: false - type: object - properties: - description: - maxLength: 2048 - type: string - elasticsearch: - additionalProperties: false - type: object - properties: - cluster: - items: - type: string - type: array - indices: - items: - additionalProperties: false - type: object - properties: - allow_restricted_indices: - type: boolean - field_security: - additionalProperties: - items: - type: string - type: array - type: object - names: - items: - type: string - minItems: 1 - type: array - privileges: - items: - type: string - minItems: 1 - type: array - query: - type: string - required: - - names - - privileges - type: array - remote_cluster: - items: - additionalProperties: false - type: object - properties: - clusters: - items: - type: string - minItems: 1 - type: array - privileges: - items: - type: string - minItems: 1 - type: array - required: - - privileges - - clusters - type: array - remote_indices: - items: - additionalProperties: false - type: object - properties: - allow_restricted_indices: - type: boolean - clusters: - items: - type: string - minItems: 1 - type: array - field_security: - additionalProperties: - items: - type: string - type: array - type: object - names: - items: - type: string - minItems: 1 - type: array - privileges: - items: - type: string - minItems: 1 - type: array - query: - type: string - required: - - clusters - - names - - privileges - type: array - run_as: - items: - type: string - type: array - kibana: - items: - additionalProperties: false - type: object - properties: - base: - anyOf: - - items: {} - type: array - - type: boolean - - type: number - - type: object - - type: string - nullable: true - oneOf: - - items: - type: string - type: array - - items: - type: string - type: array - feature: - additionalProperties: - items: - type: string - type: array - type: object - spaces: - anyOf: - - items: - enum: - - '*' - type: string - maxItems: 1 - minItems: 1 - type: array - - items: - type: string - type: array - default: - - '*' - required: - - base - type: array - metadata: - additionalProperties: {} - type: object - required: - - elasticsearch - type: object - required: - - roles - responses: {} - summary: Create or update roles - tags: - - roles - /api/spaces/space: - get: - operationId: '%2Fapi%2Fspaces%2Fspace#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: >- - Specifies which authorization checks are applied to the API call. - The default value is `any`. - in: query - name: purpose - required: false - schema: - enum: - - any - - copySavedObjectsIntoSpace - - shareSavedObjectsIntoSpace - type: string - - description: >- - When enabled, the API returns any spaces that the user is authorized - to access in any capacity and each space will contain the purposes - for which the user is authorized. This can be useful to determine - which spaces a user can read but not take a specific action in. If - the security plugin is not enabled, this parameter has no effect, - since no authorization checks take place. This parameter cannot be - used in with the `purpose` parameter. - in: query - name: include_authorized_purposes - required: true - schema: - anyOf: - - items: {} - type: array - - type: boolean - - type: number - - type: object - - type: string - nullable: true - oneOf: - - enum: - - false - type: boolean - x-oas-optional: true - - type: boolean - x-oas-optional: true - responses: - '200': - description: Indicates a successful call. - summary: Get all spaces - tags: - - spaces - post: - operationId: '%2Fapi%2Fspaces%2Fspace#1' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - _reserved: - type: boolean - color: - description: >- - The hexadecimal color code used in the space avatar. By - default, the color is automatically generated from the space - name. - type: string - description: - description: A description for the space. - type: string - disabledFeatures: - default: [] - items: - description: The list of features that are turned off in the space. - type: string - type: array - id: - description: >- - The space ID that is part of the Kibana URL when inside the - space. Space IDs are limited to lowercase alphanumeric, - underscore, and hyphen characters (a-z, 0-9, _, and -). You - are cannot change the ID with the update operation. - type: string - imageUrl: - description: >- - The data-URL encoded image to display in the space avatar. - If specified, initials will not be displayed and the color - will be visible as the background color for transparent - images. For best results, your image should be 64x64. Images - will not be optimized by this API call, so care should be - taken when using custom images. - type: string - initials: - description: >- - One or two characters that are shown in the space avatar. By - default, the initials are automatically generated from the - space name. - maxLength: 2 - type: string - name: - description: 'The display name for the space. ' - minLength: 1 - type: string - required: - - id - - name - responses: - '200': - description: Indicates a successful call. - summary: Create a space - tags: - - spaces - /api/spaces/space/{id}: - delete: - description: >- - When you delete a space, all saved objects that belong to the space are - automatically deleted, which is permanent and cannot be undone. - operationId: '%2Fapi%2Fspaces%2Fspace%2F%7Bid%7D#2' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - description: The space identifier. - in: path - name: id - required: true - schema: - type: string - responses: - '204': - description: Indicates a successful call. - '404': - description: Indicates that the request failed. - summary: Delete a space - tags: - - spaces - get: - operationId: '%2Fapi%2Fspaces%2Fspace%2F%7Bid%7D#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: The space identifier. - in: path - name: id - required: true - schema: - type: string - responses: - '200': - description: Indicates a successful call. - summary: Get a space - tags: - - spaces - put: - operationId: '%2Fapi%2Fspaces%2Fspace%2F%7Bid%7D#1' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - description: >- - The space identifier. You are unable to change the ID with the - update operation. - in: path - name: id - required: true - schema: - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - _reserved: - type: boolean - color: - description: >- - The hexadecimal color code used in the space avatar. By - default, the color is automatically generated from the space - name. - type: string - description: - description: A description for the space. - type: string - disabledFeatures: - default: [] - items: - description: The list of features that are turned off in the space. - type: string - type: array - id: - description: >- - The space ID that is part of the Kibana URL when inside the - space. Space IDs are limited to lowercase alphanumeric, - underscore, and hyphen characters (a-z, 0-9, _, and -). You - are cannot change the ID with the update operation. - type: string - imageUrl: - description: >- - The data-URL encoded image to display in the space avatar. - If specified, initials will not be displayed and the color - will be visible as the background color for transparent - images. For best results, your image should be 64x64. Images - will not be optimized by this API call, so care should be - taken when using custom images. - type: string - initials: - description: >- - One or two characters that are shown in the space avatar. By - default, the initials are automatically generated from the - space name. - maxLength: 2 - type: string - name: - description: 'The display name for the space. ' - minLength: 1 - type: string - required: - - id - - name - responses: - '200': - description: Indicates a successful call. - summary: Update a space - tags: - - spaces - /api/status: - get: - operationId: '%2Fapi%2Fstatus#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: Set to "true" to get the response in v7 format. - in: query - name: v7format - required: false - schema: - type: boolean - - description: Set to "true" to get the response in v8 format. - in: query - name: v8format - required: false - schema: - type: boolean - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - anyOf: - - $ref: '#/components/schemas/Kibana_HTTP_APIs_core_status_response' - - $ref: >- - #/components/schemas/Kibana_HTTP_APIs_core_status_redactedResponse - description: >- - Kibana's operational status. A minimal response is sent for - unauthorized users. - description: Overall status is OK and Kibana should be functioning normally. - '503': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - anyOf: - - $ref: '#/components/schemas/Kibana_HTTP_APIs_core_status_response' - - $ref: >- - #/components/schemas/Kibana_HTTP_APIs_core_status_redactedResponse - description: >- - Kibana's operational status. A minimal response is sent for - unauthorized users. - description: >- - Kibana or some of it's essential services are unavailable. Kibana - may be degraded or unavailable. - summary: Get Kibana's current status - tags: - - system - /api/timeline: - delete: - description: Delete one or more Timelines or Timeline templates. - operationId: DeleteTimelines - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - savedObjectIds: - items: - type: string - type: array - searchIds: - description: >- - Saved search ids that should be deleted alongside the - timelines - items: - type: string - type: array - required: - - savedObjectIds - description: The IDs of the Timelines or Timeline templates to delete. - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - data: - type: object - properties: - deleteTimeline: - type: boolean - required: - - deleteTimeline - required: - - data - description: Indicates the Timeline was successfully deleted. - summary: Delete Timelines or Timeline templates - tags: - - Security Timeline API - - access:securitySolution - get: - description: Get the details of an existing saved Timeline or Timeline template. - operationId: GetTimeline - parameters: - - description: The ID of the template timeline to retrieve - in: query - name: template_timeline_id - schema: - type: string - - description: The ID of the Timeline to retrieve. - in: query - name: id - schema: - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - type: object - properties: - data: - type: object - properties: - getOneTimeline: - $ref: >- - #/components/schemas/Security_Timeline_API_TimelineResponse - required: - - getOneTimeline - required: - - data - - additionalProperties: false - type: object - description: Indicates that the (template) Timeline was found and returned. - summary: Get Timeline or Timeline template details - tags: - - Security Timeline API - - access:securitySolution - patch: - description: >- - Update an existing Timeline. You can update the title, description, date - range, pinned events, pinned queries, and/or pinned saved queries of an - existing Timeline. - operationId: PatchTimeline - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - timeline: - $ref: '#/components/schemas/Security_Timeline_API_SavedTimeline' - timelineId: - nullable: true - type: string - version: - nullable: true - type: string - required: - - timelineId - - version - - timeline - description: The Timeline updates, along with the Timeline ID and version. - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Timeline_API_PersistTimelineResponse - description: >- - Indicates that the draft Timeline was successfully created. In the - event the user already has a draft Timeline, the existing draft - Timeline is cleared and returned. - '405': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - body: - type: string - statusCode: - type: number - description: >- - Indicates that the user does not have the required access to create - a draft Timeline. - summary: Update a Timeline - tags: - - Security Timeline API - - access:securitySolution - post: - description: Create a new Timeline or Timeline template. - operationId: CreateTimelines - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - status: - $ref: '#/components/schemas/Security_Timeline_API_TimelineStatus' - nullable: true - templateTimelineId: - nullable: true - type: string - templateTimelineVersion: - nullable: true - type: number - timeline: - $ref: '#/components/schemas/Security_Timeline_API_SavedTimeline' - timelineId: - nullable: true - type: string - timelineType: - $ref: '#/components/schemas/Security_Timeline_API_TimelineType' - nullable: true - version: - nullable: true - type: string - required: - - timeline - description: >- - The required Timeline fields used to create a new Timeline, along with - optional fields that will be created if not provided. - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Timeline_API_PersistTimelineResponse - description: Indicates the Timeline was successfully created. - '405': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - body: - type: string - statusCode: - type: number - description: Indicates that there was an error in the Timeline creation. - summary: Create a Timeline or Timeline template - tags: - - Security Timeline API - - access:securitySolution - /api/timeline/_copy: - get: - description: | - Copies and returns a timeline or timeline template. - operationId: CopyTimeline - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - timeline: - $ref: '#/components/schemas/Security_Timeline_API_SavedTimeline' - timelineIdToCopy: - type: string - required: - - timeline - - timelineIdToCopy - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Timeline_API_PersistTimelineResponse - description: Indicates that the timeline has been successfully copied. - summary: Copies timeline or timeline template - tags: - - Security Timeline API - - access:securitySolution - /api/timeline/_draft: - get: - description: >- - Get the details of the draft Timeline or Timeline template for the - current user. If the user doesn't have a draft Timeline, an empty - Timeline is returned. - operationId: GetDraftTimelines - parameters: - - in: query - name: timelineType - required: true - schema: - $ref: '#/components/schemas/Security_Timeline_API_TimelineType' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Timeline_API_PersistTimelineResponse - description: Indicates that the draft Timeline was successfully retrieved. - '403': - content: - application:json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - message: - type: string - status_code: - type: number - description: >- - If a draft Timeline was not found and we attempted to create one, it - indicates that the user does not have the required permissions to - create a draft Timeline. - '409': - content: - application:json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - message: - type: string - status_code: - type: number - description: >- - This should never happen, but if a draft Timeline was not found and - we attempted to create one, it indicates that there is already a - draft Timeline with the given `timelineId`. - summary: Get draft Timeline or Timeline template details - tags: - - Security Timeline API - - access:securitySolution - post: - description: > - Create a clean draft Timeline or Timeline template for the current user. - - > info - - > If the user already has a draft Timeline, the existing draft Timeline - is cleared and returned. - operationId: CleanDraftTimelines - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - timelineType: - $ref: '#/components/schemas/Security_Timeline_API_TimelineType' - required: - - timelineType - description: >- - The type of Timeline to create. Valid values are `default` and - `template`. - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Timeline_API_PersistTimelineResponse - description: >- - Indicates that the draft Timeline was successfully created. In the - event the user already has a draft Timeline, the existing draft - Timeline is cleared and returned. - '403': - content: - application:json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - message: - type: string - status_code: - type: number - description: >- - Indicates that the user does not have the required permissions to - create a draft Timeline. - '409': - content: - application:json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - message: - type: string - status_code: - type: number - description: >- - Indicates that there is already a draft Timeline with the given - `timelineId`. - summary: Create a clean draft Timeline or Timeline template - tags: - - Security Timeline API - - access:securitySolution - /api/timeline/_export: - post: - description: Export Timelines as an NDJSON file. - operationId: ExportTimelines - parameters: - - description: The name of the file to export - in: query - name: file_name - required: true - schema: - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - ids: - items: - type: string - nullable: true - type: array - description: The IDs of the Timelines to export. - required: true - responses: - '200': - content: - application/ndjson; Elastic-Api-Version=2023-10-31: - schema: - description: NDJSON of the exported Timelines - type: string - description: Indicates the Timelines were successfully exported. - '400': - content: - application/ndjson; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - body: - type: string - statusCode: - type: number - description: Indicates that the export size limit was exceeded. - summary: Export Timelines - tags: - - Security Timeline API - - access:securitySolution - /api/timeline/_favorite: - patch: - description: Favorite a Timeline or Timeline template for the current user. - operationId: PersistFavoriteRoute - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - templateTimelineId: - nullable: true - type: string - templateTimelineVersion: - nullable: true - type: number - timelineId: - nullable: true - type: string - timelineType: - $ref: '#/components/schemas/Security_Timeline_API_TimelineType' - nullable: true - required: - - timelineId - - templateTimelineId - - templateTimelineVersion - - timelineType - description: The required fields used to favorite a (template) Timeline. - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - data: - type: object - properties: - persistFavorite: - $ref: >- - #/components/schemas/Security_Timeline_API_FavoriteTimelineResponse - required: - - persistFavorite - required: - - data - description: Indicates the favorite status was successfully updated. - '403': - content: - application:json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - body: - type: string - statusCode: - type: number - description: >- - Indicates the user does not have the required permissions to persist - the favorite status. - summary: Favorite a Timeline or Timeline template - tags: - - Security Timeline API - - access:securitySolution - /api/timeline/_import: - post: - description: Import Timelines. - operationId: ImportTimelines - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - file: {} - isImmutable: - enum: - - 'true' - - 'false' - type: string - required: - - file - description: The Timelines to import as a readable stream. - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Timeline_API_ImportTimelineResult - description: Indicates the import of Timelines was successful. - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - body: - type: string - id: - type: string - statusCode: - type: number - description: >- - Indicates the import of Timelines was unsuccessful because of an - invalid file extension. - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - id: - type: string - statusCode: - type: number - description: >- - Indicates that we were unable to locate the saved object client - necessary to handle the import. - '409': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - body: - type: string - id: - type: string - statusCode: - type: number - description: Indicates the import of Timelines was unsuccessful. - summary: Import Timelines - tags: - - Security Timeline API - - access:securitySolution - /api/timeline/_prepackaged: - post: - description: Install or update prepackaged Timelines. - operationId: InstallPrepackedTimelines - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - prepackagedTimelines: - items: - $ref: >- - #/components/schemas/Security_Timeline_API_TimelineSavedToReturnObject - nullable: true - type: array - timelinesToInstall: - items: - $ref: '#/components/schemas/Security_Timeline_API_ImportTimelines' - nullable: true - type: array - timelinesToUpdate: - items: - $ref: '#/components/schemas/Security_Timeline_API_ImportTimelines' - nullable: true - type: array - required: - - timelinesToInstall - - timelinesToUpdate - - prepackagedTimelines - description: The Timelines to install or update. - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Timeline_API_ImportTimelineResult - description: Indicates the installation of prepackaged Timelines was successful. - '500': - content: - application:json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - body: - type: string - statusCode: - type: number - description: >- - Indicates the installation of prepackaged Timelines was - unsuccessful. - summary: Install prepackaged Timelines - tags: - - Security Timeline API - - access:securitySolution - /api/timeline/resolve: - get: - operationId: ResolveTimeline - parameters: - - description: The ID of the template timeline to resolve - in: query - name: template_timeline_id - schema: - type: string - - description: The ID of the timeline to resolve - in: query - name: id - schema: - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - type: object - properties: - data: - $ref: >- - #/components/schemas/Security_Timeline_API_ResolvedTimeline - required: - - data - - additionalProperties: false - type: object - description: The (template) Timeline has been found - '400': - description: The request is missing parameters - '404': - description: The (template) Timeline was not found - summary: Get an existing saved Timeline or Timeline template - tags: - - Security Timeline API - - access:securitySolution - /api/timelines: - get: - description: Get a list of all saved Timelines or Timeline templates. - operationId: GetTimelines - parameters: - - description: >- - If true, only timelines that are marked as favorites by the user are - returned. - in: query - name: only_user_favorite - schema: - enum: - - 'true' - - 'false' - nullable: true - type: string - - in: query - name: timeline_type - schema: - $ref: '#/components/schemas/Security_Timeline_API_TimelineType' - nullable: true - - in: query - name: sort_field - schema: - $ref: '#/components/schemas/Security_Timeline_API_SortFieldTimeline' - - in: query - name: sort_order - schema: - enum: - - asc - - desc - type: string - - in: query - name: page_size - schema: - nullable: true - type: string - - in: query - name: page_index - schema: - nullable: true - type: string - - in: query - name: search - schema: - nullable: true - type: string - - in: query - name: status - schema: - $ref: '#/components/schemas/Security_Timeline_API_TimelineStatus' - nullable: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - customTemplateTimelineCount: - type: number - defaultTimelineCount: - type: number - elasticTemplateTimelineCount: - type: number - favoriteCount: - type: number - templateTimelineCount: - type: number - timeline: - items: - $ref: >- - #/components/schemas/Security_Timeline_API_TimelineResponse - type: array - totalCount: - type: number - required: - - timeline - - totalCount - description: Indicates that the (template) Timelines were found and returned. - '400': - content: - application:json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - body: - type: string - statusCode: - type: number - description: Bad request. The user supplied invalid data. - summary: Get Timelines or Timeline templates - tags: - - Security Timeline API - - access:securitySolution - /s/{spaceId}/api/observability/slos: - get: - description: > - You must have the `read` privileges for the **SLOs** feature in the - **Observability** section of the Kibana feature privileges. - operationId: findSlosOp - parameters: - - $ref: '#/components/parameters/SLOs_kbn_xsrf' - - $ref: '#/components/parameters/SLOs_space_id' - - description: A valid kql query to filter the SLO with - example: 'slo.name:latency* and slo.tags : "prod"' - in: query - name: kqlQuery - schema: - type: string - - description: The page to use for pagination, must be greater or equal than 1 - example: 1 - in: query - name: page - schema: - default: 1 - type: integer - - description: Number of SLOs returned by page - example: 25 - in: query - name: perPage - schema: - default: 25 - maximum: 5000 - type: integer - - description: Sort by field - example: status - in: query - name: sortBy - schema: - default: status - enum: - - sli_value - - status - - error_budget_consumed - - error_budget_remaining - type: string - - description: Sort order - example: asc - in: query - name: sortDirection - schema: - default: asc - enum: - - asc - - desc - type: string - - description: >- - Hide stale SLOs from the list as defined by stale SLO threshold in - SLO settings - in: query - name: hideStale - schema: - type: boolean - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_find_slo_response' - description: Successful request - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_400_response' - description: Bad request - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_401_response' - description: Unauthorized response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_403_response' - description: Unauthorized response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_404_response' - description: Not found response - summary: Get a paginated list of SLOs - tags: - - slo - post: - description: > - You must have `all` privileges for the **SLOs** feature in the - **Observability** section of the Kibana feature privileges. - operationId: createSloOp - parameters: - - $ref: '#/components/parameters/SLOs_kbn_xsrf' - - $ref: '#/components/parameters/SLOs_space_id' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_create_slo_request' - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_create_slo_response' - description: Successful request - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_400_response' - description: Bad request - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_401_response' - description: Unauthorized response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_403_response' - description: Unauthorized response - '409': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_409_response' - description: Conflict - The SLO id already exists - servers: - - url: https://localhost:5601 - summary: Create an SLO - tags: - - slo - /s/{spaceId}/api/observability/slos/_delete_instances: - post: - description: > - The deletion occurs for the specified list of `sloId` and `instanceId`. - You must have `all` privileges for the **SLOs** feature in the - **Observability** section of the Kibana feature privileges. - operationId: deleteSloInstancesOp - parameters: - - $ref: '#/components/parameters/SLOs_kbn_xsrf' - - $ref: '#/components/parameters/SLOs_space_id' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_delete_slo_instances_request' - required: true - responses: - '204': - description: Successful request - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_400_response' - description: Bad request - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_401_response' - description: Unauthorized response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_403_response' - description: Unauthorized response - servers: - - url: https://localhost:5601 - summary: Batch delete rollup and summary data - tags: - - slo - /s/{spaceId}/api/observability/slos/{sloId}: - delete: - description: > - You must have the `write` privileges for the **SLOs** feature in the - **Observability** section of the Kibana feature privileges. - operationId: deleteSloOp - parameters: - - $ref: '#/components/parameters/SLOs_kbn_xsrf' - - $ref: '#/components/parameters/SLOs_space_id' - - $ref: '#/components/parameters/SLOs_slo_id' - responses: - '204': - description: Successful request - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_400_response' - description: Bad request - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_401_response' - description: Unauthorized response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_403_response' - description: Unauthorized response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_404_response' - description: Not found response - summary: Delete an SLO - tags: - - slo - get: - description: > - You must have the `read` privileges for the **SLOs** feature in the - **Observability** section of the Kibana feature privileges. - operationId: getSloOp - parameters: - - $ref: '#/components/parameters/SLOs_kbn_xsrf' - - $ref: '#/components/parameters/SLOs_space_id' - - $ref: '#/components/parameters/SLOs_slo_id' - - description: the specific instanceId used by the summary calculation - example: host-abcde - in: query - name: instanceId - schema: - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_slo_with_summary_response' - description: Successful request - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_400_response' - description: Bad request - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_401_response' - description: Unauthorized response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_403_response' - description: Unauthorized response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_404_response' - description: Not found response - summary: Get an SLO - tags: - - slo - put: - description: > - You must have the `write` privileges for the **SLOs** feature in the - **Observability** section of the Kibana feature privileges. - operationId: updateSloOp - parameters: - - $ref: '#/components/parameters/SLOs_kbn_xsrf' - - $ref: '#/components/parameters/SLOs_space_id' - - $ref: '#/components/parameters/SLOs_slo_id' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_update_slo_request' - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_slo_definition_response' - description: Successful request - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_400_response' - description: Bad request - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_401_response' - description: Unauthorized response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_403_response' - description: Unauthorized response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_404_response' - description: Not found response - summary: Update an SLO - tags: - - slo - /s/{spaceId}/api/observability/slos/{sloId}/_reset: - post: - description: > - You must have the `write` privileges for the **SLOs** feature in the - **Observability** section of the Kibana feature privileges. - operationId: resetSloOp - parameters: - - $ref: '#/components/parameters/SLOs_kbn_xsrf' - - $ref: '#/components/parameters/SLOs_space_id' - - $ref: '#/components/parameters/SLOs_slo_id' - responses: - '204': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_slo_definition_response' - description: Successful request - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_400_response' - description: Bad request - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_401_response' - description: Unauthorized response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_403_response' - description: Unauthorized response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_404_response' - description: Not found response - summary: Reset an SLO - tags: - - slo - /s/{spaceId}/api/observability/slos/{sloId}/disable: - post: - description: > - You must have the `write` privileges for the **SLOs** feature in the - **Observability** section of the Kibana feature privileges. - operationId: disableSloOp - parameters: - - $ref: '#/components/parameters/SLOs_kbn_xsrf' - - $ref: '#/components/parameters/SLOs_space_id' - - $ref: '#/components/parameters/SLOs_slo_id' - responses: - '200': - description: Successful request - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_400_response' - description: Bad request - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_401_response' - description: Unauthorized response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_403_response' - description: Unauthorized response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_404_response' - description: Not found response - summary: Disable an SLO - tags: - - slo - /s/{spaceId}/api/observability/slos/{sloId}/enable: - post: - description: > - You must have the `write` privileges for the **SLOs** feature in the - **Observability** section of the Kibana feature privileges. - operationId: enableSloOp - parameters: - - $ref: '#/components/parameters/SLOs_kbn_xsrf' - - $ref: '#/components/parameters/SLOs_space_id' - - $ref: '#/components/parameters/SLOs_slo_id' - responses: - '204': - description: Successful request - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_400_response' - description: Bad request - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_401_response' - description: Unauthorized response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_403_response' - description: Unauthorized response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_404_response' - description: Not found response - summary: Enable an SLO - tags: - - slo -components: - examples: - Data_views_create_data_view_request: - summary: Create a data view with runtime fields. - value: - data_view: - name: My Logstash data view - runtimeFieldMap: - runtime_shape_name: - script: - source: emit(doc['shape_name'].value) - type: keyword - title: logstash-* - Data_views_create_runtime_field_request: - summary: Create a runtime field. - value: - name: runtimeFoo - runtimeField: - script: - source: emit(doc["foo"].value) - type: long - Data_views_get_data_view_response: - summary: >- - The get data view API returns a JSON object that contains information - about the data view. - value: - data_view: - allowNoIndex: false - fieldAttrs: - products.manufacturer: - count: 1 - products.price: - count: 1 - products.product_name: - count: 1 - total_quantity: - count: 1 - fieldFormats: - products.base_price: - id: number - params: - pattern: $0,0.00 - products.base_unit_price: - id: number - params: - pattern: $0,0.00 - products.min_price: - id: number - params: - pattern: $0,0.00 - products.price: - id: number - params: - pattern: $0,0.00 - products.taxful_price: - id: number - params: - pattern: $0,0.00 - products.taxless_price: - id: number - params: - pattern: $0,0.00 - taxful_total_price: - id: number - params: - pattern: $0,0.[00] - taxless_total_price: - id: number - params: - pattern: $0,0.00 - fields: - _id: - aggregatable: false - count: 0 - esTypes: - - _id - format: - id: string - isMapped: true - name: _id - readFromDocValues: false - scripted: false - searchable: true - shortDotsEnable: false - type: string - _index: - aggregatable: true - count: 0 - esTypes: - - _index - format: - id: string - isMapped: true - name: _index - readFromDocValues: false - scripted: false - searchable: true - shortDotsEnable: false - type: string - _score: - aggregatable: false - count: 0 - format: - id: number - isMapped: true - name: _score - readFromDocValues: false - scripted: false - searchable: false - shortDotsEnable: false - type: number - _source: - aggregatable: false - count: 0 - esTypes: - - _source - format: - id: _source - isMapped: true - name: _source - readFromDocValues: false - scripted: false - searchable: false - shortDotsEnable: false - type: _source - category: - aggregatable: false - count: 0 - esTypes: - - text - format: - id: string - isMapped: true - name: category - readFromDocValues: false - scripted: false - searchable: true - shortDotsEnable: false - type: string - category.keyword: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: category.keyword - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - subType: - multi: - parent: category - type: string - currency: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: currency - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - customer_birth_date: - aggregatable: true - count: 0 - esTypes: - - date - format: - id: date - isMapped: true - name: customer_birth_date - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: date - customer_first_name: - aggregatable: false - count: 0 - esTypes: - - text - format: - id: string - isMapped: true - name: customer_first_name - readFromDocValues: false - scripted: false - searchable: true - shortDotsEnable: false - type: string - customer_first_name.keyword: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: customer_first_name.keyword - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - subType: - multi: - parent: customer_first_name - type: string - customer_full_name: - aggregatable: false - count: 0 - esTypes: - - text - format: - id: string - isMapped: true - name: customer_full_name - readFromDocValues: false - scripted: false - searchable: true - shortDotsEnable: false - type: string - customer_full_name.keyword: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: customer_full_name.keyword - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - subType: - multi: - parent: customer_full_name - type: string - customer_gender: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: customer_gender - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - customer_id: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: customer_id - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - customer_last_name: - aggregatable: false - count: 0 - esTypes: - - text - format: - id: string - isMapped: true - name: customer_last_name - readFromDocValues: false - scripted: false - searchable: true - shortDotsEnable: false - type: string - customer_last_name.keyword: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: customer_last_name.keyword - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - subType: - multi: - parent: customer_last_name - type: string - customer_phone: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: customer_phone - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - day_of_week: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: day_of_week - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - day_of_week_i: - aggregatable: true - count: 0 - esTypes: - - integer - format: - id: number - isMapped: true - name: day_of_week_i - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - email: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: email - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - event.dataset: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: event.dataset - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - geoip.city_name: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: geoip.city_name - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - geoip.continent_name: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: geoip.continent_name - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - geoip.country_iso_code: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: geoip.country_iso_code - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - geoip.location: - aggregatable: true - count: 0 - esTypes: - - geo_point - format: - id: geo_point - params: - transform: wkt - isMapped: true - name: geoip.location - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: geo_point - geoip.region_name: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: geoip.region_name - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - manufacturer: - aggregatable: false - count: 0 - esTypes: - - text - format: - id: string - isMapped: true - name: manufacturer - readFromDocValues: false - scripted: false - searchable: true - shortDotsEnable: false - type: string - manufacturer.keyword: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: manufacturer.keyword - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - subType: - multi: - parent: manufacturer - type: string - order_date: - aggregatable: true - count: 0 - esTypes: - - date - format: - id: date - isMapped: true - name: order_date - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: date - order_id: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: order_id - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - products._id: - aggregatable: false - count: 0 - esTypes: - - text - format: - id: string - isMapped: true - name: products._id - readFromDocValues: false - scripted: false - searchable: true - shortDotsEnable: false - type: string - products._id.keyword: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: products._id.keyword - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - subType: - multi: - parent: products._id - type: string - products.base_price: - aggregatable: true - count: 0 - esTypes: - - half_float - format: - id: number - params: - pattern: $0,0.00 - isMapped: true - name: products.base_price - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - products.base_unit_price: - aggregatable: true - count: 0 - esTypes: - - half_float - format: - id: number - params: - pattern: $0,0.00 - isMapped: true - name: products.base_unit_price - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - products.category: - aggregatable: false - count: 0 - esTypes: - - text - format: - id: string - isMapped: true - name: products.category - readFromDocValues: false - scripted: false - searchable: true - shortDotsEnable: false - type: string - products.category.keyword: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: products.category.keyword - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - subType: - multi: - parent: products.category - type: string - products.created_on: - aggregatable: true - count: 0 - esTypes: - - date - format: - id: date - isMapped: true - name: products.created_on - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: date - products.discount_amount: - aggregatable: true - count: 0 - esTypes: - - half_float - format: - id: number - isMapped: true - name: products.discount_amount - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - products.discount_percentage: - aggregatable: true - count: 0 - esTypes: - - half_float - format: - id: number - isMapped: true - name: products.discount_percentage - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - products.manufacturer: - aggregatable: false - count: 1 - esTypes: - - text - format: - id: string - isMapped: true - name: products.manufacturer - readFromDocValues: false - scripted: false - searchable: true - shortDotsEnable: false - type: string - products.manufacturer.keyword: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: products.manufacturer.keyword - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - subType: - multi: - parent: products.manufacturer - type: string - products.min_price: - aggregatable: true - count: 0 - esTypes: - - half_float - format: - id: number - params: - pattern: $0,0.00 - isMapped: true - name: products.min_price - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - products.price: - aggregatable: true - count: 1 - esTypes: - - half_float - format: - id: number - params: - pattern: $0,0.00 - isMapped: true - name: products.price - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - products.product_id: - aggregatable: true - count: 0 - esTypes: - - long - format: - id: number - isMapped: true - name: products.product_id - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - products.product_name: - aggregatable: false - count: 1 - esTypes: - - text - format: - id: string - isMapped: true - name: products.product_name - readFromDocValues: false - scripted: false - searchable: true - shortDotsEnable: false - type: string - products.product_name.keyword: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: products.product_name.keyword - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - subType: - multi: - parent: products.product_name - type: string - products.quantity: - aggregatable: true - count: 0 - esTypes: - - integer - format: - id: number - isMapped: true - name: products.quantity - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - products.sku: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: products.sku - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - products.tax_amount: - aggregatable: true - count: 0 - esTypes: - - half_float - format: - id: number - isMapped: true - name: products.tax_amount - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - products.taxful_price: - aggregatable: true - count: 0 - esTypes: - - half_float - format: - id: number - params: - pattern: $0,0.00 - isMapped: true - name: products.taxful_price - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - products.taxless_price: - aggregatable: true - count: 0 - esTypes: - - half_float - format: - id: number - params: - pattern: $0,0.00 - isMapped: true - name: products.taxless_price - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - products.unit_discount_amount: - aggregatable: true - count: 0 - esTypes: - - half_float - format: - id: number - isMapped: true - name: products.unit_discount_amount - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - sku: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: sku - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - taxful_total_price: - aggregatable: true - count: 0 - esTypes: - - half_float - format: - id: number - params: - pattern: $0,0.[00] - isMapped: true - name: taxful_total_price - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - taxless_total_price: - aggregatable: true - count: 0 - esTypes: - - half_float - format: - id: number - params: - pattern: $0,0.00 - isMapped: true - name: taxless_total_price - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - total_quantity: - aggregatable: true - count: 1 - esTypes: - - integer - format: - id: number - isMapped: true - name: total_quantity - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - total_unique_products: - aggregatable: true - count: 0 - esTypes: - - integer - format: - id: number - isMapped: true - name: total_unique_products - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - type: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: type - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - user: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: user - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - id: ff959d40-b880-11e8-a6d9-e546fe2bba5f - name: Kibana Sample Data eCommerce - namespaces: - - default - runtimeFieldMap: {} - sourceFilters: [] - timeFieldName: order_date - title: kibana_sample_data_ecommerce - typeMeta: {} - version: WzUsMV0= - Data_views_get_data_views_response: - summary: The get all data views API returns a list of data views. - value: - data_view: - - id: ff959d40-b880-11e8-a6d9-e546fe2bba5f - name: Kibana Sample Data eCommerce - namespaces: - - default - title: kibana_sample_data_ecommerce - typeMeta: {} - - id: d3d7af60-4c81-11e8-b3d7-01146121b73d - name: Kibana Sample Data Flights - namespaces: - - default - title: kibana_sample_data_flights - - id: 90943e30-9a47-11e8-b64d-95841ca0b247 - name: Kibana Sample Data Logs - namespaces: - - default - title: kibana_sample_data_logs - Data_views_get_default_data_view_response: - summary: The get default data view API returns the default data view identifier. - value: - data_view_id: ff959d40-b880-11e8-a6d9-e546fe2bba5f - Data_views_get_runtime_field_response: - summary: >- - The get runtime field API returns a JSON object that contains - information about the runtime field (`hour_of_day`) and the data view - (`d3d7af60-4c81-11e8-b3d7-01146121b73d`). - value: - data_view: - allowNoIndex: false - fieldAttrs: {} - fieldFormats: - AvgTicketPrice: - id: number - params: - pattern: $0,0.[00] - hour_of_day: - id: number - params: - pattern: '00' - fields: - _id: - aggregatable: false - count: 0 - esTypes: - - _id - format: - id: string - isMapped: true - name: _id - readFromDocValues: false - scripted: false - searchable: true - shortDotsEnable: false - type: string - _index: - aggregatable: true - count: 0 - esTypes: - - _index - format: - id: string - isMapped: true - name: _index - readFromDocValues: false - scripted: false - searchable: true - shortDotsEnable: false - type: string - _score: - aggregatable: false - count: 0 - format: - id: number - isMapped: true - name: _score - readFromDocValues: false - scripted: false - searchable: false - shortDotsEnable: false - type: number - _source: - aggregatable: false - count: 0 - esTypes: - - _source - format: - id: _source - isMapped: true - name: _source - readFromDocValues: false - scripted: false - searchable: false - shortDotsEnable: false - type: _source - AvgTicketPrice: - aggregatable: true - count: 0 - esTypes: - - float - format: - id: number - params: - pattern: $0,0.[00] - isMapped: true - name: AvgTicketPrice - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - Cancelled: - aggregatable: true - count: 0 - esTypes: - - boolean - format: - id: boolean - isMapped: true - name: Cancelled - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: boolean - Carrier: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: Carrier - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - dayOfWeek: - aggregatable: true - count: 0 - esTypes: - - integer - format: - id: number - isMapped: true - name: dayOfWeek - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - Dest: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: Dest - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - DestAirportID: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: DestAirportID - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - DestCityName: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: DestCityName - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - DestCountry: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: DestCountry - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - DestLocation: - aggregatable: true - count: 0 - esTypes: - - geo_point - format: - id: geo_point - params: - transform: wkt - isMapped: true - name: DestLocation - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: geo_point - DestRegion: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: DestRegion - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - DestWeather: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: DestWeather - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - DistanceKilometers: - aggregatable: true - count: 0 - esTypes: - - float - format: - id: number - isMapped: true - name: DistanceKilometers - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - DistanceMiles: - aggregatable: true - count: 0 - esTypes: - - float - format: - id: number - isMapped: true - name: DistanceMiles - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - FlightDelay: - aggregatable: true - count: 0 - esTypes: - - boolean - format: - id: boolean - isMapped: true - name: FlightDelay - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: boolean - FlightDelayMin: - aggregatable: true - count: 0 - esTypes: - - integer - format: - id: number - isMapped: true - name: FlightDelayMin - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - FlightDelayType: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: FlightDelayType - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - FlightNum: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: FlightNum - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - FlightTimeHour: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: FlightTimeHour - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - FlightTimeMin: - aggregatable: true - count: 0 - esTypes: - - float - format: - id: number - isMapped: true - name: FlightTimeMin - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - hour_of_day: - aggregatable: true - count: 0 - esTypes: - - long - format: - id: number - params: - pattern: '00' - name: hour_of_day - readFromDocValues: false - runtimeField: - script: - source: emit(doc['timestamp'].value.getHour()); - type: long - scripted: false - searchable: true - shortDotsEnable: false - type: number - Origin: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: Origin - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - OriginAirportID: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: OriginAirportID - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - OriginCityName: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: OriginCityName - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - OriginCountry: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: OriginCountry - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - OriginLocation: - aggregatable: true - count: 0 - esTypes: - - geo_point - format: - id: geo_point - params: - transform: wkt - isMapped: true - name: OriginLocation - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: geo_point - OriginRegion: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: OriginRegion - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - OriginWeather: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: OriginWeather - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - timestamp: - aggregatable: true - count: 0 - esTypes: - - date - format: - id: date - isMapped: true - name: timestamp - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: date - id: d3d7af60-4c81-11e8-b3d7-01146121b73d - name: Kibana Sample Data Flights - runtimeFieldMap: - hour_of_day: - script: - source: emit(doc['timestamp'].value.getHour()); - type: long - sourceFilters: [] - timeFieldName: timestamp - title: kibana_sample_data_flights - version: WzM2LDJd - fields: - - aggregatable: true - count: 0 - esTypes: - - long - name: hour_of_day - readFromDocValues: false - runtimeField: - script: - source: emit(doc['timestamp'].value.getHour()); - type: long - scripted: false - searchable: true - shortDotsEnable: false - type: number - Data_views_preview_swap_data_view_request: - summary: Preview swapping references from data view ID "abcd-efg" to "xyz-123". - value: - fromId: abcd-efg - toId: xyz-123 - Data_views_set_default_data_view_request: - summary: Set the default data view identifier. - value: - data_view_id: ff959d40-b880-11e8-a6d9-e546fe2bba5f - force: true - Data_views_swap_data_view_request: - summary: >- - Swap references from data view ID "abcd-efg" to "xyz-123" and remove the - data view that is no longer referenced. - value: - delete: true - fromId: abcd-efg - toId: xyz-123 - Data_views_update_data_view_request: - summary: Update some properties for a data view. - value: - data_view: - allowNoIndex: false - name: Kibana Sample Data eCommerce - timeFieldName: order_date - title: kibana_sample_data_ecommerce - refresh_fields: true - Data_views_update_field_metadata_request: - summary: Update metadata for multiple fields. - value: - fields: - field1: - count: 123 - customLabel: Field 1 label - field2: - customDescription: Field 2 description - customLabel: Field 2 label - Data_views_update_runtime_field_request: - summary: Update an existing runtime field on a data view. - value: - runtimeField: - script: - source: emit(doc["bar"].value) - Machine_learning_APIs_mlSyncExample: - summary: Two anomaly detection jobs required synchronization in this example. - value: - datafeedsAdded: {} - datafeedsRemoved: {} - savedObjectsCreated: - anomaly-detector: - myjob1: - success: true - myjob2: - success: true - savedObjectsDeleted: {} - Serverless_saved_objects_export_objects_request: - summary: Export a specific saved object. - value: - excludeExportDetails: true - includeReferencesDeep: false - objects: - - id: de71f4f0-1902-11e9-919b-ffe5949a18d2 - type: map - Serverless_saved_objects_export_objects_response: - summary: >- - The export objects API response contains a JSON record for each exported - object. - value: - attributes: - description: '' - layerListJSON: >- - [{"id":"0hmz5","alpha":1,"sourceDescriptor":{"type":"EMS_TMS","isAutoSelect":true,"lightModeDefault":"road_map_desaturated"},"visible":true,"style":{},"type":"EMS_VECTOR_TILE","minZoom":0,"maxZoom":24},{"id":"edh66","label":"Total - Requests by - Destination","minZoom":0,"maxZoom":24,"alpha":0.5,"sourceDescriptor":{"type":"EMS_FILE","id":"world_countries","tooltipProperties":["name","iso2"]},"visible":true,"style":{"type":"VECTOR","properties":{"fillColor":{"type":"DYNAMIC","options":{"field":{"name":"__kbnjoin__count__673ff994-fc75-4c67-909b-69fcb0e1060e","origin":"join"},"color":"Greys","fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"lineColor":{"type":"STATIC","options":{"color":"#FFFFFF"}},"lineWidth":{"type":"STATIC","options":{"size":1}},"iconSize":{"type":"STATIC","options":{"size":10}},"symbolizeAs":{"options":{"value":"circle"}},"icon":{"type":"STATIC","options":{"value":"marker"}}}},"type":"GEOJSON_VECTOR","joins":[{"leftField":"iso2","right":{"type":"ES_TERM_SOURCE","id":"673ff994-fc75-4c67-909b-69fcb0e1060e","indexPatternTitle":"kibana_sample_data_logs","term":"geo.dest","indexPatternRefName":"layer_1_join_0_index_pattern","metrics":[{"type":"count","label":"web - logs - count"}],"applyGlobalQuery":true}}]},{"id":"gaxya","label":"Actual - Requests","minZoom":9,"maxZoom":24,"alpha":1,"sourceDescriptor":{"id":"b7486535-171b-4d3b-bb2e-33c1a0a2854c","type":"ES_SEARCH","geoField":"geo.coordinates","limit":2048,"filterByMapBounds":true,"tooltipProperties":["clientip","timestamp","host","request","response","machine.os","agent","bytes"],"indexPatternRefName":"layer_2_source_index_pattern","applyGlobalQuery":true,"scalingType":"LIMIT"},"visible":true,"style":{"type":"VECTOR","properties":{"fillColor":{"type":"STATIC","options":{"color":"#2200ff"}},"lineColor":{"type":"STATIC","options":{"color":"#FFFFFF"}},"lineWidth":{"type":"STATIC","options":{"size":2}},"iconSize":{"type":"DYNAMIC","options":{"field":{"name":"bytes","origin":"source"},"minSize":1,"maxSize":23,"fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"symbolizeAs":{"options":{"value":"circle"}},"icon":{"type":"STATIC","options":{"value":"marker"}}}},"type":"GEOJSON_VECTOR"},{"id":"tfi3f","label":"Total - Requests and - Bytes","minZoom":0,"maxZoom":9,"alpha":1,"sourceDescriptor":{"type":"ES_GEO_GRID","resolution":"COARSE","id":"8aaa65b5-a4e9-448b-9560-c98cb1c5ac5b","geoField":"geo.coordinates","requestType":"point","metrics":[{"type":"count","label":"web - logs - count"},{"type":"sum","field":"bytes"}],"indexPatternRefName":"layer_3_source_index_pattern","applyGlobalQuery":true},"visible":true,"style":{"type":"VECTOR","properties":{"fillColor":{"type":"DYNAMIC","options":{"field":{"name":"doc_count","origin":"source"},"color":"Blues","fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"lineColor":{"type":"STATIC","options":{"color":"#cccccc"}},"lineWidth":{"type":"STATIC","options":{"size":1}},"iconSize":{"type":"DYNAMIC","options":{"field":{"name":"sum_of_bytes","origin":"source"},"minSize":7,"maxSize":25,"fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"labelText":{"type":"DYNAMIC","options":{"field":{"name":"doc_count","origin":"source"},"fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"labelSize":{"type":"DYNAMIC","options":{"field":{"name":"doc_count","origin":"source"},"minSize":12,"maxSize":24,"fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"symbolizeAs":{"options":{"value":"circle"}},"icon":{"type":"STATIC","options":{"value":"marker"}}}},"type":"GEOJSON_VECTOR"}] - mapStateJSON: >- - {"zoom":3.64,"center":{"lon":-88.92107,"lat":42.16337},"timeFilters":{"from":"now-7d","to":"now"},"refreshConfig":{"isPaused":true,"interval":0},"query":{"language":"kuery","query":""},"settings":{"autoFitToDataBounds":false}} - title: '[Logs] Total Requests and Bytes' - uiStateJSON: '{"isDarkMode":false}' - coreMigrationVersion: 8.8.0 - created_at: '2023-08-23T20:03:32.204Z' - id: de71f4f0-1902-11e9-919b-ffe5949a18d2 - managed: false - references: - - id: 90943e30-9a47-11e8-b64d-95841ca0b247 - name: layer_1_join_0_index_pattern - type: index-pattern - - id: 90943e30-9a47-11e8-b64d-95841ca0b247 - name: layer_2_source_index_pattern - type: index-pattern - - id: 90943e30-9a47-11e8-b64d-95841ca0b247 - name: layer_3_source_index_pattern - type: index-pattern - type: map - typeMigrationVersion: 8.4.0 - updated_at: '2023-08-23T20:03:32.204Z' - version: WzEzLDFd - Serverless_saved_objects_import_objects_request: - value: - file: file.ndjson - Serverless_saved_objects_import_objects_response: - summary: >- - The import objects API response indicates a successful import and the - objects are created. Since these objects are created as new copies, each - entry in the successResults array includes a destinationId attribute. - value: - success: true - successCount: 1 - successResults: - - destinationId: 82d2760c-468f-49cf-83aa-b9a35b6a8943 - id: 90943e30-9a47-11e8-b64d-95841ca0b247 - managed: false - meta: - icon: indexPatternApp - title: Kibana Sample Data Logs - type: index-pattern - parameters: - Data_views_field_name: - description: The name of the runtime field. - in: path - name: fieldName - required: true - schema: - example: hour_of_day - type: string - Data_views_kbn_xsrf: - description: Cross-site request forgery protection - in: header - name: kbn-xsrf - required: true - schema: - type: string - Data_views_view_id: - description: An identifier for the data view. - in: path - name: viewId - required: true - schema: - example: ff959d40-b880-11e8-a6d9-e546fe2bba5f - type: string - Machine_learning_APIs_simulateParam: - description: >- - When true, simulates the synchronization by returning only the list of - actions that would be performed. - example: 'true' - in: query - name: simulate - required: false - schema: - type: boolean - Serverless_saved_objects_kbn_xsrf: - description: Cross-site request forgery protection - in: header - name: kbn-xsrf - required: true - schema: - type: string - SLOs_kbn_xsrf: - description: Cross-site request forgery protection - in: header - name: kbn-xsrf - required: true - schema: - type: string - SLOs_slo_id: - description: An identifier for the slo. - in: path - name: sloId - required: true - schema: - example: 9c235211-6834-11ea-a78c-6feb38a34414 - type: string - SLOs_space_id: - description: >- - An identifier for the space. If `/s/` and the identifier are omitted - from the path, the default space is used. - in: path - name: spaceId - required: true - schema: - example: default - type: string - schemas: - Data_views_400_response: - title: Bad request - type: object - properties: - error: - example: Bad Request - type: string - message: - type: string - statusCode: - example: 400 - type: number - required: - - statusCode - - error - - message - Data_views_404_response: - type: object - properties: - error: - enum: - - Not Found - example: Not Found - type: string - message: - example: >- - Saved object [index-pattern/caaad6d0-920c-11ed-b36a-874bd1548a00] - not found - type: string - statusCode: - enum: - - 404 - example: 404 - type: integer - Data_views_allownoindex: - description: Allows the data view saved object to exist before the data is available. - type: boolean - Data_views_create_data_view_request_object: - title: Create data view request - type: object - properties: - data_view: - description: The data view object. - type: object - properties: - allowNoIndex: - $ref: '#/components/schemas/Data_views_allownoindex' - fieldAttrs: - additionalProperties: - $ref: '#/components/schemas/Data_views_fieldattrs' - type: object - fieldFormats: - $ref: '#/components/schemas/Data_views_fieldformats' - fields: - type: object - id: - type: string - name: - description: The data view name. - type: string - namespaces: - $ref: '#/components/schemas/Data_views_namespaces' - runtimeFieldMap: - additionalProperties: - $ref: '#/components/schemas/Data_views_runtimefieldmap' - type: object - sourceFilters: - $ref: '#/components/schemas/Data_views_sourcefilters' - timeFieldName: - $ref: '#/components/schemas/Data_views_timefieldname' - title: - $ref: '#/components/schemas/Data_views_title' - type: - $ref: '#/components/schemas/Data_views_type' - typeMeta: - $ref: '#/components/schemas/Data_views_typemeta' - version: - type: string - required: - - title - override: - default: false - description: >- - Override an existing data view if a data view with the provided - title already exists. - type: boolean - required: - - data_view - Data_views_data_view_response_object: - title: Data view response properties - type: object - properties: - data_view: - type: object - properties: - allowNoIndex: - $ref: '#/components/schemas/Data_views_allownoindex' - fieldAttrs: - additionalProperties: - $ref: '#/components/schemas/Data_views_fieldattrs' - type: object - fieldFormats: - $ref: '#/components/schemas/Data_views_fieldformats' - fields: - type: object - id: - example: ff959d40-b880-11e8-a6d9-e546fe2bba5f - type: string - name: - description: The data view name. - type: string - namespaces: - $ref: '#/components/schemas/Data_views_namespaces' - runtimeFieldMap: - additionalProperties: - $ref: '#/components/schemas/Data_views_runtimefieldmap' - type: object - sourceFilters: - $ref: '#/components/schemas/Data_views_sourcefilters' - timeFieldName: - $ref: '#/components/schemas/Data_views_timefieldname' - title: - $ref: '#/components/schemas/Data_views_title' - typeMeta: - $ref: '#/components/schemas/Data_views_typemeta_response' - version: - example: WzQ2LDJd - type: string - Data_views_fieldattrs: - description: A map of field attributes by field name. - type: object - properties: - count: - description: Popularity count for the field. - type: integer - customDescription: - description: Custom description for the field. - maxLength: 300 - type: string - customLabel: - description: Custom label for the field. - type: string - Data_views_fieldformats: - description: A map of field formats by field name. - type: object - Data_views_namespaces: - description: >- - An array of space identifiers for sharing the data view between multiple - spaces. - items: - default: default - type: string - type: array - Data_views_runtimefieldmap: - description: A map of runtime field definitions by field name. - type: object - properties: - script: - type: object - properties: - source: - description: Script for the runtime field. - type: string - type: - description: Mapping type of the runtime field. - type: string - required: - - script - - type - Data_views_sourcefilters: - description: The array of field names you want to filter out in Discover. - items: - type: object - properties: - value: - type: string - required: - - value - type: array - Data_views_swap_data_view_request_object: - title: Data view reference swap request - type: object - properties: - delete: - description: Deletes referenced saved object if all references are removed. - type: boolean - forId: - description: Limit the affected saved objects to one or more by identifier. - oneOf: - - type: string - - items: - type: string - type: array - forType: - description: Limit the affected saved objects by type. - type: string - fromId: - description: The saved object reference to change. - type: string - fromType: - description: > - Specify the type of the saved object reference to alter. The default - value is `index-pattern` for data views. - type: string - toId: - description: New saved object reference value to replace the old value. - type: string - required: - - fromId - - toId - Data_views_timefieldname: - description: The timestamp field name, which you use for time-based data views. - type: string - Data_views_title: - description: >- - Comma-separated list of data streams, indices, and aliases that you want - to search. Supports wildcards (`*`). - type: string - Data_views_type: - description: When set to `rollup`, identifies the rollup data views. - type: string - Data_views_typemeta: - description: >- - When you use rollup indices, contains the field list for the rollup data - view API endpoints. - type: object - properties: - aggs: - description: A map of rollup restrictions by aggregation type and field name. - type: object - params: - description: Properties for retrieving rollup fields. - type: object - required: - - aggs - - params - Data_views_typemeta_response: - description: >- - When you use rollup indices, contains the field list for the rollup data - view API endpoints. - nullable: true - type: object - properties: - aggs: - description: A map of rollup restrictions by aggregation type and field name. - type: object - params: - description: Properties for retrieving rollup fields. - type: object - Data_views_update_data_view_request_object: - title: Update data view request - type: object - properties: - data_view: - description: > - The data view properties you want to update. Only the specified - properties are updated in the data view. Unspecified fields stay as - they are persisted. - type: object - properties: - allowNoIndex: - $ref: '#/components/schemas/Data_views_allownoindex' - fieldFormats: - $ref: '#/components/schemas/Data_views_fieldformats' - fields: - type: object - name: - type: string - runtimeFieldMap: - additionalProperties: - $ref: '#/components/schemas/Data_views_runtimefieldmap' - type: object - sourceFilters: - $ref: '#/components/schemas/Data_views_sourcefilters' - timeFieldName: - $ref: '#/components/schemas/Data_views_timefieldname' - title: - $ref: '#/components/schemas/Data_views_title' - type: - $ref: '#/components/schemas/Data_views_type' - typeMeta: - $ref: '#/components/schemas/Data_views_typemeta' - refresh_fields: - default: false - description: Reloads the data view fields after the data view is updated. - type: boolean - required: - - data_view - Kibana_HTTP_APIs_core_status_redactedResponse: - additionalProperties: false - description: A minimal representation of Kibana's operational status. - type: object - properties: - status: - additionalProperties: false - type: object - properties: - overall: - additionalProperties: false - type: object - properties: - level: - description: Service status levels as human and machine readable values. - enum: - - available - - degraded - - unavailable - - critical - type: string - required: - - level - required: - - overall - required: - - status - Kibana_HTTP_APIs_core_status_response: - additionalProperties: false - description: >- - Kibana's operational status as well as a detailed breakdown of plugin - statuses indication of various loads (like event loop utilization and - network traffic) at time of request. - type: object - properties: - metrics: - additionalProperties: false - description: Metric groups collected by Kibana. - type: object - properties: - collection_interval_in_millis: - description: The interval at which metrics should be collected. - type: number - elasticsearch_client: - additionalProperties: false - description: Current network metrics of Kibana's Elasticsearch client. - type: object - properties: - totalActiveSockets: - description: Count of network sockets currently in use. - type: number - totalIdleSockets: - description: Count of network sockets currently idle. - type: number - totalQueuedRequests: - description: Count of requests not yet assigned to sockets. - type: number - required: - - totalActiveSockets - - totalIdleSockets - - totalQueuedRequests - last_updated: - description: The time metrics were collected. - type: string - required: - - elasticsearch_client - - last_updated - - collection_interval_in_millis - name: - description: Kibana instance name. - type: string - status: - additionalProperties: false - type: object - properties: - core: - additionalProperties: false - description: Statuses of core Kibana services. - type: object - properties: - elasticsearch: - additionalProperties: false - type: object - properties: - detail: - description: Human readable detail of the service status. - type: string - documentationUrl: - description: A URL to further documentation regarding this service. - type: string - level: - description: >- - Service status levels as human and machine readable - values. - enum: - - available - - degraded - - unavailable - - critical - type: string - meta: - additionalProperties: {} - description: >- - An unstructured set of extra metadata about this - service. - type: object - summary: - description: A human readable summary of the service status. - type: string - required: - - level - - summary - - meta - savedObjects: - additionalProperties: false - type: object - properties: - detail: - description: Human readable detail of the service status. - type: string - documentationUrl: - description: A URL to further documentation regarding this service. - type: string - level: - description: >- - Service status levels as human and machine readable - values. - enum: - - available - - degraded - - unavailable - - critical - type: string - meta: - additionalProperties: {} - description: >- - An unstructured set of extra metadata about this - service. - type: object - summary: - description: A human readable summary of the service status. - type: string - required: - - level - - summary - - meta - required: - - elasticsearch - - savedObjects - overall: - additionalProperties: false - type: object - properties: - detail: - description: Human readable detail of the service status. - type: string - documentationUrl: - description: A URL to further documentation regarding this service. - type: string - level: - description: Service status levels as human and machine readable values. - enum: - - available - - degraded - - unavailable - - critical - type: string - meta: - additionalProperties: {} - description: An unstructured set of extra metadata about this service. - type: object - summary: - description: A human readable summary of the service status. - type: string - required: - - level - - summary - - meta - plugins: - additionalProperties: - additionalProperties: false - type: object - properties: - detail: - description: Human readable detail of the service status. - type: string - documentationUrl: - description: A URL to further documentation regarding this service. - type: string - level: - description: >- - Service status levels as human and machine readable - values. - enum: - - available - - degraded - - unavailable - - critical - type: string - meta: - additionalProperties: {} - description: An unstructured set of extra metadata about this service. - type: object - summary: - description: A human readable summary of the service status. - type: string - required: - - level - - summary - - meta - description: A dynamic mapping of plugin ID to plugin status. - type: object - required: - - overall - - core - - plugins - uuid: - description: >- - Unique, generated Kibana instance UUID. This UUID should persist - even if the Kibana process restarts. - type: string - version: - additionalProperties: false - type: object - properties: - build_date: - description: The date and time of this build. - type: string - build_flavor: - description: >- - The build flavour determines configuration and behavior of - Kibana. On premise users will almost always run the - "traditional" flavour, while other flavours are reserved for - Elastic-specific use cases. - enum: - - serverless - - traditional - type: string - build_hash: - description: >- - A unique hash value representing the git commit of this Kibana - build. - type: string - build_number: - description: >- - A monotonically increasing number, each subsequent build will - have a higher number. - type: number - build_snapshot: - description: Whether this build is a snapshot build. - type: boolean - number: - description: A semantic version number. - type: string - required: - - number - - build_hash - - build_number - - build_snapshot - - build_flavor - - build_date - required: - - name - - uuid - - version - - status - - metrics - Machine_learning_APIs_mlSync200Response: - properties: - datafeedsAdded: - additionalProperties: - $ref: '#/components/schemas/Machine_learning_APIs_mlSyncResponseDatafeeds' - description: >- - If a saved object for an anomaly detection job is missing a datafeed - identifier, it is added when you run the sync machine learning saved - objects API. - type: object - datafeedsRemoved: - additionalProperties: - $ref: '#/components/schemas/Machine_learning_APIs_mlSyncResponseDatafeeds' - description: >- - If a saved object for an anomaly detection job references a datafeed - that no longer exists, it is deleted when you run the sync machine - learning saved objects API. - type: object - savedObjectsCreated: - $ref: >- - #/components/schemas/Machine_learning_APIs_mlSyncResponseSavedObjectsCreated - savedObjectsDeleted: - $ref: >- - #/components/schemas/Machine_learning_APIs_mlSyncResponseSavedObjectsDeleted - title: Successful sync API response - type: object - Machine_learning_APIs_mlSync4xxResponse: - properties: - error: - example: Unauthorized - type: string - message: - type: string - statusCode: - example: 401 - type: integer - title: Unsuccessful sync API response - type: object - Machine_learning_APIs_mlSyncResponseAnomalyDetectors: - description: >- - The sync machine learning saved objects API response contains this - object when there are anomaly detection jobs affected by the - synchronization. There is an object for each relevant job, which - contains the synchronization status. - properties: - success: - $ref: '#/components/schemas/Machine_learning_APIs_mlSyncResponseSuccess' - title: Sync API response for anomaly detection jobs - type: object - Machine_learning_APIs_mlSyncResponseDatafeeds: - description: >- - The sync machine learning saved objects API response contains this - object when there are datafeeds affected by the synchronization. There - is an object for each relevant datafeed, which contains the - synchronization status. - properties: - success: - $ref: '#/components/schemas/Machine_learning_APIs_mlSyncResponseSuccess' - title: Sync API response for datafeeds - type: object - Machine_learning_APIs_mlSyncResponseDataFrameAnalytics: - description: >- - The sync machine learning saved objects API response contains this - object when there are data frame analytics jobs affected by the - synchronization. There is an object for each relevant job, which - contains the synchronization status. - properties: - success: - $ref: '#/components/schemas/Machine_learning_APIs_mlSyncResponseSuccess' - title: Sync API response for data frame analytics jobs - type: object - Machine_learning_APIs_mlSyncResponseSavedObjectsCreated: - description: >- - If saved objects are missing for machine learning jobs or trained - models, they are created when you run the sync machine learning saved - objects API. - properties: - anomaly-detector: - additionalProperties: - $ref: >- - #/components/schemas/Machine_learning_APIs_mlSyncResponseAnomalyDetectors - description: >- - If saved objects are missing for anomaly detection jobs, they are - created. - type: object - data-frame-analytics: - additionalProperties: - $ref: >- - #/components/schemas/Machine_learning_APIs_mlSyncResponseDataFrameAnalytics - description: >- - If saved objects are missing for data frame analytics jobs, they are - created. - type: object - trained-model: - additionalProperties: - $ref: >- - #/components/schemas/Machine_learning_APIs_mlSyncResponseTrainedModels - description: If saved objects are missing for trained models, they are created. - type: object - title: Sync API response for created saved objects - type: object - Machine_learning_APIs_mlSyncResponseSavedObjectsDeleted: - description: >- - If saved objects exist for machine learning jobs or trained models that - no longer exist, they are deleted when you run the sync machine learning - saved objects API. - properties: - anomaly-detector: - additionalProperties: - $ref: >- - #/components/schemas/Machine_learning_APIs_mlSyncResponseAnomalyDetectors - description: >- - If there are saved objects exist for nonexistent anomaly detection - jobs, they are deleted. - type: object - data-frame-analytics: - additionalProperties: - $ref: >- - #/components/schemas/Machine_learning_APIs_mlSyncResponseDataFrameAnalytics - description: >- - If there are saved objects exist for nonexistent data frame - analytics jobs, they are deleted. - type: object - trained-model: - additionalProperties: - $ref: >- - #/components/schemas/Machine_learning_APIs_mlSyncResponseTrainedModels - description: >- - If there are saved objects exist for nonexistent trained models, - they are deleted. - type: object - title: Sync API response for deleted saved objects - type: object - Machine_learning_APIs_mlSyncResponseSuccess: - description: The success or failure of the synchronization. - type: boolean - Machine_learning_APIs_mlSyncResponseTrainedModels: - description: >- - The sync machine learning saved objects API response contains this - object when there are trained models affected by the synchronization. - There is an object for each relevant trained model, which contains the - synchronization status. - properties: - success: - $ref: '#/components/schemas/Machine_learning_APIs_mlSyncResponseSuccess' - title: Sync API response for trained models - type: object - Security_AI_Assistant_API_AnonymizationFieldCreateProps: - type: object - properties: - allowed: - type: boolean - anonymized: - type: boolean - field: - type: string - required: - - field - Security_AI_Assistant_API_AnonymizationFieldDetailsInError: - type: object - properties: - id: - type: string - name: - type: string - required: - - id - Security_AI_Assistant_API_AnonymizationFieldResponse: - type: object - properties: - allowed: - type: boolean - anonymized: - type: boolean - createdAt: - type: string - createdBy: - type: string - field: - type: string - id: - $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' - namespace: - description: Kibana space - type: string - timestamp: - $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' - updatedAt: - type: string - updatedBy: - type: string - required: - - id - - field - Security_AI_Assistant_API_AnonymizationFieldsBulkActionSkipReason: - enum: - - ANONYMIZATION_FIELD_NOT_MODIFIED - type: string - Security_AI_Assistant_API_AnonymizationFieldsBulkActionSkipResult: - type: object - properties: - id: - type: string - name: - type: string - skip_reason: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldsBulkActionSkipReason - required: - - id - - skip_reason - Security_AI_Assistant_API_AnonymizationFieldsBulkCrudActionResponse: - type: object - properties: - anonymization_fields_count: - type: integer - attributes: - type: object - properties: - errors: - items: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_NormalizedAnonymizationFieldError - type: array - results: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldsBulkCrudActionResults - summary: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_BulkCrudActionSummary - required: - - results - - summary - message: - type: string - status_code: - type: integer - success: - type: boolean - required: - - attributes - Security_AI_Assistant_API_AnonymizationFieldsBulkCrudActionResults: - type: object - properties: - created: - items: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldResponse - type: array - deleted: - items: - type: string - type: array - skipped: - items: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldsBulkActionSkipResult - type: array - updated: - items: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldResponse - type: array - required: - - updated - - created - - deleted - - skipped - Security_AI_Assistant_API_AnonymizationFieldUpdateProps: - type: object - properties: - allowed: - type: boolean - anonymized: - type: boolean - id: - type: string - required: - - id - Security_AI_Assistant_API_ApiConfig: - type: object - properties: - actionTypeId: - description: action type id - type: string - connectorId: - description: connector id - type: string - defaultSystemPromptId: - description: defaultSystemPromptId - type: string - model: - description: model - type: string - provider: - $ref: '#/components/schemas/Security_AI_Assistant_API_Provider' - description: Provider - required: - - connectorId - - actionTypeId - Security_AI_Assistant_API_BulkCrudActionSummary: - type: object - properties: - failed: - type: integer - skipped: - type: integer - succeeded: - type: integer - total: - type: integer - required: - - failed - - skipped - - succeeded - - total - Security_AI_Assistant_API_ChatCompleteProps: - type: object - properties: - connectorId: - type: string - conversationId: - type: string - isStream: - type: boolean - langSmithApiKey: - type: string - langSmithProject: - type: string - messages: - items: - $ref: '#/components/schemas/Security_AI_Assistant_API_ChatMessage' - type: array - model: - type: string - persist: - type: boolean - promptId: - type: string - responseLanguage: - type: string - required: - - messages - - persist - - connectorId - Security_AI_Assistant_API_ChatMessage: - description: AI assistant message. - type: object - properties: - content: - description: Message content. - type: string - data: - $ref: '#/components/schemas/Security_AI_Assistant_API_MessageData' - description: ECS object to attach to the context of the message. - fields_to_anonymize: - items: - type: string - type: array - role: - $ref: '#/components/schemas/Security_AI_Assistant_API_ChatMessageRole' - description: Message role. - required: - - role - Security_AI_Assistant_API_ChatMessageRole: - description: Message role. - enum: - - system - - user - - assistant - type: string - Security_AI_Assistant_API_ConversationCategory: - description: The conversation category. - enum: - - assistant - - insights - type: string - Security_AI_Assistant_API_ConversationConfidence: - description: The conversation confidence. - enum: - - low - - medium - - high - type: string - Security_AI_Assistant_API_ConversationCreateProps: - type: object - properties: - apiConfig: - $ref: '#/components/schemas/Security_AI_Assistant_API_ApiConfig' - description: LLM API configuration. - category: - $ref: '#/components/schemas/Security_AI_Assistant_API_ConversationCategory' - description: The conversation category. - excludeFromLastConversationStorage: - description: excludeFromLastConversationStorage. - type: boolean - id: - description: The conversation id. - type: string - isDefault: - description: Is default conversation. - type: boolean - messages: - description: The conversation messages. - items: - $ref: '#/components/schemas/Security_AI_Assistant_API_Message' - type: array - replacements: - $ref: '#/components/schemas/Security_AI_Assistant_API_Replacements' - title: - description: The conversation title. - type: string - required: - - title - Security_AI_Assistant_API_ConversationResponse: - type: object - properties: - apiConfig: - $ref: '#/components/schemas/Security_AI_Assistant_API_ApiConfig' - description: LLM API configuration. - category: - $ref: '#/components/schemas/Security_AI_Assistant_API_ConversationCategory' - description: The conversation category. - createdAt: - description: The last time conversation was updated. - type: string - excludeFromLastConversationStorage: - description: excludeFromLastConversationStorage. - type: boolean - id: - $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' - isDefault: - description: Is default conversation. - type: boolean - messages: - description: The conversation messages. - items: - $ref: '#/components/schemas/Security_AI_Assistant_API_Message' - type: array - namespace: - description: Kibana space - type: string - replacements: - $ref: '#/components/schemas/Security_AI_Assistant_API_Replacements' - summary: - $ref: '#/components/schemas/Security_AI_Assistant_API_ConversationSummary' - timestamp: - $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' - title: - description: The conversation title. - type: string - updatedAt: - description: The last time conversation was updated. - type: string - users: - items: - $ref: '#/components/schemas/Security_AI_Assistant_API_User' - type: array - required: - - id - - title - - createdAt - - users - - namespace - - category - Security_AI_Assistant_API_ConversationSummary: - type: object - properties: - confidence: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_ConversationConfidence - description: >- - How confident you are about this being a correct and useful - learning. - content: - description: Summary text of the conversation over time. - type: string - public: - description: Define if summary is marked as publicly available. - type: boolean - timestamp: - $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' - description: The timestamp summary was updated. - Security_AI_Assistant_API_ConversationUpdateProps: - type: object - properties: - apiConfig: - $ref: '#/components/schemas/Security_AI_Assistant_API_ApiConfig' - description: LLM API configuration. - category: - $ref: '#/components/schemas/Security_AI_Assistant_API_ConversationCategory' - description: The conversation category. - excludeFromLastConversationStorage: - description: excludeFromLastConversationStorage. - type: boolean - id: - $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' - messages: - description: The conversation messages. - items: - $ref: '#/components/schemas/Security_AI_Assistant_API_Message' - type: array - replacements: - $ref: '#/components/schemas/Security_AI_Assistant_API_Replacements' - summary: - $ref: '#/components/schemas/Security_AI_Assistant_API_ConversationSummary' - title: - description: The conversation title. - type: string - required: - - id - Security_AI_Assistant_API_FindAnonymizationFieldsSortField: - enum: - - created_at - - anonymized - - allowed - - field - - updated_at - type: string - Security_AI_Assistant_API_FindConversationsSortField: - enum: - - created_at - - is_default - - title - - updated_at - type: string - Security_AI_Assistant_API_FindPromptsSortField: - enum: - - created_at - - is_default - - name - - updated_at - type: string - Security_AI_Assistant_API_Message: - description: AI assistant conversation message. - type: object - properties: - content: - description: Message content. - type: string - isError: - description: Is error message. - type: boolean - reader: - $ref: '#/components/schemas/Security_AI_Assistant_API_Reader' - description: Message content. - role: - $ref: '#/components/schemas/Security_AI_Assistant_API_MessageRole' - description: Message role. - timestamp: - $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' - description: The timestamp message was sent or received. - traceData: - $ref: '#/components/schemas/Security_AI_Assistant_API_TraceData' - description: trace Data - required: - - timestamp - - content - - role - Security_AI_Assistant_API_MessageData: - additionalProperties: true - type: object - Security_AI_Assistant_API_MessageRole: - description: Message role. - enum: - - system - - user - - assistant - type: string - Security_AI_Assistant_API_NonEmptyString: - description: A string that is not empty and does not contain only whitespace - minLength: 1 - pattern: ^(?! *$).+$ - type: string - Security_AI_Assistant_API_NormalizedAnonymizationFieldError: - type: object - properties: - anonymization_fields: - items: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldDetailsInError - type: array - err_code: - type: string - message: - type: string - status_code: - type: integer - required: - - message - - status_code - - anonymization_fields - Security_AI_Assistant_API_NormalizedPromptError: - type: object - properties: - err_code: - type: string - message: - type: string - prompts: - items: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_PromptDetailsInError - type: array - status_code: - type: integer - required: - - message - - status_code - - prompts - Security_AI_Assistant_API_PromptCreateProps: - type: object - properties: - categories: - items: - type: string - type: array - color: - type: string - consumer: - type: string - content: - type: string - isDefault: - type: boolean - isNewConversationDefault: - type: boolean - name: - type: string - promptType: - $ref: '#/components/schemas/Security_AI_Assistant_API_PromptType' - required: - - name - - content - - promptType - Security_AI_Assistant_API_PromptDetailsInError: - type: object - properties: - id: - type: string - name: - type: string - required: - - id - Security_AI_Assistant_API_PromptResponse: - type: object - properties: - categories: - items: - type: string - type: array - color: - type: string - consumer: - type: string - content: - type: string - createdAt: - type: string - createdBy: - type: string - id: - $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' - isDefault: - type: boolean - isNewConversationDefault: - type: boolean - name: - type: string - namespace: - description: Kibana space - type: string - promptType: - $ref: '#/components/schemas/Security_AI_Assistant_API_PromptType' - timestamp: - $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' - updatedAt: - type: string - updatedBy: - type: string - users: - items: - $ref: '#/components/schemas/Security_AI_Assistant_API_User' - type: array - required: - - id - - name - - promptType - - content - Security_AI_Assistant_API_PromptsBulkActionSkipReason: - enum: - - PROMPT_FIELD_NOT_MODIFIED - type: string - Security_AI_Assistant_API_PromptsBulkActionSkipResult: - type: object - properties: - id: - type: string - name: - type: string - skip_reason: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_PromptsBulkActionSkipReason - required: - - id - - skip_reason - Security_AI_Assistant_API_PromptsBulkCrudActionResponse: - type: object - properties: - attributes: - type: object - properties: - errors: - items: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_NormalizedPromptError - type: array - results: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_PromptsBulkCrudActionResults - summary: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_BulkCrudActionSummary - required: - - results - - summary - message: - type: string - prompts_count: - type: integer - status_code: - type: integer - success: - type: boolean - required: - - attributes - Security_AI_Assistant_API_PromptsBulkCrudActionResults: - type: object - properties: - created: - items: - $ref: '#/components/schemas/Security_AI_Assistant_API_PromptResponse' - type: array - deleted: - items: - type: string - type: array - skipped: - items: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_PromptsBulkActionSkipResult - type: array - updated: - items: - $ref: '#/components/schemas/Security_AI_Assistant_API_PromptResponse' - type: array - required: - - updated - - created - - deleted - - skipped - Security_AI_Assistant_API_PromptType: - description: Prompt type - enum: - - system - - quick - type: string - Security_AI_Assistant_API_PromptUpdateProps: - type: object - properties: - categories: - items: - type: string - type: array - color: - type: string - consumer: - type: string - content: - type: string - id: - type: string - isDefault: - type: boolean - isNewConversationDefault: - type: boolean - required: - - id - Security_AI_Assistant_API_Provider: - description: Provider - enum: - - OpenAI - - Azure OpenAI - - Other - type: string - Security_AI_Assistant_API_Reader: - additionalProperties: true - type: object - Security_AI_Assistant_API_Replacements: - additionalProperties: - type: string - description: Replacements object used to anonymize/deanomymize messsages - type: object - Security_AI_Assistant_API_SortOrder: - enum: - - asc - - desc - type: string - Security_AI_Assistant_API_TraceData: - description: trace Data - type: object - properties: - traceId: - description: Could be any string, not necessarily a UUID - type: string - transactionId: - description: Could be any string, not necessarily a UUID - type: string - Security_AI_Assistant_API_User: - description: Could be any string, not necessarily a UUID - type: object - properties: - id: - description: User id - type: string - name: - description: User name - type: string - Security_Detections_API_AlertAssignees: - type: object - properties: - add: - description: A list of users ids to assign. - items: - $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' - type: array - remove: - description: A list of users ids to unassign. - items: - $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' - type: array - required: - - add - - remove - Security_Detections_API_AlertIds: - description: A list of alerts ids. - items: - $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' - minItems: 1 - type: array - Security_Detections_API_AlertsIndex: - deprecated: true - description: (deprecated) Has no effect. - type: string - Security_Detections_API_AlertsIndexNamespace: - description: Has no effect. - type: string - Security_Detections_API_AlertsSort: - oneOf: - - $ref: '#/components/schemas/Security_Detections_API_AlertsSortCombinations' - - items: - $ref: >- - #/components/schemas/Security_Detections_API_AlertsSortCombinations - type: array - Security_Detections_API_AlertsSortCombinations: - anyOf: - - type: string - - additionalProperties: true - type: object - Security_Detections_API_AlertStatus: - enum: - - open - - closed - - acknowledged - - in-progress - type: string - Security_Detections_API_AlertSuppression: - type: object - properties: - duration: - $ref: >- - #/components/schemas/Security_Detections_API_AlertSuppressionDuration - group_by: - $ref: '#/components/schemas/Security_Detections_API_AlertSuppressionGroupBy' - missing_fields_strategy: - $ref: >- - #/components/schemas/Security_Detections_API_AlertSuppressionMissingFieldsStrategy - required: - - group_by - Security_Detections_API_AlertSuppressionDuration: - type: object - properties: - unit: - enum: - - s - - m - - h - type: string - value: - minimum: 1 - type: integer - required: - - value - - unit - Security_Detections_API_AlertSuppressionGroupBy: - items: - type: string - maxItems: 3 - minItems: 1 - type: array - Security_Detections_API_AlertSuppressionMissingFieldsStrategy: - description: >- - Describes how alerts will be generated for documents with missing - suppress by fields: - - doNotSuppress - per each document a separate alert will be created - - suppress - only alert will be created per suppress by bucket - enum: - - doNotSuppress - - suppress - type: string - Security_Detections_API_AlertTag: - $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' - Security_Detections_API_AlertTags: - items: - $ref: '#/components/schemas/Security_Detections_API_AlertTag' - type: array - Security_Detections_API_AnomalyThreshold: - description: Anomaly threshold - minimum: 0 - type: integer - Security_Detections_API_BuildingBlockType: - description: >- - Determines if the rule acts as a building block. By default, - building-block alerts are not displayed in the UI. These rules are used - as a foundation for other rules that do generate alerts. Its value must - be default. - type: string - Security_Detections_API_BulkActionEditPayload: - anyOf: - - $ref: >- - #/components/schemas/Security_Detections_API_BulkActionEditPayloadTags - - $ref: >- - #/components/schemas/Security_Detections_API_BulkActionEditPayloadIndexPatterns - - $ref: >- - #/components/schemas/Security_Detections_API_BulkActionEditPayloadInvestigationFields - - $ref: >- - #/components/schemas/Security_Detections_API_BulkActionEditPayloadTimeline - - $ref: >- - #/components/schemas/Security_Detections_API_BulkActionEditPayloadRuleActions - - $ref: >- - #/components/schemas/Security_Detections_API_BulkActionEditPayloadSchedule - Security_Detections_API_BulkActionEditPayloadIndexPatterns: - type: object - properties: - overwrite_data_views: - type: boolean - type: - enum: - - add_index_patterns - - delete_index_patterns - - set_index_patterns - type: string - value: - $ref: '#/components/schemas/Security_Detections_API_IndexPatternArray' - required: - - type - - value - Security_Detections_API_BulkActionEditPayloadInvestigationFields: - type: object - properties: - type: - enum: - - add_investigation_fields - - delete_investigation_fields - - set_investigation_fields - type: string - value: - $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' - required: - - type - - value - Security_Detections_API_BulkActionEditPayloadRuleActions: - type: object - properties: - type: - enum: - - add_rule_actions - - set_rule_actions - type: string - value: - type: object - properties: - actions: - items: - $ref: >- - #/components/schemas/Security_Detections_API_NormalizedRuleAction - type: array - throttle: - $ref: >- - #/components/schemas/Security_Detections_API_ThrottleForBulkActions - required: - - actions - required: - - type - - value - Security_Detections_API_BulkActionEditPayloadSchedule: - type: object - properties: - type: - enum: - - set_schedule - type: string - value: - type: object - properties: - interval: - description: >- - Interval in which the rule runs. For example, `"1h"` means the - rule runs every hour. - example: 1h - pattern: ^[1-9]\d*[smh]$ - type: string - lookback: - description: Lookback time for the rule - example: 1h - pattern: ^[1-9]\d*[smh]$ - type: string - required: - - interval - - lookback - required: - - type - - value - Security_Detections_API_BulkActionEditPayloadTags: - type: object - properties: - type: - enum: - - add_tags - - delete_tags - - set_tags - type: string - value: - $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' - required: - - type - - value - Security_Detections_API_BulkActionEditPayloadTimeline: - type: object - properties: - type: - enum: - - set_timeline - type: string - value: - type: object - properties: - timeline_id: - $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' - timeline_title: - $ref: >- - #/components/schemas/Security_Detections_API_TimelineTemplateTitle - required: - - timeline_id - - timeline_title - required: - - type - - value - Security_Detections_API_BulkActionsDryRunErrCode: - enum: - - IMMUTABLE - - MACHINE_LEARNING_AUTH - - MACHINE_LEARNING_INDEX_PATTERN - - ESQL_INDEX_PATTERN - - MANUAL_RULE_RUN_FEATURE - - MANUAL_RULE_RUN_DISABLED_RULE - type: string - Security_Detections_API_BulkActionSkipResult: - type: object - properties: - id: - type: string - name: - type: string - skip_reason: - $ref: '#/components/schemas/Security_Detections_API_BulkEditSkipReason' - required: - - id - - skip_reason - Security_Detections_API_BulkDeleteRules: - type: object - properties: - action: - enum: - - delete - type: string - ids: - description: Array of rule IDs - items: - type: string - minItems: 1 - type: array - query: - description: Query to filter rules - type: string - required: - - action - Security_Detections_API_BulkDisableRules: - type: object - properties: - action: - enum: - - disable - type: string - ids: - description: Array of rule IDs - items: - type: string - minItems: 1 - type: array - query: - description: Query to filter rules - type: string - required: - - action - Security_Detections_API_BulkDuplicateRules: - type: object - properties: - action: - enum: - - duplicate - type: string - duplicate: - type: object - properties: - include_exceptions: - description: Whether to copy exceptions from the original rule - type: boolean - include_expired_exceptions: - description: Whether to copy expired exceptions from the original rule - type: boolean - required: - - include_exceptions - - include_expired_exceptions - ids: - description: Array of rule IDs - items: - type: string - minItems: 1 - type: array - query: - description: Query to filter rules - type: string - required: - - action - Security_Detections_API_BulkEditActionResponse: - type: object - properties: - attributes: - type: object - properties: - errors: - items: - $ref: >- - #/components/schemas/Security_Detections_API_NormalizedRuleError - type: array - results: - $ref: >- - #/components/schemas/Security_Detections_API_BulkEditActionResults - summary: - $ref: >- - #/components/schemas/Security_Detections_API_BulkEditActionSummary - required: - - results - - summary - message: - type: string - rules_count: - type: integer - status_code: - type: integer - success: - type: boolean - required: - - attributes - Security_Detections_API_BulkEditActionResults: - type: object - properties: - created: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleResponse' - type: array - deleted: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleResponse' - type: array - skipped: - items: - $ref: '#/components/schemas/Security_Detections_API_BulkActionSkipResult' - type: array - updated: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleResponse' - type: array - required: - - updated - - created - - deleted - - skipped - Security_Detections_API_BulkEditActionSummary: - type: object - properties: - failed: - type: integer - skipped: - type: integer - succeeded: - type: integer - total: - type: integer - required: - - failed - - skipped - - succeeded - - total - Security_Detections_API_BulkEditRules: - type: object - properties: - action: - enum: - - edit - type: string - edit: - description: Array of objects containing the edit operations - items: - $ref: '#/components/schemas/Security_Detections_API_BulkActionEditPayload' - minItems: 1 - type: array - ids: - description: Array of rule IDs - items: - type: string - minItems: 1 - type: array - query: - description: Query to filter rules - type: string - required: - - action - - edit - Security_Detections_API_BulkEditSkipReason: - enum: - - RULE_NOT_MODIFIED - type: string - Security_Detections_API_BulkEnableRules: - type: object - properties: - action: - enum: - - enable - type: string - ids: - description: Array of rule IDs - items: - type: string - minItems: 1 - type: array - query: - description: Query to filter rules - type: string - required: - - action - Security_Detections_API_BulkExportActionResponse: - type: string - Security_Detections_API_BulkExportRules: - type: object - properties: - action: - enum: - - export - type: string - ids: - description: Array of rule IDs - items: - type: string - minItems: 1 - type: array - query: - description: Query to filter rules - type: string - required: - - action - Security_Detections_API_BulkManualRuleRun: - type: object - properties: - action: - enum: - - run - type: string - ids: - description: Array of rule IDs - items: - type: string - minItems: 1 - type: array - query: - description: Query to filter rules - type: string - run: - type: object - properties: - end_date: - description: End date of the manual rule run - type: string - start_date: - description: Start date of the manual rule run - type: string - required: - - start_date - required: - - action - - run - Security_Detections_API_ConcurrentSearches: - minimum: 1 - type: integer - Security_Detections_API_DataViewId: - type: string - Security_Detections_API_DefaultParams: - type: object - properties: - command: - enum: - - isolate - type: string - comment: - type: string - required: - - command - Security_Detections_API_EcsMapping: - additionalProperties: - type: object - properties: - field: - type: string - value: - oneOf: - - type: string - - items: - type: string - type: array - type: object - Security_Detections_API_EndpointResponseAction: - type: object - properties: - action_type_id: - enum: - - .endpoint - type: string - params: - oneOf: - - $ref: '#/components/schemas/Security_Detections_API_DefaultParams' - - $ref: '#/components/schemas/Security_Detections_API_ProcessesParams' - required: - - action_type_id - - params - Security_Detections_API_EqlOptionalFields: - type: object - properties: - alert_suppression: - $ref: '#/components/schemas/Security_Detections_API_AlertSuppression' - data_view_id: - $ref: '#/components/schemas/Security_Detections_API_DataViewId' - event_category_override: - $ref: '#/components/schemas/Security_Detections_API_EventCategoryOverride' - filters: - $ref: '#/components/schemas/Security_Detections_API_RuleFilterArray' - index: - $ref: '#/components/schemas/Security_Detections_API_IndexPatternArray' - tiebreaker_field: - $ref: '#/components/schemas/Security_Detections_API_TiebreakerField' - timestamp_field: - $ref: '#/components/schemas/Security_Detections_API_TimestampField' - Security_Detections_API_EqlQueryLanguage: - enum: - - eql - type: string - Security_Detections_API_EqlRequiredFields: - type: object - properties: - language: - $ref: '#/components/schemas/Security_Detections_API_EqlQueryLanguage' - description: Query language to use - query: - $ref: '#/components/schemas/Security_Detections_API_RuleQuery' - description: EQL query to execute - type: - description: Rule type - enum: - - eql - type: string - required: - - type - - query - - language - Security_Detections_API_EqlRule: - allOf: - - type: object - properties: - actions: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleAction' - type: array - alias_purpose: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose - alias_target_id: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId - author: - $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' - building_block_type: - $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' - description: - $ref: '#/components/schemas/Security_Detections_API_RuleDescription' - enabled: - $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' - exceptions_list: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' - type: array - false_positives: - $ref: >- - #/components/schemas/Security_Detections_API_RuleFalsePositiveArray - from: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' - interval: - $ref: '#/components/schemas/Security_Detections_API_RuleInterval' - investigation_fields: - $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' - license: - $ref: '#/components/schemas/Security_Detections_API_RuleLicense' - max_signals: - $ref: '#/components/schemas/Security_Detections_API_MaxSignals' - meta: - $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' - name: - $ref: '#/components/schemas/Security_Detections_API_RuleName' - namespace: - $ref: >- - #/components/schemas/Security_Detections_API_AlertsIndexNamespace - note: - $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' - outcome: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome - output_index: - $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' - references: - $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' - related_integrations: - $ref: >- - #/components/schemas/Security_Detections_API_RelatedIntegrationArray - required_fields: - items: - $ref: >- - #/components/schemas/Security_Detections_API_RequiredFieldInput - type: array - response_actions: - items: - $ref: '#/components/schemas/Security_Detections_API_ResponseAction' - type: array - risk_score: - $ref: '#/components/schemas/Security_Detections_API_RiskScore' - risk_score_mapping: - $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' - rule_name_override: - $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' - setup: - $ref: '#/components/schemas/Security_Detections_API_SetupGuide' - severity: - $ref: '#/components/schemas/Security_Detections_API_Severity' - severity_mapping: - $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' - tags: - $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' - threat: - $ref: '#/components/schemas/Security_Detections_API_ThreatArray' - throttle: - $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' - timeline_id: - $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' - timeline_title: - $ref: >- - #/components/schemas/Security_Detections_API_TimelineTemplateTitle - timestamp_override: - $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' - timestamp_override_fallback_disabled: - $ref: >- - #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled - to: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' - version: - $ref: '#/components/schemas/Security_Detections_API_RuleVersion' - required: - - name - - description - - risk_score - - severity - - version - - tags - - enabled - - risk_score_mapping - - severity_mapping - - interval - - from - - to - - actions - - exceptions_list - - author - - false_positives - - references - - max_signals - - threat - - setup - - related_integrations - - required_fields - - $ref: '#/components/schemas/Security_Detections_API_ResponseFields' - - $ref: '#/components/schemas/Security_Detections_API_EqlRuleResponseFields' - Security_Detections_API_EqlRuleCreateFields: - allOf: - - $ref: '#/components/schemas/Security_Detections_API_EqlRequiredFields' - - $ref: '#/components/schemas/Security_Detections_API_EqlOptionalFields' - Security_Detections_API_EqlRuleCreateProps: - allOf: - - type: object - properties: - actions: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleAction' - type: array - alias_purpose: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose - alias_target_id: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId - author: - $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' - building_block_type: - $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' - description: - $ref: '#/components/schemas/Security_Detections_API_RuleDescription' - enabled: - $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' - exceptions_list: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' - type: array - false_positives: - $ref: >- - #/components/schemas/Security_Detections_API_RuleFalsePositiveArray - from: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' - interval: - $ref: '#/components/schemas/Security_Detections_API_RuleInterval' - investigation_fields: - $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' - license: - $ref: '#/components/schemas/Security_Detections_API_RuleLicense' - max_signals: - $ref: '#/components/schemas/Security_Detections_API_MaxSignals' - meta: - $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' - name: - $ref: '#/components/schemas/Security_Detections_API_RuleName' - namespace: - $ref: >- - #/components/schemas/Security_Detections_API_AlertsIndexNamespace - note: - $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' - outcome: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome - output_index: - $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' - references: - $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' - related_integrations: - $ref: >- - #/components/schemas/Security_Detections_API_RelatedIntegrationArray - required_fields: - items: - $ref: >- - #/components/schemas/Security_Detections_API_RequiredFieldInput - type: array - response_actions: - items: - $ref: '#/components/schemas/Security_Detections_API_ResponseAction' - type: array - risk_score: - $ref: '#/components/schemas/Security_Detections_API_RiskScore' - risk_score_mapping: - $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' - rule_id: - $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' - rule_name_override: - $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' - setup: - $ref: '#/components/schemas/Security_Detections_API_SetupGuide' - severity: - $ref: '#/components/schemas/Security_Detections_API_Severity' - severity_mapping: - $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' - tags: - $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' - threat: - $ref: '#/components/schemas/Security_Detections_API_ThreatArray' - throttle: - $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' - timeline_id: - $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' - timeline_title: - $ref: >- - #/components/schemas/Security_Detections_API_TimelineTemplateTitle - timestamp_override: - $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' - timestamp_override_fallback_disabled: - $ref: >- - #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled - to: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' - version: - $ref: '#/components/schemas/Security_Detections_API_RuleVersion' - required: - - name - - description - - risk_score - - severity - - $ref: '#/components/schemas/Security_Detections_API_EqlRuleCreateFields' - Security_Detections_API_EqlRulePatchFields: - allOf: - - type: object - properties: - language: - $ref: '#/components/schemas/Security_Detections_API_EqlQueryLanguage' - description: Query language to use - query: - $ref: '#/components/schemas/Security_Detections_API_RuleQuery' - description: EQL query to execute - type: - description: Rule type - enum: - - eql - type: string - - $ref: '#/components/schemas/Security_Detections_API_EqlOptionalFields' - Security_Detections_API_EqlRulePatchProps: - allOf: - - type: object - properties: - actions: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleAction' - type: array - alias_purpose: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose - alias_target_id: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId - author: - $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' - building_block_type: - $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' - description: - $ref: '#/components/schemas/Security_Detections_API_RuleDescription' - enabled: - $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' - exceptions_list: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' - type: array - false_positives: - $ref: >- - #/components/schemas/Security_Detections_API_RuleFalsePositiveArray - from: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' - id: - $ref: '#/components/schemas/Security_Detections_API_RuleObjectId' - interval: - $ref: '#/components/schemas/Security_Detections_API_RuleInterval' - investigation_fields: - $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' - license: - $ref: '#/components/schemas/Security_Detections_API_RuleLicense' - max_signals: - $ref: '#/components/schemas/Security_Detections_API_MaxSignals' - meta: - $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' - name: - $ref: '#/components/schemas/Security_Detections_API_RuleName' - namespace: - $ref: >- - #/components/schemas/Security_Detections_API_AlertsIndexNamespace - note: - $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' - outcome: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome - output_index: - $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' - references: - $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' - related_integrations: - $ref: >- - #/components/schemas/Security_Detections_API_RelatedIntegrationArray - required_fields: - items: - $ref: >- - #/components/schemas/Security_Detections_API_RequiredFieldInput - type: array - response_actions: - items: - $ref: '#/components/schemas/Security_Detections_API_ResponseAction' - type: array - risk_score: - $ref: '#/components/schemas/Security_Detections_API_RiskScore' - risk_score_mapping: - $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' - rule_id: - $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' - rule_name_override: - $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' - setup: - $ref: '#/components/schemas/Security_Detections_API_SetupGuide' - severity: - $ref: '#/components/schemas/Security_Detections_API_Severity' - severity_mapping: - $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' - tags: - $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' - threat: - $ref: '#/components/schemas/Security_Detections_API_ThreatArray' - throttle: - $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' - timeline_id: - $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' - timeline_title: - $ref: >- - #/components/schemas/Security_Detections_API_TimelineTemplateTitle - timestamp_override: - $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' - timestamp_override_fallback_disabled: - $ref: >- - #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled - to: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' - version: - $ref: '#/components/schemas/Security_Detections_API_RuleVersion' - - $ref: '#/components/schemas/Security_Detections_API_EqlRulePatchFields' - Security_Detections_API_EqlRuleResponseFields: - allOf: - - $ref: '#/components/schemas/Security_Detections_API_EqlRequiredFields' - - $ref: '#/components/schemas/Security_Detections_API_EqlOptionalFields' - Security_Detections_API_EqlRuleUpdateProps: - allOf: - - type: object - properties: - actions: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleAction' - type: array - alias_purpose: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose - alias_target_id: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId - author: - $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' - building_block_type: - $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' - description: - $ref: '#/components/schemas/Security_Detections_API_RuleDescription' - enabled: - $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' - exceptions_list: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' - type: array - false_positives: - $ref: >- - #/components/schemas/Security_Detections_API_RuleFalsePositiveArray - from: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' - id: - $ref: '#/components/schemas/Security_Detections_API_RuleObjectId' - interval: - $ref: '#/components/schemas/Security_Detections_API_RuleInterval' - investigation_fields: - $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' - license: - $ref: '#/components/schemas/Security_Detections_API_RuleLicense' - max_signals: - $ref: '#/components/schemas/Security_Detections_API_MaxSignals' - meta: - $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' - name: - $ref: '#/components/schemas/Security_Detections_API_RuleName' - namespace: - $ref: >- - #/components/schemas/Security_Detections_API_AlertsIndexNamespace - note: - $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' - outcome: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome - output_index: - $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' - references: - $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' - related_integrations: - $ref: >- - #/components/schemas/Security_Detections_API_RelatedIntegrationArray - required_fields: - items: - $ref: >- - #/components/schemas/Security_Detections_API_RequiredFieldInput - type: array - response_actions: - items: - $ref: '#/components/schemas/Security_Detections_API_ResponseAction' - type: array - risk_score: - $ref: '#/components/schemas/Security_Detections_API_RiskScore' - risk_score_mapping: - $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' - rule_id: - $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' - rule_name_override: - $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' - setup: - $ref: '#/components/schemas/Security_Detections_API_SetupGuide' - severity: - $ref: '#/components/schemas/Security_Detections_API_Severity' - severity_mapping: - $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' - tags: - $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' - threat: - $ref: '#/components/schemas/Security_Detections_API_ThreatArray' - throttle: - $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' - timeline_id: - $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' - timeline_title: - $ref: >- - #/components/schemas/Security_Detections_API_TimelineTemplateTitle - timestamp_override: - $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' - timestamp_override_fallback_disabled: - $ref: >- - #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled - to: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' - version: - $ref: '#/components/schemas/Security_Detections_API_RuleVersion' - required: - - name - - description - - risk_score - - severity - - $ref: '#/components/schemas/Security_Detections_API_EqlRuleCreateFields' - Security_Detections_API_ErrorSchema: - additionalProperties: false - type: object - properties: - error: - type: object - properties: - message: - type: string - status_code: - minimum: 400 - type: integer - required: - - status_code - - message - id: - type: string - item_id: - minLength: 1 - type: string - list_id: - minLength: 1 - type: string - rule_id: - $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' - required: - - error - Security_Detections_API_EsqlQueryLanguage: - enum: - - esql - type: string - Security_Detections_API_EsqlRule: - allOf: - - type: object - properties: - actions: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleAction' - type: array - alias_purpose: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose - alias_target_id: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId - author: - $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' - building_block_type: - $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' - description: - $ref: '#/components/schemas/Security_Detections_API_RuleDescription' - enabled: - $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' - exceptions_list: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' - type: array - false_positives: - $ref: >- - #/components/schemas/Security_Detections_API_RuleFalsePositiveArray - from: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' - interval: - $ref: '#/components/schemas/Security_Detections_API_RuleInterval' - investigation_fields: - $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' - license: - $ref: '#/components/schemas/Security_Detections_API_RuleLicense' - max_signals: - $ref: '#/components/schemas/Security_Detections_API_MaxSignals' - meta: - $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' - name: - $ref: '#/components/schemas/Security_Detections_API_RuleName' - namespace: - $ref: >- - #/components/schemas/Security_Detections_API_AlertsIndexNamespace - note: - $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' - outcome: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome - output_index: - $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' - references: - $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' - related_integrations: - $ref: >- - #/components/schemas/Security_Detections_API_RelatedIntegrationArray - required_fields: - items: - $ref: >- - #/components/schemas/Security_Detections_API_RequiredFieldInput - type: array - response_actions: - items: - $ref: '#/components/schemas/Security_Detections_API_ResponseAction' - type: array - risk_score: - $ref: '#/components/schemas/Security_Detections_API_RiskScore' - risk_score_mapping: - $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' - rule_name_override: - $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' - setup: - $ref: '#/components/schemas/Security_Detections_API_SetupGuide' - severity: - $ref: '#/components/schemas/Security_Detections_API_Severity' - severity_mapping: - $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' - tags: - $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' - threat: - $ref: '#/components/schemas/Security_Detections_API_ThreatArray' - throttle: - $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' - timeline_id: - $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' - timeline_title: - $ref: >- - #/components/schemas/Security_Detections_API_TimelineTemplateTitle - timestamp_override: - $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' - timestamp_override_fallback_disabled: - $ref: >- - #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled - to: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' - version: - $ref: '#/components/schemas/Security_Detections_API_RuleVersion' - required: - - name - - description - - risk_score - - severity - - version - - tags - - enabled - - risk_score_mapping - - severity_mapping - - interval - - from - - to - - actions - - exceptions_list - - author - - false_positives - - references - - max_signals - - threat - - setup - - related_integrations - - required_fields - - $ref: '#/components/schemas/Security_Detections_API_ResponseFields' - - $ref: '#/components/schemas/Security_Detections_API_EsqlRuleResponseFields' - Security_Detections_API_EsqlRuleCreateFields: - allOf: - - $ref: '#/components/schemas/Security_Detections_API_EsqlRuleOptionalFields' - - $ref: '#/components/schemas/Security_Detections_API_EsqlRuleRequiredFields' - Security_Detections_API_EsqlRuleCreateProps: - allOf: - - type: object - properties: - actions: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleAction' - type: array - alias_purpose: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose - alias_target_id: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId - author: - $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' - building_block_type: - $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' - description: - $ref: '#/components/schemas/Security_Detections_API_RuleDescription' - enabled: - $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' - exceptions_list: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' - type: array - false_positives: - $ref: >- - #/components/schemas/Security_Detections_API_RuleFalsePositiveArray - from: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' - interval: - $ref: '#/components/schemas/Security_Detections_API_RuleInterval' - investigation_fields: - $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' - license: - $ref: '#/components/schemas/Security_Detections_API_RuleLicense' - max_signals: - $ref: '#/components/schemas/Security_Detections_API_MaxSignals' - meta: - $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' - name: - $ref: '#/components/schemas/Security_Detections_API_RuleName' - namespace: - $ref: >- - #/components/schemas/Security_Detections_API_AlertsIndexNamespace - note: - $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' - outcome: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome - output_index: - $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' - references: - $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' - related_integrations: - $ref: >- - #/components/schemas/Security_Detections_API_RelatedIntegrationArray - required_fields: - items: - $ref: >- - #/components/schemas/Security_Detections_API_RequiredFieldInput - type: array - response_actions: - items: - $ref: '#/components/schemas/Security_Detections_API_ResponseAction' - type: array - risk_score: - $ref: '#/components/schemas/Security_Detections_API_RiskScore' - risk_score_mapping: - $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' - rule_id: - $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' - rule_name_override: - $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' - setup: - $ref: '#/components/schemas/Security_Detections_API_SetupGuide' - severity: - $ref: '#/components/schemas/Security_Detections_API_Severity' - severity_mapping: - $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' - tags: - $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' - threat: - $ref: '#/components/schemas/Security_Detections_API_ThreatArray' - throttle: - $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' - timeline_id: - $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' - timeline_title: - $ref: >- - #/components/schemas/Security_Detections_API_TimelineTemplateTitle - timestamp_override: - $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' - timestamp_override_fallback_disabled: - $ref: >- - #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled - to: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' - version: - $ref: '#/components/schemas/Security_Detections_API_RuleVersion' - required: - - name - - description - - risk_score - - severity - - $ref: '#/components/schemas/Security_Detections_API_EsqlRuleCreateFields' - Security_Detections_API_EsqlRuleOptionalFields: - type: object - properties: - alert_suppression: - $ref: '#/components/schemas/Security_Detections_API_AlertSuppression' - Security_Detections_API_EsqlRulePatchProps: - allOf: - - type: object - properties: - actions: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleAction' - type: array - alias_purpose: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose - alias_target_id: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId - author: - $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' - building_block_type: - $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' - description: - $ref: '#/components/schemas/Security_Detections_API_RuleDescription' - enabled: - $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' - exceptions_list: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' - type: array - false_positives: - $ref: >- - #/components/schemas/Security_Detections_API_RuleFalsePositiveArray - from: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' - id: - $ref: '#/components/schemas/Security_Detections_API_RuleObjectId' - interval: - $ref: '#/components/schemas/Security_Detections_API_RuleInterval' - investigation_fields: - $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' - language: - $ref: '#/components/schemas/Security_Detections_API_EsqlQueryLanguage' - license: - $ref: '#/components/schemas/Security_Detections_API_RuleLicense' - max_signals: - $ref: '#/components/schemas/Security_Detections_API_MaxSignals' - meta: - $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' - name: - $ref: '#/components/schemas/Security_Detections_API_RuleName' - namespace: - $ref: >- - #/components/schemas/Security_Detections_API_AlertsIndexNamespace - note: - $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' - outcome: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome - output_index: - $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' - query: - $ref: '#/components/schemas/Security_Detections_API_RuleQuery' - description: ESQL query to execute - references: - $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' - related_integrations: - $ref: >- - #/components/schemas/Security_Detections_API_RelatedIntegrationArray - required_fields: - items: - $ref: >- - #/components/schemas/Security_Detections_API_RequiredFieldInput - type: array - response_actions: - items: - $ref: '#/components/schemas/Security_Detections_API_ResponseAction' - type: array - risk_score: - $ref: '#/components/schemas/Security_Detections_API_RiskScore' - risk_score_mapping: - $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' - rule_id: - $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' - rule_name_override: - $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' - setup: - $ref: '#/components/schemas/Security_Detections_API_SetupGuide' - severity: - $ref: '#/components/schemas/Security_Detections_API_Severity' - severity_mapping: - $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' - tags: - $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' - threat: - $ref: '#/components/schemas/Security_Detections_API_ThreatArray' - throttle: - $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' - timeline_id: - $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' - timeline_title: - $ref: >- - #/components/schemas/Security_Detections_API_TimelineTemplateTitle - timestamp_override: - $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' - timestamp_override_fallback_disabled: - $ref: >- - #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled - to: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' - type: - description: Rule type - enum: - - esql - type: string - version: - $ref: '#/components/schemas/Security_Detections_API_RuleVersion' - - $ref: '#/components/schemas/Security_Detections_API_EsqlRuleOptionalFields' - Security_Detections_API_EsqlRuleRequiredFields: - type: object - properties: - language: - $ref: '#/components/schemas/Security_Detections_API_EsqlQueryLanguage' - query: - $ref: '#/components/schemas/Security_Detections_API_RuleQuery' - description: ESQL query to execute - type: - description: Rule type - enum: - - esql - type: string - required: - - type - - language - - query - Security_Detections_API_EsqlRuleResponseFields: - allOf: - - $ref: '#/components/schemas/Security_Detections_API_EsqlRuleOptionalFields' - - $ref: '#/components/schemas/Security_Detections_API_EsqlRuleRequiredFields' - Security_Detections_API_EsqlRuleUpdateProps: - allOf: - - type: object - properties: - actions: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleAction' - type: array - alias_purpose: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose - alias_target_id: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId - author: - $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' - building_block_type: - $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' - description: - $ref: '#/components/schemas/Security_Detections_API_RuleDescription' - enabled: - $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' - exceptions_list: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' - type: array - false_positives: - $ref: >- - #/components/schemas/Security_Detections_API_RuleFalsePositiveArray - from: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' - id: - $ref: '#/components/schemas/Security_Detections_API_RuleObjectId' - interval: - $ref: '#/components/schemas/Security_Detections_API_RuleInterval' - investigation_fields: - $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' - license: - $ref: '#/components/schemas/Security_Detections_API_RuleLicense' - max_signals: - $ref: '#/components/schemas/Security_Detections_API_MaxSignals' - meta: - $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' - name: - $ref: '#/components/schemas/Security_Detections_API_RuleName' - namespace: - $ref: >- - #/components/schemas/Security_Detections_API_AlertsIndexNamespace - note: - $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' - outcome: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome - output_index: - $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' - references: - $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' - related_integrations: - $ref: >- - #/components/schemas/Security_Detections_API_RelatedIntegrationArray - required_fields: - items: - $ref: >- - #/components/schemas/Security_Detections_API_RequiredFieldInput - type: array - response_actions: - items: - $ref: '#/components/schemas/Security_Detections_API_ResponseAction' - type: array - risk_score: - $ref: '#/components/schemas/Security_Detections_API_RiskScore' - risk_score_mapping: - $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' - rule_id: - $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' - rule_name_override: - $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' - setup: - $ref: '#/components/schemas/Security_Detections_API_SetupGuide' - severity: - $ref: '#/components/schemas/Security_Detections_API_Severity' - severity_mapping: - $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' - tags: - $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' - threat: - $ref: '#/components/schemas/Security_Detections_API_ThreatArray' - throttle: - $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' - timeline_id: - $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' - timeline_title: - $ref: >- - #/components/schemas/Security_Detections_API_TimelineTemplateTitle - timestamp_override: - $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' - timestamp_override_fallback_disabled: - $ref: >- - #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled - to: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' - version: - $ref: '#/components/schemas/Security_Detections_API_RuleVersion' - required: - - name - - description - - risk_score - - severity - - $ref: '#/components/schemas/Security_Detections_API_EsqlRuleCreateFields' - Security_Detections_API_EventCategoryOverride: - type: string - Security_Detections_API_ExceptionListType: - description: The exception type - enum: - - detection - - rule_default - - endpoint - - endpoint_trusted_apps - - endpoint_events - - endpoint_host_isolation_exceptions - - endpoint_blocklists - type: string - Security_Detections_API_ExternalRuleSource: - description: >- - Type of rule source for externally sourced rules, i.e. rules that have - an external source, such as the Elastic Prebuilt rules repo. - type: object - properties: - is_customized: - $ref: >- - #/components/schemas/Security_Detections_API_IsExternalRuleCustomized - type: - enum: - - external - type: string - required: - - type - - is_customized - Security_Detections_API_FindRulesSortField: - enum: - - created_at - - createdAt - - enabled - - execution_summary.last_execution.date - - execution_summary.last_execution.metrics.execution_gap_duration_s - - execution_summary.last_execution.metrics.total_indexing_duration_ms - - execution_summary.last_execution.metrics.total_search_duration_ms - - execution_summary.last_execution.status - - name - - risk_score - - riskScore - - severity - - updated_at - - updatedAt - type: string - Security_Detections_API_HistoryWindowStart: - $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' - Security_Detections_API_IndexPatternArray: - items: - type: string - type: array - Security_Detections_API_InternalRuleSource: - description: >- - Type of rule source for internally sourced rules, i.e. created within - the Kibana apps. - type: object - properties: - type: - enum: - - internal - type: string - required: - - type - Security_Detections_API_InvestigationFields: - description: > - Schema for fields relating to investigation fields. These are user - defined fields we use to highlight - - in various features in the UI such as alert details flyout and - exceptions auto-population from alert. - - Added in PR #163235 - - Right now we only have a single field but anticipate adding more related - fields to store various - - configuration states such as `override` - where a user might say if they - want only these fields to - - display, or if they want these fields + the fields we select. When - expanding this field, it may look - - something like: - - ```typescript - - const investigationFields = z.object({ - field_names: NonEmptyArray(NonEmptyString), - override: z.boolean().optional(), - }); - - ``` - type: object - properties: - field_names: - items: - $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' - minItems: 1 - type: array - required: - - field_names - Security_Detections_API_InvestigationGuide: - description: Notes to help investigate alerts produced by the rule. - type: string - Security_Detections_API_IsExternalRuleCustomized: - description: >- - Determines whether an external/prebuilt rule has been customized by the - user (i.e. any of its fields have been modified and diverged from the - base value). - type: boolean - Security_Detections_API_IsRuleEnabled: - description: Determines whether the rule is enabled. - type: boolean - Security_Detections_API_IsRuleImmutable: - deprecated: true - description: >- - This field determines whether the rule is a prebuilt Elastic rule. It - will be replaced with the `rule_source` field. - type: boolean - Security_Detections_API_ItemsPerSearch: - minimum: 1 - type: integer - Security_Detections_API_KqlQueryLanguage: - enum: - - kuery - - lucene - type: string - Security_Detections_API_MachineLearningJobId: - description: Machine learning job ID - oneOf: - - type: string - - items: - type: string - minItems: 1 - type: array - Security_Detections_API_MachineLearningRule: - allOf: - - type: object - properties: - actions: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleAction' - type: array - alias_purpose: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose - alias_target_id: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId - author: - $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' - building_block_type: - $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' - description: - $ref: '#/components/schemas/Security_Detections_API_RuleDescription' - enabled: - $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' - exceptions_list: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' - type: array - false_positives: - $ref: >- - #/components/schemas/Security_Detections_API_RuleFalsePositiveArray - from: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' - interval: - $ref: '#/components/schemas/Security_Detections_API_RuleInterval' - investigation_fields: - $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' - license: - $ref: '#/components/schemas/Security_Detections_API_RuleLicense' - max_signals: - $ref: '#/components/schemas/Security_Detections_API_MaxSignals' - meta: - $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' - name: - $ref: '#/components/schemas/Security_Detections_API_RuleName' - namespace: - $ref: >- - #/components/schemas/Security_Detections_API_AlertsIndexNamespace - note: - $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' - outcome: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome - output_index: - $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' - references: - $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' - related_integrations: - $ref: >- - #/components/schemas/Security_Detections_API_RelatedIntegrationArray - required_fields: - items: - $ref: >- - #/components/schemas/Security_Detections_API_RequiredFieldInput - type: array - response_actions: - items: - $ref: '#/components/schemas/Security_Detections_API_ResponseAction' - type: array - risk_score: - $ref: '#/components/schemas/Security_Detections_API_RiskScore' - risk_score_mapping: - $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' - rule_name_override: - $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' - setup: - $ref: '#/components/schemas/Security_Detections_API_SetupGuide' - severity: - $ref: '#/components/schemas/Security_Detections_API_Severity' - severity_mapping: - $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' - tags: - $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' - threat: - $ref: '#/components/schemas/Security_Detections_API_ThreatArray' - throttle: - $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' - timeline_id: - $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' - timeline_title: - $ref: >- - #/components/schemas/Security_Detections_API_TimelineTemplateTitle - timestamp_override: - $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' - timestamp_override_fallback_disabled: - $ref: >- - #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled - to: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' - version: - $ref: '#/components/schemas/Security_Detections_API_RuleVersion' - required: - - name - - description - - risk_score - - severity - - version - - tags - - enabled - - risk_score_mapping - - severity_mapping - - interval - - from - - to - - actions - - exceptions_list - - author - - false_positives - - references - - max_signals - - threat - - setup - - related_integrations - - required_fields - - $ref: '#/components/schemas/Security_Detections_API_ResponseFields' - - $ref: >- - #/components/schemas/Security_Detections_API_MachineLearningRuleResponseFields - Security_Detections_API_MachineLearningRuleCreateFields: - allOf: - - $ref: >- - #/components/schemas/Security_Detections_API_MachineLearningRuleRequiredFields - - $ref: >- - #/components/schemas/Security_Detections_API_MachineLearningRuleOptionalFields - Security_Detections_API_MachineLearningRuleCreateProps: - allOf: - - type: object - properties: - actions: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleAction' - type: array - alias_purpose: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose - alias_target_id: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId - author: - $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' - building_block_type: - $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' - description: - $ref: '#/components/schemas/Security_Detections_API_RuleDescription' - enabled: - $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' - exceptions_list: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' - type: array - false_positives: - $ref: >- - #/components/schemas/Security_Detections_API_RuleFalsePositiveArray - from: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' - interval: - $ref: '#/components/schemas/Security_Detections_API_RuleInterval' - investigation_fields: - $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' - license: - $ref: '#/components/schemas/Security_Detections_API_RuleLicense' - max_signals: - $ref: '#/components/schemas/Security_Detections_API_MaxSignals' - meta: - $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' - name: - $ref: '#/components/schemas/Security_Detections_API_RuleName' - namespace: - $ref: >- - #/components/schemas/Security_Detections_API_AlertsIndexNamespace - note: - $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' - outcome: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome - output_index: - $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' - references: - $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' - related_integrations: - $ref: >- - #/components/schemas/Security_Detections_API_RelatedIntegrationArray - required_fields: - items: - $ref: >- - #/components/schemas/Security_Detections_API_RequiredFieldInput - type: array - response_actions: - items: - $ref: '#/components/schemas/Security_Detections_API_ResponseAction' - type: array - risk_score: - $ref: '#/components/schemas/Security_Detections_API_RiskScore' - risk_score_mapping: - $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' - rule_id: - $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' - rule_name_override: - $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' - setup: - $ref: '#/components/schemas/Security_Detections_API_SetupGuide' - severity: - $ref: '#/components/schemas/Security_Detections_API_Severity' - severity_mapping: - $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' - tags: - $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' - threat: - $ref: '#/components/schemas/Security_Detections_API_ThreatArray' - throttle: - $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' - timeline_id: - $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' - timeline_title: - $ref: >- - #/components/schemas/Security_Detections_API_TimelineTemplateTitle - timestamp_override: - $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' - timestamp_override_fallback_disabled: - $ref: >- - #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled - to: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' - version: - $ref: '#/components/schemas/Security_Detections_API_RuleVersion' - required: - - name - - description - - risk_score - - severity - - $ref: >- - #/components/schemas/Security_Detections_API_MachineLearningRuleCreateFields - Security_Detections_API_MachineLearningRuleOptionalFields: - type: object - properties: - alert_suppression: - $ref: '#/components/schemas/Security_Detections_API_AlertSuppression' - Security_Detections_API_MachineLearningRulePatchFields: - allOf: - - type: object - properties: - anomaly_threshold: - $ref: '#/components/schemas/Security_Detections_API_AnomalyThreshold' - machine_learning_job_id: - $ref: >- - #/components/schemas/Security_Detections_API_MachineLearningJobId - type: - description: Rule type - enum: - - machine_learning - type: string - - $ref: >- - #/components/schemas/Security_Detections_API_MachineLearningRuleOptionalFields - Security_Detections_API_MachineLearningRulePatchProps: - allOf: - - type: object - properties: - actions: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleAction' - type: array - alias_purpose: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose - alias_target_id: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId - author: - $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' - building_block_type: - $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' - description: - $ref: '#/components/schemas/Security_Detections_API_RuleDescription' - enabled: - $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' - exceptions_list: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' - type: array - false_positives: - $ref: >- - #/components/schemas/Security_Detections_API_RuleFalsePositiveArray - from: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' - id: - $ref: '#/components/schemas/Security_Detections_API_RuleObjectId' - interval: - $ref: '#/components/schemas/Security_Detections_API_RuleInterval' - investigation_fields: - $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' - license: - $ref: '#/components/schemas/Security_Detections_API_RuleLicense' - max_signals: - $ref: '#/components/schemas/Security_Detections_API_MaxSignals' - meta: - $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' - name: - $ref: '#/components/schemas/Security_Detections_API_RuleName' - namespace: - $ref: >- - #/components/schemas/Security_Detections_API_AlertsIndexNamespace - note: - $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' - outcome: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome - output_index: - $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' - references: - $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' - related_integrations: - $ref: >- - #/components/schemas/Security_Detections_API_RelatedIntegrationArray - required_fields: - items: - $ref: >- - #/components/schemas/Security_Detections_API_RequiredFieldInput - type: array - response_actions: - items: - $ref: '#/components/schemas/Security_Detections_API_ResponseAction' - type: array - risk_score: - $ref: '#/components/schemas/Security_Detections_API_RiskScore' - risk_score_mapping: - $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' - rule_id: - $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' - rule_name_override: - $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' - setup: - $ref: '#/components/schemas/Security_Detections_API_SetupGuide' - severity: - $ref: '#/components/schemas/Security_Detections_API_Severity' - severity_mapping: - $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' - tags: - $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' - threat: - $ref: '#/components/schemas/Security_Detections_API_ThreatArray' - throttle: - $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' - timeline_id: - $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' - timeline_title: - $ref: >- - #/components/schemas/Security_Detections_API_TimelineTemplateTitle - timestamp_override: - $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' - timestamp_override_fallback_disabled: - $ref: >- - #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled - to: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' - version: - $ref: '#/components/schemas/Security_Detections_API_RuleVersion' - - $ref: >- - #/components/schemas/Security_Detections_API_MachineLearningRulePatchFields - Security_Detections_API_MachineLearningRuleRequiredFields: - type: object - properties: - anomaly_threshold: - $ref: '#/components/schemas/Security_Detections_API_AnomalyThreshold' - machine_learning_job_id: - $ref: '#/components/schemas/Security_Detections_API_MachineLearningJobId' - type: - description: Rule type - enum: - - machine_learning - type: string - required: - - type - - machine_learning_job_id - - anomaly_threshold - Security_Detections_API_MachineLearningRuleResponseFields: - allOf: - - $ref: >- - #/components/schemas/Security_Detections_API_MachineLearningRuleRequiredFields - - $ref: >- - #/components/schemas/Security_Detections_API_MachineLearningRuleOptionalFields - Security_Detections_API_MachineLearningRuleUpdateProps: - allOf: - - type: object - properties: - actions: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleAction' - type: array - alias_purpose: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose - alias_target_id: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId - author: - $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' - building_block_type: - $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' - description: - $ref: '#/components/schemas/Security_Detections_API_RuleDescription' - enabled: - $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' - exceptions_list: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' - type: array - false_positives: - $ref: >- - #/components/schemas/Security_Detections_API_RuleFalsePositiveArray - from: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' - id: - $ref: '#/components/schemas/Security_Detections_API_RuleObjectId' - interval: - $ref: '#/components/schemas/Security_Detections_API_RuleInterval' - investigation_fields: - $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' - license: - $ref: '#/components/schemas/Security_Detections_API_RuleLicense' - max_signals: - $ref: '#/components/schemas/Security_Detections_API_MaxSignals' - meta: - $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' - name: - $ref: '#/components/schemas/Security_Detections_API_RuleName' - namespace: - $ref: >- - #/components/schemas/Security_Detections_API_AlertsIndexNamespace - note: - $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' - outcome: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome - output_index: - $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' - references: - $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' - related_integrations: - $ref: >- - #/components/schemas/Security_Detections_API_RelatedIntegrationArray - required_fields: - items: - $ref: >- - #/components/schemas/Security_Detections_API_RequiredFieldInput - type: array - response_actions: - items: - $ref: '#/components/schemas/Security_Detections_API_ResponseAction' - type: array - risk_score: - $ref: '#/components/schemas/Security_Detections_API_RiskScore' - risk_score_mapping: - $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' - rule_id: - $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' - rule_name_override: - $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' - setup: - $ref: '#/components/schemas/Security_Detections_API_SetupGuide' - severity: - $ref: '#/components/schemas/Security_Detections_API_Severity' - severity_mapping: - $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' - tags: - $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' - threat: - $ref: '#/components/schemas/Security_Detections_API_ThreatArray' - throttle: - $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' - timeline_id: - $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' - timeline_title: - $ref: >- - #/components/schemas/Security_Detections_API_TimelineTemplateTitle - timestamp_override: - $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' - timestamp_override_fallback_disabled: - $ref: >- - #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled - to: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' - version: - $ref: '#/components/schemas/Security_Detections_API_RuleVersion' - required: - - name - - description - - risk_score - - severity - - $ref: >- - #/components/schemas/Security_Detections_API_MachineLearningRuleCreateFields - Security_Detections_API_MaxSignals: - minimum: 1 - type: integer - Security_Detections_API_NewTermsFields: - items: - type: string - maxItems: 3 - minItems: 1 - type: array - Security_Detections_API_NewTermsRule: - allOf: - - type: object - properties: - actions: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleAction' - type: array - alias_purpose: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose - alias_target_id: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId - author: - $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' - building_block_type: - $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' - description: - $ref: '#/components/schemas/Security_Detections_API_RuleDescription' - enabled: - $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' - exceptions_list: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' - type: array - false_positives: - $ref: >- - #/components/schemas/Security_Detections_API_RuleFalsePositiveArray - from: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' - interval: - $ref: '#/components/schemas/Security_Detections_API_RuleInterval' - investigation_fields: - $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' - license: - $ref: '#/components/schemas/Security_Detections_API_RuleLicense' - max_signals: - $ref: '#/components/schemas/Security_Detections_API_MaxSignals' - meta: - $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' - name: - $ref: '#/components/schemas/Security_Detections_API_RuleName' - namespace: - $ref: >- - #/components/schemas/Security_Detections_API_AlertsIndexNamespace - note: - $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' - outcome: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome - output_index: - $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' - references: - $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' - related_integrations: - $ref: >- - #/components/schemas/Security_Detections_API_RelatedIntegrationArray - required_fields: - items: - $ref: >- - #/components/schemas/Security_Detections_API_RequiredFieldInput - type: array - response_actions: - items: - $ref: '#/components/schemas/Security_Detections_API_ResponseAction' - type: array - risk_score: - $ref: '#/components/schemas/Security_Detections_API_RiskScore' - risk_score_mapping: - $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' - rule_name_override: - $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' - setup: - $ref: '#/components/schemas/Security_Detections_API_SetupGuide' - severity: - $ref: '#/components/schemas/Security_Detections_API_Severity' - severity_mapping: - $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' - tags: - $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' - threat: - $ref: '#/components/schemas/Security_Detections_API_ThreatArray' - throttle: - $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' - timeline_id: - $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' - timeline_title: - $ref: >- - #/components/schemas/Security_Detections_API_TimelineTemplateTitle - timestamp_override: - $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' - timestamp_override_fallback_disabled: - $ref: >- - #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled - to: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' - version: - $ref: '#/components/schemas/Security_Detections_API_RuleVersion' - required: - - name - - description - - risk_score - - severity - - version - - tags - - enabled - - risk_score_mapping - - severity_mapping - - interval - - from - - to - - actions - - exceptions_list - - author - - false_positives - - references - - max_signals - - threat - - setup - - related_integrations - - required_fields - - $ref: '#/components/schemas/Security_Detections_API_ResponseFields' - - $ref: >- - #/components/schemas/Security_Detections_API_NewTermsRuleResponseFields - Security_Detections_API_NewTermsRuleCreateFields: - allOf: - - $ref: >- - #/components/schemas/Security_Detections_API_NewTermsRuleRequiredFields - - $ref: >- - #/components/schemas/Security_Detections_API_NewTermsRuleOptionalFields - - $ref: >- - #/components/schemas/Security_Detections_API_NewTermsRuleDefaultableFields - Security_Detections_API_NewTermsRuleCreateProps: - allOf: - - type: object - properties: - actions: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleAction' - type: array - alias_purpose: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose - alias_target_id: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId - author: - $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' - building_block_type: - $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' - description: - $ref: '#/components/schemas/Security_Detections_API_RuleDescription' - enabled: - $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' - exceptions_list: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' - type: array - false_positives: - $ref: >- - #/components/schemas/Security_Detections_API_RuleFalsePositiveArray - from: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' - interval: - $ref: '#/components/schemas/Security_Detections_API_RuleInterval' - investigation_fields: - $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' - license: - $ref: '#/components/schemas/Security_Detections_API_RuleLicense' - max_signals: - $ref: '#/components/schemas/Security_Detections_API_MaxSignals' - meta: - $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' - name: - $ref: '#/components/schemas/Security_Detections_API_RuleName' - namespace: - $ref: >- - #/components/schemas/Security_Detections_API_AlertsIndexNamespace - note: - $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' - outcome: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome - output_index: - $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' - references: - $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' - related_integrations: - $ref: >- - #/components/schemas/Security_Detections_API_RelatedIntegrationArray - required_fields: - items: - $ref: >- - #/components/schemas/Security_Detections_API_RequiredFieldInput - type: array - response_actions: - items: - $ref: '#/components/schemas/Security_Detections_API_ResponseAction' - type: array - risk_score: - $ref: '#/components/schemas/Security_Detections_API_RiskScore' - risk_score_mapping: - $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' - rule_id: - $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' - rule_name_override: - $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' - setup: - $ref: '#/components/schemas/Security_Detections_API_SetupGuide' - severity: - $ref: '#/components/schemas/Security_Detections_API_Severity' - severity_mapping: - $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' - tags: - $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' - threat: - $ref: '#/components/schemas/Security_Detections_API_ThreatArray' - throttle: - $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' - timeline_id: - $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' - timeline_title: - $ref: >- - #/components/schemas/Security_Detections_API_TimelineTemplateTitle - timestamp_override: - $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' - timestamp_override_fallback_disabled: - $ref: >- - #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled - to: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' - version: - $ref: '#/components/schemas/Security_Detections_API_RuleVersion' - required: - - name - - description - - risk_score - - severity - - $ref: >- - #/components/schemas/Security_Detections_API_NewTermsRuleCreateFields - Security_Detections_API_NewTermsRuleDefaultableFields: - type: object - properties: - language: - $ref: '#/components/schemas/Security_Detections_API_KqlQueryLanguage' - Security_Detections_API_NewTermsRuleOptionalFields: - type: object - properties: - alert_suppression: - $ref: '#/components/schemas/Security_Detections_API_AlertSuppression' - data_view_id: - $ref: '#/components/schemas/Security_Detections_API_DataViewId' - filters: - $ref: '#/components/schemas/Security_Detections_API_RuleFilterArray' - index: - $ref: '#/components/schemas/Security_Detections_API_IndexPatternArray' - Security_Detections_API_NewTermsRulePatchFields: - allOf: - - type: object - properties: - history_window_start: - $ref: '#/components/schemas/Security_Detections_API_HistoryWindowStart' - new_terms_fields: - $ref: '#/components/schemas/Security_Detections_API_NewTermsFields' - query: - $ref: '#/components/schemas/Security_Detections_API_RuleQuery' - type: - description: Rule type - enum: - - new_terms - type: string - - $ref: >- - #/components/schemas/Security_Detections_API_NewTermsRuleOptionalFields - - $ref: >- - #/components/schemas/Security_Detections_API_NewTermsRuleDefaultableFields - Security_Detections_API_NewTermsRulePatchProps: - allOf: - - type: object - properties: - actions: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleAction' - type: array - alias_purpose: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose - alias_target_id: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId - author: - $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' - building_block_type: - $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' - description: - $ref: '#/components/schemas/Security_Detections_API_RuleDescription' - enabled: - $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' - exceptions_list: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' - type: array - false_positives: - $ref: >- - #/components/schemas/Security_Detections_API_RuleFalsePositiveArray - from: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' - id: - $ref: '#/components/schemas/Security_Detections_API_RuleObjectId' - interval: - $ref: '#/components/schemas/Security_Detections_API_RuleInterval' - investigation_fields: - $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' - license: - $ref: '#/components/schemas/Security_Detections_API_RuleLicense' - max_signals: - $ref: '#/components/schemas/Security_Detections_API_MaxSignals' - meta: - $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' - name: - $ref: '#/components/schemas/Security_Detections_API_RuleName' - namespace: - $ref: >- - #/components/schemas/Security_Detections_API_AlertsIndexNamespace - note: - $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' - outcome: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome - output_index: - $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' - references: - $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' - related_integrations: - $ref: >- - #/components/schemas/Security_Detections_API_RelatedIntegrationArray - required_fields: - items: - $ref: >- - #/components/schemas/Security_Detections_API_RequiredFieldInput - type: array - response_actions: - items: - $ref: '#/components/schemas/Security_Detections_API_ResponseAction' - type: array - risk_score: - $ref: '#/components/schemas/Security_Detections_API_RiskScore' - risk_score_mapping: - $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' - rule_id: - $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' - rule_name_override: - $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' - setup: - $ref: '#/components/schemas/Security_Detections_API_SetupGuide' - severity: - $ref: '#/components/schemas/Security_Detections_API_Severity' - severity_mapping: - $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' - tags: - $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' - threat: - $ref: '#/components/schemas/Security_Detections_API_ThreatArray' - throttle: - $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' - timeline_id: - $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' - timeline_title: - $ref: >- - #/components/schemas/Security_Detections_API_TimelineTemplateTitle - timestamp_override: - $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' - timestamp_override_fallback_disabled: - $ref: >- - #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled - to: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' - version: - $ref: '#/components/schemas/Security_Detections_API_RuleVersion' - - $ref: '#/components/schemas/Security_Detections_API_NewTermsRulePatchFields' - Security_Detections_API_NewTermsRuleRequiredFields: - type: object - properties: - history_window_start: - $ref: '#/components/schemas/Security_Detections_API_HistoryWindowStart' - new_terms_fields: - $ref: '#/components/schemas/Security_Detections_API_NewTermsFields' - query: - $ref: '#/components/schemas/Security_Detections_API_RuleQuery' - type: - description: Rule type - enum: - - new_terms - type: string - required: - - type - - query - - new_terms_fields - - history_window_start - Security_Detections_API_NewTermsRuleResponseFields: - allOf: - - $ref: >- - #/components/schemas/Security_Detections_API_NewTermsRuleRequiredFields - - $ref: >- - #/components/schemas/Security_Detections_API_NewTermsRuleOptionalFields - - type: object - properties: - language: - $ref: '#/components/schemas/Security_Detections_API_KqlQueryLanguage' - required: - - language - Security_Detections_API_NewTermsRuleUpdateProps: - allOf: - - type: object - properties: - actions: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleAction' - type: array - alias_purpose: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose - alias_target_id: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId - author: - $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' - building_block_type: - $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' - description: - $ref: '#/components/schemas/Security_Detections_API_RuleDescription' - enabled: - $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' - exceptions_list: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' - type: array - false_positives: - $ref: >- - #/components/schemas/Security_Detections_API_RuleFalsePositiveArray - from: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' - id: - $ref: '#/components/schemas/Security_Detections_API_RuleObjectId' - interval: - $ref: '#/components/schemas/Security_Detections_API_RuleInterval' - investigation_fields: - $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' - license: - $ref: '#/components/schemas/Security_Detections_API_RuleLicense' - max_signals: - $ref: '#/components/schemas/Security_Detections_API_MaxSignals' - meta: - $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' - name: - $ref: '#/components/schemas/Security_Detections_API_RuleName' - namespace: - $ref: >- - #/components/schemas/Security_Detections_API_AlertsIndexNamespace - note: - $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' - outcome: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome - output_index: - $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' - references: - $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' - related_integrations: - $ref: >- - #/components/schemas/Security_Detections_API_RelatedIntegrationArray - required_fields: - items: - $ref: >- - #/components/schemas/Security_Detections_API_RequiredFieldInput - type: array - response_actions: - items: - $ref: '#/components/schemas/Security_Detections_API_ResponseAction' - type: array - risk_score: - $ref: '#/components/schemas/Security_Detections_API_RiskScore' - risk_score_mapping: - $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' - rule_id: - $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' - rule_name_override: - $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' - setup: - $ref: '#/components/schemas/Security_Detections_API_SetupGuide' - severity: - $ref: '#/components/schemas/Security_Detections_API_Severity' - severity_mapping: - $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' - tags: - $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' - threat: - $ref: '#/components/schemas/Security_Detections_API_ThreatArray' - throttle: - $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' - timeline_id: - $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' - timeline_title: - $ref: >- - #/components/schemas/Security_Detections_API_TimelineTemplateTitle - timestamp_override: - $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' - timestamp_override_fallback_disabled: - $ref: >- - #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled - to: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' - version: - $ref: '#/components/schemas/Security_Detections_API_RuleVersion' - required: - - name - - description - - risk_score - - severity - - $ref: >- - #/components/schemas/Security_Detections_API_NewTermsRuleCreateFields - Security_Detections_API_NonEmptyString: - description: A string that is not empty and does not contain only whitespace - minLength: 1 - pattern: ^(?! *$).+$ - type: string - Security_Detections_API_NormalizedRuleAction: - additionalProperties: false - type: object - properties: - alerts_filter: - $ref: '#/components/schemas/Security_Detections_API_RuleActionAlertsFilter' - frequency: - $ref: '#/components/schemas/Security_Detections_API_RuleActionFrequency' - group: - $ref: '#/components/schemas/Security_Detections_API_RuleActionGroup' - id: - $ref: '#/components/schemas/Security_Detections_API_RuleActionId' - params: - $ref: '#/components/schemas/Security_Detections_API_RuleActionParams' - required: - - id - - params - Security_Detections_API_NormalizedRuleError: - type: object - properties: - err_code: - $ref: >- - #/components/schemas/Security_Detections_API_BulkActionsDryRunErrCode - message: - type: string - rules: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleDetailsInError' - type: array - status_code: - type: integer - required: - - message - - status_code - - rules - Security_Detections_API_OsqueryParams: - type: object - properties: - ecs_mapping: - $ref: '#/components/schemas/Security_Detections_API_EcsMapping' - pack_id: - type: string - queries: - items: - $ref: '#/components/schemas/Security_Detections_API_OsqueryQuery' - type: array - query: - type: string - saved_query_id: - type: string - timeout: - type: number - Security_Detections_API_OsqueryQuery: - type: object - properties: - ecs_mapping: - $ref: '#/components/schemas/Security_Detections_API_EcsMapping' - id: - description: Query ID - type: string - platform: - type: string - query: - description: Query to run - type: string - removed: - type: boolean - snapshot: - type: boolean - version: - description: Query version - type: string - required: - - id - - query - Security_Detections_API_OsqueryResponseAction: - type: object - properties: - action_type_id: - enum: - - .osquery - type: string - params: - $ref: '#/components/schemas/Security_Detections_API_OsqueryParams' - required: - - action_type_id - - params - Security_Detections_API_PlatformErrorResponse: - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: integer - required: - - statusCode - - error - - message - Security_Detections_API_ProcessesParams: - type: object - properties: - command: - enum: - - kill-process - - suspend-process - type: string - comment: - type: string - config: - type: object - properties: - field: - description: Field to use instead of process.pid - type: string - overwrite: - default: true - description: Whether to overwrite field with process.pid - type: boolean - required: - - field - required: - - command - - config - Security_Detections_API_QueryRule: - allOf: - - type: object - properties: - actions: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleAction' - type: array - alias_purpose: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose - alias_target_id: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId - author: - $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' - building_block_type: - $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' - description: - $ref: '#/components/schemas/Security_Detections_API_RuleDescription' - enabled: - $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' - exceptions_list: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' - type: array - false_positives: - $ref: >- - #/components/schemas/Security_Detections_API_RuleFalsePositiveArray - from: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' - interval: - $ref: '#/components/schemas/Security_Detections_API_RuleInterval' - investigation_fields: - $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' - license: - $ref: '#/components/schemas/Security_Detections_API_RuleLicense' - max_signals: - $ref: '#/components/schemas/Security_Detections_API_MaxSignals' - meta: - $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' - name: - $ref: '#/components/schemas/Security_Detections_API_RuleName' - namespace: - $ref: >- - #/components/schemas/Security_Detections_API_AlertsIndexNamespace - note: - $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' - outcome: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome - output_index: - $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' - references: - $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' - related_integrations: - $ref: >- - #/components/schemas/Security_Detections_API_RelatedIntegrationArray - required_fields: - items: - $ref: >- - #/components/schemas/Security_Detections_API_RequiredFieldInput - type: array - response_actions: - items: - $ref: '#/components/schemas/Security_Detections_API_ResponseAction' - type: array - risk_score: - $ref: '#/components/schemas/Security_Detections_API_RiskScore' - risk_score_mapping: - $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' - rule_name_override: - $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' - setup: - $ref: '#/components/schemas/Security_Detections_API_SetupGuide' - severity: - $ref: '#/components/schemas/Security_Detections_API_Severity' - severity_mapping: - $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' - tags: - $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' - threat: - $ref: '#/components/schemas/Security_Detections_API_ThreatArray' - throttle: - $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' - timeline_id: - $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' - timeline_title: - $ref: >- - #/components/schemas/Security_Detections_API_TimelineTemplateTitle - timestamp_override: - $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' - timestamp_override_fallback_disabled: - $ref: >- - #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled - to: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' - version: - $ref: '#/components/schemas/Security_Detections_API_RuleVersion' - required: - - name - - description - - risk_score - - severity - - version - - tags - - enabled - - risk_score_mapping - - severity_mapping - - interval - - from - - to - - actions - - exceptions_list - - author - - false_positives - - references - - max_signals - - threat - - setup - - related_integrations - - required_fields - - $ref: '#/components/schemas/Security_Detections_API_ResponseFields' - - $ref: '#/components/schemas/Security_Detections_API_QueryRuleResponseFields' - Security_Detections_API_QueryRuleCreateFields: - allOf: - - $ref: '#/components/schemas/Security_Detections_API_QueryRuleRequiredFields' - - $ref: '#/components/schemas/Security_Detections_API_QueryRuleOptionalFields' - - $ref: >- - #/components/schemas/Security_Detections_API_QueryRuleDefaultableFields - Security_Detections_API_QueryRuleCreateProps: - allOf: - - type: object - properties: - actions: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleAction' - type: array - alias_purpose: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose - alias_target_id: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId - author: - $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' - building_block_type: - $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' - description: - $ref: '#/components/schemas/Security_Detections_API_RuleDescription' - enabled: - $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' - exceptions_list: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' - type: array - false_positives: - $ref: >- - #/components/schemas/Security_Detections_API_RuleFalsePositiveArray - from: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' - interval: - $ref: '#/components/schemas/Security_Detections_API_RuleInterval' - investigation_fields: - $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' - license: - $ref: '#/components/schemas/Security_Detections_API_RuleLicense' - max_signals: - $ref: '#/components/schemas/Security_Detections_API_MaxSignals' - meta: - $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' - name: - $ref: '#/components/schemas/Security_Detections_API_RuleName' - namespace: - $ref: >- - #/components/schemas/Security_Detections_API_AlertsIndexNamespace - note: - $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' - outcome: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome - output_index: - $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' - references: - $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' - related_integrations: - $ref: >- - #/components/schemas/Security_Detections_API_RelatedIntegrationArray - required_fields: - items: - $ref: >- - #/components/schemas/Security_Detections_API_RequiredFieldInput - type: array - response_actions: - items: - $ref: '#/components/schemas/Security_Detections_API_ResponseAction' - type: array - risk_score: - $ref: '#/components/schemas/Security_Detections_API_RiskScore' - risk_score_mapping: - $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' - rule_id: - $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' - rule_name_override: - $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' - setup: - $ref: '#/components/schemas/Security_Detections_API_SetupGuide' - severity: - $ref: '#/components/schemas/Security_Detections_API_Severity' - severity_mapping: - $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' - tags: - $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' - threat: - $ref: '#/components/schemas/Security_Detections_API_ThreatArray' - throttle: - $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' - timeline_id: - $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' - timeline_title: - $ref: >- - #/components/schemas/Security_Detections_API_TimelineTemplateTitle - timestamp_override: - $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' - timestamp_override_fallback_disabled: - $ref: >- - #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled - to: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' - version: - $ref: '#/components/schemas/Security_Detections_API_RuleVersion' - required: - - name - - description - - risk_score - - severity - - $ref: '#/components/schemas/Security_Detections_API_QueryRuleCreateFields' - Security_Detections_API_QueryRuleDefaultableFields: - type: object - properties: - language: - $ref: '#/components/schemas/Security_Detections_API_KqlQueryLanguage' - query: - $ref: '#/components/schemas/Security_Detections_API_RuleQuery' - Security_Detections_API_QueryRuleOptionalFields: - type: object - properties: - alert_suppression: - $ref: '#/components/schemas/Security_Detections_API_AlertSuppression' - data_view_id: - $ref: '#/components/schemas/Security_Detections_API_DataViewId' - filters: - $ref: '#/components/schemas/Security_Detections_API_RuleFilterArray' - index: - $ref: '#/components/schemas/Security_Detections_API_IndexPatternArray' - saved_id: - $ref: '#/components/schemas/Security_Detections_API_SavedQueryId' - Security_Detections_API_QueryRulePatchFields: - allOf: - - type: object - properties: - type: - description: Rule type - enum: - - query - type: string - - $ref: '#/components/schemas/Security_Detections_API_QueryRuleOptionalFields' - - $ref: >- - #/components/schemas/Security_Detections_API_QueryRuleDefaultableFields - Security_Detections_API_QueryRulePatchProps: - allOf: - - type: object - properties: - actions: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleAction' - type: array - alias_purpose: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose - alias_target_id: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId - author: - $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' - building_block_type: - $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' - description: - $ref: '#/components/schemas/Security_Detections_API_RuleDescription' - enabled: - $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' - exceptions_list: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' - type: array - false_positives: - $ref: >- - #/components/schemas/Security_Detections_API_RuleFalsePositiveArray - from: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' - id: - $ref: '#/components/schemas/Security_Detections_API_RuleObjectId' - interval: - $ref: '#/components/schemas/Security_Detections_API_RuleInterval' - investigation_fields: - $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' - license: - $ref: '#/components/schemas/Security_Detections_API_RuleLicense' - max_signals: - $ref: '#/components/schemas/Security_Detections_API_MaxSignals' - meta: - $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' - name: - $ref: '#/components/schemas/Security_Detections_API_RuleName' - namespace: - $ref: >- - #/components/schemas/Security_Detections_API_AlertsIndexNamespace - note: - $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' - outcome: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome - output_index: - $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' - references: - $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' - related_integrations: - $ref: >- - #/components/schemas/Security_Detections_API_RelatedIntegrationArray - required_fields: - items: - $ref: >- - #/components/schemas/Security_Detections_API_RequiredFieldInput - type: array - response_actions: - items: - $ref: '#/components/schemas/Security_Detections_API_ResponseAction' - type: array - risk_score: - $ref: '#/components/schemas/Security_Detections_API_RiskScore' - risk_score_mapping: - $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' - rule_id: - $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' - rule_name_override: - $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' - setup: - $ref: '#/components/schemas/Security_Detections_API_SetupGuide' - severity: - $ref: '#/components/schemas/Security_Detections_API_Severity' - severity_mapping: - $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' - tags: - $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' - threat: - $ref: '#/components/schemas/Security_Detections_API_ThreatArray' - throttle: - $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' - timeline_id: - $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' - timeline_title: - $ref: >- - #/components/schemas/Security_Detections_API_TimelineTemplateTitle - timestamp_override: - $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' - timestamp_override_fallback_disabled: - $ref: >- - #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled - to: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' - version: - $ref: '#/components/schemas/Security_Detections_API_RuleVersion' - - $ref: '#/components/schemas/Security_Detections_API_QueryRulePatchFields' - Security_Detections_API_QueryRuleRequiredFields: - type: object - properties: - type: - description: Rule type - enum: - - query - type: string - required: - - type - Security_Detections_API_QueryRuleResponseFields: - allOf: - - $ref: '#/components/schemas/Security_Detections_API_QueryRuleRequiredFields' - - $ref: '#/components/schemas/Security_Detections_API_QueryRuleOptionalFields' - - type: object - properties: - language: - $ref: '#/components/schemas/Security_Detections_API_KqlQueryLanguage' - query: - $ref: '#/components/schemas/Security_Detections_API_RuleQuery' - required: - - query - - language - Security_Detections_API_QueryRuleUpdateProps: - allOf: - - type: object - properties: - actions: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleAction' - type: array - alias_purpose: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose - alias_target_id: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId - author: - $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' - building_block_type: - $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' - description: - $ref: '#/components/schemas/Security_Detections_API_RuleDescription' - enabled: - $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' - exceptions_list: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' - type: array - false_positives: - $ref: >- - #/components/schemas/Security_Detections_API_RuleFalsePositiveArray - from: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' - id: - $ref: '#/components/schemas/Security_Detections_API_RuleObjectId' - interval: - $ref: '#/components/schemas/Security_Detections_API_RuleInterval' - investigation_fields: - $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' - license: - $ref: '#/components/schemas/Security_Detections_API_RuleLicense' - max_signals: - $ref: '#/components/schemas/Security_Detections_API_MaxSignals' - meta: - $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' - name: - $ref: '#/components/schemas/Security_Detections_API_RuleName' - namespace: - $ref: >- - #/components/schemas/Security_Detections_API_AlertsIndexNamespace - note: - $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' - outcome: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome - output_index: - $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' - references: - $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' - related_integrations: - $ref: >- - #/components/schemas/Security_Detections_API_RelatedIntegrationArray - required_fields: - items: - $ref: >- - #/components/schemas/Security_Detections_API_RequiredFieldInput - type: array - response_actions: - items: - $ref: '#/components/schemas/Security_Detections_API_ResponseAction' - type: array - risk_score: - $ref: '#/components/schemas/Security_Detections_API_RiskScore' - risk_score_mapping: - $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' - rule_id: - $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' - rule_name_override: - $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' - setup: - $ref: '#/components/schemas/Security_Detections_API_SetupGuide' - severity: - $ref: '#/components/schemas/Security_Detections_API_Severity' - severity_mapping: - $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' - tags: - $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' - threat: - $ref: '#/components/schemas/Security_Detections_API_ThreatArray' - throttle: - $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' - timeline_id: - $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' - timeline_title: - $ref: >- - #/components/schemas/Security_Detections_API_TimelineTemplateTitle - timestamp_override: - $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' - timestamp_override_fallback_disabled: - $ref: >- - #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled - to: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' - version: - $ref: '#/components/schemas/Security_Detections_API_RuleVersion' - required: - - name - - description - - risk_score - - severity - - $ref: '#/components/schemas/Security_Detections_API_QueryRuleCreateFields' - Security_Detections_API_RelatedIntegration: - description: > - Related integration is a potential dependency of a rule. It's assumed - that if the user installs - - one of the related integrations of a rule, the rule might start to work - properly because it will - - have source events (generated by this integration) potentially matching - the rule's query. - - - NOTE: Proper work is not guaranteed, because a related integration, if - installed, can be - - configured differently or generate data that is not necessarily relevant - for this rule. - - - Related integration is a combination of a Fleet package and (optionally) - one of the - - package's "integrations" that this package contains. It is represented - by 3 properties: - - - - `package`: name of the package (required, unique id) - - - `version`: version of the package (required, semver-compatible) - - - `integration`: name of the integration of this package (optional, id - within the package) - - - There are Fleet packages like `windows` that contain only one - integration; in this case, - - `integration` should be unspecified. There are also packages like `aws` - and `azure` that contain - - several integrations; in this case, `integration` should be specified. - - - @example - - const x: RelatedIntegration = { - package: 'windows', - version: '1.5.x', - }; - - - @example - - const x: RelatedIntegration = { - package: 'azure', - version: '~1.1.6', - integration: 'activitylogs', - }; - type: object - properties: - integration: - $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' - package: - $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' - version: - $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' - required: - - package - - version - Security_Detections_API_RelatedIntegrationArray: - items: - $ref: '#/components/schemas/Security_Detections_API_RelatedIntegration' - type: array - Security_Detections_API_RequiredField: - description: > - Describes an Elasticsearch field that is needed for the rule to - function. - - - Almost all types of Security rules check source event documents for a - match to some kind of - - query or filter. If a document has certain field with certain values, - then it's a match and - - the rule will generate an alert. - - - Required field is an event field that must be present in the source - indices of a given rule. - - - @example - - const standardEcsField: RequiredField = { - name: 'event.action', - type: 'keyword', - ecs: true, - }; - - - @example - - const nonEcsField: RequiredField = { - name: 'winlog.event_data.AttributeLDAPDisplayName', - type: 'keyword', - ecs: false, - }; - type: object - properties: - ecs: - description: Whether the field is an ECS field - type: boolean - name: - $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' - description: Name of an Elasticsearch field - type: - $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' - description: Type of the Elasticsearch field - required: - - name - - type - - ecs - Security_Detections_API_RequiredFieldArray: - items: - $ref: '#/components/schemas/Security_Detections_API_RequiredField' - type: array - Security_Detections_API_RequiredFieldInput: - description: >- - Input parameters to create a RequiredField. Does not include the `ecs` - field, because `ecs` is calculated on the backend based on the field - name and type. - type: object - properties: - name: - $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' - description: Name of an Elasticsearch field - type: - $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' - description: Type of an Elasticsearch field - required: - - name - - type - Security_Detections_API_ResponseAction: - oneOf: - - $ref: '#/components/schemas/Security_Detections_API_OsqueryResponseAction' - - $ref: '#/components/schemas/Security_Detections_API_EndpointResponseAction' - Security_Detections_API_ResponseFields: - type: object - properties: - created_at: - format: date-time - type: string - created_by: - type: string - execution_summary: - $ref: '#/components/schemas/Security_Detections_API_RuleExecutionSummary' - id: - $ref: '#/components/schemas/Security_Detections_API_RuleObjectId' - immutable: - $ref: '#/components/schemas/Security_Detections_API_IsRuleImmutable' - required_fields: - $ref: '#/components/schemas/Security_Detections_API_RequiredFieldArray' - revision: - minimum: 0 - type: integer - rule_id: - $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' - rule_source: - $ref: '#/components/schemas/Security_Detections_API_RuleSource' - updated_at: - format: date-time - type: string - updated_by: - type: string - required: - - id - - rule_id - - immutable - - rule_source - - updated_at - - updated_by - - created_at - - created_by - - revision - - related_integrations - - required_fields - Security_Detections_API_RiskScore: - description: Risk score (0 to 100) - maximum: 100 - minimum: 0 - type: integer - Security_Detections_API_RiskScoreMapping: - description: >- - Overrides generated alerts' risk_score with a value from the source - event - items: - type: object - properties: - field: - type: string - operator: - enum: - - equals - type: string - risk_score: - $ref: '#/components/schemas/Security_Detections_API_RiskScore' - value: - type: string - required: - - field - - operator - - value - type: array - Security_Detections_API_RuleAction: - type: object - properties: - action_type_id: - description: The action type used for sending notifications. - type: string - alerts_filter: - $ref: '#/components/schemas/Security_Detections_API_RuleActionAlertsFilter' - frequency: - $ref: '#/components/schemas/Security_Detections_API_RuleActionFrequency' - group: - $ref: '#/components/schemas/Security_Detections_API_RuleActionGroup' - id: - $ref: '#/components/schemas/Security_Detections_API_RuleActionId' - params: - $ref: '#/components/schemas/Security_Detections_API_RuleActionParams' - uuid: - $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' - required: - - action_type_id - - id - - params - Security_Detections_API_RuleActionAlertsFilter: - additionalProperties: true - type: object - Security_Detections_API_RuleActionFrequency: - description: >- - The action frequency defines when the action runs (for example, only on - rule execution or at specific time intervals). - type: object - properties: - notifyWhen: - $ref: '#/components/schemas/Security_Detections_API_RuleActionNotifyWhen' - summary: - description: >- - Action summary indicates whether we will send a summary notification - about all the generate alerts or notification per individual alert - type: boolean - throttle: - $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' - nullable: true - required: - - summary - - notifyWhen - - throttle - Security_Detections_API_RuleActionGroup: - description: >- - Optionally groups actions by use cases. Use `default` for alert - notifications. - type: string - Security_Detections_API_RuleActionId: - description: The connector ID. - type: string - Security_Detections_API_RuleActionNotifyWhen: - description: >- - The condition for throttling the notification: `onActionGroupChange`, - `onActiveAlert`, or `onThrottleInterval` - enum: - - onActiveAlert - - onThrottleInterval - - onActionGroupChange - type: string - Security_Detections_API_RuleActionParams: - additionalProperties: true - description: >- - Object containing the allowed connector fields, which varies according - to the connector type. - type: object - Security_Detections_API_RuleActionThrottle: - description: Defines how often rule actions are taken. - oneOf: - - enum: - - no_actions - - rule - type: string - - description: Time interval in seconds, minutes, hours, or days. - example: 1h - pattern: ^[1-9]\d*[smhd]$ - type: string - Security_Detections_API_RuleAuthorArray: - items: - type: string - type: array - Security_Detections_API_RuleCreateProps: - anyOf: - - $ref: '#/components/schemas/Security_Detections_API_EqlRuleCreateProps' - - $ref: '#/components/schemas/Security_Detections_API_QueryRuleCreateProps' - - $ref: >- - #/components/schemas/Security_Detections_API_SavedQueryRuleCreateProps - - $ref: >- - #/components/schemas/Security_Detections_API_ThresholdRuleCreateProps - - $ref: >- - #/components/schemas/Security_Detections_API_ThreatMatchRuleCreateProps - - $ref: >- - #/components/schemas/Security_Detections_API_MachineLearningRuleCreateProps - - $ref: '#/components/schemas/Security_Detections_API_NewTermsRuleCreateProps' - - $ref: '#/components/schemas/Security_Detections_API_EsqlRuleCreateProps' - discriminator: - propertyName: type - Security_Detections_API_RuleDescription: - minLength: 1 - type: string - Security_Detections_API_RuleDetailsInError: - type: object - properties: - id: - type: string - name: - type: string - required: - - id - Security_Detections_API_RuleExceptionList: - type: object - properties: - id: - $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' - description: ID of the exception container - list_id: - $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' - description: List ID of the exception container - namespace_type: - description: Determines the exceptions validity in rule's Kibana space - enum: - - agnostic - - single - type: string - type: - $ref: '#/components/schemas/Security_Detections_API_ExceptionListType' - required: - - id - - list_id - - type - - namespace_type - Security_Detections_API_RuleExecutionMetrics: - type: object - properties: - execution_gap_duration_s: - description: Duration in seconds of execution gap - minimum: 0 - type: integer - total_enrichment_duration_ms: - description: >- - Total time spent enriching documents during current rule execution - cycle - minimum: 0 - type: integer - total_indexing_duration_ms: - description: >- - Total time spent indexing documents during current rule execution - cycle - minimum: 0 - type: integer - total_search_duration_ms: - description: >- - Total time spent performing ES searches as measured by Kibana; - includes network latency and time spent serializing/deserializing - request/response - minimum: 0 - type: integer - Security_Detections_API_RuleExecutionStatus: - description: >- - Custom execution status of Security rules that is different from the - status used in the Alerting Framework. We merge our custom status with - the Framework's status to determine the resulting status of a rule. - - - going to run - @deprecated Replaced by the 'running' status but left - for backwards compatibility with rule execution events already written - to Event Log in the prior versions of Kibana. Don't use when writing - rule status changes. - - - running - Rule execution started but not reached any intermediate or - final status. - - - partial failure - Rule can partially fail for various reasons either - in the middle of an execution (in this case we update its status right - away) or in the end of it. So currently this status can be both - intermediate and final at the same time. A typical reason for a partial - failure: not all the indices that the rule searches over actually exist. - - - failed - Rule failed to execute due to unhandled exception or a reason - defined in the business logic of its executor function. - - - succeeded - Rule executed successfully without any issues. Note: this - status is just an indication of a rule's "health". The rule might or - might not generate any alerts despite of it. - enum: - - going to run - - running - - partial failure - - failed - - succeeded - type: string - Security_Detections_API_RuleExecutionStatusOrder: - type: integer - Security_Detections_API_RuleExecutionSummary: - type: object - properties: - last_execution: - type: object - properties: - date: - description: Date of the last execution - format: date-time - type: string - message: - type: string - metrics: - $ref: >- - #/components/schemas/Security_Detections_API_RuleExecutionMetrics - status: - $ref: '#/components/schemas/Security_Detections_API_RuleExecutionStatus' - description: Status of the last execution - status_order: - $ref: >- - #/components/schemas/Security_Detections_API_RuleExecutionStatusOrder - required: - - date - - status - - status_order - - message - - metrics - required: - - last_execution - Security_Detections_API_RuleFalsePositiveArray: - items: - type: string - type: array - Security_Detections_API_RuleFilterArray: - items: {} - type: array - Security_Detections_API_RuleInterval: - description: >- - Frequency of rule execution, using a date math range. For example, "1h" - means the rule runs every hour. Defaults to 5m (5 minutes). - type: string - Security_Detections_API_RuleIntervalFrom: - description: >- - Time from which data is analyzed each time the rule runs, using a date - math range. For example, now-4200s means the rule analyzes data from 70 - minutes before its start time. Defaults to now-6m (analyzes data from 6 - minutes before the start time). - format: date-math - type: string - Security_Detections_API_RuleIntervalTo: - type: string - Security_Detections_API_RuleLicense: - description: The rule's license. - type: string - Security_Detections_API_RuleMetadata: - additionalProperties: true - type: object - Security_Detections_API_RuleName: - minLength: 1 - type: string - Security_Detections_API_RuleNameOverride: - description: Sets the source field for the alert's signal.rule.name value - type: string - Security_Detections_API_RuleObjectId: - $ref: '#/components/schemas/Security_Detections_API_UUID' - Security_Detections_API_RulePatchProps: - anyOf: - - $ref: '#/components/schemas/Security_Detections_API_EqlRulePatchProps' - - $ref: '#/components/schemas/Security_Detections_API_QueryRulePatchProps' - - $ref: >- - #/components/schemas/Security_Detections_API_SavedQueryRulePatchProps - - $ref: '#/components/schemas/Security_Detections_API_ThresholdRulePatchProps' - - $ref: >- - #/components/schemas/Security_Detections_API_ThreatMatchRulePatchProps - - $ref: >- - #/components/schemas/Security_Detections_API_MachineLearningRulePatchProps - - $ref: '#/components/schemas/Security_Detections_API_NewTermsRulePatchProps' - - $ref: '#/components/schemas/Security_Detections_API_EsqlRulePatchProps' - Security_Detections_API_RulePreviewLoggedRequest: - type: object - properties: - description: - $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' - duration: - type: integer - request: - $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' - required: - - request - Security_Detections_API_RulePreviewLogs: - type: object - properties: - duration: - description: Execution duration in milliseconds - type: integer - errors: - items: - $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' - type: array - requests: - items: - $ref: >- - #/components/schemas/Security_Detections_API_RulePreviewLoggedRequest - type: array - startedAt: - $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' - warnings: - items: - $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' - type: array - required: - - errors - - warnings - - duration - Security_Detections_API_RulePreviewParams: - type: object - properties: - invocationCount: - type: integer - timeframeEnd: - format: date-time - type: string - required: - - invocationCount - - timeframeEnd - Security_Detections_API_RuleQuery: - type: string - Security_Detections_API_RuleReferenceArray: - items: - type: string - type: array - Security_Detections_API_RuleResponse: - anyOf: - - $ref: '#/components/schemas/Security_Detections_API_EqlRule' - - $ref: '#/components/schemas/Security_Detections_API_QueryRule' - - $ref: '#/components/schemas/Security_Detections_API_SavedQueryRule' - - $ref: '#/components/schemas/Security_Detections_API_ThresholdRule' - - $ref: '#/components/schemas/Security_Detections_API_ThreatMatchRule' - - $ref: '#/components/schemas/Security_Detections_API_MachineLearningRule' - - $ref: '#/components/schemas/Security_Detections_API_NewTermsRule' - - $ref: '#/components/schemas/Security_Detections_API_EsqlRule' - discriminator: - propertyName: type - Security_Detections_API_RuleSignatureId: - description: Could be any string, not necessarily a UUID - type: string - Security_Detections_API_RuleSource: - description: >- - Discriminated union that determines whether the rule is internally - sourced (created within the Kibana app) or has an external source, such - as the Elastic Prebuilt rules repo. - discriminator: - propertyName: type - oneOf: - - $ref: '#/components/schemas/Security_Detections_API_ExternalRuleSource' - - $ref: '#/components/schemas/Security_Detections_API_InternalRuleSource' - Security_Detections_API_RuleTagArray: - description: >- - String array containing words and phrases to help categorize, filter, - and search rules. Defaults to an empty array. - items: - type: string - type: array - Security_Detections_API_RuleUpdateProps: - anyOf: - - $ref: '#/components/schemas/Security_Detections_API_EqlRuleUpdateProps' - - $ref: '#/components/schemas/Security_Detections_API_QueryRuleUpdateProps' - - $ref: >- - #/components/schemas/Security_Detections_API_SavedQueryRuleUpdateProps - - $ref: >- - #/components/schemas/Security_Detections_API_ThresholdRuleUpdateProps - - $ref: >- - #/components/schemas/Security_Detections_API_ThreatMatchRuleUpdateProps - - $ref: >- - #/components/schemas/Security_Detections_API_MachineLearningRuleUpdateProps - - $ref: '#/components/schemas/Security_Detections_API_NewTermsRuleUpdateProps' - - $ref: '#/components/schemas/Security_Detections_API_EsqlRuleUpdateProps' - discriminator: - propertyName: type - Security_Detections_API_RuleVersion: - description: The rule's version number. - minimum: 1 - type: integer - Security_Detections_API_SavedObjectResolveAliasPurpose: - enum: - - savedObjectConversion - - savedObjectImport - type: string - Security_Detections_API_SavedObjectResolveAliasTargetId: - type: string - Security_Detections_API_SavedObjectResolveOutcome: - enum: - - exactMatch - - aliasMatch - - conflict - type: string - Security_Detections_API_SavedQueryId: - type: string - Security_Detections_API_SavedQueryRule: - allOf: - - type: object - properties: - actions: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleAction' - type: array - alias_purpose: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose - alias_target_id: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId - author: - $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' - building_block_type: - $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' - description: - $ref: '#/components/schemas/Security_Detections_API_RuleDescription' - enabled: - $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' - exceptions_list: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' - type: array - false_positives: - $ref: >- - #/components/schemas/Security_Detections_API_RuleFalsePositiveArray - from: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' - interval: - $ref: '#/components/schemas/Security_Detections_API_RuleInterval' - investigation_fields: - $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' - license: - $ref: '#/components/schemas/Security_Detections_API_RuleLicense' - max_signals: - $ref: '#/components/schemas/Security_Detections_API_MaxSignals' - meta: - $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' - name: - $ref: '#/components/schemas/Security_Detections_API_RuleName' - namespace: - $ref: >- - #/components/schemas/Security_Detections_API_AlertsIndexNamespace - note: - $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' - outcome: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome - output_index: - $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' - references: - $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' - related_integrations: - $ref: >- - #/components/schemas/Security_Detections_API_RelatedIntegrationArray - required_fields: - items: - $ref: >- - #/components/schemas/Security_Detections_API_RequiredFieldInput - type: array - response_actions: - items: - $ref: '#/components/schemas/Security_Detections_API_ResponseAction' - type: array - risk_score: - $ref: '#/components/schemas/Security_Detections_API_RiskScore' - risk_score_mapping: - $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' - rule_name_override: - $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' - setup: - $ref: '#/components/schemas/Security_Detections_API_SetupGuide' - severity: - $ref: '#/components/schemas/Security_Detections_API_Severity' - severity_mapping: - $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' - tags: - $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' - threat: - $ref: '#/components/schemas/Security_Detections_API_ThreatArray' - throttle: - $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' - timeline_id: - $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' - timeline_title: - $ref: >- - #/components/schemas/Security_Detections_API_TimelineTemplateTitle - timestamp_override: - $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' - timestamp_override_fallback_disabled: - $ref: >- - #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled - to: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' - version: - $ref: '#/components/schemas/Security_Detections_API_RuleVersion' - required: - - name - - description - - risk_score - - severity - - version - - tags - - enabled - - risk_score_mapping - - severity_mapping - - interval - - from - - to - - actions - - exceptions_list - - author - - false_positives - - references - - max_signals - - threat - - setup - - related_integrations - - required_fields - - $ref: '#/components/schemas/Security_Detections_API_ResponseFields' - - $ref: >- - #/components/schemas/Security_Detections_API_SavedQueryRuleResponseFields - Security_Detections_API_SavedQueryRuleCreateFields: - allOf: - - $ref: >- - #/components/schemas/Security_Detections_API_SavedQueryRuleRequiredFields - - $ref: >- - #/components/schemas/Security_Detections_API_SavedQueryRuleOptionalFields - - $ref: >- - #/components/schemas/Security_Detections_API_SavedQueryRuleDefaultableFields - Security_Detections_API_SavedQueryRuleCreateProps: - allOf: - - type: object - properties: - actions: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleAction' - type: array - alias_purpose: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose - alias_target_id: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId - author: - $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' - building_block_type: - $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' - description: - $ref: '#/components/schemas/Security_Detections_API_RuleDescription' - enabled: - $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' - exceptions_list: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' - type: array - false_positives: - $ref: >- - #/components/schemas/Security_Detections_API_RuleFalsePositiveArray - from: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' - interval: - $ref: '#/components/schemas/Security_Detections_API_RuleInterval' - investigation_fields: - $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' - license: - $ref: '#/components/schemas/Security_Detections_API_RuleLicense' - max_signals: - $ref: '#/components/schemas/Security_Detections_API_MaxSignals' - meta: - $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' - name: - $ref: '#/components/schemas/Security_Detections_API_RuleName' - namespace: - $ref: >- - #/components/schemas/Security_Detections_API_AlertsIndexNamespace - note: - $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' - outcome: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome - output_index: - $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' - references: - $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' - related_integrations: - $ref: >- - #/components/schemas/Security_Detections_API_RelatedIntegrationArray - required_fields: - items: - $ref: >- - #/components/schemas/Security_Detections_API_RequiredFieldInput - type: array - response_actions: - items: - $ref: '#/components/schemas/Security_Detections_API_ResponseAction' - type: array - risk_score: - $ref: '#/components/schemas/Security_Detections_API_RiskScore' - risk_score_mapping: - $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' - rule_id: - $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' - rule_name_override: - $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' - setup: - $ref: '#/components/schemas/Security_Detections_API_SetupGuide' - severity: - $ref: '#/components/schemas/Security_Detections_API_Severity' - severity_mapping: - $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' - tags: - $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' - threat: - $ref: '#/components/schemas/Security_Detections_API_ThreatArray' - throttle: - $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' - timeline_id: - $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' - timeline_title: - $ref: >- - #/components/schemas/Security_Detections_API_TimelineTemplateTitle - timestamp_override: - $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' - timestamp_override_fallback_disabled: - $ref: >- - #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled - to: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' - version: - $ref: '#/components/schemas/Security_Detections_API_RuleVersion' - required: - - name - - description - - risk_score - - severity - - $ref: >- - #/components/schemas/Security_Detections_API_SavedQueryRuleCreateFields - Security_Detections_API_SavedQueryRuleDefaultableFields: - type: object - properties: - language: - $ref: '#/components/schemas/Security_Detections_API_KqlQueryLanguage' - Security_Detections_API_SavedQueryRuleOptionalFields: - type: object - properties: - alert_suppression: - $ref: '#/components/schemas/Security_Detections_API_AlertSuppression' - data_view_id: - $ref: '#/components/schemas/Security_Detections_API_DataViewId' - filters: - $ref: '#/components/schemas/Security_Detections_API_RuleFilterArray' - index: - $ref: '#/components/schemas/Security_Detections_API_IndexPatternArray' - query: - $ref: '#/components/schemas/Security_Detections_API_RuleQuery' - Security_Detections_API_SavedQueryRulePatchFields: - allOf: - - type: object - properties: - saved_id: - $ref: '#/components/schemas/Security_Detections_API_SavedQueryId' - type: - description: Rule type - enum: - - saved_query - type: string - - $ref: >- - #/components/schemas/Security_Detections_API_SavedQueryRuleOptionalFields - - $ref: >- - #/components/schemas/Security_Detections_API_SavedQueryRuleDefaultableFields - Security_Detections_API_SavedQueryRulePatchProps: - allOf: - - type: object - properties: - actions: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleAction' - type: array - alias_purpose: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose - alias_target_id: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId - author: - $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' - building_block_type: - $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' - description: - $ref: '#/components/schemas/Security_Detections_API_RuleDescription' - enabled: - $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' - exceptions_list: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' - type: array - false_positives: - $ref: >- - #/components/schemas/Security_Detections_API_RuleFalsePositiveArray - from: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' - id: - $ref: '#/components/schemas/Security_Detections_API_RuleObjectId' - interval: - $ref: '#/components/schemas/Security_Detections_API_RuleInterval' - investigation_fields: - $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' - license: - $ref: '#/components/schemas/Security_Detections_API_RuleLicense' - max_signals: - $ref: '#/components/schemas/Security_Detections_API_MaxSignals' - meta: - $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' - name: - $ref: '#/components/schemas/Security_Detections_API_RuleName' - namespace: - $ref: >- - #/components/schemas/Security_Detections_API_AlertsIndexNamespace - note: - $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' - outcome: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome - output_index: - $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' - references: - $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' - related_integrations: - $ref: >- - #/components/schemas/Security_Detections_API_RelatedIntegrationArray - required_fields: - items: - $ref: >- - #/components/schemas/Security_Detections_API_RequiredFieldInput - type: array - response_actions: - items: - $ref: '#/components/schemas/Security_Detections_API_ResponseAction' - type: array - risk_score: - $ref: '#/components/schemas/Security_Detections_API_RiskScore' - risk_score_mapping: - $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' - rule_id: - $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' - rule_name_override: - $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' - setup: - $ref: '#/components/schemas/Security_Detections_API_SetupGuide' - severity: - $ref: '#/components/schemas/Security_Detections_API_Severity' - severity_mapping: - $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' - tags: - $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' - threat: - $ref: '#/components/schemas/Security_Detections_API_ThreatArray' - throttle: - $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' - timeline_id: - $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' - timeline_title: - $ref: >- - #/components/schemas/Security_Detections_API_TimelineTemplateTitle - timestamp_override: - $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' - timestamp_override_fallback_disabled: - $ref: >- - #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled - to: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' - version: - $ref: '#/components/schemas/Security_Detections_API_RuleVersion' - - $ref: >- - #/components/schemas/Security_Detections_API_SavedQueryRulePatchFields - Security_Detections_API_SavedQueryRuleRequiredFields: - type: object - properties: - saved_id: - $ref: '#/components/schemas/Security_Detections_API_SavedQueryId' - type: - description: Rule type - enum: - - saved_query - type: string - required: - - type - - saved_id - Security_Detections_API_SavedQueryRuleResponseFields: - allOf: - - $ref: >- - #/components/schemas/Security_Detections_API_SavedQueryRuleRequiredFields - - $ref: >- - #/components/schemas/Security_Detections_API_SavedQueryRuleOptionalFields - - type: object - properties: - language: - $ref: '#/components/schemas/Security_Detections_API_KqlQueryLanguage' - required: - - language - Security_Detections_API_SavedQueryRuleUpdateProps: - allOf: - - type: object - properties: - actions: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleAction' - type: array - alias_purpose: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose - alias_target_id: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId - author: - $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' - building_block_type: - $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' - description: - $ref: '#/components/schemas/Security_Detections_API_RuleDescription' - enabled: - $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' - exceptions_list: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' - type: array - false_positives: - $ref: >- - #/components/schemas/Security_Detections_API_RuleFalsePositiveArray - from: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' - id: - $ref: '#/components/schemas/Security_Detections_API_RuleObjectId' - interval: - $ref: '#/components/schemas/Security_Detections_API_RuleInterval' - investigation_fields: - $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' - license: - $ref: '#/components/schemas/Security_Detections_API_RuleLicense' - max_signals: - $ref: '#/components/schemas/Security_Detections_API_MaxSignals' - meta: - $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' - name: - $ref: '#/components/schemas/Security_Detections_API_RuleName' - namespace: - $ref: >- - #/components/schemas/Security_Detections_API_AlertsIndexNamespace - note: - $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' - outcome: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome - output_index: - $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' - references: - $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' - related_integrations: - $ref: >- - #/components/schemas/Security_Detections_API_RelatedIntegrationArray - required_fields: - items: - $ref: >- - #/components/schemas/Security_Detections_API_RequiredFieldInput - type: array - response_actions: - items: - $ref: '#/components/schemas/Security_Detections_API_ResponseAction' - type: array - risk_score: - $ref: '#/components/schemas/Security_Detections_API_RiskScore' - risk_score_mapping: - $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' - rule_id: - $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' - rule_name_override: - $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' - setup: - $ref: '#/components/schemas/Security_Detections_API_SetupGuide' - severity: - $ref: '#/components/schemas/Security_Detections_API_Severity' - severity_mapping: - $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' - tags: - $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' - threat: - $ref: '#/components/schemas/Security_Detections_API_ThreatArray' - throttle: - $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' - timeline_id: - $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' - timeline_title: - $ref: >- - #/components/schemas/Security_Detections_API_TimelineTemplateTitle - timestamp_override: - $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' - timestamp_override_fallback_disabled: - $ref: >- - #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled - to: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' - version: - $ref: '#/components/schemas/Security_Detections_API_RuleVersion' - required: - - name - - description - - risk_score - - severity - - $ref: >- - #/components/schemas/Security_Detections_API_SavedQueryRuleCreateFields - Security_Detections_API_SetAlertsStatusByIds: - type: object - properties: - signal_ids: - items: - $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' - minItems: 1 - type: array - status: - $ref: '#/components/schemas/Security_Detections_API_AlertStatus' - required: - - signal_ids - - status - Security_Detections_API_SetAlertsStatusByQuery: - type: object - properties: - conflicts: - default: abort - enum: - - abort - - proceed - type: string - query: - additionalProperties: true - type: object - status: - $ref: '#/components/schemas/Security_Detections_API_AlertStatus' - required: - - query - - status - Security_Detections_API_SetAlertTags: - type: object - properties: - tags_to_add: - $ref: '#/components/schemas/Security_Detections_API_AlertTags' - tags_to_remove: - $ref: '#/components/schemas/Security_Detections_API_AlertTags' - required: - - tags_to_add - - tags_to_remove - Security_Detections_API_SetupGuide: - type: string - Security_Detections_API_Severity: - description: Severity of the rule - enum: - - low - - medium - - high - - critical - type: string - Security_Detections_API_SeverityMapping: - description: Overrides generated alerts' severity with values from the source event - items: - type: object - properties: - field: - type: string - operator: - enum: - - equals - type: string - severity: - $ref: '#/components/schemas/Security_Detections_API_Severity' - value: - type: string - required: - - field - - operator - - severity - - value - type: array - Security_Detections_API_SiemErrorResponse: - type: object - properties: - message: - type: string - status_code: - type: integer - required: - - status_code - - message - Security_Detections_API_SortOrder: - enum: - - asc - - desc - type: string - Security_Detections_API_Threat: - type: object - properties: - framework: - description: Relevant attack framework - type: string - tactic: - $ref: '#/components/schemas/Security_Detections_API_ThreatTactic' - technique: - description: Array containing information on the attack techniques (optional) - items: - $ref: '#/components/schemas/Security_Detections_API_ThreatTechnique' - type: array - required: - - framework - - tactic - Security_Detections_API_ThreatArray: - items: - $ref: '#/components/schemas/Security_Detections_API_Threat' - type: array - Security_Detections_API_ThreatFilters: - items: - description: >- - Query and filter context array used to filter documents from the - Elasticsearch index containing the threat values - type: array - Security_Detections_API_ThreatIndex: - items: - type: string - type: array - Security_Detections_API_ThreatIndicatorPath: - description: >- - Defines the path to the threat indicator in the indicator documents - (optional) - type: string - Security_Detections_API_ThreatMapping: - items: - type: object - properties: - entries: - items: - type: object - properties: - field: - $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' - type: - enum: - - mapping - type: string - value: - $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' - required: - - field - - type - - value - type: array - required: - - entries - minItems: 1 - type: array - Security_Detections_API_ThreatMatchRule: - allOf: - - type: object - properties: - actions: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleAction' - type: array - alias_purpose: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose - alias_target_id: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId - author: - $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' - building_block_type: - $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' - description: - $ref: '#/components/schemas/Security_Detections_API_RuleDescription' - enabled: - $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' - exceptions_list: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' - type: array - false_positives: - $ref: >- - #/components/schemas/Security_Detections_API_RuleFalsePositiveArray - from: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' - interval: - $ref: '#/components/schemas/Security_Detections_API_RuleInterval' - investigation_fields: - $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' - license: - $ref: '#/components/schemas/Security_Detections_API_RuleLicense' - max_signals: - $ref: '#/components/schemas/Security_Detections_API_MaxSignals' - meta: - $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' - name: - $ref: '#/components/schemas/Security_Detections_API_RuleName' - namespace: - $ref: >- - #/components/schemas/Security_Detections_API_AlertsIndexNamespace - note: - $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' - outcome: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome - output_index: - $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' - references: - $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' - related_integrations: - $ref: >- - #/components/schemas/Security_Detections_API_RelatedIntegrationArray - required_fields: - items: - $ref: >- - #/components/schemas/Security_Detections_API_RequiredFieldInput - type: array - response_actions: - items: - $ref: '#/components/schemas/Security_Detections_API_ResponseAction' - type: array - risk_score: - $ref: '#/components/schemas/Security_Detections_API_RiskScore' - risk_score_mapping: - $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' - rule_name_override: - $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' - setup: - $ref: '#/components/schemas/Security_Detections_API_SetupGuide' - severity: - $ref: '#/components/schemas/Security_Detections_API_Severity' - severity_mapping: - $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' - tags: - $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' - threat: - $ref: '#/components/schemas/Security_Detections_API_ThreatArray' - throttle: - $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' - timeline_id: - $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' - timeline_title: - $ref: >- - #/components/schemas/Security_Detections_API_TimelineTemplateTitle - timestamp_override: - $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' - timestamp_override_fallback_disabled: - $ref: >- - #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled - to: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' - version: - $ref: '#/components/schemas/Security_Detections_API_RuleVersion' - required: - - name - - description - - risk_score - - severity - - version - - tags - - enabled - - risk_score_mapping - - severity_mapping - - interval - - from - - to - - actions - - exceptions_list - - author - - false_positives - - references - - max_signals - - threat - - setup - - related_integrations - - required_fields - - $ref: '#/components/schemas/Security_Detections_API_ResponseFields' - - $ref: >- - #/components/schemas/Security_Detections_API_ThreatMatchRuleResponseFields - Security_Detections_API_ThreatMatchRuleCreateFields: - allOf: - - $ref: >- - #/components/schemas/Security_Detections_API_ThreatMatchRuleRequiredFields - - $ref: >- - #/components/schemas/Security_Detections_API_ThreatMatchRuleOptionalFields - - $ref: >- - #/components/schemas/Security_Detections_API_ThreatMatchRuleDefaultableFields - Security_Detections_API_ThreatMatchRuleCreateProps: - allOf: - - type: object - properties: - actions: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleAction' - type: array - alias_purpose: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose - alias_target_id: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId - author: - $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' - building_block_type: - $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' - description: - $ref: '#/components/schemas/Security_Detections_API_RuleDescription' - enabled: - $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' - exceptions_list: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' - type: array - false_positives: - $ref: >- - #/components/schemas/Security_Detections_API_RuleFalsePositiveArray - from: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' - interval: - $ref: '#/components/schemas/Security_Detections_API_RuleInterval' - investigation_fields: - $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' - license: - $ref: '#/components/schemas/Security_Detections_API_RuleLicense' - max_signals: - $ref: '#/components/schemas/Security_Detections_API_MaxSignals' - meta: - $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' - name: - $ref: '#/components/schemas/Security_Detections_API_RuleName' - namespace: - $ref: >- - #/components/schemas/Security_Detections_API_AlertsIndexNamespace - note: - $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' - outcome: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome - output_index: - $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' - references: - $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' - related_integrations: - $ref: >- - #/components/schemas/Security_Detections_API_RelatedIntegrationArray - required_fields: - items: - $ref: >- - #/components/schemas/Security_Detections_API_RequiredFieldInput - type: array - response_actions: - items: - $ref: '#/components/schemas/Security_Detections_API_ResponseAction' - type: array - risk_score: - $ref: '#/components/schemas/Security_Detections_API_RiskScore' - risk_score_mapping: - $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' - rule_id: - $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' - rule_name_override: - $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' - setup: - $ref: '#/components/schemas/Security_Detections_API_SetupGuide' - severity: - $ref: '#/components/schemas/Security_Detections_API_Severity' - severity_mapping: - $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' - tags: - $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' - threat: - $ref: '#/components/schemas/Security_Detections_API_ThreatArray' - throttle: - $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' - timeline_id: - $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' - timeline_title: - $ref: >- - #/components/schemas/Security_Detections_API_TimelineTemplateTitle - timestamp_override: - $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' - timestamp_override_fallback_disabled: - $ref: >- - #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled - to: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' - version: - $ref: '#/components/schemas/Security_Detections_API_RuleVersion' - required: - - name - - description - - risk_score - - severity - - $ref: >- - #/components/schemas/Security_Detections_API_ThreatMatchRuleCreateFields - Security_Detections_API_ThreatMatchRuleDefaultableFields: - type: object - properties: - language: - $ref: '#/components/schemas/Security_Detections_API_KqlQueryLanguage' - Security_Detections_API_ThreatMatchRuleOptionalFields: - type: object - properties: - alert_suppression: - $ref: '#/components/schemas/Security_Detections_API_AlertSuppression' - concurrent_searches: - $ref: '#/components/schemas/Security_Detections_API_ConcurrentSearches' - data_view_id: - $ref: '#/components/schemas/Security_Detections_API_DataViewId' - filters: - $ref: '#/components/schemas/Security_Detections_API_RuleFilterArray' - index: - $ref: '#/components/schemas/Security_Detections_API_IndexPatternArray' - items_per_search: - $ref: '#/components/schemas/Security_Detections_API_ItemsPerSearch' - saved_id: - $ref: '#/components/schemas/Security_Detections_API_SavedQueryId' - threat_filters: - $ref: '#/components/schemas/Security_Detections_API_ThreatFilters' - threat_indicator_path: - $ref: '#/components/schemas/Security_Detections_API_ThreatIndicatorPath' - threat_language: - $ref: '#/components/schemas/Security_Detections_API_KqlQueryLanguage' - Security_Detections_API_ThreatMatchRulePatchFields: - allOf: - - type: object - properties: - query: - $ref: '#/components/schemas/Security_Detections_API_RuleQuery' - threat_index: - $ref: '#/components/schemas/Security_Detections_API_ThreatIndex' - threat_mapping: - $ref: '#/components/schemas/Security_Detections_API_ThreatMapping' - threat_query: - $ref: '#/components/schemas/Security_Detections_API_ThreatQuery' - type: - description: Rule type - enum: - - threat_match - type: string - - $ref: >- - #/components/schemas/Security_Detections_API_ThreatMatchRuleOptionalFields - - $ref: >- - #/components/schemas/Security_Detections_API_ThreatMatchRuleDefaultableFields - Security_Detections_API_ThreatMatchRulePatchProps: - allOf: - - type: object - properties: - actions: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleAction' - type: array - alias_purpose: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose - alias_target_id: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId - author: - $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' - building_block_type: - $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' - description: - $ref: '#/components/schemas/Security_Detections_API_RuleDescription' - enabled: - $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' - exceptions_list: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' - type: array - false_positives: - $ref: >- - #/components/schemas/Security_Detections_API_RuleFalsePositiveArray - from: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' - id: - $ref: '#/components/schemas/Security_Detections_API_RuleObjectId' - interval: - $ref: '#/components/schemas/Security_Detections_API_RuleInterval' - investigation_fields: - $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' - license: - $ref: '#/components/schemas/Security_Detections_API_RuleLicense' - max_signals: - $ref: '#/components/schemas/Security_Detections_API_MaxSignals' - meta: - $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' - name: - $ref: '#/components/schemas/Security_Detections_API_RuleName' - namespace: - $ref: >- - #/components/schemas/Security_Detections_API_AlertsIndexNamespace - note: - $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' - outcome: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome - output_index: - $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' - references: - $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' - related_integrations: - $ref: >- - #/components/schemas/Security_Detections_API_RelatedIntegrationArray - required_fields: - items: - $ref: >- - #/components/schemas/Security_Detections_API_RequiredFieldInput - type: array - response_actions: - items: - $ref: '#/components/schemas/Security_Detections_API_ResponseAction' - type: array - risk_score: - $ref: '#/components/schemas/Security_Detections_API_RiskScore' - risk_score_mapping: - $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' - rule_id: - $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' - rule_name_override: - $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' - setup: - $ref: '#/components/schemas/Security_Detections_API_SetupGuide' - severity: - $ref: '#/components/schemas/Security_Detections_API_Severity' - severity_mapping: - $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' - tags: - $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' - threat: - $ref: '#/components/schemas/Security_Detections_API_ThreatArray' - throttle: - $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' - timeline_id: - $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' - timeline_title: - $ref: >- - #/components/schemas/Security_Detections_API_TimelineTemplateTitle - timestamp_override: - $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' - timestamp_override_fallback_disabled: - $ref: >- - #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled - to: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' - version: - $ref: '#/components/schemas/Security_Detections_API_RuleVersion' - - $ref: >- - #/components/schemas/Security_Detections_API_ThreatMatchRulePatchFields - Security_Detections_API_ThreatMatchRuleRequiredFields: - type: object - properties: - query: - $ref: '#/components/schemas/Security_Detections_API_RuleQuery' - threat_index: - $ref: '#/components/schemas/Security_Detections_API_ThreatIndex' - threat_mapping: - $ref: '#/components/schemas/Security_Detections_API_ThreatMapping' - threat_query: - $ref: '#/components/schemas/Security_Detections_API_ThreatQuery' - type: - description: Rule type - enum: - - threat_match - type: string - required: - - type - - query - - threat_query - - threat_mapping - - threat_index - Security_Detections_API_ThreatMatchRuleResponseFields: - allOf: - - $ref: >- - #/components/schemas/Security_Detections_API_ThreatMatchRuleRequiredFields - - $ref: >- - #/components/schemas/Security_Detections_API_ThreatMatchRuleOptionalFields - - type: object - properties: - language: - $ref: '#/components/schemas/Security_Detections_API_KqlQueryLanguage' - required: - - language - Security_Detections_API_ThreatMatchRuleUpdateProps: - allOf: - - type: object - properties: - actions: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleAction' - type: array - alias_purpose: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose - alias_target_id: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId - author: - $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' - building_block_type: - $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' - description: - $ref: '#/components/schemas/Security_Detections_API_RuleDescription' - enabled: - $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' - exceptions_list: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' - type: array - false_positives: - $ref: >- - #/components/schemas/Security_Detections_API_RuleFalsePositiveArray - from: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' - id: - $ref: '#/components/schemas/Security_Detections_API_RuleObjectId' - interval: - $ref: '#/components/schemas/Security_Detections_API_RuleInterval' - investigation_fields: - $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' - license: - $ref: '#/components/schemas/Security_Detections_API_RuleLicense' - max_signals: - $ref: '#/components/schemas/Security_Detections_API_MaxSignals' - meta: - $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' - name: - $ref: '#/components/schemas/Security_Detections_API_RuleName' - namespace: - $ref: >- - #/components/schemas/Security_Detections_API_AlertsIndexNamespace - note: - $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' - outcome: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome - output_index: - $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' - references: - $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' - related_integrations: - $ref: >- - #/components/schemas/Security_Detections_API_RelatedIntegrationArray - required_fields: - items: - $ref: >- - #/components/schemas/Security_Detections_API_RequiredFieldInput - type: array - response_actions: - items: - $ref: '#/components/schemas/Security_Detections_API_ResponseAction' - type: array - risk_score: - $ref: '#/components/schemas/Security_Detections_API_RiskScore' - risk_score_mapping: - $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' - rule_id: - $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' - rule_name_override: - $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' - setup: - $ref: '#/components/schemas/Security_Detections_API_SetupGuide' - severity: - $ref: '#/components/schemas/Security_Detections_API_Severity' - severity_mapping: - $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' - tags: - $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' - threat: - $ref: '#/components/schemas/Security_Detections_API_ThreatArray' - throttle: - $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' - timeline_id: - $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' - timeline_title: - $ref: >- - #/components/schemas/Security_Detections_API_TimelineTemplateTitle - timestamp_override: - $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' - timestamp_override_fallback_disabled: - $ref: >- - #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled - to: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' - version: - $ref: '#/components/schemas/Security_Detections_API_RuleVersion' - required: - - name - - description - - risk_score - - severity - - $ref: >- - #/components/schemas/Security_Detections_API_ThreatMatchRuleCreateFields - Security_Detections_API_ThreatQuery: - description: Query to run - type: string - Security_Detections_API_ThreatSubtechnique: - type: object - properties: - id: - description: Subtechnique ID - type: string - name: - description: Subtechnique name - type: string - reference: - description: Subtechnique reference - type: string - required: - - id - - name - - reference - Security_Detections_API_ThreatTactic: - type: object - properties: - id: - description: Tactic ID - type: string - name: - description: Tactic name - type: string - reference: - description: Tactic reference - type: string - required: - - id - - name - - reference - Security_Detections_API_ThreatTechnique: - type: object - properties: - id: - description: Technique ID - type: string - name: - description: Technique name - type: string - reference: - description: Technique reference - type: string - subtechnique: - description: Array containing more specific information on the attack technique - items: - $ref: '#/components/schemas/Security_Detections_API_ThreatSubtechnique' - type: array - required: - - id - - name - - reference - Security_Detections_API_Threshold: - type: object - properties: - cardinality: - $ref: '#/components/schemas/Security_Detections_API_ThresholdCardinality' - field: - $ref: '#/components/schemas/Security_Detections_API_ThresholdField' - value: - $ref: '#/components/schemas/Security_Detections_API_ThresholdValue' - required: - - field - - value - Security_Detections_API_ThresholdAlertSuppression: - type: object - properties: - duration: - $ref: >- - #/components/schemas/Security_Detections_API_AlertSuppressionDuration - required: - - duration - Security_Detections_API_ThresholdCardinality: - items: - type: object - properties: - field: - type: string - value: - minimum: 0 - type: integer - required: - - field - - value - type: array - Security_Detections_API_ThresholdField: - description: Field to aggregate on - oneOf: - - type: string - - items: - type: string - type: array - Security_Detections_API_ThresholdRule: - allOf: - - type: object - properties: - actions: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleAction' - type: array - alias_purpose: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose - alias_target_id: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId - author: - $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' - building_block_type: - $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' - description: - $ref: '#/components/schemas/Security_Detections_API_RuleDescription' - enabled: - $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' - exceptions_list: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' - type: array - false_positives: - $ref: >- - #/components/schemas/Security_Detections_API_RuleFalsePositiveArray - from: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' - interval: - $ref: '#/components/schemas/Security_Detections_API_RuleInterval' - investigation_fields: - $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' - license: - $ref: '#/components/schemas/Security_Detections_API_RuleLicense' - max_signals: - $ref: '#/components/schemas/Security_Detections_API_MaxSignals' - meta: - $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' - name: - $ref: '#/components/schemas/Security_Detections_API_RuleName' - namespace: - $ref: >- - #/components/schemas/Security_Detections_API_AlertsIndexNamespace - note: - $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' - outcome: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome - output_index: - $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' - references: - $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' - related_integrations: - $ref: >- - #/components/schemas/Security_Detections_API_RelatedIntegrationArray - required_fields: - items: - $ref: >- - #/components/schemas/Security_Detections_API_RequiredFieldInput - type: array - response_actions: - items: - $ref: '#/components/schemas/Security_Detections_API_ResponseAction' - type: array - risk_score: - $ref: '#/components/schemas/Security_Detections_API_RiskScore' - risk_score_mapping: - $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' - rule_name_override: - $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' - setup: - $ref: '#/components/schemas/Security_Detections_API_SetupGuide' - severity: - $ref: '#/components/schemas/Security_Detections_API_Severity' - severity_mapping: - $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' - tags: - $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' - threat: - $ref: '#/components/schemas/Security_Detections_API_ThreatArray' - throttle: - $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' - timeline_id: - $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' - timeline_title: - $ref: >- - #/components/schemas/Security_Detections_API_TimelineTemplateTitle - timestamp_override: - $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' - timestamp_override_fallback_disabled: - $ref: >- - #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled - to: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' - version: - $ref: '#/components/schemas/Security_Detections_API_RuleVersion' - required: - - name - - description - - risk_score - - severity - - version - - tags - - enabled - - risk_score_mapping - - severity_mapping - - interval - - from - - to - - actions - - exceptions_list - - author - - false_positives - - references - - max_signals - - threat - - setup - - related_integrations - - required_fields - - $ref: '#/components/schemas/Security_Detections_API_ResponseFields' - - $ref: >- - #/components/schemas/Security_Detections_API_ThresholdRuleResponseFields - Security_Detections_API_ThresholdRuleCreateFields: - allOf: - - $ref: >- - #/components/schemas/Security_Detections_API_ThresholdRuleRequiredFields - - $ref: >- - #/components/schemas/Security_Detections_API_ThresholdRuleOptionalFields - - $ref: >- - #/components/schemas/Security_Detections_API_ThresholdRuleDefaultableFields - Security_Detections_API_ThresholdRuleCreateProps: - allOf: - - type: object - properties: - actions: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleAction' - type: array - alias_purpose: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose - alias_target_id: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId - author: - $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' - building_block_type: - $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' - description: - $ref: '#/components/schemas/Security_Detections_API_RuleDescription' - enabled: - $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' - exceptions_list: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' - type: array - false_positives: - $ref: >- - #/components/schemas/Security_Detections_API_RuleFalsePositiveArray - from: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' - interval: - $ref: '#/components/schemas/Security_Detections_API_RuleInterval' - investigation_fields: - $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' - license: - $ref: '#/components/schemas/Security_Detections_API_RuleLicense' - max_signals: - $ref: '#/components/schemas/Security_Detections_API_MaxSignals' - meta: - $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' - name: - $ref: '#/components/schemas/Security_Detections_API_RuleName' - namespace: - $ref: >- - #/components/schemas/Security_Detections_API_AlertsIndexNamespace - note: - $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' - outcome: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome - output_index: - $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' - references: - $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' - related_integrations: - $ref: >- - #/components/schemas/Security_Detections_API_RelatedIntegrationArray - required_fields: - items: - $ref: >- - #/components/schemas/Security_Detections_API_RequiredFieldInput - type: array - response_actions: - items: - $ref: '#/components/schemas/Security_Detections_API_ResponseAction' - type: array - risk_score: - $ref: '#/components/schemas/Security_Detections_API_RiskScore' - risk_score_mapping: - $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' - rule_id: - $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' - rule_name_override: - $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' - setup: - $ref: '#/components/schemas/Security_Detections_API_SetupGuide' - severity: - $ref: '#/components/schemas/Security_Detections_API_Severity' - severity_mapping: - $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' - tags: - $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' - threat: - $ref: '#/components/schemas/Security_Detections_API_ThreatArray' - throttle: - $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' - timeline_id: - $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' - timeline_title: - $ref: >- - #/components/schemas/Security_Detections_API_TimelineTemplateTitle - timestamp_override: - $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' - timestamp_override_fallback_disabled: - $ref: >- - #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled - to: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' - version: - $ref: '#/components/schemas/Security_Detections_API_RuleVersion' - required: - - name - - description - - risk_score - - severity - - $ref: >- - #/components/schemas/Security_Detections_API_ThresholdRuleCreateFields - Security_Detections_API_ThresholdRuleDefaultableFields: - type: object - properties: - language: - $ref: '#/components/schemas/Security_Detections_API_KqlQueryLanguage' - Security_Detections_API_ThresholdRuleOptionalFields: - type: object - properties: - alert_suppression: - $ref: >- - #/components/schemas/Security_Detections_API_ThresholdAlertSuppression - data_view_id: - $ref: '#/components/schemas/Security_Detections_API_DataViewId' - filters: - $ref: '#/components/schemas/Security_Detections_API_RuleFilterArray' - index: - $ref: '#/components/schemas/Security_Detections_API_IndexPatternArray' - saved_id: - $ref: '#/components/schemas/Security_Detections_API_SavedQueryId' - Security_Detections_API_ThresholdRulePatchFields: - allOf: - - type: object - properties: - query: - $ref: '#/components/schemas/Security_Detections_API_RuleQuery' - threshold: - $ref: '#/components/schemas/Security_Detections_API_Threshold' - type: - description: Rule type - enum: - - threshold - type: string - - $ref: >- - #/components/schemas/Security_Detections_API_ThresholdRuleOptionalFields - - $ref: >- - #/components/schemas/Security_Detections_API_ThresholdRuleDefaultableFields - Security_Detections_API_ThresholdRulePatchProps: - allOf: - - type: object - properties: - actions: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleAction' - type: array - alias_purpose: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose - alias_target_id: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId - author: - $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' - building_block_type: - $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' - description: - $ref: '#/components/schemas/Security_Detections_API_RuleDescription' - enabled: - $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' - exceptions_list: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' - type: array - false_positives: - $ref: >- - #/components/schemas/Security_Detections_API_RuleFalsePositiveArray - from: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' - id: - $ref: '#/components/schemas/Security_Detections_API_RuleObjectId' - interval: - $ref: '#/components/schemas/Security_Detections_API_RuleInterval' - investigation_fields: - $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' - license: - $ref: '#/components/schemas/Security_Detections_API_RuleLicense' - max_signals: - $ref: '#/components/schemas/Security_Detections_API_MaxSignals' - meta: - $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' - name: - $ref: '#/components/schemas/Security_Detections_API_RuleName' - namespace: - $ref: >- - #/components/schemas/Security_Detections_API_AlertsIndexNamespace - note: - $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' - outcome: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome - output_index: - $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' - references: - $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' - related_integrations: - $ref: >- - #/components/schemas/Security_Detections_API_RelatedIntegrationArray - required_fields: - items: - $ref: >- - #/components/schemas/Security_Detections_API_RequiredFieldInput - type: array - response_actions: - items: - $ref: '#/components/schemas/Security_Detections_API_ResponseAction' - type: array - risk_score: - $ref: '#/components/schemas/Security_Detections_API_RiskScore' - risk_score_mapping: - $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' - rule_id: - $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' - rule_name_override: - $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' - setup: - $ref: '#/components/schemas/Security_Detections_API_SetupGuide' - severity: - $ref: '#/components/schemas/Security_Detections_API_Severity' - severity_mapping: - $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' - tags: - $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' - threat: - $ref: '#/components/schemas/Security_Detections_API_ThreatArray' - throttle: - $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' - timeline_id: - $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' - timeline_title: - $ref: >- - #/components/schemas/Security_Detections_API_TimelineTemplateTitle - timestamp_override: - $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' - timestamp_override_fallback_disabled: - $ref: >- - #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled - to: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' - version: - $ref: '#/components/schemas/Security_Detections_API_RuleVersion' - - $ref: >- - #/components/schemas/Security_Detections_API_ThresholdRulePatchFields - Security_Detections_API_ThresholdRuleRequiredFields: - type: object - properties: - query: - $ref: '#/components/schemas/Security_Detections_API_RuleQuery' - threshold: - $ref: '#/components/schemas/Security_Detections_API_Threshold' - type: - description: Rule type - enum: - - threshold - type: string - required: - - type - - query - - threshold - Security_Detections_API_ThresholdRuleResponseFields: - allOf: - - $ref: >- - #/components/schemas/Security_Detections_API_ThresholdRuleRequiredFields - - $ref: >- - #/components/schemas/Security_Detections_API_ThresholdRuleOptionalFields - - type: object - properties: - language: - $ref: '#/components/schemas/Security_Detections_API_KqlQueryLanguage' - required: - - language - Security_Detections_API_ThresholdRuleUpdateProps: - allOf: - - type: object - properties: - actions: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleAction' - type: array - alias_purpose: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose - alias_target_id: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId - author: - $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' - building_block_type: - $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' - description: - $ref: '#/components/schemas/Security_Detections_API_RuleDescription' - enabled: - $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' - exceptions_list: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' - type: array - false_positives: - $ref: >- - #/components/schemas/Security_Detections_API_RuleFalsePositiveArray - from: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' - id: - $ref: '#/components/schemas/Security_Detections_API_RuleObjectId' - interval: - $ref: '#/components/schemas/Security_Detections_API_RuleInterval' - investigation_fields: - $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' - license: - $ref: '#/components/schemas/Security_Detections_API_RuleLicense' - max_signals: - $ref: '#/components/schemas/Security_Detections_API_MaxSignals' - meta: - $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' - name: - $ref: '#/components/schemas/Security_Detections_API_RuleName' - namespace: - $ref: >- - #/components/schemas/Security_Detections_API_AlertsIndexNamespace - note: - $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' - outcome: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome - output_index: - $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' - references: - $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' - related_integrations: - $ref: >- - #/components/schemas/Security_Detections_API_RelatedIntegrationArray - required_fields: - items: - $ref: >- - #/components/schemas/Security_Detections_API_RequiredFieldInput - type: array - response_actions: - items: - $ref: '#/components/schemas/Security_Detections_API_ResponseAction' - type: array - risk_score: - $ref: '#/components/schemas/Security_Detections_API_RiskScore' - risk_score_mapping: - $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' - rule_id: - $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' - rule_name_override: - $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' - setup: - $ref: '#/components/schemas/Security_Detections_API_SetupGuide' - severity: - $ref: '#/components/schemas/Security_Detections_API_Severity' - severity_mapping: - $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' - tags: - $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' - threat: - $ref: '#/components/schemas/Security_Detections_API_ThreatArray' - throttle: - $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' - timeline_id: - $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' - timeline_title: - $ref: >- - #/components/schemas/Security_Detections_API_TimelineTemplateTitle - timestamp_override: - $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' - timestamp_override_fallback_disabled: - $ref: >- - #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled - to: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' - version: - $ref: '#/components/schemas/Security_Detections_API_RuleVersion' - required: - - name - - description - - risk_score - - severity - - $ref: >- - #/components/schemas/Security_Detections_API_ThresholdRuleCreateFields - Security_Detections_API_ThresholdValue: - description: Threshold value - minimum: 1 - type: integer - Security_Detections_API_ThrottleForBulkActions: - description: >- - The condition for throttling the notification: 'rule', 'no_actions', or - time duration - enum: - - rule - - 1h - - 1d - - 7d - type: string - Security_Detections_API_TiebreakerField: - description: Sets a secondary field for sorting events - type: string - Security_Detections_API_TimelineTemplateId: - description: Timeline template ID - type: string - Security_Detections_API_TimelineTemplateTitle: - description: Timeline template title - type: string - Security_Detections_API_TimestampField: - description: Contains the event timestamp used for sorting a sequence of events - type: string - Security_Detections_API_TimestampOverride: - description: Sets the time field used to query indices - type: string - Security_Detections_API_TimestampOverrideFallbackDisabled: - description: Disables the fallback to the event's @timestamp field - type: boolean - Security_Detections_API_UUID: - description: A universally unique identifier - format: uuid - type: string - Security_Detections_API_WarningSchema: - type: object - properties: - actionPath: - type: string - buttonLabel: - type: string - message: - type: string - type: - type: string - required: - - type - - message - - actionPath - Security_Endpoint_Exceptions_API_EndpointList: - oneOf: - - $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_ExceptionList' - - additionalProperties: false - type: object - Security_Endpoint_Exceptions_API_EndpointListItem: - $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItem' - Security_Endpoint_Exceptions_API_ExceptionList: - type: object - properties: - _version: - type: string - created_at: - format: date-time - type: string - created_by: - type: string - description: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListDescription - id: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListId - immutable: - type: boolean - list_id: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListHumanId - meta: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListMeta - name: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListName - namespace_type: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionNamespaceType - os_types: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListOsTypeArray - tags: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListTags - tie_breaker_id: - type: string - type: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListType - updated_at: - format: date-time - type: string - updated_by: - type: string - version: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListVersion - required: - - id - - list_id - - type - - name - - description - - immutable - - namespace_type - - version - - tie_breaker_id - - created_at - - created_by - - updated_at - - updated_by - Security_Endpoint_Exceptions_API_ExceptionListDescription: - type: string - Security_Endpoint_Exceptions_API_ExceptionListHumanId: - $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_NonEmptyString' - description: Human readable string identifier, e.g. `trusted-linux-processes` - Security_Endpoint_Exceptions_API_ExceptionListId: - $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_NonEmptyString' - Security_Endpoint_Exceptions_API_ExceptionListItem: - type: object - properties: - _version: - type: string - comments: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemCommentArray - created_at: - format: date-time - type: string - created_by: - type: string - description: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemDescription - entries: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemEntryArray - expire_time: - format: date-time - type: string - id: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemId - item_id: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemHumanId - list_id: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListHumanId - meta: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemMeta - name: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemName - namespace_type: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionNamespaceType - os_types: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemOsTypeArray - tags: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemTags - tie_breaker_id: - type: string - type: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemType - updated_at: - format: date-time - type: string - updated_by: - type: string - required: - - id - - item_id - - list_id - - type - - name - - description - - entries - - namespace_type - - comments - - tie_breaker_id - - created_at - - created_by - - updated_at - - updated_by - Security_Endpoint_Exceptions_API_ExceptionListItemComment: - type: object - properties: - comment: - $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_NonEmptyString' - created_at: - format: date-time - type: string - created_by: - $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_NonEmptyString' - id: - $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_NonEmptyString' - updated_at: - format: date-time - type: string - updated_by: - $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_NonEmptyString' - required: - - id - - comment - - created_at - - created_by - Security_Endpoint_Exceptions_API_ExceptionListItemCommentArray: - items: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemComment - type: array - Security_Endpoint_Exceptions_API_ExceptionListItemDescription: - type: string - Security_Endpoint_Exceptions_API_ExceptionListItemEntry: - anyOf: - - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemEntryMatch - - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemEntryMatchAny - - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemEntryList - - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemEntryExists - - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemEntryNested - - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemEntryMatchWildcard - discriminator: - propertyName: type - Security_Endpoint_Exceptions_API_ExceptionListItemEntryArray: - items: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemEntry - type: array - Security_Endpoint_Exceptions_API_ExceptionListItemEntryExists: - type: object - properties: - field: - $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_NonEmptyString' - operator: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemEntryOperator - type: - enum: - - exists - type: string - required: - - type - - field - - operator - Security_Endpoint_Exceptions_API_ExceptionListItemEntryList: - type: object - properties: - field: - $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_NonEmptyString' - list: - type: object - properties: - id: - $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_ListId' - type: - $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_ListType' - required: - - id - - type - operator: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemEntryOperator - type: - enum: - - list - type: string - required: - - type - - field - - list - - operator - Security_Endpoint_Exceptions_API_ExceptionListItemEntryMatch: - type: object - properties: - field: - $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_NonEmptyString' - operator: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemEntryOperator - type: - enum: - - match - type: string - value: - $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_NonEmptyString' - required: - - type - - field - - value - - operator - Security_Endpoint_Exceptions_API_ExceptionListItemEntryMatchAny: - type: object - properties: - field: - $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_NonEmptyString' - operator: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemEntryOperator - type: - enum: - - match_any - type: string - value: - items: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_NonEmptyString - minItems: 1 - type: array - required: - - type - - field - - value - - operator - Security_Endpoint_Exceptions_API_ExceptionListItemEntryMatchWildcard: - type: object - properties: - field: - $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_NonEmptyString' - operator: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemEntryOperator - type: - enum: - - wildcard - type: string - value: - $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_NonEmptyString' - required: - - type - - field - - value - - operator - Security_Endpoint_Exceptions_API_ExceptionListItemEntryNested: - type: object - properties: - entries: - items: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemEntryNestedEntryItem - minItems: 1 - type: array - field: - $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_NonEmptyString' - type: - enum: - - nested - type: string - required: - - type - - field - - entries - Security_Endpoint_Exceptions_API_ExceptionListItemEntryNestedEntryItem: - oneOf: - - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemEntryMatch - - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemEntryMatchAny - - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemEntryExists - Security_Endpoint_Exceptions_API_ExceptionListItemEntryOperator: - enum: - - excluded - - included - type: string - Security_Endpoint_Exceptions_API_ExceptionListItemHumanId: - $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_NonEmptyString' - Security_Endpoint_Exceptions_API_ExceptionListItemId: - $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_NonEmptyString' - Security_Endpoint_Exceptions_API_ExceptionListItemMeta: - additionalProperties: true - type: object - Security_Endpoint_Exceptions_API_ExceptionListItemName: - $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_NonEmptyString' - Security_Endpoint_Exceptions_API_ExceptionListItemOsTypeArray: - items: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListOsType - type: array - Security_Endpoint_Exceptions_API_ExceptionListItemTags: - items: - $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_NonEmptyString' - type: array - Security_Endpoint_Exceptions_API_ExceptionListItemType: - enum: - - simple - type: string - Security_Endpoint_Exceptions_API_ExceptionListMeta: - additionalProperties: true - type: object - Security_Endpoint_Exceptions_API_ExceptionListName: - type: string - Security_Endpoint_Exceptions_API_ExceptionListOsType: - enum: - - linux - - macos - - windows - type: string - Security_Endpoint_Exceptions_API_ExceptionListOsTypeArray: - items: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListOsType - type: array - Security_Endpoint_Exceptions_API_ExceptionListTags: - items: - type: string - type: array - Security_Endpoint_Exceptions_API_ExceptionListType: - enum: - - detection - - rule_default - - endpoint - - endpoint_trusted_apps - - endpoint_events - - endpoint_host_isolation_exceptions - - endpoint_blocklists - type: string - Security_Endpoint_Exceptions_API_ExceptionListVersion: - minimum: 1 - type: integer - Security_Endpoint_Exceptions_API_ExceptionNamespaceType: - description: > - Determines whether the exception container is available in all Kibana - spaces or just the space - - in which it is created, where: - - - - `single`: Only available in the Kibana space in which it is created. - - - `agnostic`: Available in all Kibana spaces. - enum: - - agnostic - - single - type: string - Security_Endpoint_Exceptions_API_FindEndpointListItemsFilter: - $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_NonEmptyString' - Security_Endpoint_Exceptions_API_ListId: - $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_NonEmptyString' - Security_Endpoint_Exceptions_API_ListType: - enum: - - binary - - boolean - - byte - - date - - date_nanos - - date_range - - double - - double_range - - float - - float_range - - geo_point - - geo_shape - - half_float - - integer - - integer_range - - ip - - ip_range - - keyword - - long - - long_range - - shape - - short - - text - type: string - Security_Endpoint_Exceptions_API_NonEmptyString: - description: A string that is not empty and does not contain only whitespace - minLength: 1 - pattern: ^(?! *$).+$ - type: string - Security_Endpoint_Exceptions_API_PlatformErrorResponse: - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: integer - required: - - statusCode - - error - - message - Security_Endpoint_Exceptions_API_SiemErrorResponse: - type: object - properties: - message: - type: string - status_code: - type: integer - required: - - status_code - - message - Security_Endpoint_Management_API_ActionLogRequestQuery: - type: object - properties: - end_date: - $ref: '#/components/schemas/Security_Endpoint_Management_API_EndDate' - page: - $ref: '#/components/schemas/Security_Endpoint_Management_API_Page' - page_size: - $ref: '#/components/schemas/Security_Endpoint_Management_API_PageSize' - start_date: - $ref: '#/components/schemas/Security_Endpoint_Management_API_StartDate' - Security_Endpoint_Management_API_ActionStateSuccessResponse: - type: object - properties: - body: - type: object - properties: - data: - type: object - properties: - canEncrypt: - type: boolean - required: - - data - required: - - body - Security_Endpoint_Management_API_ActionStatusSuccessResponse: - type: object - properties: - body: - type: object - properties: - data: - type: object - properties: - agent_id: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_AgentId - pending_actions: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_PendingActionsSchema - required: - - agent_id - - pending_actions - required: - - data - required: - - body - Security_Endpoint_Management_API_AgentId: - description: Agent ID - type: string - Security_Endpoint_Management_API_AgentIds: - minLength: 1 - oneOf: - - items: - minLength: 1 - type: string - maxItems: 50 - minItems: 1 - type: array - - minLength: 1 - type: string - Security_Endpoint_Management_API_AgentTypes: - enum: - - endpoint - - sentinel_one - - crowdstrike - type: string - Security_Endpoint_Management_API_AlertIds: - description: A list of alerts ids. - items: - $ref: '#/components/schemas/Security_Endpoint_Management_API_NonEmptyString' - minItems: 1 - type: array - Security_Endpoint_Management_API_CaseIds: - description: Case IDs to be updated (cannot contain empty strings) - items: - minLength: 1 - type: string - minItems: 1 - type: array - Security_Endpoint_Management_API_Command: - description: The command to be executed (cannot be an empty string) - enum: - - isolate - - unisolate - - kill-process - - suspend-process - - running-processes - - get-file - - execute - - upload - - scan - minLength: 1 - type: string - Security_Endpoint_Management_API_Commands: - items: - $ref: '#/components/schemas/Security_Endpoint_Management_API_Command' - type: array - Security_Endpoint_Management_API_Comment: - description: Optional comment - type: string - Security_Endpoint_Management_API_EndDate: - description: End date - type: string - Security_Endpoint_Management_API_EndpointIds: - description: List of endpoint IDs (cannot contain empty strings) - items: - minLength: 1 - type: string - minItems: 1 - type: array - Security_Endpoint_Management_API_EntityId: - type: object - properties: - entity_id: - minLength: 1 - type: string - Security_Endpoint_Management_API_ExecuteRouteRequestBody: - allOf: - - type: object - properties: - agent_type: - $ref: '#/components/schemas/Security_Endpoint_Management_API_AgentTypes' - alert_ids: - $ref: '#/components/schemas/Security_Endpoint_Management_API_AlertIds' - case_ids: - $ref: '#/components/schemas/Security_Endpoint_Management_API_CaseIds' - comment: - $ref: '#/components/schemas/Security_Endpoint_Management_API_Comment' - endpoint_ids: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_EndpointIds - parameters: - $ref: '#/components/schemas/Security_Endpoint_Management_API_Parameters' - required: - - endpoint_ids - - type: object - properties: - parameters: - type: object - properties: - command: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_Command - timeout: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_Timeout - required: - - command - required: - - parameters - Security_Endpoint_Management_API_GetEndpointActionListRouteQuery: - type: object - properties: - agentIds: - $ref: '#/components/schemas/Security_Endpoint_Management_API_AgentIds' - agentTypes: - $ref: '#/components/schemas/Security_Endpoint_Management_API_AgentTypes' - commands: - $ref: '#/components/schemas/Security_Endpoint_Management_API_Commands' - endDate: - $ref: '#/components/schemas/Security_Endpoint_Management_API_EndDate' - page: - $ref: '#/components/schemas/Security_Endpoint_Management_API_Page' - pageSize: - default: 10 - description: Number of items per page - maximum: 10000 - minimum: 1 - type: integer - startDate: - $ref: '#/components/schemas/Security_Endpoint_Management_API_StartDate' - types: - $ref: '#/components/schemas/Security_Endpoint_Management_API_Types' - userIds: - $ref: '#/components/schemas/Security_Endpoint_Management_API_UserIds' - withOutputs: - $ref: '#/components/schemas/Security_Endpoint_Management_API_WithOutputs' - Security_Endpoint_Management_API_GetFileRouteRequestBody: - allOf: - - type: object - properties: - agent_type: - $ref: '#/components/schemas/Security_Endpoint_Management_API_AgentTypes' - alert_ids: - $ref: '#/components/schemas/Security_Endpoint_Management_API_AlertIds' - case_ids: - $ref: '#/components/schemas/Security_Endpoint_Management_API_CaseIds' - comment: - $ref: '#/components/schemas/Security_Endpoint_Management_API_Comment' - endpoint_ids: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_EndpointIds - parameters: - $ref: '#/components/schemas/Security_Endpoint_Management_API_Parameters' - required: - - endpoint_ids - - type: object - properties: - parameters: - type: object - properties: - path: - type: string - required: - - path - required: - - parameters - Security_Endpoint_Management_API_GetProcessesRouteRequestBody: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_NoParametersRequestSchema - Security_Endpoint_Management_API_IsolateRouteRequestBody: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_NoParametersRequestSchema - Security_Endpoint_Management_API_KillProcessRouteRequestBody: - allOf: - - type: object - properties: - agent_type: - $ref: '#/components/schemas/Security_Endpoint_Management_API_AgentTypes' - alert_ids: - $ref: '#/components/schemas/Security_Endpoint_Management_API_AlertIds' - case_ids: - $ref: '#/components/schemas/Security_Endpoint_Management_API_CaseIds' - comment: - $ref: '#/components/schemas/Security_Endpoint_Management_API_Comment' - endpoint_ids: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_EndpointIds - parameters: - $ref: '#/components/schemas/Security_Endpoint_Management_API_Parameters' - required: - - endpoint_ids - - type: object - properties: - parameters: - oneOf: - - $ref: '#/components/schemas/Security_Endpoint_Management_API_Pid' - - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_EntityId - - type: object - properties: - process_name: - description: Valid for SentinelOne agent type only - minLength: 1 - type: string - required: - - parameters - Security_Endpoint_Management_API_ListRequestQuery: - type: object - properties: - hostStatuses: - items: - enum: - - healthy - - offline - - updating - - inactive - - unenrolled - type: string - type: array - kuery: - nullable: true - type: string - page: - default: 0 - description: Page number - minimum: 0 - type: integer - pageSize: - default: 10 - description: Number of items per page - maximum: 10000 - minimum: 1 - type: integer - sortDirection: - enum: - - asc - - desc - nullable: true - type: string - sortField: - enum: - - enrolled_at - - metadata.host.hostname - - host_status - - metadata.Endpoint.policy.applied.name - - metadata.Endpoint.policy.applied.status - - metadata.host.os.name - - metadata.host.ip - - metadata.agent.version - - last_checkin - type: string - required: - - hostStatuses - Security_Endpoint_Management_API_NonEmptyString: - description: A string that is not empty and does not contain only whitespace - minLength: 1 - pattern: ^(?! *$).+$ - type: string - Security_Endpoint_Management_API_NoParametersRequestSchema: - type: object - properties: - body: - type: object - properties: - agent_type: - $ref: '#/components/schemas/Security_Endpoint_Management_API_AgentTypes' - alert_ids: - $ref: '#/components/schemas/Security_Endpoint_Management_API_AlertIds' - case_ids: - $ref: '#/components/schemas/Security_Endpoint_Management_API_CaseIds' - comment: - $ref: '#/components/schemas/Security_Endpoint_Management_API_Comment' - endpoint_ids: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_EndpointIds - parameters: - $ref: '#/components/schemas/Security_Endpoint_Management_API_Parameters' - required: - - endpoint_ids - required: - - body - Security_Endpoint_Management_API_Page: - default: 1 - description: Page number - minimum: 1 - type: integer - Security_Endpoint_Management_API_PageSize: - default: 10 - description: Number of items per page - maximum: 100 - minimum: 1 - type: integer - Security_Endpoint_Management_API_Parameters: - description: Optional parameters object - type: object - Security_Endpoint_Management_API_PendingActionDataType: - type: integer - Security_Endpoint_Management_API_PendingActionsSchema: - oneOf: - - type: object - properties: - execute: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_PendingActionDataType - get-file: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_PendingActionDataType - isolate: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_PendingActionDataType - kill-process: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_PendingActionDataType - running-processes: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_PendingActionDataType - scan: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_PendingActionDataType - suspend-process: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_PendingActionDataType - unisolate: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_PendingActionDataType - upload: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_PendingActionDataType - - additionalProperties: true - type: object - Security_Endpoint_Management_API_Pid: - type: object - properties: - pid: - minimum: 1 - type: integer - Security_Endpoint_Management_API_ProtectionUpdatesNoteResponse: - type: object - properties: - note: - type: string - Security_Endpoint_Management_API_ScanRouteRequestBody: - allOf: - - type: object - properties: - agent_type: - $ref: '#/components/schemas/Security_Endpoint_Management_API_AgentTypes' - alert_ids: - $ref: '#/components/schemas/Security_Endpoint_Management_API_AlertIds' - case_ids: - $ref: '#/components/schemas/Security_Endpoint_Management_API_CaseIds' - comment: - $ref: '#/components/schemas/Security_Endpoint_Management_API_Comment' - endpoint_ids: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_EndpointIds - parameters: - $ref: '#/components/schemas/Security_Endpoint_Management_API_Parameters' - required: - - endpoint_ids - - type: object - properties: - parameters: - type: object - properties: - path: - type: string - required: - - path - required: - - parameters - Security_Endpoint_Management_API_StartDate: - description: Start date - type: string - Security_Endpoint_Management_API_SuccessResponse: - type: object - properties: {} - Security_Endpoint_Management_API_SuspendProcessRouteRequestBody: - allOf: - - type: object - properties: - agent_type: - $ref: '#/components/schemas/Security_Endpoint_Management_API_AgentTypes' - alert_ids: - $ref: '#/components/schemas/Security_Endpoint_Management_API_AlertIds' - case_ids: - $ref: '#/components/schemas/Security_Endpoint_Management_API_CaseIds' - comment: - $ref: '#/components/schemas/Security_Endpoint_Management_API_Comment' - endpoint_ids: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_EndpointIds - parameters: - $ref: '#/components/schemas/Security_Endpoint_Management_API_Parameters' - required: - - endpoint_ids - - type: object - properties: - parameters: - oneOf: - - $ref: '#/components/schemas/Security_Endpoint_Management_API_Pid' - - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_EntityId - required: - - parameters - Security_Endpoint_Management_API_Timeout: - description: The maximum timeout value in milliseconds (optional) - minimum: 1 - type: integer - Security_Endpoint_Management_API_Type: - description: Type of response action - enum: - - automated - - manual - type: string - Security_Endpoint_Management_API_Types: - description: List of types of response actions - items: - $ref: '#/components/schemas/Security_Endpoint_Management_API_Type' - maxLength: 2 - minLength: 1 - type: array - Security_Endpoint_Management_API_UnisolateRouteRequestBody: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_NoParametersRequestSchema - Security_Endpoint_Management_API_UploadRouteRequestBody: - allOf: - - type: object - properties: - agent_type: - $ref: '#/components/schemas/Security_Endpoint_Management_API_AgentTypes' - alert_ids: - $ref: '#/components/schemas/Security_Endpoint_Management_API_AlertIds' - case_ids: - $ref: '#/components/schemas/Security_Endpoint_Management_API_CaseIds' - comment: - $ref: '#/components/schemas/Security_Endpoint_Management_API_Comment' - endpoint_ids: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_EndpointIds - parameters: - $ref: '#/components/schemas/Security_Endpoint_Management_API_Parameters' - required: - - endpoint_ids - - type: object - properties: - file: - format: binary - type: string - parameters: - type: object - properties: - overwrite: - default: false - type: boolean - required: - - parameters - - file - Security_Endpoint_Management_API_UserIds: - description: User IDs - oneOf: - - items: - minLength: 1 - type: string - minItems: 1 - type: array - - minLength: 1 - type: string - Security_Endpoint_Management_API_WithOutputs: - description: Shows detailed outputs for an action response - oneOf: - - items: - minLength: 1 - type: string - minItems: 1 - type: array - - minLength: 1 - type: string - Security_Entity_Analytics_API_AssetCriticalityBulkUploadErrorItem: - type: object - properties: - index: - type: integer - message: - type: string - required: - - message - - index - Security_Entity_Analytics_API_AssetCriticalityBulkUploadStats: - type: object - properties: - failed: - type: integer - successful: - type: integer - total: - type: integer - required: - - successful - - failed - - total - Security_Entity_Analytics_API_AssetCriticalityLevel: - description: The criticality level of the asset. - enum: - - low_impact - - medium_impact - - high_impact - - extreme_impact - type: string - Security_Entity_Analytics_API_AssetCriticalityRecord: - allOf: - - $ref: >- - #/components/schemas/Security_Entity_Analytics_API_CreateAssetCriticalityRecord - - $ref: >- - #/components/schemas/Security_Entity_Analytics_API_AssetCriticalityRecordEcsParts - - type: object - properties: - '@timestamp': - description: The time the record was created or updated. - example: '2017-07-21T17:32:28Z' - format: date-time - type: string - required: - - '@timestamp' - Security_Entity_Analytics_API_AssetCriticalityRecordEcsParts: - type: object - properties: - asset: - type: object - properties: - criticality: - $ref: >- - #/components/schemas/Security_Entity_Analytics_API_AssetCriticalityLevel - required: - - asset - host: - type: object - properties: - asset: - type: object - properties: - criticality: - $ref: >- - #/components/schemas/Security_Entity_Analytics_API_AssetCriticalityLevel - required: - - criticality - name: - type: string - required: - - name - user: - type: object - properties: - asset: - type: object - properties: - criticality: - $ref: >- - #/components/schemas/Security_Entity_Analytics_API_AssetCriticalityLevel - required: - - criticality - name: - type: string - required: - - name - required: - - asset - Security_Entity_Analytics_API_AssetCriticalityRecordIdParts: - type: object - properties: - id_field: - $ref: '#/components/schemas/Security_Entity_Analytics_API_IdField' - description: The field representing the ID. - example: host.name - id_value: - description: The ID value of the asset. - type: string - required: - - id_value - - id_field - Security_Entity_Analytics_API_CleanUpRiskEngineErrorResponse: - type: object - properties: - cleanup_successful: - example: false - type: boolean - errors: - items: - type: object - properties: - error: - type: string - seq: - type: integer - required: - - seq - - error - type: array - required: - - cleanup_successful - - errors - Security_Entity_Analytics_API_CreateAssetCriticalityRecord: - allOf: - - $ref: >- - #/components/schemas/Security_Entity_Analytics_API_AssetCriticalityRecordIdParts - - type: object - properties: - criticality_level: - $ref: >- - #/components/schemas/Security_Entity_Analytics_API_AssetCriticalityLevel - required: - - criticality_level - Security_Entity_Analytics_API_EngineDataviewUpdateResult: - type: object - properties: - changes: - type: object - properties: - indexPatterns: - items: - type: string - type: array - type: - type: string - required: - - type - Security_Entity_Analytics_API_EngineDescriptor: - type: object - properties: - fieldHistoryLength: - type: integer - filter: - type: string - indexPattern: - $ref: '#/components/schemas/Security_Entity_Analytics_API_IndexPattern' - status: - $ref: '#/components/schemas/Security_Entity_Analytics_API_EngineStatus' - type: - $ref: '#/components/schemas/Security_Entity_Analytics_API_EntityType' - required: - - type - - indexPattern - - status - - fieldHistoryLength - Security_Entity_Analytics_API_EngineStatus: - enum: - - installing - - started - - stopped - - updating - - error - type: string - Security_Entity_Analytics_API_Entity: - oneOf: - - $ref: '#/components/schemas/Security_Entity_Analytics_API_UserEntity' - - $ref: '#/components/schemas/Security_Entity_Analytics_API_HostEntity' - Security_Entity_Analytics_API_EntityRiskLevels: - enum: - - Unknown - - Low - - Moderate - - High - - Critical - type: string - Security_Entity_Analytics_API_EntityRiskScoreRecord: - type: object - properties: - '@timestamp': - description: The time at which the risk score was calculated. - example: '2017-07-21T17:32:28Z' - format: date-time - type: string - calculated_level: - $ref: '#/components/schemas/Security_Entity_Analytics_API_EntityRiskLevels' - description: Lexical description of the entity's risk. - example: Critical - calculated_score: - description: The raw numeric value of the given entity's risk score. - format: double - type: number - calculated_score_norm: - description: >- - The normalized numeric value of the given entity's risk score. - Useful for comparing with other entities. - format: double - maximum: 100 - minimum: 0 - type: number - category_1_count: - description: >- - The number of risk input documents that contributed to the Category - 1 score (`category_1_score`). - format: integer - type: number - category_1_score: - description: >- - The contribution of Category 1 to the overall risk score - (`calculated_score`). Category 1 contains Detection Engine Alerts. - format: double - type: number - category_2_count: - format: integer - type: number - category_2_score: - format: double - type: number - criticality_level: - $ref: >- - #/components/schemas/Security_Entity_Analytics_API_AssetCriticalityLevel - criticality_modifier: - format: double - type: number - id_field: - description: >- - The identifier field defining this risk score. Coupled with - `id_value`, uniquely identifies the entity being scored. - example: host.name - type: string - id_value: - description: >- - The identifier value defining this risk score. Coupled with - `id_field`, uniquely identifies the entity being scored. - example: example.host - type: string - inputs: - description: >- - A list of the highest-risk documents contributing to this risk - score. Useful for investigative purposes. - items: - $ref: '#/components/schemas/Security_Entity_Analytics_API_RiskScoreInput' - type: array - notes: - items: - type: string - type: array - required: - - '@timestamp' - - id_field - - id_value - - calculated_level - - calculated_score - - calculated_score_norm - - category_1_score - - category_1_count - - inputs - - notes - Security_Entity_Analytics_API_EntityType: - enum: - - user - - host - type: string - Security_Entity_Analytics_API_HostEntity: - type: object - properties: - '@timestamp': - format: date-time - type: string - asset: - type: object - properties: - criticality: - $ref: >- - #/components/schemas/Security_Entity_Analytics_API_AssetCriticalityLevel - required: - - criticality - entity: - type: object - properties: - name: - type: string - source: - items: - type: string - type: array - required: - - name - - source - host: - type: object - properties: - architecture: - items: - type: string - type: array - domain: - items: - type: string - type: array - hostname: - items: - type: string - type: array - id: - items: - type: string - type: array - ip: - items: - type: string - type: array - mac: - items: - type: string - type: array - name: - type: string - risk: - $ref: >- - #/components/schemas/Security_Entity_Analytics_API_EntityRiskScoreRecord - type: - items: - type: string - type: array - required: - - name - required: - - '@timestamp' - - host - - entity - Security_Entity_Analytics_API_IdField: - enum: - - host.name - - user.name - type: string - Security_Entity_Analytics_API_IndexPattern: - type: string - Security_Entity_Analytics_API_InspectQuery: - type: object - properties: - dsl: - items: - type: string - type: array - response: - items: - type: string - type: array - required: - - dsl - - response - Security_Entity_Analytics_API_RiskEngineScheduleNowErrorResponse: - type: object - properties: - full_error: - type: string - message: - type: string - required: - - message - - full_error - Security_Entity_Analytics_API_RiskEngineScheduleNowResponse: - type: object - properties: - success: - type: boolean - Security_Entity_Analytics_API_RiskScoreInput: - description: A generic representation of a document contributing to a Risk Score. - type: object - properties: - category: - description: The risk category of the risk input document. - example: category_1 - type: string - contribution_score: - format: double - type: number - description: - description: A human-readable description of the risk input document. - example: 'Generated from Detection Engine Rule: Malware Prevention Alert' - type: string - id: - description: The unique identifier (`_id`) of the original source document - example: 91a93376a507e86cfbf282166275b89f9dbdb1f0be6c8103c6ff2909ca8e1a1c - type: string - index: - description: The unique index (`_index`) of the original source document - example: .internal.alerts-security.alerts-default-000001 - type: string - risk_score: - description: The weighted risk score of the risk input document. - format: double - maximum: 100 - minimum: 0 - type: number - timestamp: - description: The @timestamp of the risk input document. - example: '2017-07-21T17:32:28Z' - type: string - required: - - id - - index - - description - - category - Security_Entity_Analytics_API_TaskManagerUnavailableResponse: - description: Task manager is unavailable - type: object - properties: - message: - type: string - status_code: - minimum: 400 - type: integer - required: - - status_code - - message - Security_Entity_Analytics_API_UserEntity: - type: object - properties: - '@timestamp': - format: date-time - type: string - asset: - type: object - properties: - criticality: - $ref: >- - #/components/schemas/Security_Entity_Analytics_API_AssetCriticalityLevel - required: - - criticality - entity: - type: object - properties: - name: - type: string - source: - items: - type: string - type: array - required: - - name - - source - user: - type: object - properties: - domain: - items: - type: string - type: array - email: - items: - type: string - type: array - full_name: - items: - type: string - type: array - hash: - items: - type: string - type: array - id: - items: - type: string - type: array - name: - type: string - risk: - $ref: >- - #/components/schemas/Security_Entity_Analytics_API_EntityRiskScoreRecord - roles: - items: - type: string - type: array - required: - - name - required: - - '@timestamp' - - user - - entity - Security_Exceptions_API_CreateExceptionListItemComment: - type: object - properties: - comment: - $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' - required: - - comment - Security_Exceptions_API_CreateExceptionListItemCommentArray: - items: - $ref: >- - #/components/schemas/Security_Exceptions_API_CreateExceptionListItemComment - type: array - Security_Exceptions_API_CreateRuleExceptionListItemComment: - type: object - properties: - comment: - $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' - required: - - comment - Security_Exceptions_API_CreateRuleExceptionListItemCommentArray: - items: - $ref: >- - #/components/schemas/Security_Exceptions_API_CreateRuleExceptionListItemComment - type: array - Security_Exceptions_API_CreateRuleExceptionListItemProps: - type: object - properties: - comments: - $ref: >- - #/components/schemas/Security_Exceptions_API_CreateRuleExceptionListItemCommentArray - default: [] - description: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListItemDescription - entries: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListItemEntryArray - expire_time: - format: date-time - type: string - item_id: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListItemHumanId - meta: - $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListItemMeta' - name: - $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListItemName' - namespace_type: - $ref: '#/components/schemas/Security_Exceptions_API_ExceptionNamespaceType' - default: single - os_types: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListItemOsTypeArray - default: [] - tags: - $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListItemTags' - default: [] - type: - $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListItemType' - required: - - type - - name - - description - - entries - Security_Exceptions_API_ExceptionList: - type: object - properties: - _version: - type: string - created_at: - format: date-time - type: string - created_by: - type: string - description: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListDescription - id: - $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListId' - immutable: - type: boolean - list_id: - $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListHumanId' - meta: - $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListMeta' - name: - $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListName' - namespace_type: - $ref: '#/components/schemas/Security_Exceptions_API_ExceptionNamespaceType' - os_types: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListOsTypeArray - tags: - $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListTags' - tie_breaker_id: - type: string - type: - $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListType' - updated_at: - format: date-time - type: string - updated_by: - type: string - version: - $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListVersion' - required: - - id - - list_id - - type - - name - - description - - immutable - - namespace_type - - version - - tie_breaker_id - - created_at - - created_by - - updated_at - - updated_by - Security_Exceptions_API_ExceptionListDescription: - type: string - Security_Exceptions_API_ExceptionListHumanId: - $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' - description: Human readable string identifier, e.g. `trusted-linux-processes` - Security_Exceptions_API_ExceptionListId: - $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' - Security_Exceptions_API_ExceptionListItem: - type: object - properties: - _version: - type: string - comments: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListItemCommentArray - created_at: - format: date-time - type: string - created_by: - type: string - description: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListItemDescription - entries: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListItemEntryArray - expire_time: - format: date-time - type: string - id: - $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListItemId' - item_id: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListItemHumanId - list_id: - $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListHumanId' - meta: - $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListItemMeta' - name: - $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListItemName' - namespace_type: - $ref: '#/components/schemas/Security_Exceptions_API_ExceptionNamespaceType' - os_types: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListItemOsTypeArray - tags: - $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListItemTags' - tie_breaker_id: - type: string - type: - $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListItemType' - updated_at: - format: date-time - type: string - updated_by: - type: string - required: - - id - - item_id - - list_id - - type - - name - - description - - entries - - namespace_type - - comments - - tie_breaker_id - - created_at - - created_by - - updated_at - - updated_by - Security_Exceptions_API_ExceptionListItemComment: - type: object - properties: - comment: - $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' - created_at: - format: date-time - type: string - created_by: - $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' - id: - $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' - updated_at: - format: date-time - type: string - updated_by: - $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' - required: - - id - - comment - - created_at - - created_by - Security_Exceptions_API_ExceptionListItemCommentArray: - items: - $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListItemComment' - type: array - Security_Exceptions_API_ExceptionListItemDescription: - type: string - Security_Exceptions_API_ExceptionListItemEntry: - anyOf: - - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListItemEntryMatch - - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListItemEntryMatchAny - - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListItemEntryList - - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListItemEntryExists - - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListItemEntryNested - - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListItemEntryMatchWildcard - discriminator: - propertyName: type - Security_Exceptions_API_ExceptionListItemEntryArray: - items: - $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListItemEntry' - type: array - Security_Exceptions_API_ExceptionListItemEntryExists: - type: object - properties: - field: - $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' - operator: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListItemEntryOperator - type: - enum: - - exists - type: string - required: - - type - - field - - operator - Security_Exceptions_API_ExceptionListItemEntryList: - type: object - properties: - field: - $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' - list: - type: object - properties: - id: - $ref: '#/components/schemas/Security_Exceptions_API_ListId' - type: - $ref: '#/components/schemas/Security_Exceptions_API_ListType' - required: - - id - - type - operator: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListItemEntryOperator - type: - enum: - - list - type: string - required: - - type - - field - - list - - operator - Security_Exceptions_API_ExceptionListItemEntryMatch: - type: object - properties: - field: - $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' - operator: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListItemEntryOperator - type: - enum: - - match - type: string - value: - $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' - required: - - type - - field - - value - - operator - Security_Exceptions_API_ExceptionListItemEntryMatchAny: - type: object - properties: - field: - $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' - operator: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListItemEntryOperator - type: - enum: - - match_any - type: string - value: - items: - $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' - minItems: 1 - type: array - required: - - type - - field - - value - - operator - Security_Exceptions_API_ExceptionListItemEntryMatchWildcard: - type: object - properties: - field: - $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' - operator: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListItemEntryOperator - type: - enum: - - wildcard - type: string - value: - $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' - required: - - type - - field - - value - - operator - Security_Exceptions_API_ExceptionListItemEntryNested: - type: object - properties: - entries: - items: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListItemEntryNestedEntryItem - minItems: 1 - type: array - field: - $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' - type: - enum: - - nested - type: string - required: - - type - - field - - entries - Security_Exceptions_API_ExceptionListItemEntryNestedEntryItem: - oneOf: - - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListItemEntryMatch - - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListItemEntryMatchAny - - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListItemEntryExists - Security_Exceptions_API_ExceptionListItemEntryOperator: - enum: - - excluded - - included - type: string - Security_Exceptions_API_ExceptionListItemHumanId: - $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' - Security_Exceptions_API_ExceptionListItemId: - $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' - Security_Exceptions_API_ExceptionListItemMeta: - additionalProperties: true - type: object - Security_Exceptions_API_ExceptionListItemName: - $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' - Security_Exceptions_API_ExceptionListItemOsTypeArray: - items: - $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListOsType' - type: array - Security_Exceptions_API_ExceptionListItemTags: - items: - $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' - type: array - Security_Exceptions_API_ExceptionListItemType: - enum: - - simple - type: string - Security_Exceptions_API_ExceptionListMeta: - additionalProperties: true - type: object - Security_Exceptions_API_ExceptionListName: - type: string - Security_Exceptions_API_ExceptionListOsType: - enum: - - linux - - macos - - windows - type: string - Security_Exceptions_API_ExceptionListOsTypeArray: - items: - $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListOsType' - type: array - Security_Exceptions_API_ExceptionListsImportBulkError: - type: object - properties: - error: - type: object - properties: - message: - type: string - status_code: - type: integer - required: - - status_code - - message - id: - $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListId' - item_id: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListItemHumanId - list_id: - $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListHumanId' - required: - - error - Security_Exceptions_API_ExceptionListsImportBulkErrorArray: - items: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListsImportBulkError - type: array - Security_Exceptions_API_ExceptionListTags: - items: - type: string - type: array - Security_Exceptions_API_ExceptionListType: - enum: - - detection - - rule_default - - endpoint - - endpoint_trusted_apps - - endpoint_events - - endpoint_host_isolation_exceptions - - endpoint_blocklists - type: string - Security_Exceptions_API_ExceptionListVersion: - minimum: 1 - type: integer - Security_Exceptions_API_ExceptionNamespaceType: - description: > - Determines whether the exception container is available in all Kibana - spaces or just the space - - in which it is created, where: - - - - `single`: Only available in the Kibana space in which it is created. - - - `agnostic`: Available in all Kibana spaces. - enum: - - agnostic - - single - type: string - Security_Exceptions_API_FindExceptionListItemsFilter: - $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' - Security_Exceptions_API_FindExceptionListsFilter: - type: string - Security_Exceptions_API_ListId: - $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' - Security_Exceptions_API_ListType: - enum: - - binary - - boolean - - byte - - date - - date_nanos - - date_range - - double - - double_range - - float - - float_range - - geo_point - - geo_shape - - half_float - - integer - - integer_range - - ip - - ip_range - - keyword - - long - - long_range - - shape - - short - - text - type: string - Security_Exceptions_API_NonEmptyString: - description: A string that is not empty and does not contain only whitespace - minLength: 1 - pattern: ^(?! *$).+$ - type: string - Security_Exceptions_API_PlatformErrorResponse: - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: integer - required: - - statusCode - - error - - message - Security_Exceptions_API_RuleId: - $ref: '#/components/schemas/Security_Exceptions_API_UUID' - Security_Exceptions_API_SiemErrorResponse: - type: object - properties: - message: - type: string - status_code: - type: integer - required: - - status_code - - message - Security_Exceptions_API_UpdateExceptionListItemComment: - type: object - properties: - comment: - $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' - id: - $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' - required: - - comment - Security_Exceptions_API_UpdateExceptionListItemCommentArray: - items: - $ref: >- - #/components/schemas/Security_Exceptions_API_UpdateExceptionListItemComment - type: array - Security_Exceptions_API_UUID: - description: A universally unique identifier - format: uuid - type: string - Security_Lists_API_FindListItemsCursor: - $ref: '#/components/schemas/Security_Lists_API_NonEmptyString' - Security_Lists_API_FindListItemsFilter: - type: string - Security_Lists_API_FindListsCursor: - $ref: '#/components/schemas/Security_Lists_API_NonEmptyString' - Security_Lists_API_FindListsFilter: - type: string - Security_Lists_API_List: - type: object - properties: - _version: - type: string - '@timestamp': - format: date-time - type: string - created_at: - format: date-time - type: string - created_by: - type: string - description: - $ref: '#/components/schemas/Security_Lists_API_ListDescription' - deserializer: - type: string - id: - $ref: '#/components/schemas/Security_Lists_API_ListId' - immutable: - type: boolean - meta: - $ref: '#/components/schemas/Security_Lists_API_ListMetadata' - name: - $ref: '#/components/schemas/Security_Lists_API_ListName' - serializer: - type: string - tie_breaker_id: - type: string - type: - $ref: '#/components/schemas/Security_Lists_API_ListType' - updated_at: - format: date-time - type: string - updated_by: - type: string - version: - minimum: 1 - type: integer - required: - - id - - type - - name - - description - - immutable - - version - - tie_breaker_id - - created_at - - created_by - - updated_at - - updated_by - Security_Lists_API_ListDescription: - $ref: '#/components/schemas/Security_Lists_API_NonEmptyString' - Security_Lists_API_ListId: - $ref: '#/components/schemas/Security_Lists_API_NonEmptyString' - Security_Lists_API_ListItem: - type: object - properties: - _version: - type: string - '@timestamp': - format: date-time - type: string - created_at: - format: date-time - type: string - created_by: - type: string - deserializer: - type: string - id: - $ref: '#/components/schemas/Security_Lists_API_ListItemId' - list_id: - $ref: '#/components/schemas/Security_Lists_API_ListId' - meta: - $ref: '#/components/schemas/Security_Lists_API_ListItemMetadata' - serializer: - type: string - tie_breaker_id: - type: string - type: - $ref: '#/components/schemas/Security_Lists_API_ListType' - updated_at: - format: date-time - type: string - updated_by: - type: string - value: - $ref: '#/components/schemas/Security_Lists_API_ListItemValue' - required: - - id - - type - - list_id - - value - - tie_breaker_id - - created_at - - created_by - - updated_at - - updated_by - Security_Lists_API_ListItemId: - $ref: '#/components/schemas/Security_Lists_API_NonEmptyString' - Security_Lists_API_ListItemMetadata: - additionalProperties: true - type: object - Security_Lists_API_ListItemPrivileges: - type: object - properties: - application: - additionalProperties: - type: boolean - type: object - cluster: - additionalProperties: - type: boolean - type: object - has_all_requested: - type: boolean - index: - additionalProperties: - additionalProperties: - type: boolean - type: object - type: object - username: - type: string - required: - - username - - has_all_requested - - cluster - - index - - application - Security_Lists_API_ListItemValue: - $ref: '#/components/schemas/Security_Lists_API_NonEmptyString' - Security_Lists_API_ListMetadata: - additionalProperties: true - type: object - Security_Lists_API_ListName: - $ref: '#/components/schemas/Security_Lists_API_NonEmptyString' - Security_Lists_API_ListPrivileges: - type: object - properties: - application: - additionalProperties: - type: boolean - type: object - cluster: - additionalProperties: - type: boolean - type: object - has_all_requested: - type: boolean - index: - additionalProperties: - additionalProperties: - type: boolean - type: object - type: object - username: - type: string - required: - - username - - has_all_requested - - cluster - - index - - application - Security_Lists_API_ListType: - enum: - - binary - - boolean - - byte - - date - - date_nanos - - date_range - - double - - double_range - - float - - float_range - - geo_point - - geo_shape - - half_float - - integer - - integer_range - - ip - - ip_range - - keyword - - long - - long_range - - shape - - short - - text - type: string - Security_Lists_API_NonEmptyString: - description: A string that is not empty and does not contain only whitespace - minLength: 1 - pattern: ^(?! *$).+$ - type: string - Security_Lists_API_PlatformErrorResponse: - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: integer - required: - - statusCode - - error - - message - Security_Lists_API_SiemErrorResponse: - type: object - properties: - message: - type: string - status_code: - type: integer - required: - - status_code - - message - Security_Osquery_API_ArrayQueries: - items: - $ref: '#/components/schemas/Security_Osquery_API_ArrayQueriesItem' - type: array - Security_Osquery_API_ArrayQueriesItem: - type: object - properties: - ecs_mapping: - $ref: '#/components/schemas/Security_Osquery_API_ECSMappingOrUndefined' - id: - $ref: '#/components/schemas/Security_Osquery_API_Id' - platform: - $ref: '#/components/schemas/Security_Osquery_API_PlatformOrUndefined' - query: - $ref: '#/components/schemas/Security_Osquery_API_Query' - removed: - $ref: '#/components/schemas/Security_Osquery_API_RemovedOrUndefined' - snapshot: - $ref: '#/components/schemas/Security_Osquery_API_SnapshotOrUndefined' - version: - $ref: '#/components/schemas/Security_Osquery_API_VersionOrUndefined' - Security_Osquery_API_CreateLiveQueryRequestBody: - type: object - properties: - agent_all: - type: boolean - agent_ids: - items: - type: string - type: array - agent_platforms: - items: - type: string - type: array - agent_policy_ids: - items: - type: string - type: array - alert_ids: - items: - type: string - type: array - case_ids: - items: - type: string - type: array - ecs_mapping: - $ref: '#/components/schemas/Security_Osquery_API_ECSMappingOrUndefined' - event_ids: - items: - type: string - type: array - metadata: - nullable: true - type: object - pack_id: - $ref: '#/components/schemas/Security_Osquery_API_PackIdOrUndefined' - queries: - $ref: '#/components/schemas/Security_Osquery_API_ArrayQueries' - query: - $ref: '#/components/schemas/Security_Osquery_API_QueryOrUndefined' - saved_query_id: - $ref: '#/components/schemas/Security_Osquery_API_SavedQueryIdOrUndefined' - Security_Osquery_API_CreatePacksRequestBody: - type: object - properties: - description: - $ref: '#/components/schemas/Security_Osquery_API_DescriptionOrUndefined' - enabled: - $ref: '#/components/schemas/Security_Osquery_API_EnabledOrUndefined' - name: - $ref: '#/components/schemas/Security_Osquery_API_PackName' - policy_ids: - $ref: '#/components/schemas/Security_Osquery_API_PolicyIdsOrUndefined' - queries: - $ref: '#/components/schemas/Security_Osquery_API_ObjectQueries' - shards: - $ref: '#/components/schemas/Security_Osquery_API_Shards' - Security_Osquery_API_CreateSavedQueryRequestBody: - type: object - properties: - description: - $ref: '#/components/schemas/Security_Osquery_API_DescriptionOrUndefined' - ecs_mapping: - $ref: '#/components/schemas/Security_Osquery_API_ECSMappingOrUndefined' - id: - $ref: '#/components/schemas/Security_Osquery_API_SavedQueryId' - interval: - $ref: '#/components/schemas/Security_Osquery_API_Interval' - platform: - $ref: '#/components/schemas/Security_Osquery_API_DescriptionOrUndefined' - query: - $ref: '#/components/schemas/Security_Osquery_API_QueryOrUndefined' - removed: - $ref: '#/components/schemas/Security_Osquery_API_RemovedOrUndefined' - snapshot: - $ref: '#/components/schemas/Security_Osquery_API_SnapshotOrUndefined' - version: - $ref: '#/components/schemas/Security_Osquery_API_VersionOrUndefined' - Security_Osquery_API_DefaultSuccessResponse: - type: object - properties: {} - Security_Osquery_API_Description: - type: string - Security_Osquery_API_DescriptionOrUndefined: - $ref: '#/components/schemas/Security_Osquery_API_Description' - nullable: true - Security_Osquery_API_ECSMapping: - additionalProperties: - $ref: '#/components/schemas/Security_Osquery_API_ECSMappingItem' - type: object - Security_Osquery_API_ECSMappingItem: - type: object - properties: - field: - type: string - value: - oneOf: - - type: string - - items: - type: string - type: array - Security_Osquery_API_ECSMappingOrUndefined: - $ref: '#/components/schemas/Security_Osquery_API_ECSMapping' - nullable: true - Security_Osquery_API_Enabled: - type: boolean - Security_Osquery_API_EnabledOrUndefined: - $ref: '#/components/schemas/Security_Osquery_API_Enabled' - nullable: true - Security_Osquery_API_FindLiveQueryRequestQuery: - type: object - properties: - kuery: - $ref: '#/components/schemas/Security_Osquery_API_KueryOrUndefined' - page: - $ref: '#/components/schemas/Security_Osquery_API_PageOrUndefined' - pageSize: - $ref: '#/components/schemas/Security_Osquery_API_PageSizeOrUndefined' - sort: - $ref: '#/components/schemas/Security_Osquery_API_SortOrUndefined' - sortOrder: - $ref: '#/components/schemas/Security_Osquery_API_SortOrderOrUndefined' - Security_Osquery_API_FindPacksRequestQuery: - type: object - properties: - page: - $ref: '#/components/schemas/Security_Osquery_API_PageOrUndefined' - pageSize: - $ref: '#/components/schemas/Security_Osquery_API_PageSizeOrUndefined' - sort: - $ref: '#/components/schemas/Security_Osquery_API_SortOrUndefined' - sortOrder: - $ref: '#/components/schemas/Security_Osquery_API_SortOrderOrUndefined' - Security_Osquery_API_FindSavedQueryRequestQuery: - type: object - properties: - page: - $ref: '#/components/schemas/Security_Osquery_API_PageOrUndefined' - pageSize: - $ref: '#/components/schemas/Security_Osquery_API_PageSizeOrUndefined' - sort: - $ref: '#/components/schemas/Security_Osquery_API_SortOrUndefined' - sortOrder: - $ref: '#/components/schemas/Security_Osquery_API_SortOrderOrUndefined' - Security_Osquery_API_GetLiveQueryResultsRequestQuery: - type: object - properties: - kuery: - $ref: '#/components/schemas/Security_Osquery_API_KueryOrUndefined' - page: - $ref: '#/components/schemas/Security_Osquery_API_PageOrUndefined' - pageSize: - $ref: '#/components/schemas/Security_Osquery_API_PageSizeOrUndefined' - sort: - $ref: '#/components/schemas/Security_Osquery_API_SortOrUndefined' - sortOrder: - $ref: '#/components/schemas/Security_Osquery_API_SortOrderOrUndefined' - Security_Osquery_API_Id: - type: string - Security_Osquery_API_Interval: - type: string - Security_Osquery_API_IntervalOrUndefined: - $ref: '#/components/schemas/Security_Osquery_API_Interval' - nullable: true - Security_Osquery_API_KueryOrUndefined: - nullable: true - type: string - Security_Osquery_API_ObjectQueries: - additionalProperties: - $ref: '#/components/schemas/Security_Osquery_API_ObjectQueriesItem' - type: object - Security_Osquery_API_ObjectQueriesItem: - type: object - properties: - ecs_mapping: - $ref: '#/components/schemas/Security_Osquery_API_ECSMappingOrUndefined' - id: - $ref: '#/components/schemas/Security_Osquery_API_Id' - platform: - $ref: '#/components/schemas/Security_Osquery_API_PlatformOrUndefined' - query: - $ref: '#/components/schemas/Security_Osquery_API_Query' - removed: - $ref: '#/components/schemas/Security_Osquery_API_RemovedOrUndefined' - saved_query_id: - $ref: '#/components/schemas/Security_Osquery_API_SavedQueryIdOrUndefined' - snapshot: - $ref: '#/components/schemas/Security_Osquery_API_SnapshotOrUndefined' - version: - $ref: '#/components/schemas/Security_Osquery_API_VersionOrUndefined' - Security_Osquery_API_PackId: - type: string - Security_Osquery_API_PackIdOrUndefined: - $ref: '#/components/schemas/Security_Osquery_API_PackId' - nullable: true - Security_Osquery_API_PackName: - type: string - Security_Osquery_API_PageOrUndefined: - nullable: true - type: integer - Security_Osquery_API_PageSizeOrUndefined: - nullable: true - type: integer - Security_Osquery_API_Platform: - type: string - Security_Osquery_API_PlatformOrUndefined: - $ref: '#/components/schemas/Security_Osquery_API_Platform' - nullable: true - Security_Osquery_API_PolicyIds: - items: - type: string - type: array - Security_Osquery_API_PolicyIdsOrUndefined: - $ref: '#/components/schemas/Security_Osquery_API_PolicyIds' - nullable: true - Security_Osquery_API_Query: - type: string - Security_Osquery_API_QueryOrUndefined: - $ref: '#/components/schemas/Security_Osquery_API_Query' - nullable: true - Security_Osquery_API_Removed: - type: boolean - Security_Osquery_API_RemovedOrUndefined: - $ref: '#/components/schemas/Security_Osquery_API_Removed' - nullable: true - Security_Osquery_API_SavedQueryId: - type: string - Security_Osquery_API_SavedQueryIdOrUndefined: - $ref: '#/components/schemas/Security_Osquery_API_SavedQueryId' - nullable: true - Security_Osquery_API_Shards: - additionalProperties: - type: number - type: object - Security_Osquery_API_Snapshot: - type: boolean - Security_Osquery_API_SnapshotOrUndefined: - $ref: '#/components/schemas/Security_Osquery_API_Snapshot' - nullable: true - Security_Osquery_API_SortOrderOrUndefined: - oneOf: - - nullable: true - type: string - - enum: - - asc - - desc - Security_Osquery_API_SortOrUndefined: - nullable: true - type: string - Security_Osquery_API_UpdatePacksRequestBody: - type: object - properties: - description: - $ref: '#/components/schemas/Security_Osquery_API_DescriptionOrUndefined' - enabled: - $ref: '#/components/schemas/Security_Osquery_API_EnabledOrUndefined' - id: - $ref: '#/components/schemas/Security_Osquery_API_PackId' - policy_ids: - $ref: '#/components/schemas/Security_Osquery_API_PolicyIdsOrUndefined' - queries: - $ref: '#/components/schemas/Security_Osquery_API_ObjectQueries' - shards: - $ref: '#/components/schemas/Security_Osquery_API_Shards' - Security_Osquery_API_UpdateSavedQueryRequestBody: - type: object - properties: - description: - $ref: '#/components/schemas/Security_Osquery_API_DescriptionOrUndefined' - ecs_mapping: - $ref: '#/components/schemas/Security_Osquery_API_ECSMappingOrUndefined' - id: - $ref: '#/components/schemas/Security_Osquery_API_SavedQueryId' - interval: - $ref: '#/components/schemas/Security_Osquery_API_IntervalOrUndefined' - platform: - $ref: '#/components/schemas/Security_Osquery_API_DescriptionOrUndefined' - query: - $ref: '#/components/schemas/Security_Osquery_API_QueryOrUndefined' - removed: - $ref: '#/components/schemas/Security_Osquery_API_RemovedOrUndefined' - snapshot: - $ref: '#/components/schemas/Security_Osquery_API_SnapshotOrUndefined' - version: - $ref: '#/components/schemas/Security_Osquery_API_VersionOrUndefined' - Security_Osquery_API_Version: - type: string - Security_Osquery_API_VersionOrUndefined: - $ref: '#/components/schemas/Security_Osquery_API_Version' - nullable: true - Security_Timeline_API_AssociatedFilterType: - description: Filter notes based on their association with a document or saved object. - enum: - - all - - document_only - - saved_object_only - - document_and_saved_object - - orphan - type: string - Security_Timeline_API_BareNote: - type: object - properties: - created: - nullable: true - type: number - createdBy: - nullable: true - type: string - eventId: - nullable: true - type: string - note: - nullable: true - type: string - timelineId: - type: string - updated: - nullable: true - type: number - updatedBy: - nullable: true - type: string - required: - - timelineId - Security_Timeline_API_BarePinnedEvent: - type: object - properties: - created: - nullable: true - type: number - createdBy: - nullable: true - type: string - eventId: - type: string - timelineId: - type: string - updated: - nullable: true - type: number - updatedBy: - nullable: true - type: string - required: - - eventId - - timelineId - Security_Timeline_API_ColumnHeaderResult: - type: object - properties: - aggregatable: - nullable: true - type: boolean - category: - nullable: true - type: string - columnHeaderType: - nullable: true - type: string - description: - nullable: true - type: string - example: - nullable: true - type: string - id: - nullable: true - type: string - indexes: - items: - type: string - nullable: true - type: array - name: - nullable: true - type: string - placeholder: - nullable: true - type: string - searchable: - nullable: true - type: boolean - type: - nullable: true - type: string - Security_Timeline_API_DataProviderQueryMatch: - type: object - properties: - enabled: - nullable: true - type: boolean - excluded: - nullable: true - type: boolean - id: - nullable: true - type: string - kqlQuery: - nullable: true - type: string - name: - nullable: true - type: string - queryMatch: - $ref: '#/components/schemas/Security_Timeline_API_QueryMatchResult' - nullable: true - type: - $ref: '#/components/schemas/Security_Timeline_API_DataProviderType' - nullable: true - Security_Timeline_API_DataProviderResult: - type: object - properties: - and: - items: - $ref: '#/components/schemas/Security_Timeline_API_DataProviderQueryMatch' - nullable: true - type: array - enabled: - nullable: true - type: boolean - excluded: - nullable: true - type: boolean - id: - nullable: true - type: string - kqlQuery: - nullable: true - type: string - name: - nullable: true - type: string - queryMatch: - $ref: '#/components/schemas/Security_Timeline_API_QueryMatchResult' - nullable: true - type: - $ref: '#/components/schemas/Security_Timeline_API_DataProviderType' - nullable: true - Security_Timeline_API_DataProviderType: - description: >- - The type of data provider to create. Valid values are `default` and - `template`. - enum: - - default - - template - type: string - Security_Timeline_API_DocumentIds: - oneOf: - - items: - type: string - type: array - - type: string - Security_Timeline_API_FavoriteTimelineResponse: - type: object - properties: - code: - nullable: true - type: number - favorite: - items: - $ref: '#/components/schemas/Security_Timeline_API_FavoriteTimelineResult' - type: array - message: - nullable: true - type: string - savedObjectId: - type: string - templateTimelineId: - nullable: true - type: string - templateTimelineVersion: - nullable: true - type: number - timelineType: - $ref: '#/components/schemas/Security_Timeline_API_TimelineType' - version: - type: string - required: - - savedObjectId - - version - Security_Timeline_API_FavoriteTimelineResult: - type: object - properties: - favoriteDate: - nullable: true - type: number - fullName: - nullable: true - type: string - userName: - nullable: true - type: string - Security_Timeline_API_FilterTimelineResult: - type: object - properties: - exists: - nullable: true - type: string - match_all: - nullable: true - type: string - meta: - nullable: true - type: object - properties: - alias: - nullable: true - type: string - controlledBy: - nullable: true - type: string - disabled: - nullable: true - type: boolean - field: - nullable: true - type: string - formattedValue: - nullable: true - type: string - index: - nullable: true - type: string - key: - nullable: true - type: string - negate: - nullable: true - type: boolean - params: - nullable: true - type: string - type: - nullable: true - type: string - value: - nullable: true - type: string - missing: - nullable: true - type: string - query: - nullable: true - type: string - range: - nullable: true - type: string - script: - nullable: true - type: string - Security_Timeline_API_GetNotesResult: - type: object - properties: - notes: - items: - $ref: '#/components/schemas/Security_Timeline_API_Note' - type: array - totalCount: - type: number - required: - - totalCount - - notes - Security_Timeline_API_ImportTimelineResult: - type: object - properties: - errors: - items: - type: object - properties: - error: - type: object - properties: - message: - type: string - status_code: - type: number - id: - type: string - type: array - success: - type: boolean - success_count: - type: number - timelines_installed: - type: number - timelines_updated: - type: number - Security_Timeline_API_ImportTimelines: - allOf: - - $ref: '#/components/schemas/Security_Timeline_API_SavedTimeline' - - type: object - properties: - eventNotes: - items: - $ref: '#/components/schemas/Security_Timeline_API_BareNote' - nullable: true - type: array - globalNotes: - items: - $ref: '#/components/schemas/Security_Timeline_API_BareNote' - nullable: true - type: array - pinnedEventIds: - items: - type: string - nullable: true - type: array - savedObjectId: - nullable: true - type: string - version: - nullable: true - type: string - required: - - savedObjectId - - version - - pinnedEventIds - - eventNotes - - globalNotes - Security_Timeline_API_Note: - allOf: - - $ref: '#/components/schemas/Security_Timeline_API_BareNote' - - type: object - properties: - noteId: - type: string - version: - type: string - required: - - noteId - - version - Security_Timeline_API_PersistPinnedEventResponse: - oneOf: - - allOf: - - $ref: '#/components/schemas/Security_Timeline_API_PinnedEvent' - - $ref: >- - #/components/schemas/Security_Timeline_API_PinnedEventBaseResponseBody - - nullable: true - type: object - Security_Timeline_API_PersistTimelineResponse: - type: object - properties: - data: - type: object - properties: - persistTimeline: - type: object - properties: - timeline: - $ref: '#/components/schemas/Security_Timeline_API_TimelineResponse' - required: - - timeline - required: - - persistTimeline - required: - - data - Security_Timeline_API_PinnedEvent: - allOf: - - $ref: '#/components/schemas/Security_Timeline_API_BarePinnedEvent' - - type: object - properties: - pinnedEventId: - type: string - version: - type: string - required: - - pinnedEventId - - version - Security_Timeline_API_PinnedEventBaseResponseBody: - type: object - properties: - code: - type: number - message: - type: string - required: - - code - Security_Timeline_API_QueryMatchResult: - type: object - properties: - displayField: - nullable: true - type: string - displayValue: - nullable: true - type: string - field: - nullable: true - type: string - operator: - nullable: true - type: string - value: - oneOf: - - nullable: true - type: string - - items: - type: string - nullable: true - type: array - Security_Timeline_API_ResolvedTimeline: - type: object - properties: - alias_purpose: - $ref: >- - #/components/schemas/Security_Timeline_API_SavedObjectResolveAliasPurpose - alias_target_id: - type: string - outcome: - $ref: '#/components/schemas/Security_Timeline_API_SavedObjectResolveOutcome' - timeline: - $ref: >- - #/components/schemas/Security_Timeline_API_TimelineSavedToReturnObject - required: - - timeline - - outcome - Security_Timeline_API_ResponseNote: - type: object - properties: - code: - type: number - message: - type: string - note: - $ref: '#/components/schemas/Security_Timeline_API_Note' - required: - - code - - message - - note - Security_Timeline_API_RowRendererId: - enum: - - alert - - alerts - - auditd - - auditd_file - - library - - netflow - - plain - - registry - - suricata - - system - - system_dns - - system_endgame_process - - system_file - - system_fim - - system_security_event - - system_socket - - threat_match - - zeek - type: string - Security_Timeline_API_SavedObjectIds: - oneOf: - - items: - type: string - type: array - - type: string - Security_Timeline_API_SavedObjectResolveAliasPurpose: - enum: - - savedObjectConversion - - savedObjectImport - type: string - Security_Timeline_API_SavedObjectResolveOutcome: - enum: - - exactMatch - - aliasMatch - - conflict - type: string - Security_Timeline_API_SavedTimeline: - type: object - properties: - columns: - items: - $ref: '#/components/schemas/Security_Timeline_API_ColumnHeaderResult' - nullable: true - type: array - created: - nullable: true - type: number - createdBy: - nullable: true - type: string - dataProviders: - items: - $ref: '#/components/schemas/Security_Timeline_API_DataProviderResult' - nullable: true - type: array - dataViewId: - nullable: true - type: string - dateRange: - nullable: true - type: object - properties: - end: - oneOf: - - nullable: true - type: string - - nullable: true - type: number - start: - oneOf: - - nullable: true - type: string - - nullable: true - type: number - description: - nullable: true - type: string - eqlOptions: - nullable: true - type: object - properties: - eventCategoryField: - nullable: true - type: string - query: - nullable: true - type: string - size: - oneOf: - - nullable: true - type: string - - nullable: true - type: number - tiebreakerField: - nullable: true - type: string - timestampField: - nullable: true - type: string - eventType: - nullable: true - type: string - excludedRowRendererIds: - items: - $ref: '#/components/schemas/Security_Timeline_API_RowRendererId' - nullable: true - type: array - favorite: - items: - $ref: '#/components/schemas/Security_Timeline_API_FavoriteTimelineResult' - nullable: true - type: array - filters: - items: - $ref: '#/components/schemas/Security_Timeline_API_FilterTimelineResult' - nullable: true - type: array - indexNames: - items: - type: string - nullable: true - type: array - kqlMode: - nullable: true - type: string - kqlQuery: - $ref: >- - #/components/schemas/Security_Timeline_API_SerializedFilterQueryResult - nullable: true - savedQueryId: - nullable: true - type: string - savedSearchId: - nullable: true - type: string - sort: - $ref: '#/components/schemas/Security_Timeline_API_Sort' - nullable: true - status: - enum: - - active - - draft - - immutable - nullable: true - type: string - templateTimelineId: - nullable: true - type: string - templateTimelineVersion: - nullable: true - type: number - timelineType: - $ref: '#/components/schemas/Security_Timeline_API_TimelineType' - nullable: true - title: - nullable: true - type: string - updated: - nullable: true - type: number - updatedBy: - nullable: true - type: string - Security_Timeline_API_SavedTimelineWithSavedObjectId: - allOf: - - $ref: '#/components/schemas/Security_Timeline_API_SavedTimeline' - - type: object - properties: - savedObjectId: - type: string - version: - type: string - required: - - savedObjectId - - version - Security_Timeline_API_SerializedFilterQueryResult: - type: object - properties: - filterQuery: - nullable: true - type: object - properties: - kuery: - nullable: true - type: object - properties: - expression: - nullable: true - type: string - kind: - nullable: true - type: string - serializedQuery: - nullable: true - type: string - Security_Timeline_API_Sort: - oneOf: - - $ref: '#/components/schemas/Security_Timeline_API_SortObject' - - items: - $ref: '#/components/schemas/Security_Timeline_API_SortObject' - type: array - Security_Timeline_API_SortFieldTimeline: - description: The field to sort the timelines by. - enum: - - title - - description - - updated - - created - type: string - Security_Timeline_API_SortObject: - type: object - properties: - columnId: - nullable: true - type: string - columnType: - nullable: true - type: string - sortDirection: - nullable: true - type: string - Security_Timeline_API_TimelineResponse: - allOf: - - $ref: '#/components/schemas/Security_Timeline_API_SavedTimeline' - - $ref: >- - #/components/schemas/Security_Timeline_API_SavedTimelineWithSavedObjectId - - type: object - properties: - eventIdToNoteIds: - items: - $ref: '#/components/schemas/Security_Timeline_API_Note' - nullable: true - type: array - noteIds: - items: - type: string - nullable: true - type: array - notes: - items: - $ref: '#/components/schemas/Security_Timeline_API_Note' - nullable: true - type: array - pinnedEventIds: - items: - type: string - nullable: true - type: array - pinnedEventsSaveObject: - items: - $ref: '#/components/schemas/Security_Timeline_API_PinnedEvent' - nullable: true - type: array - Security_Timeline_API_TimelineSavedToReturnObject: - allOf: - - $ref: '#/components/schemas/Security_Timeline_API_SavedTimeline' - - type: object - properties: - eventIdToNoteIds: - items: - $ref: '#/components/schemas/Security_Timeline_API_Note' - nullable: true - type: array - noteIds: - items: - type: string - nullable: true - type: array - notes: - items: - $ref: '#/components/schemas/Security_Timeline_API_Note' - nullable: true - type: array - pinnedEventIds: - items: - type: string - nullable: true - type: array - pinnedEventsSaveObject: - items: - $ref: '#/components/schemas/Security_Timeline_API_PinnedEvent' - nullable: true - type: array - savedObjectId: - type: string - version: - type: string - required: - - savedObjectId - - version - Security_Timeline_API_TimelineStatus: - description: >- - The status of the timeline. Valid values are `active`, `draft`, and - `immutable`. - enum: - - active - - draft - - immutable - type: string - Security_Timeline_API_TimelineType: - description: >- - The type of timeline to create. Valid values are `default` and - `template`. - enum: - - default - - template - type: string - Serverless_saved_objects_400_response: - title: Bad request - type: object - properties: - error: - enum: - - Bad Request - type: string - message: - type: string - statusCode: - enum: - - 400 - type: integer - required: - - error - - message - - statusCode - SLOs_400_response: - title: Bad request - type: object - properties: - error: - example: Bad Request - type: string - message: - example: 'Invalid value ''foo'' supplied to: [...]' - type: string - statusCode: - example: 400 - type: number - required: - - statusCode - - error - - message - SLOs_401_response: - title: Unauthorized - type: object - properties: - error: - example: Unauthorized - type: string - message: - example: "[security_exception\n\tRoot causes:\n\t\tsecurity_exception: unable to authenticate user [elastics] for REST request [/_security/_authenticate]]: unable to authenticate user [elastics] for REST request [/_security/_authenticate]" - type: string - statusCode: - example: 401 - type: number - required: - - statusCode - - error - - message - SLOs_403_response: - title: Unauthorized - type: object - properties: - error: - example: Unauthorized - type: string - message: - example: "[security_exception\n\tRoot causes:\n\t\tsecurity_exception: unable to authenticate user [elastics] for REST request [/_security/_authenticate]]: unable to authenticate user [elastics] for REST request [/_security/_authenticate]" - type: string - statusCode: - example: 403 - type: number - required: - - statusCode - - error - - message - SLOs_404_response: - title: Not found - type: object - properties: - error: - example: Not Found - type: string - message: - example: SLO [3749f390-03a3-11ee-8139-c7ff60a1692d] not found - type: string - statusCode: - example: 404 - type: number - required: - - statusCode - - error - - message - SLOs_409_response: - title: Conflict - type: object - properties: - error: - example: Conflict - type: string - message: - example: SLO [d077e940-1515-11ee-9c50-9d096392f520] already exists - type: string - statusCode: - example: 409 - type: number - required: - - statusCode - - error - - message - SLOs_budgeting_method: - description: The budgeting method to use when computing the rollup data. - enum: - - occurrences - - timeslices - example: occurrences - title: Budgeting method - type: string - SLOs_create_slo_request: - description: > - The create SLO API request body varies depending on the type of - indicator, time window and budgeting method. - properties: - budgetingMethod: - $ref: '#/components/schemas/SLOs_budgeting_method' - description: - description: A description for the SLO. - type: string - groupBy: - $ref: '#/components/schemas/SLOs_group_by' - id: - description: >- - A optional and unique identifier for the SLO. Must be between 8 and - 36 chars - example: my-super-slo-id - type: string - indicator: - oneOf: - - $ref: '#/components/schemas/SLOs_indicator_properties_custom_kql' - - $ref: '#/components/schemas/SLOs_indicator_properties_apm_availability' - - $ref: '#/components/schemas/SLOs_indicator_properties_apm_latency' - - $ref: '#/components/schemas/SLOs_indicator_properties_custom_metric' - - $ref: '#/components/schemas/SLOs_indicator_properties_histogram' - - $ref: '#/components/schemas/SLOs_indicator_properties_timeslice_metric' - name: - description: A name for the SLO. - type: string - objective: - $ref: '#/components/schemas/SLOs_objective' - settings: - $ref: '#/components/schemas/SLOs_settings' - tags: - description: List of tags - items: - type: string - type: array - timeWindow: - $ref: '#/components/schemas/SLOs_time_window' - required: - - name - - description - - indicator - - timeWindow - - budgetingMethod - - objective - title: Create SLO request - type: object - SLOs_create_slo_response: - title: Create SLO response - type: object - properties: - id: - example: 8853df00-ae2e-11ed-90af-09bb6422b258 - type: string - required: - - id - SLOs_delete_slo_instances_request: - description: > - The delete SLO instances request takes a list of SLO id and instance id, - then delete the rollup and summary data. This API can be used to remove - the staled data of an instance SLO that no longer get updated. - properties: - list: - description: An array of slo id and instance id - items: - type: object - properties: - instanceId: - description: The SLO instance identifier - example: 8853df00-ae2e-11ed-90af-09bb6422b258 - type: string - sloId: - description: The SLO unique identifier - example: 8853df00-ae2e-11ed-90af-09bb6422b258 - type: string - required: - - sloId - - instanceId - type: array - required: - - list - title: Delete SLO instances request - type: object - SLOs_error_budget: - title: Error budget - type: object - properties: - consumed: - description: The error budget consummed, as a percentage of the initial value. - example: 0.8 - type: number - initial: - description: The initial error budget, as 1 - objective - example: 0.02 - type: number - isEstimated: - description: >- - Only for SLO defined with occurrences budgeting method and calendar - aligned time window. - example: true - type: boolean - remaining: - description: The error budget remaining, as a percentage of the initial value. - example: 0.2 - type: number - required: - - initial - - consumed - - remaining - - isEstimated - SLOs_filter: - description: Defines properties for a filter - properties: - meta: - $ref: '#/components/schemas/SLOs_filter_meta' - query: - type: object - title: Filter - type: object - SLOs_filter_meta: - description: Defines properties for a filter - properties: - alias: - nullable: true - type: string - controlledBy: - type: string - disabled: - type: boolean - field: - type: string - group: - type: string - index: - type: string - isMultiIndex: - type: boolean - key: - type: string - negate: - type: boolean - params: - type: object - type: - type: string - value: - type: string - title: FilterMeta - type: object - SLOs_find_slo_response: - description: | - A paginated response of SLOs matching the query. - properties: - page: - example: 1 - type: number - perPage: - example: 25 - type: number - results: - items: - $ref: '#/components/schemas/SLOs_slo_with_summary_response' - type: array - total: - example: 34 - type: number - title: Find SLO response - type: object - SLOs_group_by: - description: >- - optional group by field or fields to use to generate an SLO per distinct - value - example: - - - service.name - - service.name - - - service.name - - service.environment - oneOf: - - type: string - - items: - type: string - type: array - title: Group by - SLOs_indicator_properties_apm_availability: - description: Defines properties for the APM availability indicator type - type: object - properties: - params: - description: An object containing the indicator parameters. - nullable: false - type: object - properties: - environment: - description: The APM service environment or "*" - example: production - type: string - filter: - description: KQL query used for filtering the data - example: 'service.foo : "bar"' - type: string - index: - description: The index used by APM metrics - example: metrics-apm*,apm* - type: string - service: - description: The APM service name - example: o11y-app - type: string - transactionName: - description: The APM transaction name or "*" - example: GET /my/api - type: string - transactionType: - description: The APM transaction type or "*" - example: request - type: string - required: - - service - - environment - - transactionType - - transactionName - - index - type: - description: The type of indicator. - example: sli.apm.transactionDuration - type: string - required: - - type - - params - title: APM availability - SLOs_indicator_properties_apm_latency: - description: Defines properties for the APM latency indicator type - type: object - properties: - params: - description: An object containing the indicator parameters. - nullable: false - type: object - properties: - environment: - description: The APM service environment or "*" - example: production - type: string - filter: - description: KQL query used for filtering the data - example: 'service.foo : "bar"' - type: string - index: - description: The index used by APM metrics - example: metrics-apm*,apm* - type: string - service: - description: The APM service name - example: o11y-app - type: string - threshold: - description: The latency threshold in milliseconds - example: 250 - type: number - transactionName: - description: The APM transaction name or "*" - example: GET /my/api - type: string - transactionType: - description: The APM transaction type or "*" - example: request - type: string - required: - - service - - environment - - transactionType - - transactionName - - index - - threshold - type: - description: The type of indicator. - example: sli.apm.transactionDuration - type: string - required: - - type - - params - title: APM latency - SLOs_indicator_properties_custom_kql: - description: Defines properties for a custom query indicator type - type: object - properties: - params: - description: An object containing the indicator parameters. - nullable: false - type: object - properties: - dataViewId: - description: >- - The kibana data view id to use, primarily used to include data - view runtime mappings. Make sure to save SLO again if you - add/update run time fields to the data view and if those fields - are being used in slo queries. - example: 03b80ab3-003d-498b-881c-3beedbaf1162 - type: string - filter: - $ref: '#/components/schemas/SLOs_kql_with_filters' - good: - $ref: '#/components/schemas/SLOs_kql_with_filters_good' - index: - description: The index or index pattern to use - example: my-service-* - type: string - timestampField: - description: | - The timestamp field used in the source indice. - example: timestamp - type: string - total: - $ref: '#/components/schemas/SLOs_kql_with_filters_total' - required: - - index - - timestampField - - good - - total - type: - description: The type of indicator. - example: sli.kql.custom - type: string - required: - - type - - params - title: Custom Query - SLOs_indicator_properties_custom_metric: - description: Defines properties for a custom metric indicator type - type: object - properties: - params: - description: An object containing the indicator parameters. - nullable: false - type: object - properties: - dataViewId: - description: >- - The kibana data view id to use, primarily used to include data - view runtime mappings. Make sure to save SLO again if you - add/update run time fields to the data view and if those fields - are being used in slo queries. - example: 03b80ab3-003d-498b-881c-3beedbaf1162 - type: string - filter: - description: the KQL query to filter the documents with. - example: 'field.environment : "production" and service.name : "my-service"' - type: string - good: - description: | - An object defining the "good" metrics and equation - type: object - properties: - equation: - description: The equation to calculate the "good" metric. - example: A - type: string - metrics: - description: >- - List of metrics with their name, aggregation type, and - field. - items: - type: object - properties: - aggregation: - description: >- - The aggregation type of the metric. Only valid option - is "sum" - enum: - - sum - example: sum - type: string - field: - description: The field of the metric. - example: processor.processed - type: string - filter: - description: The filter to apply to the metric. - example: 'processor.outcome: "success"' - type: string - name: - description: The name of the metric. Only valid options are A-Z - example: A - pattern: ^[A-Z]$ - type: string - required: - - name - - aggregation - - field - type: array - required: - - metrics - - equation - index: - description: The index or index pattern to use - example: my-service-* - type: string - timestampField: - description: | - The timestamp field used in the source indice. - example: timestamp - type: string - total: - description: | - An object defining the "total" metrics and equation - type: object - properties: - equation: - description: The equation to calculate the "total" metric. - example: A - type: string - metrics: - description: >- - List of metrics with their name, aggregation type, and - field. - items: - type: object - properties: - aggregation: - description: >- - The aggregation type of the metric. Only valid option - is "sum" - enum: - - sum - example: sum - type: string - field: - description: The field of the metric. - example: processor.processed - type: string - filter: - description: The filter to apply to the metric. - example: 'processor.outcome: *' - type: string - name: - description: The name of the metric. Only valid options are A-Z - example: A - pattern: ^[A-Z]$ - type: string - required: - - name - - aggregation - - field - type: array - required: - - metrics - - equation - required: - - index - - timestampField - - good - - total - type: - description: The type of indicator. - example: sli.metric.custom - type: string - required: - - type - - params - title: Custom metric - SLOs_indicator_properties_histogram: - description: Defines properties for a histogram indicator type - type: object - properties: - params: - description: An object containing the indicator parameters. - nullable: false - type: object - properties: - dataViewId: - description: >- - The kibana data view id to use, primarily used to include data - view runtime mappings. Make sure to save SLO again if you - add/update run time fields to the data view and if those fields - are being used in slo queries. - example: 03b80ab3-003d-498b-881c-3beedbaf1162 - type: string - filter: - description: the KQL query to filter the documents with. - example: 'field.environment : "production" and service.name : "my-service"' - type: string - good: - description: | - An object defining the "good" events - type: object - properties: - aggregation: - description: The type of aggregation to use. - enum: - - value_count - - range - example: value_count - type: string - field: - description: The field use to aggregate the good events. - example: processor.latency - type: string - filter: - description: The filter for good events. - example: 'processor.outcome: "success"' - type: string - from: - description: >- - The starting value of the range. Only required for "range" - aggregations. - example: 0 - type: number - to: - description: >- - The ending value of the range. Only required for "range" - aggregations. - example: 100 - type: number - required: - - aggregation - - field - index: - description: The index or index pattern to use - example: my-service-* - type: string - timestampField: - description: | - The timestamp field used in the source indice. - example: timestamp - type: string - total: - description: | - An object defining the "total" events - type: object - properties: - aggregation: - description: The type of aggregation to use. - enum: - - value_count - - range - example: value_count - type: string - field: - description: The field use to aggregate the good events. - example: processor.latency - type: string - filter: - description: The filter for total events. - example: 'processor.outcome : *' - type: string - from: - description: >- - The starting value of the range. Only required for "range" - aggregations. - example: 0 - type: number - to: - description: >- - The ending value of the range. Only required for "range" - aggregations. - example: 100 - type: number - required: - - aggregation - - field - required: - - index - - timestampField - - good - - total - type: - description: The type of indicator. - example: sli.histogram.custom - type: string - required: - - type - - params - title: Histogram indicator - SLOs_indicator_properties_timeslice_metric: - description: Defines properties for a timeslice metric indicator type - type: object - properties: - params: - description: An object containing the indicator parameters. - nullable: false - type: object - properties: - dataViewId: - description: >- - The kibana data view id to use, primarily used to include data - view runtime mappings. Make sure to save SLO again if you - add/update run time fields to the data view and if those fields - are being used in slo queries. - example: 03b80ab3-003d-498b-881c-3beedbaf1162 - type: string - filter: - description: the KQL query to filter the documents with. - example: 'field.environment : "production" and service.name : "my-service"' - type: string - index: - description: The index or index pattern to use - example: my-service-* - type: string - metric: - description: > - An object defining the metrics, equation, and threshold to - determine if it's a good slice or not - type: object - properties: - comparator: - description: >- - The comparator to use to compare the equation to the - threshold. - enum: - - GT - - GTE - - LT - - LTE - example: GT - type: string - equation: - description: The equation to calculate the metric. - example: A - type: string - metrics: - description: >- - List of metrics with their name, aggregation type, and - field. - items: - anyOf: - - $ref: >- - #/components/schemas/SLOs_timeslice_metric_basic_metric_with_field - - $ref: >- - #/components/schemas/SLOs_timeslice_metric_percentile_metric - - $ref: >- - #/components/schemas/SLOs_timeslice_metric_doc_count_metric - type: array - threshold: - description: >- - The threshold used to determine if the metric is a good - slice or not. - example: 100 - type: number - required: - - metrics - - equation - - comparator - - threshold - timestampField: - description: | - The timestamp field used in the source indice. - example: timestamp - type: string - required: - - index - - timestampField - - metric - type: - description: The type of indicator. - example: sli.metric.timeslice - type: string - required: - - type - - params - title: Timeslice metric - SLOs_kql_with_filters: - description: Defines properties for a filter - oneOf: - - description: the KQL query to filter the documents with. - example: 'field.environment : "production" and service.name : "my-service"' - type: string - - type: object - properties: - filters: - items: - $ref: '#/components/schemas/SLOs_filter' - type: array - kqlQuery: - type: string - title: KQL with filters - SLOs_kql_with_filters_good: - description: The KQL query used to define the good events. - oneOf: - - description: the KQL query to filter the documents with. - example: 'request.latency <= 150 and request.status_code : "2xx"' - type: string - - type: object - properties: - filters: - items: - $ref: '#/components/schemas/SLOs_filter' - type: array - kqlQuery: - type: string - title: KQL query for good events - SLOs_kql_with_filters_total: - description: The KQL query used to define all events. - oneOf: - - description: the KQL query to filter the documents with. - example: 'field.environment : "production" and service.name : "my-service"' - type: string - - type: object - properties: - filters: - items: - $ref: '#/components/schemas/SLOs_filter' - type: array - kqlQuery: - type: string - title: KQL query for all events - SLOs_objective: - description: Defines properties for the SLO objective - type: object - properties: - target: - description: the target objective between 0 and 1 excluded - example: 0.99 - exclusiveMaximum: true - exclusiveMinimum: true - maximum: 100 - minimum: 0 - type: number - timesliceTarget: - description: >- - the target objective for each slice when using a timeslices - budgeting method - example: 0.995 - maximum: 100 - minimum: 0 - type: number - timesliceWindow: - description: >- - the duration of each slice when using a timeslices budgeting method, - as {duraton}{unit} - example: 5m - type: string - required: - - target - title: Objective - SLOs_settings: - description: Defines properties for SLO settings. - properties: - frequency: - default: 1m - description: Configure how often the transform runs, default 1m - example: 5m - type: string - preventInitialBackfill: - default: false - description: Prevents the transform from backfilling data when it starts. - example: true - type: boolean - syncDelay: - default: 1m - description: The synch delay to apply to the transform. Default 1m - example: 5m - type: string - title: Settings - type: object - SLOs_slo_definition_response: - title: SLO definition response - type: object - properties: - budgetingMethod: - $ref: '#/components/schemas/SLOs_budgeting_method' - createdAt: - description: The creation date - example: '2023-01-12T10:03:19.000Z' - type: string - description: - description: The description of the SLO. - example: My SLO description - type: string - enabled: - description: Indicate if the SLO is enabled - example: true - type: boolean - groupBy: - $ref: '#/components/schemas/SLOs_group_by' - id: - description: The identifier of the SLO. - example: 8853df00-ae2e-11ed-90af-09bb6422b258 - type: string - indicator: - discriminator: - mapping: - sli.apm.transactionDuration: '#/components/schemas/SLOs_indicator_properties_apm_latency' - sli.apm.transactionErrorRate: '#/components/schemas/SLOs_indicator_properties_apm_availability' - sli.histogram.custom: '#/components/schemas/SLOs_indicator_properties_histogram' - sli.kql.custom: '#/components/schemas/SLOs_indicator_properties_custom_kql' - sli.metric.custom: '#/components/schemas/SLOs_indicator_properties_custom_metric' - sli.metric.timeslice: '#/components/schemas/SLOs_indicator_properties_timeslice_metric' - propertyName: type - oneOf: - - $ref: '#/components/schemas/SLOs_indicator_properties_custom_kql' - - $ref: '#/components/schemas/SLOs_indicator_properties_apm_availability' - - $ref: '#/components/schemas/SLOs_indicator_properties_apm_latency' - - $ref: '#/components/schemas/SLOs_indicator_properties_custom_metric' - - $ref: '#/components/schemas/SLOs_indicator_properties_histogram' - - $ref: '#/components/schemas/SLOs_indicator_properties_timeslice_metric' - name: - description: The name of the SLO. - example: My Service SLO - type: string - objective: - $ref: '#/components/schemas/SLOs_objective' - revision: - description: The SLO revision - example: 2 - type: number - settings: - $ref: '#/components/schemas/SLOs_settings' - tags: - description: List of tags - items: - type: string - type: array - timeWindow: - $ref: '#/components/schemas/SLOs_time_window' - updatedAt: - description: The last update date - example: '2023-01-12T10:03:19.000Z' - type: string - version: - description: The internal SLO version - example: 2 - type: number - required: - - id - - name - - description - - indicator - - timeWindow - - budgetingMethod - - objective - - settings - - revision - - enabled - - groupBy - - tags - - createdAt - - updatedAt - - version - SLOs_slo_with_summary_response: - title: SLO response - type: object - properties: - budgetingMethod: - $ref: '#/components/schemas/SLOs_budgeting_method' - createdAt: - description: The creation date - example: '2023-01-12T10:03:19.000Z' - type: string - description: - description: The description of the SLO. - example: My SLO description - type: string - enabled: - description: Indicate if the SLO is enabled - example: true - type: boolean - groupBy: - $ref: '#/components/schemas/SLOs_group_by' - id: - description: The identifier of the SLO. - example: 8853df00-ae2e-11ed-90af-09bb6422b258 - type: string - indicator: - discriminator: - mapping: - sli.apm.transactionDuration: '#/components/schemas/SLOs_indicator_properties_apm_latency' - sli.apm.transactionErrorRate: '#/components/schemas/SLOs_indicator_properties_apm_availability' - sli.histogram.custom: '#/components/schemas/SLOs_indicator_properties_histogram' - sli.kql.custom: '#/components/schemas/SLOs_indicator_properties_custom_kql' - sli.metric.custom: '#/components/schemas/SLOs_indicator_properties_custom_metric' - sli.metric.timeslice: '#/components/schemas/SLOs_indicator_properties_timeslice_metric' - propertyName: type - oneOf: - - $ref: '#/components/schemas/SLOs_indicator_properties_custom_kql' - - $ref: '#/components/schemas/SLOs_indicator_properties_apm_availability' - - $ref: '#/components/schemas/SLOs_indicator_properties_apm_latency' - - $ref: '#/components/schemas/SLOs_indicator_properties_custom_metric' - - $ref: '#/components/schemas/SLOs_indicator_properties_histogram' - - $ref: '#/components/schemas/SLOs_indicator_properties_timeslice_metric' - instanceId: - description: the value derived from the groupBy field, if present, otherwise '*' - example: host-abcde - type: string - name: - description: The name of the SLO. - example: My Service SLO - type: string - objective: - $ref: '#/components/schemas/SLOs_objective' - revision: - description: The SLO revision - example: 2 - type: number - settings: - $ref: '#/components/schemas/SLOs_settings' - summary: - $ref: '#/components/schemas/SLOs_summary' - tags: - description: List of tags - items: - type: string - type: array - timeWindow: - $ref: '#/components/schemas/SLOs_time_window' - updatedAt: - description: The last update date - example: '2023-01-12T10:03:19.000Z' - type: string - version: - description: The internal SLO version - example: 2 - type: number - required: - - id - - name - - description - - indicator - - timeWindow - - budgetingMethod - - objective - - settings - - revision - - summary - - enabled - - groupBy - - instanceId - - tags - - createdAt - - updatedAt - - version - SLOs_summary: - description: The SLO computed data - properties: - errorBudget: - $ref: '#/components/schemas/SLOs_error_budget' - sliValue: - example: 0.9836 - type: number - status: - $ref: '#/components/schemas/SLOs_summary_status' - required: - - status - - sliValue - - errorBudget - title: Summary - type: object - SLOs_summary_status: - enum: - - NO_DATA - - HEALTHY - - DEGRADING - - VIOLATED - example: HEALTHY - title: summary status - type: string - SLOs_time_window: - description: Defines properties for the SLO time window - type: object - properties: - duration: - description: >- - the duration formatted as {duration}{unit}. Accepted values for - rolling: 7d, 30d, 90d. Accepted values for calendar aligned: 1w - (weekly) or 1M (monthly) - example: 30d - type: string - type: - description: >- - Indicates weither the time window is a rolling or a calendar aligned - time window. - enum: - - rolling - - calendarAligned - example: rolling - type: string - required: - - duration - - type - title: Time window - SLOs_timeslice_metric_basic_metric_with_field: - type: object - properties: - aggregation: - description: The aggregation type of the metric. - enum: - - sum - - avg - - min - - max - - std_deviation - - last_value - - cardinality - example: sum - type: string - field: - description: The field of the metric. - example: processor.processed - type: string - filter: - description: The filter to apply to the metric. - example: 'processor.outcome: "success"' - type: string - name: - description: The name of the metric. Only valid options are A-Z - example: A - pattern: ^[A-Z]$ - type: string - required: - - name - - aggregation - - field - title: Timeslice Metric Basic Metric with Field - SLOs_timeslice_metric_doc_count_metric: - type: object - properties: - aggregation: - description: The aggregation type of the metric. Only valid option is "doc_count" - enum: - - doc_count - example: doc_count - type: string - filter: - description: The filter to apply to the metric. - example: 'processor.outcome: "success"' - type: string - name: - description: The name of the metric. Only valid options are A-Z - example: A - pattern: ^[A-Z]$ - type: string - required: - - name - - aggregation - title: Timeslice Metric Doc Count Metric - SLOs_timeslice_metric_percentile_metric: - type: object - properties: - aggregation: - description: >- - The aggregation type of the metric. Only valid option is - "percentile" - enum: - - percentile - example: percentile - type: string - field: - description: The field of the metric. - example: processor.processed - type: string - filter: - description: The filter to apply to the metric. - example: 'processor.outcome: "success"' - type: string - name: - description: The name of the metric. Only valid options are A-Z - example: A - pattern: ^[A-Z]$ - type: string - percentile: - description: The percentile value. - example: 95 - type: number - required: - - name - - aggregation - - field - - percentile - title: Timeslice Metric Percentile Metric - SLOs_update_slo_request: - description: > - The update SLO API request body varies depending on the type of - indicator, time window and budgeting method. Partial update is handled. - properties: - budgetingMethod: - $ref: '#/components/schemas/SLOs_budgeting_method' - description: - description: A description for the SLO. - type: string - groupBy: - $ref: '#/components/schemas/SLOs_group_by' - indicator: - oneOf: - - $ref: '#/components/schemas/SLOs_indicator_properties_custom_kql' - - $ref: '#/components/schemas/SLOs_indicator_properties_apm_availability' - - $ref: '#/components/schemas/SLOs_indicator_properties_apm_latency' - - $ref: '#/components/schemas/SLOs_indicator_properties_custom_metric' - - $ref: '#/components/schemas/SLOs_indicator_properties_histogram' - - $ref: '#/components/schemas/SLOs_indicator_properties_timeslice_metric' - name: - description: A name for the SLO. - type: string - objective: - $ref: '#/components/schemas/SLOs_objective' - settings: - $ref: '#/components/schemas/SLOs_settings' - tags: - description: List of tags - items: - type: string - type: array - timeWindow: - $ref: '#/components/schemas/SLOs_time_window' - title: Update SLO request - type: object - securitySchemes: - apiKeyAuth: - description: >- - You must create an API key and use the encoded value in the request - header. To learn about creating keys, go to [API - keys](https://www.elastic.co/docs/current/serverless/api-keys). - in: header - name: Authorization - type: apiKey -security: - - apiKeyAuth: [] -tags: - - name: alerting - - description: > - Configure APM agent keys to authorize requests from APM agents to the APM - Server. - name: APM agent keys - - description: > - Annotate visualizations in the APM app with significant events. - Annotations enable you to easily see how events are impacting the - performance of your applications. - name: APM annotations - - name: connectors - - name: Data streams - - description: >- - Data view APIs enable you to manage data views, formerly known as Kibana - index patterns. - name: data views - - name: Elastic Agent actions - - name: Elastic Agent binary download sources - - name: Elastic Agent policies - - name: Elastic Agent status - - name: Elastic Agents - - name: Elastic Package Manager (EPM) - - name: Fleet enrollment API keys - - name: Fleet internals - - name: Fleet outputs - - name: Fleet package policies - - name: Fleet proxies - - name: Fleet Server hosts - - name: Fleet service tokens - - name: Fleet uninstall tokens - - name: Message Signing Service - - description: Machine learning - name: ml - - name: roles - - description: > - Export sets of saved objects that you want to import into {kib}, resolve - import errors, and rotate an encryption key for encrypted saved objects - with the saved objects APIs. - - - To manage a specific type of saved object, use the corresponding APIs. - - For example, use: - - - [Data views](../group/endpoint-data-views) - - - Warning: Do not write documents directly to the `.kibana` index. When you - write directly to the `.kibana` index, the data becomes corrupted and - permanently breaks future Kibana versions. - name: saved objects - x-displayName: Saved objects - - description: Manage and interact with Security Assistant resources. - name: Security AI Assistant API - x-displayName: Security AI assistant - - description: >- - You can create rules that automatically turn events and external alerts - sent to Elastic Security into detection alerts. These alerts are displayed - on the Detections page. - name: Security Detections API - x-displayName: Security detections - - description: >- - Endpoint Exceptions API allows you to manage detection rule endpoint - exceptions to prevent a rule from generating an alert from incoming events - even when the rule's other criteria are met. - name: Security Endpoint Exceptions API - x-displayName: Security endpoint exceptions - - description: Interact with and manage endpoints running the Elastic Defend integration. - name: Security Endpoint Management API - x-displayName: Security endpoint management - - description: '' - name: Security Entity Analytics API - x-displayName: Security entity analytics - - description: >- - Exceptions API allows you to manage detection rule exceptions to prevent a - rule from generating an alert from incoming events even when the rule's - other criteria are met. - name: Security Exceptions API - x-displayName: Security exceptions - - description: Lists API allows you to manage lists of keywords, IPs or IP ranges items. - name: Security Lists API - x-displayName: Security lists - - description: Run live queries, manage packs and saved queries. - name: Security Osquery API - x-displayName: Security Osquery - - description: >- - You can create Timelines and Timeline templates via the API, as well as - import new Timelines from an ndjson file. - name: Security Timeline API - x-displayName: Security timeline - - description: SLO APIs enable you to define, manage and track service-level objectives - name: slo - - name: spaces - - name: system diff --git a/oas_docs/output/kibana.serverless.yaml b/oas_docs/output/kibana.serverless.yaml index b1f6938936fbd4..05f614ede3df75 100644 --- a/oas_docs/output/kibana.serverless.yaml +++ b/oas_docs/output/kibana.serverless.yaml @@ -15066,7 +15066,6 @@ paths: - Elastic Agents /api/fleet/agent-status: get: - deprecated: true operationId: '%2Fapi%2Ffleet%2Fagent-status#0' parameters: - description: The version of the API to use @@ -16769,7 +16768,6 @@ paths: tags: - Elastic Agent actions put: - deprecated: true operationId: '%2Fapi%2Ffleet%2Fagents%2F%7BagentId%7D%2Freassign#0' parameters: - description: The version of the API to use @@ -18622,7 +18620,6 @@ paths: - Fleet enrollment API keys /api/fleet/enrollment-api-keys: get: - deprecated: true operationId: '%2Fapi%2Ffleet%2Fenrollment-api-keys#0' parameters: - description: The version of the API to use @@ -18654,7 +18651,6 @@ paths: summary: '' tags: [] post: - deprecated: true operationId: '%2Fapi%2Ffleet%2Fenrollment-api-keys#1' parameters: - description: The version of the API to use @@ -18692,7 +18688,6 @@ paths: tags: [] /api/fleet/enrollment-api-keys/{keyId}: delete: - deprecated: true operationId: '%2Fapi%2Ffleet%2Fenrollment-api-keys%2F%7BkeyId%7D#1' parameters: - description: The version of the API to use @@ -18719,7 +18714,6 @@ paths: summary: '' tags: [] get: - deprecated: true operationId: '%2Fapi%2Ffleet%2Fenrollment-api-keys%2F%7BkeyId%7D#0' parameters: - description: The version of the API to use @@ -20434,7 +20428,6 @@ paths: - Elastic Package Manager (EPM) /api/fleet/epm/packages/{pkgkey}: delete: - deprecated: true operationId: '%2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7Bpkgkey%7D#3' parameters: - description: The version of the API to use @@ -20473,7 +20466,6 @@ paths: summary: '' tags: [] get: - deprecated: true operationId: '%2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7Bpkgkey%7D#0' parameters: - description: The version of the API to use @@ -20514,7 +20506,6 @@ paths: summary: '' tags: [] post: - deprecated: true operationId: '%2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7Bpkgkey%7D#2' parameters: - description: The version of the API to use @@ -20570,7 +20561,6 @@ paths: summary: '' tags: [] put: - deprecated: true operationId: '%2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7Bpkgkey%7D#1' parameters: - description: The version of the API to use @@ -33533,7 +33523,6 @@ paths: - Fleet service tokens /api/fleet/service-tokens: post: - deprecated: true description: Create a service token operationId: '%2Fapi%2Ffleet%2Fservice-tokens#0' parameters: @@ -48896,9 +48885,7 @@ components: name: type: string source: - items: - type: string - type: array + type: string required: - name - source @@ -49050,9 +49037,7 @@ components: name: type: string source: - items: - type: string - type: array + type: string required: - name - source diff --git a/oas_docs/output/kibana.staging.yaml b/oas_docs/output/kibana.staging.yaml deleted file mode 100644 index ac76216c78801b..00000000000000 --- a/oas_docs/output/kibana.staging.yaml +++ /dev/null @@ -1,60627 +0,0 @@ -openapi: 3.0.3 -info: - contact: - name: Kibana Team - description: > - The Kibana REST APIs enable you to manage resources such as connectors, data - views, and saved objects. - - The API calls are stateless. - - Each request that you make happens in isolation from other calls and must - include all of the necessary information for Kibana to fulfill the - - request. - - API requests return JSON output, which is a format that is machine-readable - and works well for automation. - - - To interact with Kibana APIs, use the following operations: - - - - GET: Fetches the information. - - - PATCH: Applies partial modifications to the existing information. - - - POST: Adds new information. - - - PUT: Updates the existing information. - - - DELETE: Removes the information. - - - You can prepend any Kibana API endpoint with `kbn:` and run the request in - **Dev Tools → Console**. - - For example: - - - ``` - - GET kbn:/api/data_views - - ``` - - - For more information about the console, refer to [Run API - requests](https://www.elastic.co/guide/en/kibana/current/console-kibana.html). - - - NOTE: Access to internal Kibana API endpoints will be restricted in Kibana - version 9.0. Please move any integrations to publicly documented APIs. - - - ## Documentation source and versions - - - This documentation is derived from the `main` branch of the - [kibana](https://github.com/elastic/kibana) repository. - - It is provided under license [Attribution-NonCommercial-NoDerivatives 4.0 - International](https://creativecommons.org/licenses/by-nc-nd/4.0/). - title: Kibana APIs - version: 1.0.2 - x-doc-license: - name: Attribution-NonCommercial-NoDerivatives 4.0 International - url: https://creativecommons.org/licenses/by-nc-nd/4.0/ - x-feedbackLink: - label: Feedback - url: >- - https://github.com/elastic/docs-content/issues/new?assignees=&labels=feedback%2Ccommunity&projects=&template=api-feedback.yaml&title=%5BFeedback%5D%3A+ -servers: - - url: https://{kibana_url} - variables: - kibana_url: - default: localhost:5601 -paths: - /api/actions: - get: - deprecated: true - operationId: '%2Fapi%2Factions#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - responses: {} - summary: Get all connectors - tags: - - connectors - /api/actions/action: - post: - deprecated: true - operationId: '%2Fapi%2Factions%2Faction#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - actionTypeId: - description: The connector type identifier. - type: string - config: - additionalProperties: {} - default: {} - type: object - name: - description: The display name for the connector. - type: string - secrets: - additionalProperties: {} - default: {} - type: object - required: - - name - - actionTypeId - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - config: - additionalProperties: {} - type: object - connector_type_id: - description: The connector type identifier. - type: string - id: - description: The identifier for the connector. - type: string - is_deprecated: - description: Indicates whether the connector is deprecated. - type: boolean - is_missing_secrets: - description: Indicates whether the connector is missing secrets. - type: boolean - is_preconfigured: - description: >- - Indicates whether the connector is preconfigured. If true, - the `config` and `is_missing_secrets` properties are - omitted from the response. - type: boolean - is_system_action: - description: >- - Indicates whether the connector is used for system - actions. - type: boolean - name: - description: ' The name of the rule.' - type: string - required: - - id - - name - - connector_type_id - - is_preconfigured - - is_deprecated - - is_system_action - description: Indicates a successful call. - summary: Create a connector - tags: - - connectors - /api/actions/action/{id}: - delete: - deprecated: true - description: 'WARNING: When you delete a connector, it cannot be recovered.' - operationId: '%2Fapi%2Factions%2Faction%2F%7Bid%7D#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - description: An identifier for the connector. - in: path - name: id - required: true - schema: - type: string - responses: - '204': - description: Indicates a successful call. - summary: Delete a connector - tags: - - connectors - get: - deprecated: true - operationId: '%2Fapi%2Factions%2Faction%2F%7Bid%7D#1' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: An identifier for the connector. - in: path - name: id - required: true - schema: - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - config: - additionalProperties: {} - type: object - connector_type_id: - description: The connector type identifier. - type: string - id: - description: The identifier for the connector. - type: string - is_deprecated: - description: Indicates whether the connector is deprecated. - type: boolean - is_missing_secrets: - description: Indicates whether the connector is missing secrets. - type: boolean - is_preconfigured: - description: >- - Indicates whether the connector is preconfigured. If true, - the `config` and `is_missing_secrets` properties are - omitted from the response. - type: boolean - is_system_action: - description: >- - Indicates whether the connector is used for system - actions. - type: boolean - name: - description: ' The name of the rule.' - type: string - required: - - id - - name - - connector_type_id - - is_preconfigured - - is_deprecated - - is_system_action - description: Indicates a successful call. - summary: Get connector information - tags: - - connectors - put: - deprecated: true - operationId: '%2Fapi%2Factions%2Faction%2F%7Bid%7D#2' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - description: An identifier for the connector. - in: path - name: id - required: true - schema: - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - config: - additionalProperties: {} - default: {} - type: object - name: - type: string - secrets: - additionalProperties: {} - default: {} - type: object - required: - - name - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - config: - additionalProperties: {} - type: object - connector_type_id: - description: The connector type identifier. - type: string - id: - description: The identifier for the connector. - type: string - is_deprecated: - description: Indicates whether the connector is deprecated. - type: boolean - is_missing_secrets: - description: Indicates whether the connector is missing secrets. - type: boolean - is_preconfigured: - description: >- - Indicates whether the connector is preconfigured. If true, - the `config` and `is_missing_secrets` properties are - omitted from the response. - type: boolean - is_system_action: - description: >- - Indicates whether the connector is used for system - actions. - type: boolean - name: - description: ' The name of the rule.' - type: string - required: - - id - - name - - connector_type_id - - is_preconfigured - - is_deprecated - - is_system_action - description: Indicates a successful call. - summary: Update a connector - tags: - - connectors - /api/actions/action/{id}/_execute: - post: - deprecated: true - operationId: '%2Fapi%2Factions%2Faction%2F%7Bid%7D%2F_execute#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - description: An identifier for the connector. - in: path - name: id - required: true - schema: - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - params: - additionalProperties: {} - type: object - required: - - params - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - config: - additionalProperties: {} - type: object - connector_type_id: - description: The connector type identifier. - type: string - id: - description: The identifier for the connector. - type: string - is_deprecated: - description: Indicates whether the connector is deprecated. - type: boolean - is_missing_secrets: - description: Indicates whether the connector is missing secrets. - type: boolean - is_preconfigured: - description: >- - Indicates whether the connector is preconfigured. If true, - the `config` and `is_missing_secrets` properties are - omitted from the response. - type: boolean - is_system_action: - description: >- - Indicates whether the connector is used for system - actions. - type: boolean - name: - description: ' The name of the rule.' - type: string - required: - - id - - name - - connector_type_id - - is_preconfigured - - is_deprecated - - is_system_action - description: Indicates a successful call. - summary: Run a connector - tags: - - connectors - /api/actions/connector_types: - get: - description: You do not need any Kibana feature privileges to run this API. - operationId: '%2Fapi%2Factions%2Fconnector_types#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: >- - A filter to limit the retrieved connector types to those that - support a specific feature (such as alerting or cases). - in: query - name: feature_id - required: false - schema: - type: string - responses: {} - summary: Get connector types - tags: - - connectors - /api/actions/connector/{id}: - delete: - description: 'WARNING: When you delete a connector, it cannot be recovered.' - operationId: '%2Fapi%2Factions%2Fconnector%2F%7Bid%7D#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - description: An identifier for the connector. - in: path - name: id - required: true - schema: - type: string - responses: - '204': - description: Indicates a successful call. - summary: Delete a connector - tags: - - connectors - get: - operationId: '%2Fapi%2Factions%2Fconnector%2F%7Bid%7D#1' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: An identifier for the connector. - in: path - name: id - required: true - schema: - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - config: - additionalProperties: {} - type: object - connector_type_id: - description: The connector type identifier. - type: string - id: - description: The identifier for the connector. - type: string - is_deprecated: - description: Indicates whether the connector is deprecated. - type: boolean - is_missing_secrets: - description: Indicates whether the connector is missing secrets. - type: boolean - is_preconfigured: - description: >- - Indicates whether the connector is preconfigured. If true, - the `config` and `is_missing_secrets` properties are - omitted from the response. - type: boolean - is_system_action: - description: >- - Indicates whether the connector is used for system - actions. - type: boolean - name: - description: ' The name of the rule.' - type: string - required: - - id - - name - - connector_type_id - - is_preconfigured - - is_deprecated - - is_system_action - description: Indicates a successful call. - summary: Get connector information - tags: - - connectors - post: - operationId: '%2Fapi%2Factions%2Fconnector%2F%7Bid%3F%7D#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - description: An identifier for the connector. - in: path - name: id - required: false - schema: - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - config: - additionalProperties: {} - default: {} - type: object - connector_type_id: - description: The type of connector. - type: string - name: - description: The display name for the connector. - type: string - secrets: - additionalProperties: {} - default: {} - type: object - required: - - name - - connector_type_id - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - config: - additionalProperties: {} - type: object - connector_type_id: - description: The connector type identifier. - type: string - id: - description: The identifier for the connector. - type: string - is_deprecated: - description: Indicates whether the connector is deprecated. - type: boolean - is_missing_secrets: - description: Indicates whether the connector is missing secrets. - type: boolean - is_preconfigured: - description: >- - Indicates whether the connector is preconfigured. If true, - the `config` and `is_missing_secrets` properties are - omitted from the response. - type: boolean - is_system_action: - description: >- - Indicates whether the connector is used for system - actions. - type: boolean - name: - description: ' The name of the rule.' - type: string - required: - - id - - name - - connector_type_id - - is_preconfigured - - is_deprecated - - is_system_action - description: Indicates a successful call. - summary: Create a connector - tags: - - connectors - put: - operationId: '%2Fapi%2Factions%2Fconnector%2F%7Bid%7D#2' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - description: An identifier for the connector. - in: path - name: id - required: true - schema: - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - config: - additionalProperties: {} - default: {} - type: object - name: - description: The display name for the connector. - type: string - secrets: - additionalProperties: {} - default: {} - type: object - required: - - name - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - config: - additionalProperties: {} - type: object - connector_type_id: - description: The connector type identifier. - type: string - id: - description: The identifier for the connector. - type: string - is_deprecated: - description: Indicates whether the connector is deprecated. - type: boolean - is_missing_secrets: - description: Indicates whether the connector is missing secrets. - type: boolean - is_preconfigured: - description: >- - Indicates whether the connector is preconfigured. If true, - the `config` and `is_missing_secrets` properties are - omitted from the response. - type: boolean - is_system_action: - description: >- - Indicates whether the connector is used for system - actions. - type: boolean - name: - description: ' The name of the rule.' - type: string - required: - - id - - name - - connector_type_id - - is_preconfigured - - is_deprecated - - is_system_action - description: Indicates a successful call. - summary: Update a connector - tags: - - connectors - /api/actions/connector/{id}/_execute: - post: - description: >- - You can use this API to test an action that involves interaction with - Kibana services or integrations with third-party systems. - operationId: '%2Fapi%2Factions%2Fconnector%2F%7Bid%7D%2F_execute#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - description: An identifier for the connector. - in: path - name: id - required: true - schema: - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - params: - additionalProperties: {} - type: object - required: - - params - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - config: - additionalProperties: {} - type: object - connector_type_id: - description: The connector type identifier. - type: string - id: - description: The identifier for the connector. - type: string - is_deprecated: - description: Indicates whether the connector is deprecated. - type: boolean - is_missing_secrets: - description: Indicates whether the connector is missing secrets. - type: boolean - is_preconfigured: - description: >- - Indicates whether the connector is preconfigured. If true, - the `config` and `is_missing_secrets` properties are - omitted from the response. - type: boolean - is_system_action: - description: >- - Indicates whether the connector is used for system - actions. - type: boolean - name: - description: ' The name of the rule.' - type: string - required: - - id - - name - - connector_type_id - - is_preconfigured - - is_deprecated - - is_system_action - description: Indicates a successful call. - summary: Run a connector - tags: - - connectors - /api/actions/connectors: - get: - operationId: '%2Fapi%2Factions%2Fconnectors#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - responses: {} - summary: Get all connectors - tags: - - connectors - /api/actions/list_action_types: - get: - deprecated: true - operationId: '%2Fapi%2Factions%2Flist_action_types#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - responses: {} - summary: Get connector types - tags: - - connectors - /api/alerting/_health: - get: - description: > - You must have `read` privileges for the **Management > Stack Rules** - feature or for at least one of the **Analytics > Discover**, **Analytics - > Machine Learning**, **Observability**, or **Security** features. - operationId: getAlertingHealth - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - examples: - getAlertingHealthResponse: - $ref: '#/components/examples/Alerting_get_health_response' - schema: - type: object - properties: - alerting_framework_health: - description: > - Three substates identify the health of the alerting - framework: `decryption_health`, `execution_health`, and - `read_health`. - type: object - properties: - decryption_health: - description: The timestamp and status of the rule decryption. - type: object - properties: - status: - enum: - - error - - ok - - warn - example: ok - type: string - timestamp: - example: '2023-01-13T01:28:00.280Z' - format: date-time - type: string - execution_health: - description: The timestamp and status of the rule run. - type: object - properties: - status: - enum: - - error - - ok - - warn - example: ok - type: string - timestamp: - example: '2023-01-13T01:28:00.280Z' - format: date-time - type: string - read_health: - description: The timestamp and status of the rule reading events. - type: object - properties: - status: - enum: - - error - - ok - - warn - example: ok - type: string - timestamp: - example: '2023-01-13T01:28:00.280Z' - format: date-time - type: string - has_permanent_encryption_key: - description: >- - If `false`, the encrypted saved object plugin does not - have a permanent encryption key. - example: true - type: boolean - is_sufficiently_secure: - description: If `false`, security is enabled but TLS is not. - example: true - type: boolean - description: Indicates a successful call. - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Alerting_401_response' - description: Authorization information is missing or invalid. - summary: Get the alerting framework health - tags: - - alerting - /api/alerting/rule_types: - get: - description: > - If you have `read` privileges for one or more Kibana features, the API - response contains information about the appropriate rule types. For - example, there are rule types associated with the **Management > Stack - Rules** feature, **Analytics > Discover** and **Machine Learning** - features, **Observability** features, and **Security** features. To get - rule types associated with the **Stack Monitoring** feature, use the - `monitoring_user` built-in role. - operationId: getRuleTypes - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - examples: - getRuleTypesResponse: - $ref: '#/components/examples/Alerting_get_rule_types_response' - schema: - items: - type: object - properties: - action_groups: - description: > - An explicit list of groups for which the rule type can - schedule actions, each with the action group's unique ID - and human readable name. Rule actions validation uses - this configuration to ensure that groups are valid. - items: - type: object - properties: - id: - type: string - name: - type: string - type: array - action_variables: - description: > - A list of action variables that the rule type makes - available via context and state in action parameter - templates, and a short human readable description. When - you create a rule in Kibana, it uses this information to - prompt you for these variables in action parameter - editors. - type: object - properties: - context: - items: - type: object - properties: - description: - type: string - name: - type: string - useWithTripleBracesInTemplates: - type: boolean - type: array - params: - items: - type: object - properties: - description: - type: string - name: - type: string - type: array - state: - items: - type: object - properties: - description: - type: string - name: - type: string - type: array - alerts: - description: > - Details for writing alerts as data documents for this - rule type. - type: object - properties: - context: - description: | - The namespace for this rule type. - enum: - - ml.anomaly-detection - - observability.apm - - observability.logs - - observability.metrics - - observability.slo - - observability.threshold - - observability.uptime - - security - - stack - type: string - dynamic: - description: Indicates whether new fields are added dynamically. - enum: - - 'false' - - runtime - - strict - - 'true' - type: string - isSpaceAware: - description: > - Indicates whether the alerts are space-aware. If - true, space-specific alert indices are used. - type: boolean - mappings: - type: object - properties: - fieldMap: - additionalProperties: - $ref: >- - #/components/schemas/Alerting_fieldmap_properties - description: > - Mapping information for each field supported in - alerts as data documents for this rule type. For - more information about mapping parameters, refer - to the Elasticsearch documentation. - type: object - secondaryAlias: - description: > - A secondary alias. It is typically used to support - the signals alias for detection rules. - type: string - shouldWrite: - description: > - Indicates whether the rule should write out alerts - as data. - type: boolean - useEcs: - description: > - Indicates whether to include the ECS component - template for the alerts. - type: boolean - useLegacyAlerts: - default: false - description: > - Indicates whether to include the legacy component - template for the alerts. - type: boolean - authorized_consumers: - description: >- - The list of the plugins IDs that have access to the rule - type. - type: object - properties: - alerts: - type: object - properties: - all: - type: boolean - read: - type: boolean - apm: - type: object - properties: - all: - type: boolean - read: - type: boolean - discover: - type: object - properties: - all: - type: boolean - read: - type: boolean - infrastructure: - type: object - properties: - all: - type: boolean - read: - type: boolean - logs: - type: object - properties: - all: - type: boolean - read: - type: boolean - ml: - type: object - properties: - all: - type: boolean - read: - type: boolean - monitoring: - type: object - properties: - all: - type: boolean - read: - type: boolean - siem: - type: object - properties: - all: - type: boolean - read: - type: boolean - slo: - type: object - properties: - all: - type: boolean - read: - type: boolean - stackAlerts: - type: object - properties: - all: - type: boolean - read: - type: boolean - uptime: - type: object - properties: - all: - type: boolean - read: - type: boolean - category: - description: >- - The rule category, which is used by features such as - category-specific maintenance windows. - enum: - - management - - observability - - securitySolution - type: string - default_action_group_id: - description: The default identifier for the rule type group. - type: string - does_set_recovery_context: - description: >- - Indicates whether the rule passes context variables to - its recovery action. - type: boolean - enabled_in_license: - description: >- - Indicates whether the rule type is enabled or disabled - based on the subscription. - type: boolean - has_alerts_mappings: - description: >- - Indicates whether the rule type has custom mappings for - the alert data. - type: boolean - has_fields_for_a_a_d: - type: boolean - id: - description: The unique identifier for the rule type. - type: string - is_exportable: - description: >- - Indicates whether the rule type is exportable in **Stack - Management > Saved Objects**. - type: boolean - minimum_license_required: - description: The subscriptions required to use the rule type. - example: basic - type: string - name: - description: The descriptive name of the rule type. - type: string - producer: - description: >- - An identifier for the application that produces this - rule type. - example: stackAlerts - type: string - recovery_action_group: - description: >- - An action group to use when an alert goes from an active - state to an inactive one. - type: object - properties: - id: - type: string - name: - type: string - rule_task_timeout: - example: 5m - type: string - type: array - description: Indicates a successful call. - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Alerting_401_response' - description: Authorization information is missing or invalid. - summary: Get the rule types - tags: - - alerting - /api/alerting/rule/{id}: - delete: - operationId: '%2Fapi%2Falerting%2Frule%2F%7Bid%7D#2' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - description: The identifier for the rule. - in: path - name: id - required: true - schema: - type: string - responses: - '204': - description: Indicates a successful call. - '400': - description: Indicates an invalid schema or parameters. - '403': - description: Indicates that this call is forbidden. - '404': - description: Indicates a rule with the given ID does not exist. - summary: Delete a rule - tags: - - alerting - get: - operationId: '%2Fapi%2Falerting%2Frule%2F%7Bid%7D#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: The identifier for the rule. - in: path - name: id - required: true - schema: - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - actions: - items: - additionalProperties: false - type: object - properties: - alerts_filter: - additionalProperties: false - description: >- - Defines a period that limits whether the action - runs. - type: object - properties: - query: - additionalProperties: false - type: object - properties: - dsl: - description: >- - A filter written in Elasticsearch Query - Domain Specific Language (DSL). - type: string - filters: - description: >- - A filter written in Elasticsearch Query - Domain Specific Language (DSL) as defined in - the `kbn-es-query` package. - items: - additionalProperties: false - type: object - properties: - $state: - additionalProperties: false - type: object - properties: - store: - description: >- - A filter can be either specific to an - application context or applied globally. - enum: - - appState - - globalState - type: string - required: - - store - meta: - additionalProperties: {} - type: object - query: - additionalProperties: {} - type: object - required: - - meta - type: array - kql: - description: >- - A filter written in Kibana Query Language - (KQL). - type: string - required: - - kql - - filters - timeframe: - additionalProperties: false - type: object - properties: - days: - description: >- - Defines the days of the week that the action - can run, represented as an array of numbers. - For example, `1` represents Monday. An empty - array is equivalent to specifying all the - days of the week. - items: - enum: - - 1 - - 2 - - 3 - - 4 - - 5 - - 6 - - 7 - type: integer - type: array - hours: - additionalProperties: false - type: object - properties: - end: - description: >- - The end of the time frame in 24-hour - notation (`hh:mm`). - type: string - start: - description: >- - The start of the time frame in 24-hour - notation (`hh:mm`). - type: string - required: - - start - - end - timezone: - description: >- - The ISO time zone for the `hours` values. - Values such as `UTC` and `UTC+1` also work - but lack built-in daylight savings time - support and are not recommended. - type: string - required: - - days - - hours - - timezone - connector_type_id: - description: >- - The type of connector. This property appears in - responses but cannot be set in requests. - type: string - frequency: - additionalProperties: false - type: object - properties: - notify_when: - description: >- - Indicates how often alerts generate actions. - Valid values include: `onActionGroupChange`: - Actions run when the alert status changes; - `onActiveAlert`: Actions run when the alert - becomes active and at each check interval while - the rule conditions are met; - `onThrottleInterval`: Actions run when the alert - becomes active and at the interval specified in - the throttle property while the rule conditions - are met. NOTE: You cannot specify `notify_when` - at both the rule and action level. The - recommended method is to set it for each action. - If you set it at the rule level then update the - rule in Kibana, it is automatically changed to - use action-specific values. - enum: - - onActionGroupChange - - onActiveAlert - - onThrottleInterval - type: string - summary: - description: Indicates whether the action is a summary. - type: boolean - throttle: - description: >- - The throttle interval, which defines how often - an alert generates repeated actions. It is - specified in seconds, minutes, hours, or days - and is applicable only if 'notify_when' is set - to 'onThrottleInterval'. NOTE: You cannot - specify the throttle interval at both the rule - and action level. The recommended method is to - set it for each action. If you set it at the - rule level then update the rule in Kibana, it is - automatically changed to use action-specific - values. - nullable: true - type: string - required: - - summary - - notify_when - - throttle - group: - description: >- - The group name, which affects when the action runs - (for example, when the threshold is met or when the - alert is recovered). Each rule type has a list of - valid action group names. If you don't need to group - actions, set to `default`. - type: string - id: - description: The identifier for the connector saved object. - type: string - params: - additionalProperties: {} - description: >- - The parameters for the action, which are sent to the - connector. The `params` are handled as Mustache - templates and passed a default set of context. - type: object - use_alert_data_for_template: - description: Indicates whether to use alert data as a template. - type: boolean - uuid: - description: >- - A universally unique identifier (UUID) for the - action. - type: string - required: - - id - - connector_type_id - - params - type: array - active_snoozes: - items: - description: List of active snoozes for the rule. - type: string - type: array - alert_delay: - additionalProperties: false - description: >- - Indicates that an alert occurs only when the specified - number of consecutive runs met the rule conditions. - type: object - properties: - active: - description: >- - The number of consecutive runs that must meet the rule - conditions. - type: number - required: - - active - api_key_created_by_user: - description: >- - Indicates whether the API key that is associated with the - rule was created by the user. - nullable: true - type: boolean - api_key_owner: - description: >- - The owner of the API key that is associated with the rule - and used to run background tasks. - nullable: true - type: string - consumer: - description: >- - The name of the application or feature that owns the rule. - For example: `alerts`, `apm`, `discover`, - `infrastructure`, `logs`, `metrics`, `ml`, `monitoring`, - `securitySolution`, `siem`, `stackAlerts`, or `uptime`. - type: string - created_at: - description: The date and time that the rule was created. - type: string - created_by: - description: The identifier for the user that created the rule. - nullable: true - type: string - enabled: - description: >- - Indicates whether you want to run the rule on an interval - basis after it is created. - type: boolean - execution_status: - additionalProperties: false - type: object - properties: - error: - additionalProperties: false - type: object - properties: - message: - description: Error message. - type: string - reason: - description: Reason for error. - enum: - - read - - decrypt - - execute - - unknown - - license - - timeout - - disabled - - validate - type: string - required: - - reason - - message - last_duration: - description: Duration of last execution of the rule. - type: number - last_execution_date: - description: The date and time when rule was executed last. - type: string - status: - description: Status of rule execution. - enum: - - ok - - active - - error - - warning - - pending - - unknown - type: string - warning: - additionalProperties: false - type: object - properties: - message: - description: Warning message. - type: string - reason: - description: Reason for warning. - enum: - - maxExecutableActions - - maxAlerts - - maxQueuedActions - - ruleExecution - type: string - required: - - reason - - message - required: - - status - - last_execution_date - flapping: - additionalProperties: false - nullable: true - type: object - properties: - look_back_window: - maximum: 20 - minimum: 2 - type: number - status_change_threshold: - maximum: 20 - minimum: 2 - type: number - required: - - look_back_window - - status_change_threshold - id: - description: The identifier for the rule. - type: string - is_snoozed_until: - description: The date when the rule will no longer be snoozed. - nullable: true - type: string - last_run: - additionalProperties: false - nullable: true - type: object - properties: - alerts_count: - additionalProperties: false - type: object - properties: - active: - description: Number of active alerts during last run. - nullable: true - type: number - ignored: - description: Number of ignored alerts during last run. - nullable: true - type: number - new: - description: Number of new alerts during last run. - nullable: true - type: number - recovered: - description: Number of recovered alerts during last run. - nullable: true - type: number - outcome: - description: >- - Outcome of last run of the rule. Value could be - succeeded, warning or failed. - enum: - - succeeded - - warning - - failed - type: string - outcome_msg: - items: - description: Outcome message generated during last rule run. - type: string - nullable: true - type: array - outcome_order: - description: Order of the outcome. - type: number - warning: - description: Warning of last rule execution. - enum: - - read - - decrypt - - execute - - unknown - - license - - timeout - - disabled - - validate - - maxExecutableActions - - maxAlerts - - maxQueuedActions - - ruleExecution - nullable: true - type: string - required: - - outcome - - alerts_count - mapped_params: - additionalProperties: {} - type: object - monitoring: - additionalProperties: false - description: Monitoring details of the rule. - type: object - properties: - run: - additionalProperties: false - description: Rule run details. - type: object - properties: - calculated_metrics: - additionalProperties: false - description: >- - Calculation of different percentiles and success - ratio. - type: object - properties: - p50: - type: number - p95: - type: number - p99: - type: number - success_ratio: - type: number - required: - - success_ratio - history: - description: History of the rule run. - items: - additionalProperties: false - type: object - properties: - duration: - description: Duration of the rule run. - type: number - outcome: - additionalProperties: false - type: object - properties: - alerts_count: - additionalProperties: false - type: object - properties: - active: - description: Number of active alerts during last run. - nullable: true - type: number - ignored: - description: >- - Number of ignored alerts during last - run. - nullable: true - type: number - new: - description: Number of new alerts during last run. - nullable: true - type: number - recovered: - description: >- - Number of recovered alerts during last - run. - nullable: true - type: number - outcome: - description: >- - Outcome of last run of the rule. Value - could be succeeded, warning or failed. - enum: - - succeeded - - warning - - failed - type: string - outcome_msg: - items: - description: >- - Outcome message generated during last - rule run. - type: string - nullable: true - type: array - outcome_order: - description: Order of the outcome. - type: number - warning: - description: Warning of last rule execution. - enum: - - read - - decrypt - - execute - - unknown - - license - - timeout - - disabled - - validate - - maxExecutableActions - - maxAlerts - - maxQueuedActions - - ruleExecution - nullable: true - type: string - required: - - outcome - - alerts_count - success: - description: >- - Indicates whether the rule run was - successful. - type: boolean - timestamp: - description: Time of rule run. - type: number - required: - - success - - timestamp - type: array - last_run: - additionalProperties: false - type: object - properties: - metrics: - additionalProperties: false - type: object - properties: - duration: - description: Duration of most recent rule run. - type: number - gap_duration_s: - description: Duration in seconds of rule run gap. - nullable: true - type: number - total_alerts_created: - description: >- - Total number of alerts created during last - rule run. - nullable: true - type: number - total_alerts_detected: - description: >- - Total number of alerts detected during - last rule run. - nullable: true - type: number - total_indexing_duration_ms: - description: >- - Total time spent indexing documents during - last rule run in milliseconds. - nullable: true - type: number - total_search_duration_ms: - description: >- - Total time spent performing Elasticsearch - searches as measured by Kibana; includes - network latency and time spent serializing - or deserializing the request and response. - nullable: true - type: number - timestamp: - description: Time of the most recent rule run. - type: string - required: - - timestamp - - metrics - required: - - history - - calculated_metrics - - last_run - required: - - run - mute_all: - description: Indicates whether all alerts are muted. - type: boolean - muted_alert_ids: - items: - description: 'List of identifiers of muted alerts. ' - type: string - type: array - name: - description: ' The name of the rule.' - type: string - next_run: - description: Date and time of the next run of the rule. - nullable: true - type: string - notify_when: - description: >- - Indicates how often alerts generate actions. Valid values - include: `onActionGroupChange`: Actions run when the alert - status changes; `onActiveAlert`: Actions run when the - alert becomes active and at each check interval while the - rule conditions are met; `onThrottleInterval`: Actions run - when the alert becomes active and at the interval - specified in the throttle property while the rule - conditions are met. NOTE: You cannot specify `notify_when` - at both the rule and action level. The recommended method - is to set it for each action. If you set it at the rule - level then update the rule in Kibana, it is automatically - changed to use action-specific values. - enum: - - onActionGroupChange - - onActiveAlert - - onThrottleInterval - nullable: true - type: string - params: - additionalProperties: {} - description: The parameters for the rule. - type: object - revision: - description: The rule revision number. - type: number - rule_type_id: - description: The rule type identifier. - type: string - running: - description: Indicates whether the rule is running. - nullable: true - type: boolean - schedule: - additionalProperties: false - type: object - properties: - interval: - description: >- - The interval is specified in seconds, minutes, hours, - or days. - type: string - required: - - interval - scheduled_task_id: - description: Identifier of the scheduled task. - type: string - snooze_schedule: - items: - additionalProperties: false - type: object - properties: - duration: - description: Duration of the rule snooze schedule. - type: number - id: - description: Identifier of the rule snooze schedule. - type: string - rRule: - additionalProperties: false - type: object - properties: - byhour: - items: - description: Indicates hours of the day to recur. - type: number - type: array - byminute: - items: - description: Indicates minutes of the hour to recur. - type: number - type: array - bymonth: - items: - description: >- - Indicates months of the year that this rule - should recur. - type: number - type: array - bymonthday: - items: - description: Indicates the days of the month to recur. - type: number - type: array - bysecond: - items: - description: Indicates seconds of the day to recur. - type: number - type: array - bysetpos: - items: - description: >- - A positive or negative integer affecting the - nth day of the month. For example, -2 combined - with `byweekday` of FR is 2nd to last Friday - of the month. It is recommended to not set - this manually and just use `byweekday`. - type: number - type: array - byweekday: - items: - anyOf: - - type: string - - type: number - description: >- - Indicates the days of the week to recur or - else nth-day-of-month strings. For example, - "+2TU" second Tuesday of month, "-1FR" last - Friday of the month, which are internally - converted to a `byweekday/bysetpos` - combination. - type: array - byweekno: - items: - description: Indicates number of the week hours to recur. - type: number - type: array - byyearday: - items: - description: >- - Indicates the days of the year that this rule - should recur. - type: number - type: array - count: - description: >- - Number of times the rule should recur until it - stops. - type: number - dtstart: - description: >- - Rule start date in Coordinated Universal Time - (UTC). - type: string - freq: - description: >- - Indicates frequency of the rule. Options are - YEARLY, MONTHLY, WEEKLY, DAILY. - enum: - - 0 - - 1 - - 2 - - 3 - - 4 - - 5 - - 6 - type: integer - interval: - description: >- - Indicates the interval of frequency. For - example, 1 and YEARLY is every 1 year, 2 and - WEEKLY is every 2 weeks. - type: number - tzid: - description: Indicates timezone abbreviation. - type: string - until: - description: Recur the rule until this date. - type: string - wkst: - description: Indicates the start of week, defaults to Monday. - enum: - - MO - - TU - - WE - - TH - - FR - - SA - - SU - type: string - required: - - dtstart - - tzid - skipRecurrences: - items: - description: Skips recurrence of rule on this date. - type: string - type: array - required: - - duration - - rRule - type: array - tags: - items: - description: The tags for the rule. - type: string - type: array - throttle: - deprecated: true - description: >- - Deprecated in 8.13.0. Use the `throttle` property in the - action `frequency` object instead. The throttle interval, - which defines how often an alert generates repeated - actions. NOTE: You cannot specify the throttle interval at - both the rule and action level. If you set it at the rule - level then update the rule in Kibana, it is automatically - changed to use action-specific values. - nullable: true - type: string - updated_at: - description: The date and time that the rule was updated most recently. - type: string - updated_by: - description: >- - The identifier for the user that updated this rule most - recently. - nullable: true - type: string - view_in_app_relative_url: - description: Relative URL to view rule in the app. - nullable: true - type: string - required: - - id - - enabled - - name - - tags - - rule_type_id - - consumer - - schedule - - actions - - params - - created_by - - updated_by - - created_at - - updated_at - - api_key_owner - - mute_all - - muted_alert_ids - - execution_status - - revision - description: Indicates a successful call. - '400': - description: Indicates an invalid schema or parameters. - '403': - description: Indicates that this call is forbidden. - '404': - description: Indicates a rule with the given ID does not exist. - summary: Get rule details - tags: - - alerting - post: - operationId: '%2Fapi%2Falerting%2Frule%2F%7Bid%3F%7D#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - description: >- - The identifier for the rule. If it is omitted, an ID is randomly - generated. - in: path - name: id - required: false - schema: - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - actions: - default: [] - items: - additionalProperties: false - description: An action that runs under defined conditions. - type: object - properties: - alerts_filter: - additionalProperties: false - description: >- - Conditions that affect whether the action runs. If you - specify multiple conditions, all conditions must be - met for the action to run. For example, if an alert - occurs within the specified time frame and matches the - query, the action runs. - type: object - properties: - query: - additionalProperties: false - type: object - properties: - dsl: - description: >- - A filter written in Elasticsearch Query Domain - Specific Language (DSL). - type: string - filters: - description: >- - A filter written in Elasticsearch Query Domain - Specific Language (DSL) as defined in the - `kbn-es-query` package. - items: - additionalProperties: false - type: object - properties: - $state: - additionalProperties: false - type: object - properties: - store: - description: >- - A filter can be either specific to an - application context or applied globally. - enum: - - appState - - globalState - type: string - required: - - store - meta: - additionalProperties: {} - type: object - query: - additionalProperties: {} - type: object - required: - - meta - type: array - kql: - description: >- - A filter written in Kibana Query Language - (KQL). - type: string - required: - - kql - - filters - timeframe: - additionalProperties: false - description: >- - Defines a period that limits whether the action - runs. - type: object - properties: - days: - description: >- - Defines the days of the week that the action - can run, represented as an array of numbers. - For example, `1` represents Monday. An empty - array is equivalent to specifying all the days - of the week. - items: - enum: - - 1 - - 2 - - 3 - - 4 - - 5 - - 6 - - 7 - type: integer - type: array - hours: - additionalProperties: false - description: >- - Defines the range of time in a day that the - action can run. If the `start` value is - `00:00` and the `end` value is `24:00`, - actions be generated all day. - type: object - properties: - end: - description: >- - The end of the time frame in 24-hour - notation (`hh:mm`). - type: string - start: - description: >- - The start of the time frame in 24-hour - notation (`hh:mm`). - type: string - required: - - start - - end - timezone: - description: >- - The ISO time zone for the `hours` values. - Values such as `UTC` and `UTC+1` also work but - lack built-in daylight savings time support - and are not recommended. - type: string - required: - - days - - hours - - timezone - frequency: - additionalProperties: false - type: object - properties: - notify_when: - description: >- - Indicates how often alerts generate actions. Valid - values include: `onActionGroupChange`: Actions run - when the alert status changes; `onActiveAlert`: - Actions run when the alert becomes active and at - each check interval while the rule conditions are - met; `onThrottleInterval`: Actions run when the - alert becomes active and at the interval specified - in the throttle property while the rule conditions - are met. NOTE: You cannot specify `notify_when` at - both the rule and action level. The recommended - method is to set it for each action. If you set it - at the rule level then update the rule in Kibana, - it is automatically changed to use action-specific - values. - enum: - - onActionGroupChange - - onActiveAlert - - onThrottleInterval - type: string - summary: - description: Indicates whether the action is a summary. - type: boolean - throttle: - description: >- - The throttle interval, which defines how often an - alert generates repeated actions. It is specified - in seconds, minutes, hours, or days and is - applicable only if `notify_when` is set to - `onThrottleInterval`. NOTE: You cannot specify the - throttle interval at both the rule and action - level. The recommended method is to set it for - each action. If you set it at the rule level then - update the rule in Kibana, it is automatically - changed to use action-specific values. - nullable: true - type: string - required: - - summary - - notify_when - - throttle - group: - description: >- - The group name, which affects when the action runs - (for example, when the threshold is met or when the - alert is recovered). Each rule type has a list of - valid action group names. If you don't need to group - actions, set to `default`. - type: string - id: - description: The identifier for the connector saved object. - type: string - params: - additionalProperties: {} - default: {} - description: >- - The parameters for the action, which are sent to the - connector. The `params` are handled as Mustache - templates and passed a default set of context. - type: object - use_alert_data_for_template: - description: Indicates whether to use alert data as a template. - type: boolean - uuid: - description: A universally unique identifier (UUID) for the action. - type: string - required: - - id - type: array - alert_delay: - additionalProperties: false - description: >- - Indicates that an alert occurs only when the specified - number of consecutive runs met the rule conditions. - type: object - properties: - active: - description: >- - The number of consecutive runs that must meet the rule - conditions. - type: number - required: - - active - consumer: - description: >- - The name of the application or feature that owns the rule. - For example: `alerts`, `apm`, `discover`, `infrastructure`, - `logs`, `metrics`, `ml`, `monitoring`, `securitySolution`, - `siem`, `stackAlerts`, or `uptime`. - type: string - enabled: - default: true - description: >- - Indicates whether you want to run the rule on an interval - basis after it is created. - type: boolean - flapping: - additionalProperties: false - nullable: true - type: object - properties: - look_back_window: - maximum: 20 - minimum: 2 - type: number - status_change_threshold: - maximum: 20 - minimum: 2 - type: number - required: - - look_back_window - - status_change_threshold - name: - description: >- - The name of the rule. While this name does not have to be - unique, a distinctive name can help you identify a rule. - type: string - notify_when: - description: >- - Indicates how often alerts generate actions. Valid values - include: `onActionGroupChange`: Actions run when the alert - status changes; `onActiveAlert`: Actions run when the alert - becomes active and at each check interval while the rule - conditions are met; `onThrottleInterval`: Actions run when - the alert becomes active and at the interval specified in - the throttle property while the rule conditions are met. - NOTE: You cannot specify `notify_when` at both the rule and - action level. The recommended method is to set it for each - action. If you set it at the rule level then update the rule - in Kibana, it is automatically changed to use - action-specific values. - enum: - - onActionGroupChange - - onActiveAlert - - onThrottleInterval - nullable: true - type: string - params: - additionalProperties: {} - default: {} - description: The parameters for the rule. - type: object - rule_type_id: - description: The rule type identifier. - type: string - schedule: - additionalProperties: false - description: >- - The check interval, which specifies how frequently the rule - conditions are checked. - type: object - properties: - interval: - description: >- - The interval is specified in seconds, minutes, hours, or - days. - type: string - required: - - interval - tags: - default: [] - description: The tags for the rule. - items: - type: string - type: array - throttle: - description: >- - Use the `throttle` property in the action `frequency` object - instead. The throttle interval, which defines how often an - alert generates repeated actions. NOTE: You cannot specify - the throttle interval at both the rule and action level. If - you set it at the rule level then update the rule in Kibana, - it is automatically changed to use action-specific values. - nullable: true - type: string - required: - - name - - rule_type_id - - consumer - - schedule - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - actions: - items: - additionalProperties: false - type: object - properties: - alerts_filter: - additionalProperties: false - description: >- - Defines a period that limits whether the action - runs. - type: object - properties: - query: - additionalProperties: false - type: object - properties: - dsl: - description: >- - A filter written in Elasticsearch Query - Domain Specific Language (DSL). - type: string - filters: - description: >- - A filter written in Elasticsearch Query - Domain Specific Language (DSL) as defined in - the `kbn-es-query` package. - items: - additionalProperties: false - type: object - properties: - $state: - additionalProperties: false - type: object - properties: - store: - description: >- - A filter can be either specific to an - application context or applied globally. - enum: - - appState - - globalState - type: string - required: - - store - meta: - additionalProperties: {} - type: object - query: - additionalProperties: {} - type: object - required: - - meta - type: array - kql: - description: >- - A filter written in Kibana Query Language - (KQL). - type: string - required: - - kql - - filters - timeframe: - additionalProperties: false - type: object - properties: - days: - description: >- - Defines the days of the week that the action - can run, represented as an array of numbers. - For example, `1` represents Monday. An empty - array is equivalent to specifying all the - days of the week. - items: - enum: - - 1 - - 2 - - 3 - - 4 - - 5 - - 6 - - 7 - type: integer - type: array - hours: - additionalProperties: false - type: object - properties: - end: - description: >- - The end of the time frame in 24-hour - notation (`hh:mm`). - type: string - start: - description: >- - The start of the time frame in 24-hour - notation (`hh:mm`). - type: string - required: - - start - - end - timezone: - description: >- - The ISO time zone for the `hours` values. - Values such as `UTC` and `UTC+1` also work - but lack built-in daylight savings time - support and are not recommended. - type: string - required: - - days - - hours - - timezone - connector_type_id: - description: >- - The type of connector. This property appears in - responses but cannot be set in requests. - type: string - frequency: - additionalProperties: false - type: object - properties: - notify_when: - description: >- - Indicates how often alerts generate actions. - Valid values include: `onActionGroupChange`: - Actions run when the alert status changes; - `onActiveAlert`: Actions run when the alert - becomes active and at each check interval while - the rule conditions are met; - `onThrottleInterval`: Actions run when the alert - becomes active and at the interval specified in - the throttle property while the rule conditions - are met. NOTE: You cannot specify `notify_when` - at both the rule and action level. The - recommended method is to set it for each action. - If you set it at the rule level then update the - rule in Kibana, it is automatically changed to - use action-specific values. - enum: - - onActionGroupChange - - onActiveAlert - - onThrottleInterval - type: string - summary: - description: Indicates whether the action is a summary. - type: boolean - throttle: - description: >- - The throttle interval, which defines how often - an alert generates repeated actions. It is - specified in seconds, minutes, hours, or days - and is applicable only if 'notify_when' is set - to 'onThrottleInterval'. NOTE: You cannot - specify the throttle interval at both the rule - and action level. The recommended method is to - set it for each action. If you set it at the - rule level then update the rule in Kibana, it is - automatically changed to use action-specific - values. - nullable: true - type: string - required: - - summary - - notify_when - - throttle - group: - description: >- - The group name, which affects when the action runs - (for example, when the threshold is met or when the - alert is recovered). Each rule type has a list of - valid action group names. If you don't need to group - actions, set to `default`. - type: string - id: - description: The identifier for the connector saved object. - type: string - params: - additionalProperties: {} - description: >- - The parameters for the action, which are sent to the - connector. The `params` are handled as Mustache - templates and passed a default set of context. - type: object - use_alert_data_for_template: - description: Indicates whether to use alert data as a template. - type: boolean - uuid: - description: >- - A universally unique identifier (UUID) for the - action. - type: string - required: - - id - - connector_type_id - - params - type: array - active_snoozes: - items: - description: List of active snoozes for the rule. - type: string - type: array - alert_delay: - additionalProperties: false - description: >- - Indicates that an alert occurs only when the specified - number of consecutive runs met the rule conditions. - type: object - properties: - active: - description: >- - The number of consecutive runs that must meet the rule - conditions. - type: number - required: - - active - api_key_created_by_user: - description: >- - Indicates whether the API key that is associated with the - rule was created by the user. - nullable: true - type: boolean - api_key_owner: - description: >- - The owner of the API key that is associated with the rule - and used to run background tasks. - nullable: true - type: string - consumer: - description: >- - The name of the application or feature that owns the rule. - For example: `alerts`, `apm`, `discover`, - `infrastructure`, `logs`, `metrics`, `ml`, `monitoring`, - `securitySolution`, `siem`, `stackAlerts`, or `uptime`. - type: string - created_at: - description: The date and time that the rule was created. - type: string - created_by: - description: The identifier for the user that created the rule. - nullable: true - type: string - enabled: - description: >- - Indicates whether you want to run the rule on an interval - basis after it is created. - type: boolean - execution_status: - additionalProperties: false - type: object - properties: - error: - additionalProperties: false - type: object - properties: - message: - description: Error message. - type: string - reason: - description: Reason for error. - enum: - - read - - decrypt - - execute - - unknown - - license - - timeout - - disabled - - validate - type: string - required: - - reason - - message - last_duration: - description: Duration of last execution of the rule. - type: number - last_execution_date: - description: The date and time when rule was executed last. - type: string - status: - description: Status of rule execution. - enum: - - ok - - active - - error - - warning - - pending - - unknown - type: string - warning: - additionalProperties: false - type: object - properties: - message: - description: Warning message. - type: string - reason: - description: Reason for warning. - enum: - - maxExecutableActions - - maxAlerts - - maxQueuedActions - - ruleExecution - type: string - required: - - reason - - message - required: - - status - - last_execution_date - flapping: - additionalProperties: false - nullable: true - type: object - properties: - look_back_window: - maximum: 20 - minimum: 2 - type: number - status_change_threshold: - maximum: 20 - minimum: 2 - type: number - required: - - look_back_window - - status_change_threshold - id: - description: The identifier for the rule. - type: string - is_snoozed_until: - description: The date when the rule will no longer be snoozed. - nullable: true - type: string - last_run: - additionalProperties: false - nullable: true - type: object - properties: - alerts_count: - additionalProperties: false - type: object - properties: - active: - description: Number of active alerts during last run. - nullable: true - type: number - ignored: - description: Number of ignored alerts during last run. - nullable: true - type: number - new: - description: Number of new alerts during last run. - nullable: true - type: number - recovered: - description: Number of recovered alerts during last run. - nullable: true - type: number - outcome: - description: >- - Outcome of last run of the rule. Value could be - succeeded, warning or failed. - enum: - - succeeded - - warning - - failed - type: string - outcome_msg: - items: - description: Outcome message generated during last rule run. - type: string - nullable: true - type: array - outcome_order: - description: Order of the outcome. - type: number - warning: - description: Warning of last rule execution. - enum: - - read - - decrypt - - execute - - unknown - - license - - timeout - - disabled - - validate - - maxExecutableActions - - maxAlerts - - maxQueuedActions - - ruleExecution - nullable: true - type: string - required: - - outcome - - alerts_count - mapped_params: - additionalProperties: {} - type: object - monitoring: - additionalProperties: false - description: Monitoring details of the rule. - type: object - properties: - run: - additionalProperties: false - description: Rule run details. - type: object - properties: - calculated_metrics: - additionalProperties: false - description: >- - Calculation of different percentiles and success - ratio. - type: object - properties: - p50: - type: number - p95: - type: number - p99: - type: number - success_ratio: - type: number - required: - - success_ratio - history: - description: History of the rule run. - items: - additionalProperties: false - type: object - properties: - duration: - description: Duration of the rule run. - type: number - outcome: - additionalProperties: false - type: object - properties: - alerts_count: - additionalProperties: false - type: object - properties: - active: - description: Number of active alerts during last run. - nullable: true - type: number - ignored: - description: >- - Number of ignored alerts during last - run. - nullable: true - type: number - new: - description: Number of new alerts during last run. - nullable: true - type: number - recovered: - description: >- - Number of recovered alerts during last - run. - nullable: true - type: number - outcome: - description: >- - Outcome of last run of the rule. Value - could be succeeded, warning or failed. - enum: - - succeeded - - warning - - failed - type: string - outcome_msg: - items: - description: >- - Outcome message generated during last - rule run. - type: string - nullable: true - type: array - outcome_order: - description: Order of the outcome. - type: number - warning: - description: Warning of last rule execution. - enum: - - read - - decrypt - - execute - - unknown - - license - - timeout - - disabled - - validate - - maxExecutableActions - - maxAlerts - - maxQueuedActions - - ruleExecution - nullable: true - type: string - required: - - outcome - - alerts_count - success: - description: >- - Indicates whether the rule run was - successful. - type: boolean - timestamp: - description: Time of rule run. - type: number - required: - - success - - timestamp - type: array - last_run: - additionalProperties: false - type: object - properties: - metrics: - additionalProperties: false - type: object - properties: - duration: - description: Duration of most recent rule run. - type: number - gap_duration_s: - description: Duration in seconds of rule run gap. - nullable: true - type: number - total_alerts_created: - description: >- - Total number of alerts created during last - rule run. - nullable: true - type: number - total_alerts_detected: - description: >- - Total number of alerts detected during - last rule run. - nullable: true - type: number - total_indexing_duration_ms: - description: >- - Total time spent indexing documents during - last rule run in milliseconds. - nullable: true - type: number - total_search_duration_ms: - description: >- - Total time spent performing Elasticsearch - searches as measured by Kibana; includes - network latency and time spent serializing - or deserializing the request and response. - nullable: true - type: number - timestamp: - description: Time of the most recent rule run. - type: string - required: - - timestamp - - metrics - required: - - history - - calculated_metrics - - last_run - required: - - run - mute_all: - description: Indicates whether all alerts are muted. - type: boolean - muted_alert_ids: - items: - description: 'List of identifiers of muted alerts. ' - type: string - type: array - name: - description: ' The name of the rule.' - type: string - next_run: - description: Date and time of the next run of the rule. - nullable: true - type: string - notify_when: - description: >- - Indicates how often alerts generate actions. Valid values - include: `onActionGroupChange`: Actions run when the alert - status changes; `onActiveAlert`: Actions run when the - alert becomes active and at each check interval while the - rule conditions are met; `onThrottleInterval`: Actions run - when the alert becomes active and at the interval - specified in the throttle property while the rule - conditions are met. NOTE: You cannot specify `notify_when` - at both the rule and action level. The recommended method - is to set it for each action. If you set it at the rule - level then update the rule in Kibana, it is automatically - changed to use action-specific values. - enum: - - onActionGroupChange - - onActiveAlert - - onThrottleInterval - nullable: true - type: string - params: - additionalProperties: {} - description: The parameters for the rule. - type: object - revision: - description: The rule revision number. - type: number - rule_type_id: - description: The rule type identifier. - type: string - running: - description: Indicates whether the rule is running. - nullable: true - type: boolean - schedule: - additionalProperties: false - type: object - properties: - interval: - description: >- - The interval is specified in seconds, minutes, hours, - or days. - type: string - required: - - interval - scheduled_task_id: - description: Identifier of the scheduled task. - type: string - snooze_schedule: - items: - additionalProperties: false - type: object - properties: - duration: - description: Duration of the rule snooze schedule. - type: number - id: - description: Identifier of the rule snooze schedule. - type: string - rRule: - additionalProperties: false - type: object - properties: - byhour: - items: - description: Indicates hours of the day to recur. - type: number - type: array - byminute: - items: - description: Indicates minutes of the hour to recur. - type: number - type: array - bymonth: - items: - description: >- - Indicates months of the year that this rule - should recur. - type: number - type: array - bymonthday: - items: - description: Indicates the days of the month to recur. - type: number - type: array - bysecond: - items: - description: Indicates seconds of the day to recur. - type: number - type: array - bysetpos: - items: - description: >- - A positive or negative integer affecting the - nth day of the month. For example, -2 combined - with `byweekday` of FR is 2nd to last Friday - of the month. It is recommended to not set - this manually and just use `byweekday`. - type: number - type: array - byweekday: - items: - anyOf: - - type: string - - type: number - description: >- - Indicates the days of the week to recur or - else nth-day-of-month strings. For example, - "+2TU" second Tuesday of month, "-1FR" last - Friday of the month, which are internally - converted to a `byweekday/bysetpos` - combination. - type: array - byweekno: - items: - description: Indicates number of the week hours to recur. - type: number - type: array - byyearday: - items: - description: >- - Indicates the days of the year that this rule - should recur. - type: number - type: array - count: - description: >- - Number of times the rule should recur until it - stops. - type: number - dtstart: - description: >- - Rule start date in Coordinated Universal Time - (UTC). - type: string - freq: - description: >- - Indicates frequency of the rule. Options are - YEARLY, MONTHLY, WEEKLY, DAILY. - enum: - - 0 - - 1 - - 2 - - 3 - - 4 - - 5 - - 6 - type: integer - interval: - description: >- - Indicates the interval of frequency. For - example, 1 and YEARLY is every 1 year, 2 and - WEEKLY is every 2 weeks. - type: number - tzid: - description: Indicates timezone abbreviation. - type: string - until: - description: Recur the rule until this date. - type: string - wkst: - description: Indicates the start of week, defaults to Monday. - enum: - - MO - - TU - - WE - - TH - - FR - - SA - - SU - type: string - required: - - dtstart - - tzid - skipRecurrences: - items: - description: Skips recurrence of rule on this date. - type: string - type: array - required: - - duration - - rRule - type: array - tags: - items: - description: The tags for the rule. - type: string - type: array - throttle: - deprecated: true - description: >- - Deprecated in 8.13.0. Use the `throttle` property in the - action `frequency` object instead. The throttle interval, - which defines how often an alert generates repeated - actions. NOTE: You cannot specify the throttle interval at - both the rule and action level. If you set it at the rule - level then update the rule in Kibana, it is automatically - changed to use action-specific values. - nullable: true - type: string - updated_at: - description: The date and time that the rule was updated most recently. - type: string - updated_by: - description: >- - The identifier for the user that updated this rule most - recently. - nullable: true - type: string - view_in_app_relative_url: - description: Relative URL to view rule in the app. - nullable: true - type: string - required: - - id - - enabled - - name - - tags - - rule_type_id - - consumer - - schedule - - actions - - params - - created_by - - updated_by - - created_at - - updated_at - - api_key_owner - - mute_all - - muted_alert_ids - - execution_status - - revision - description: Indicates a successful call. - '400': - description: Indicates an invalid schema or parameters. - '403': - description: Indicates that this call is forbidden. - '409': - description: Indicates that the rule id is already in use. - summary: Create a rule - tags: - - alerting - put: - operationId: '%2Fapi%2Falerting%2Frule%2F%7Bid%7D#1' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - description: The identifier for the rule. - in: path - name: id - required: true - schema: - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - actions: - default: [] - items: - additionalProperties: false - description: An action that runs under defined conditions. - type: object - properties: - alerts_filter: - additionalProperties: false - type: object - properties: - query: - additionalProperties: false - type: object - properties: - dsl: - description: >- - A filter written in Elasticsearch Query Domain - Specific Language (DSL). - type: string - filters: - description: >- - A filter written in Elasticsearch Query Domain - Specific Language (DSL) as defined in the - `kbn-es-query` package. - items: - additionalProperties: false - type: object - properties: - $state: - additionalProperties: false - type: object - properties: - store: - description: >- - A filter can be either specific to an - application context or applied globally. - enum: - - appState - - globalState - type: string - required: - - store - meta: - additionalProperties: {} - type: object - query: - additionalProperties: {} - type: object - required: - - meta - type: array - kql: - description: >- - A filter written in Kibana Query Language - (KQL). - type: string - required: - - kql - - filters - timeframe: - additionalProperties: false - description: >- - Defines a period that limits whether the action - runs. - type: object - properties: - days: - description: >- - Defines the days of the week that the action - can run, represented as an array of numbers. - For example, `1` represents Monday. An empty - array is equivalent to specifying all the days - of the week. - items: - enum: - - 1 - - 2 - - 3 - - 4 - - 5 - - 6 - - 7 - type: integer - type: array - hours: - additionalProperties: false - description: >- - Defines the range of time in a day that the - action can run. If the `start` value is - `00:00` and the `end` value is `24:00`, - actions be generated all day. - type: object - properties: - end: - description: >- - The end of the time frame in 24-hour - notation (`hh:mm`). - type: string - start: - description: >- - The start of the time frame in 24-hour - notation (`hh:mm`). - type: string - required: - - start - - end - timezone: - description: >- - The ISO time zone for the `hours` values. - Values such as `UTC` and `UTC+1` also work but - lack built-in daylight savings time support - and are not recommended. - type: string - required: - - days - - hours - - timezone - frequency: - additionalProperties: false - type: object - properties: - notify_when: - description: >- - Indicates how often alerts generate actions. Valid - values include: `onActionGroupChange`: Actions run - when the alert status changes; `onActiveAlert`: - Actions run when the alert becomes active and at - each check interval while the rule conditions are - met; `onThrottleInterval`: Actions run when the - alert becomes active and at the interval specified - in the throttle property while the rule conditions - are met. NOTE: You cannot specify `notify_when` at - both the rule and action level. The recommended - method is to set it for each action. If you set it - at the rule level then update the rule in Kibana, - it is automatically changed to use action-specific - values. - enum: - - onActionGroupChange - - onActiveAlert - - onThrottleInterval - type: string - summary: - description: Indicates whether the action is a summary. - type: boolean - throttle: - description: >- - The throttle interval, which defines how often an - alert generates repeated actions. It is specified - in seconds, minutes, hours, or days and is - applicable only if `notify_when` is set to - `onThrottleInterval`. NOTE: You cannot specify the - throttle interval at both the rule and action - level. The recommended method is to set it for - each action. If you set it at the rule level then - update the rule in Kibana, it is automatically - changed to use action-specific values. - nullable: true - type: string - required: - - summary - - notify_when - - throttle - group: - description: >- - The group name, which affects when the action runs - (for example, when the threshold is met or when the - alert is recovered). Each rule type has a list of - valid action group names. If you don't need to group - actions, set to `default`. - type: string - id: - description: The identifier for the connector saved object. - type: string - params: - additionalProperties: {} - default: {} - description: >- - The parameters for the action, which are sent to the - connector. The `params` are handled as Mustache - templates and passed a default set of context. - type: object - use_alert_data_for_template: - description: Indicates whether to use alert data as a template. - type: boolean - uuid: - description: A universally unique identifier (UUID) for the action. - type: string - required: - - id - type: array - alert_delay: - additionalProperties: false - description: >- - Indicates that an alert occurs only when the specified - number of consecutive runs met the rule conditions. - type: object - properties: - active: - description: >- - The number of consecutive runs that must meet the rule - conditions. - type: number - required: - - active - flapping: - additionalProperties: false - nullable: true - type: object - properties: - look_back_window: - maximum: 20 - minimum: 2 - type: number - status_change_threshold: - maximum: 20 - minimum: 2 - type: number - required: - - look_back_window - - status_change_threshold - name: - description: >- - The name of the rule. While this name does not have to be - unique, a distinctive name can help you identify a rule. - type: string - notify_when: - description: >- - Indicates how often alerts generate actions. Valid values - include: `onActionGroupChange`: Actions run when the alert - status changes; `onActiveAlert`: Actions run when the alert - becomes active and at each check interval while the rule - conditions are met; `onThrottleInterval`: Actions run when - the alert becomes active and at the interval specified in - the throttle property while the rule conditions are met. - NOTE: You cannot specify `notify_when` at both the rule and - action level. The recommended method is to set it for each - action. If you set it at the rule level then update the rule - in Kibana, it is automatically changed to use - action-specific values. - enum: - - onActionGroupChange - - onActiveAlert - - onThrottleInterval - nullable: true - type: string - params: - additionalProperties: {} - default: {} - description: The parameters for the rule. - type: object - schedule: - additionalProperties: false - type: object - properties: - interval: - description: >- - The interval is specified in seconds, minutes, hours, or - days. - type: string - required: - - interval - tags: - default: [] - items: - description: The tags for the rule. - type: string - type: array - throttle: - description: >- - Use the `throttle` property in the action `frequency` object - instead. The throttle interval, which defines how often an - alert generates repeated actions. NOTE: You cannot specify - the throttle interval at both the rule and action level. If - you set it at the rule level then update the rule in Kibana, - it is automatically changed to use action-specific values. - nullable: true - type: string - required: - - name - - schedule - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - actions: - items: - additionalProperties: false - type: object - properties: - alerts_filter: - additionalProperties: false - description: >- - Defines a period that limits whether the action - runs. - type: object - properties: - query: - additionalProperties: false - type: object - properties: - dsl: - description: >- - A filter written in Elasticsearch Query - Domain Specific Language (DSL). - type: string - filters: - description: >- - A filter written in Elasticsearch Query - Domain Specific Language (DSL) as defined in - the `kbn-es-query` package. - items: - additionalProperties: false - type: object - properties: - $state: - additionalProperties: false - type: object - properties: - store: - description: >- - A filter can be either specific to an - application context or applied globally. - enum: - - appState - - globalState - type: string - required: - - store - meta: - additionalProperties: {} - type: object - query: - additionalProperties: {} - type: object - required: - - meta - type: array - kql: - description: >- - A filter written in Kibana Query Language - (KQL). - type: string - required: - - kql - - filters - timeframe: - additionalProperties: false - type: object - properties: - days: - description: >- - Defines the days of the week that the action - can run, represented as an array of numbers. - For example, `1` represents Monday. An empty - array is equivalent to specifying all the - days of the week. - items: - enum: - - 1 - - 2 - - 3 - - 4 - - 5 - - 6 - - 7 - type: integer - type: array - hours: - additionalProperties: false - type: object - properties: - end: - description: >- - The end of the time frame in 24-hour - notation (`hh:mm`). - type: string - start: - description: >- - The start of the time frame in 24-hour - notation (`hh:mm`). - type: string - required: - - start - - end - timezone: - description: >- - The ISO time zone for the `hours` values. - Values such as `UTC` and `UTC+1` also work - but lack built-in daylight savings time - support and are not recommended. - type: string - required: - - days - - hours - - timezone - connector_type_id: - description: >- - The type of connector. This property appears in - responses but cannot be set in requests. - type: string - frequency: - additionalProperties: false - type: object - properties: - notify_when: - description: >- - Indicates how often alerts generate actions. - Valid values include: `onActionGroupChange`: - Actions run when the alert status changes; - `onActiveAlert`: Actions run when the alert - becomes active and at each check interval while - the rule conditions are met; - `onThrottleInterval`: Actions run when the alert - becomes active and at the interval specified in - the throttle property while the rule conditions - are met. NOTE: You cannot specify `notify_when` - at both the rule and action level. The - recommended method is to set it for each action. - If you set it at the rule level then update the - rule in Kibana, it is automatically changed to - use action-specific values. - enum: - - onActionGroupChange - - onActiveAlert - - onThrottleInterval - type: string - summary: - description: Indicates whether the action is a summary. - type: boolean - throttle: - description: >- - The throttle interval, which defines how often - an alert generates repeated actions. It is - specified in seconds, minutes, hours, or days - and is applicable only if 'notify_when' is set - to 'onThrottleInterval'. NOTE: You cannot - specify the throttle interval at both the rule - and action level. The recommended method is to - set it for each action. If you set it at the - rule level then update the rule in Kibana, it is - automatically changed to use action-specific - values. - nullable: true - type: string - required: - - summary - - notify_when - - throttle - group: - description: >- - The group name, which affects when the action runs - (for example, when the threshold is met or when the - alert is recovered). Each rule type has a list of - valid action group names. If you don't need to group - actions, set to `default`. - type: string - id: - description: The identifier for the connector saved object. - type: string - params: - additionalProperties: {} - description: >- - The parameters for the action, which are sent to the - connector. The `params` are handled as Mustache - templates and passed a default set of context. - type: object - use_alert_data_for_template: - description: Indicates whether to use alert data as a template. - type: boolean - uuid: - description: >- - A universally unique identifier (UUID) for the - action. - type: string - required: - - id - - connector_type_id - - params - type: array - active_snoozes: - items: - description: List of active snoozes for the rule. - type: string - type: array - alert_delay: - additionalProperties: false - description: >- - Indicates that an alert occurs only when the specified - number of consecutive runs met the rule conditions. - type: object - properties: - active: - description: >- - The number of consecutive runs that must meet the rule - conditions. - type: number - required: - - active - api_key_created_by_user: - description: >- - Indicates whether the API key that is associated with the - rule was created by the user. - nullable: true - type: boolean - api_key_owner: - description: >- - The owner of the API key that is associated with the rule - and used to run background tasks. - nullable: true - type: string - consumer: - description: >- - The name of the application or feature that owns the rule. - For example: `alerts`, `apm`, `discover`, - `infrastructure`, `logs`, `metrics`, `ml`, `monitoring`, - `securitySolution`, `siem`, `stackAlerts`, or `uptime`. - type: string - created_at: - description: The date and time that the rule was created. - type: string - created_by: - description: The identifier for the user that created the rule. - nullable: true - type: string - enabled: - description: >- - Indicates whether you want to run the rule on an interval - basis after it is created. - type: boolean - execution_status: - additionalProperties: false - type: object - properties: - error: - additionalProperties: false - type: object - properties: - message: - description: Error message. - type: string - reason: - description: Reason for error. - enum: - - read - - decrypt - - execute - - unknown - - license - - timeout - - disabled - - validate - type: string - required: - - reason - - message - last_duration: - description: Duration of last execution of the rule. - type: number - last_execution_date: - description: The date and time when rule was executed last. - type: string - status: - description: Status of rule execution. - enum: - - ok - - active - - error - - warning - - pending - - unknown - type: string - warning: - additionalProperties: false - type: object - properties: - message: - description: Warning message. - type: string - reason: - description: Reason for warning. - enum: - - maxExecutableActions - - maxAlerts - - maxQueuedActions - - ruleExecution - type: string - required: - - reason - - message - required: - - status - - last_execution_date - flapping: - additionalProperties: false - nullable: true - type: object - properties: - look_back_window: - maximum: 20 - minimum: 2 - type: number - status_change_threshold: - maximum: 20 - minimum: 2 - type: number - required: - - look_back_window - - status_change_threshold - id: - description: The identifier for the rule. - type: string - is_snoozed_until: - description: The date when the rule will no longer be snoozed. - nullable: true - type: string - last_run: - additionalProperties: false - nullable: true - type: object - properties: - alerts_count: - additionalProperties: false - type: object - properties: - active: - description: Number of active alerts during last run. - nullable: true - type: number - ignored: - description: Number of ignored alerts during last run. - nullable: true - type: number - new: - description: Number of new alerts during last run. - nullable: true - type: number - recovered: - description: Number of recovered alerts during last run. - nullable: true - type: number - outcome: - description: >- - Outcome of last run of the rule. Value could be - succeeded, warning or failed. - enum: - - succeeded - - warning - - failed - type: string - outcome_msg: - items: - description: Outcome message generated during last rule run. - type: string - nullable: true - type: array - outcome_order: - description: Order of the outcome. - type: number - warning: - description: Warning of last rule execution. - enum: - - read - - decrypt - - execute - - unknown - - license - - timeout - - disabled - - validate - - maxExecutableActions - - maxAlerts - - maxQueuedActions - - ruleExecution - nullable: true - type: string - required: - - outcome - - alerts_count - mapped_params: - additionalProperties: {} - type: object - monitoring: - additionalProperties: false - description: Monitoring details of the rule. - type: object - properties: - run: - additionalProperties: false - description: Rule run details. - type: object - properties: - calculated_metrics: - additionalProperties: false - description: >- - Calculation of different percentiles and success - ratio. - type: object - properties: - p50: - type: number - p95: - type: number - p99: - type: number - success_ratio: - type: number - required: - - success_ratio - history: - description: History of the rule run. - items: - additionalProperties: false - type: object - properties: - duration: - description: Duration of the rule run. - type: number - outcome: - additionalProperties: false - type: object - properties: - alerts_count: - additionalProperties: false - type: object - properties: - active: - description: Number of active alerts during last run. - nullable: true - type: number - ignored: - description: >- - Number of ignored alerts during last - run. - nullable: true - type: number - new: - description: Number of new alerts during last run. - nullable: true - type: number - recovered: - description: >- - Number of recovered alerts during last - run. - nullable: true - type: number - outcome: - description: >- - Outcome of last run of the rule. Value - could be succeeded, warning or failed. - enum: - - succeeded - - warning - - failed - type: string - outcome_msg: - items: - description: >- - Outcome message generated during last - rule run. - type: string - nullable: true - type: array - outcome_order: - description: Order of the outcome. - type: number - warning: - description: Warning of last rule execution. - enum: - - read - - decrypt - - execute - - unknown - - license - - timeout - - disabled - - validate - - maxExecutableActions - - maxAlerts - - maxQueuedActions - - ruleExecution - nullable: true - type: string - required: - - outcome - - alerts_count - success: - description: >- - Indicates whether the rule run was - successful. - type: boolean - timestamp: - description: Time of rule run. - type: number - required: - - success - - timestamp - type: array - last_run: - additionalProperties: false - type: object - properties: - metrics: - additionalProperties: false - type: object - properties: - duration: - description: Duration of most recent rule run. - type: number - gap_duration_s: - description: Duration in seconds of rule run gap. - nullable: true - type: number - total_alerts_created: - description: >- - Total number of alerts created during last - rule run. - nullable: true - type: number - total_alerts_detected: - description: >- - Total number of alerts detected during - last rule run. - nullable: true - type: number - total_indexing_duration_ms: - description: >- - Total time spent indexing documents during - last rule run in milliseconds. - nullable: true - type: number - total_search_duration_ms: - description: >- - Total time spent performing Elasticsearch - searches as measured by Kibana; includes - network latency and time spent serializing - or deserializing the request and response. - nullable: true - type: number - timestamp: - description: Time of the most recent rule run. - type: string - required: - - timestamp - - metrics - required: - - history - - calculated_metrics - - last_run - required: - - run - mute_all: - description: Indicates whether all alerts are muted. - type: boolean - muted_alert_ids: - items: - description: 'List of identifiers of muted alerts. ' - type: string - type: array - name: - description: ' The name of the rule.' - type: string - next_run: - description: Date and time of the next run of the rule. - nullable: true - type: string - notify_when: - description: >- - Indicates how often alerts generate actions. Valid values - include: `onActionGroupChange`: Actions run when the alert - status changes; `onActiveAlert`: Actions run when the - alert becomes active and at each check interval while the - rule conditions are met; `onThrottleInterval`: Actions run - when the alert becomes active and at the interval - specified in the throttle property while the rule - conditions are met. NOTE: You cannot specify `notify_when` - at both the rule and action level. The recommended method - is to set it for each action. If you set it at the rule - level then update the rule in Kibana, it is automatically - changed to use action-specific values. - enum: - - onActionGroupChange - - onActiveAlert - - onThrottleInterval - nullable: true - type: string - params: - additionalProperties: {} - description: The parameters for the rule. - type: object - revision: - description: The rule revision number. - type: number - rule_type_id: - description: The rule type identifier. - type: string - running: - description: Indicates whether the rule is running. - nullable: true - type: boolean - schedule: - additionalProperties: false - type: object - properties: - interval: - description: >- - The interval is specified in seconds, minutes, hours, - or days. - type: string - required: - - interval - scheduled_task_id: - description: Identifier of the scheduled task. - type: string - snooze_schedule: - items: - additionalProperties: false - type: object - properties: - duration: - description: Duration of the rule snooze schedule. - type: number - id: - description: Identifier of the rule snooze schedule. - type: string - rRule: - additionalProperties: false - type: object - properties: - byhour: - items: - description: Indicates hours of the day to recur. - type: number - type: array - byminute: - items: - description: Indicates minutes of the hour to recur. - type: number - type: array - bymonth: - items: - description: >- - Indicates months of the year that this rule - should recur. - type: number - type: array - bymonthday: - items: - description: Indicates the days of the month to recur. - type: number - type: array - bysecond: - items: - description: Indicates seconds of the day to recur. - type: number - type: array - bysetpos: - items: - description: >- - A positive or negative integer affecting the - nth day of the month. For example, -2 combined - with `byweekday` of FR is 2nd to last Friday - of the month. It is recommended to not set - this manually and just use `byweekday`. - type: number - type: array - byweekday: - items: - anyOf: - - type: string - - type: number - description: >- - Indicates the days of the week to recur or - else nth-day-of-month strings. For example, - "+2TU" second Tuesday of month, "-1FR" last - Friday of the month, which are internally - converted to a `byweekday/bysetpos` - combination. - type: array - byweekno: - items: - description: Indicates number of the week hours to recur. - type: number - type: array - byyearday: - items: - description: >- - Indicates the days of the year that this rule - should recur. - type: number - type: array - count: - description: >- - Number of times the rule should recur until it - stops. - type: number - dtstart: - description: >- - Rule start date in Coordinated Universal Time - (UTC). - type: string - freq: - description: >- - Indicates frequency of the rule. Options are - YEARLY, MONTHLY, WEEKLY, DAILY. - enum: - - 0 - - 1 - - 2 - - 3 - - 4 - - 5 - - 6 - type: integer - interval: - description: >- - Indicates the interval of frequency. For - example, 1 and YEARLY is every 1 year, 2 and - WEEKLY is every 2 weeks. - type: number - tzid: - description: Indicates timezone abbreviation. - type: string - until: - description: Recur the rule until this date. - type: string - wkst: - description: Indicates the start of week, defaults to Monday. - enum: - - MO - - TU - - WE - - TH - - FR - - SA - - SU - type: string - required: - - dtstart - - tzid - skipRecurrences: - items: - description: Skips recurrence of rule on this date. - type: string - type: array - required: - - duration - - rRule - type: array - tags: - items: - description: The tags for the rule. - type: string - type: array - throttle: - deprecated: true - description: >- - Deprecated in 8.13.0. Use the `throttle` property in the - action `frequency` object instead. The throttle interval, - which defines how often an alert generates repeated - actions. NOTE: You cannot specify the throttle interval at - both the rule and action level. If you set it at the rule - level then update the rule in Kibana, it is automatically - changed to use action-specific values. - nullable: true - type: string - updated_at: - description: The date and time that the rule was updated most recently. - type: string - updated_by: - description: >- - The identifier for the user that updated this rule most - recently. - nullable: true - type: string - view_in_app_relative_url: - description: Relative URL to view rule in the app. - nullable: true - type: string - required: - - id - - enabled - - name - - tags - - rule_type_id - - consumer - - schedule - - actions - - params - - created_by - - updated_by - - created_at - - updated_at - - api_key_owner - - mute_all - - muted_alert_ids - - execution_status - - revision - description: Indicates a successful call. - '400': - description: Indicates an invalid schema or parameters. - '403': - description: Indicates that this call is forbidden. - '404': - description: Indicates a rule with the given ID does not exist. - '409': - description: Indicates that the rule has already been updated by another user. - summary: Update a rule - tags: - - alerting - /api/alerting/rule/{id}/_disable: - post: - operationId: '%2Fapi%2Falerting%2Frule%2F%7Bid%7D%2F_disable#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - description: The identifier for the rule. - in: path - name: id - required: true - schema: - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - nullable: true - type: object - properties: - untrack: - description: Defines whether this rule's alerts should be untracked. - type: boolean - x-oas-optional: true - responses: - '204': - description: Indicates a successful call. - '400': - description: Indicates an invalid schema. - '403': - description: Indicates that this call is forbidden. - '404': - description: Indicates a rule with the given ID does not exist. - summary: Disable a rule - tags: - - alerting - /api/alerting/rule/{id}/_enable: - post: - operationId: '%2Fapi%2Falerting%2Frule%2F%7Bid%7D%2F_enable#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - description: The identifier for the rule. - in: path - name: id - required: true - schema: - type: string - responses: - '204': - description: Indicates a successful call. - '400': - description: Indicates an invalid schema or parameters. - '403': - description: Indicates that this call is forbidden. - '404': - description: Indicates a rule with the given ID does not exist. - summary: Enable a rule - tags: - - alerting - /api/alerting/rule/{id}/_mute_all: - post: - operationId: '%2Fapi%2Falerting%2Frule%2F%7Bid%7D%2F_mute_all#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - description: The identifier for the rule. - in: path - name: id - required: true - schema: - type: string - responses: - '204': - description: Indicates a successful call. - '400': - description: Indicates an invalid schema or parameters. - '403': - description: Indicates that this call is forbidden. - '404': - description: Indicates a rule with the given ID does not exist. - summary: Mute all alerts - tags: - - alerting - /api/alerting/rule/{id}/_unmute_all: - post: - operationId: '%2Fapi%2Falerting%2Frule%2F%7Bid%7D%2F_unmute_all#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - description: The identifier for the rule. - in: path - name: id - required: true - schema: - type: string - responses: - '204': - description: Indicates a successful call. - '400': - description: Indicates an invalid schema or parameters. - '403': - description: Indicates that this call is forbidden. - '404': - description: Indicates a rule with the given ID does not exist. - summary: Unmute all alerts - tags: - - alerting - /api/alerting/rule/{id}/_update_api_key: - post: - operationId: '%2Fapi%2Falerting%2Frule%2F%7Bid%7D%2F_update_api_key#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - description: The identifier for the rule. - in: path - name: id - required: true - schema: - type: string - responses: - '204': - description: Indicates a successful call. - '400': - description: Indicates an invalid schema or parameters. - '403': - description: Indicates that this call is forbidden. - '404': - description: Indicates a rule with the given ID does not exist. - '409': - description: Indicates that the rule has already been updated by another user. - summary: Update the API key for a rule - tags: - - alerting - /api/alerting/rule/{rule_id}/alert/{alert_id}/_mute: - post: - operationId: >- - %2Fapi%2Falerting%2Frule%2F%7Brule_id%7D%2Falert%2F%7Balert_id%7D%2F_mute#0 - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - description: The identifier for the rule. - in: path - name: rule_id - required: true - schema: - type: string - - description: The identifier for the alert. - in: path - name: alert_id - required: true - schema: - type: string - responses: - '204': - description: Indicates a successful call. - '400': - description: Indicates an invalid schema or parameters. - '403': - description: Indicates that this call is forbidden. - '404': - description: Indicates a rule or alert with the given ID does not exist. - summary: Mute an alert - tags: - - alerting - /api/alerting/rule/{rule_id}/alert/{alert_id}/_unmute: - post: - operationId: >- - %2Fapi%2Falerting%2Frule%2F%7Brule_id%7D%2Falert%2F%7Balert_id%7D%2F_unmute#0 - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - description: The identifier for the rule. - in: path - name: rule_id - required: true - schema: - type: string - - description: The identifier for the alert. - in: path - name: alert_id - required: true - schema: - type: string - responses: - '204': - description: Indicates a successful call. - '400': - description: Indicates an invalid schema or parameters. - '403': - description: Indicates that this call is forbidden. - '404': - description: Indicates a rule or alert with the given ID does not exist. - summary: Unmute an alert - tags: - - alerting - /api/alerting/rules/_find: - get: - operationId: '%2Fapi%2Falerting%2Frules%2F_find#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: The number of rules to return per page. - in: query - name: per_page - required: false - schema: - default: 10 - minimum: 0 - type: number - - description: The page number to return. - in: query - name: page - required: false - schema: - default: 1 - minimum: 1 - type: number - - description: >- - An Elasticsearch simple_query_string query that filters the objects - in the response. - in: query - name: search - required: false - schema: - type: string - - description: The default operator to use for the simple_query_string. - in: query - name: default_search_operator - required: false - schema: - default: OR - enum: - - OR - - AND - type: string - - description: The fields to perform the simple_query_string parsed query against. - in: query - name: search_fields - required: false - schema: - anyOf: - - items: - type: string - type: array - - type: string - - description: >- - Determines which field is used to sort the results. The field must - exist in the `attributes` key of the response. - in: query - name: sort_field - required: false - schema: - type: string - - description: Determines the sort order. - in: query - name: sort_order - required: false - schema: - enum: - - asc - - desc - type: string - - description: >- - Filters the rules that have a relation with the reference objects - with a specific type and identifier. - in: query - name: has_reference - required: false - schema: - additionalProperties: false - nullable: true - type: object - properties: - id: - type: string - type: - type: string - required: - - type - - id - - in: query - name: fields - required: false - schema: - items: - description: The fields to return in the `attributes` key of the response. - type: string - type: array - - description: >- - A KQL string that you filter with an attribute from your saved - object. It should look like `savedObjectType.attributes.title: - "myTitle"`. However, if you used a direct attribute of a saved - object, such as `updatedAt`, you must define your filter, for - example, `savedObjectType.updatedAt > 2018-12-22`. - in: query - name: filter - required: false - schema: - type: string - - in: query - name: filter_consumers - required: false - schema: - items: - description: List of consumers to filter. - type: string - type: array - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - actions: - items: - additionalProperties: false - type: object - properties: - alerts_filter: - additionalProperties: false - description: >- - Defines a period that limits whether the action - runs. - type: object - properties: - query: - additionalProperties: false - type: object - properties: - dsl: - description: >- - A filter written in Elasticsearch Query - Domain Specific Language (DSL). - type: string - filters: - description: >- - A filter written in Elasticsearch Query - Domain Specific Language (DSL) as defined in - the `kbn-es-query` package. - items: - additionalProperties: false - type: object - properties: - $state: - additionalProperties: false - type: object - properties: - store: - description: >- - A filter can be either specific to an - application context or applied globally. - enum: - - appState - - globalState - type: string - required: - - store - meta: - additionalProperties: {} - type: object - query: - additionalProperties: {} - type: object - required: - - meta - type: array - kql: - description: >- - A filter written in Kibana Query Language - (KQL). - type: string - required: - - kql - - filters - timeframe: - additionalProperties: false - type: object - properties: - days: - description: >- - Defines the days of the week that the action - can run, represented as an array of numbers. - For example, `1` represents Monday. An empty - array is equivalent to specifying all the - days of the week. - items: - enum: - - 1 - - 2 - - 3 - - 4 - - 5 - - 6 - - 7 - type: integer - type: array - hours: - additionalProperties: false - type: object - properties: - end: - description: >- - The end of the time frame in 24-hour - notation (`hh:mm`). - type: string - start: - description: >- - The start of the time frame in 24-hour - notation (`hh:mm`). - type: string - required: - - start - - end - timezone: - description: >- - The ISO time zone for the `hours` values. - Values such as `UTC` and `UTC+1` also work - but lack built-in daylight savings time - support and are not recommended. - type: string - required: - - days - - hours - - timezone - connector_type_id: - description: >- - The type of connector. This property appears in - responses but cannot be set in requests. - type: string - frequency: - additionalProperties: false - type: object - properties: - notify_when: - description: >- - Indicates how often alerts generate actions. - Valid values include: `onActionGroupChange`: - Actions run when the alert status changes; - `onActiveAlert`: Actions run when the alert - becomes active and at each check interval while - the rule conditions are met; - `onThrottleInterval`: Actions run when the alert - becomes active and at the interval specified in - the throttle property while the rule conditions - are met. NOTE: You cannot specify `notify_when` - at both the rule and action level. The - recommended method is to set it for each action. - If you set it at the rule level then update the - rule in Kibana, it is automatically changed to - use action-specific values. - enum: - - onActionGroupChange - - onActiveAlert - - onThrottleInterval - type: string - summary: - description: Indicates whether the action is a summary. - type: boolean - throttle: - description: >- - The throttle interval, which defines how often - an alert generates repeated actions. It is - specified in seconds, minutes, hours, or days - and is applicable only if 'notify_when' is set - to 'onThrottleInterval'. NOTE: You cannot - specify the throttle interval at both the rule - and action level. The recommended method is to - set it for each action. If you set it at the - rule level then update the rule in Kibana, it is - automatically changed to use action-specific - values. - nullable: true - type: string - required: - - summary - - notify_when - - throttle - group: - description: >- - The group name, which affects when the action runs - (for example, when the threshold is met or when the - alert is recovered). Each rule type has a list of - valid action group names. If you don't need to group - actions, set to `default`. - type: string - id: - description: The identifier for the connector saved object. - type: string - params: - additionalProperties: {} - description: >- - The parameters for the action, which are sent to the - connector. The `params` are handled as Mustache - templates and passed a default set of context. - type: object - use_alert_data_for_template: - description: Indicates whether to use alert data as a template. - type: boolean - uuid: - description: >- - A universally unique identifier (UUID) for the - action. - type: string - required: - - id - - connector_type_id - - params - type: array - active_snoozes: - items: - description: List of active snoozes for the rule. - type: string - type: array - alert_delay: - additionalProperties: false - description: >- - Indicates that an alert occurs only when the specified - number of consecutive runs met the rule conditions. - type: object - properties: - active: - description: >- - The number of consecutive runs that must meet the rule - conditions. - type: number - required: - - active - api_key_created_by_user: - description: >- - Indicates whether the API key that is associated with the - rule was created by the user. - nullable: true - type: boolean - api_key_owner: - description: >- - The owner of the API key that is associated with the rule - and used to run background tasks. - nullable: true - type: string - consumer: - description: >- - The name of the application or feature that owns the rule. - For example: `alerts`, `apm`, `discover`, - `infrastructure`, `logs`, `metrics`, `ml`, `monitoring`, - `securitySolution`, `siem`, `stackAlerts`, or `uptime`. - type: string - created_at: - description: The date and time that the rule was created. - type: string - created_by: - description: The identifier for the user that created the rule. - nullable: true - type: string - enabled: - description: >- - Indicates whether you want to run the rule on an interval - basis after it is created. - type: boolean - execution_status: - additionalProperties: false - type: object - properties: - error: - additionalProperties: false - type: object - properties: - message: - description: Error message. - type: string - reason: - description: Reason for error. - enum: - - read - - decrypt - - execute - - unknown - - license - - timeout - - disabled - - validate - type: string - required: - - reason - - message - last_duration: - description: Duration of last execution of the rule. - type: number - last_execution_date: - description: The date and time when rule was executed last. - type: string - status: - description: Status of rule execution. - enum: - - ok - - active - - error - - warning - - pending - - unknown - type: string - warning: - additionalProperties: false - type: object - properties: - message: - description: Warning message. - type: string - reason: - description: Reason for warning. - enum: - - maxExecutableActions - - maxAlerts - - maxQueuedActions - - ruleExecution - type: string - required: - - reason - - message - required: - - status - - last_execution_date - flapping: - additionalProperties: false - nullable: true - type: object - properties: - look_back_window: - maximum: 20 - minimum: 2 - type: number - status_change_threshold: - maximum: 20 - minimum: 2 - type: number - required: - - look_back_window - - status_change_threshold - id: - description: The identifier for the rule. - type: string - is_snoozed_until: - description: The date when the rule will no longer be snoozed. - nullable: true - type: string - last_run: - additionalProperties: false - nullable: true - type: object - properties: - alerts_count: - additionalProperties: false - type: object - properties: - active: - description: Number of active alerts during last run. - nullable: true - type: number - ignored: - description: Number of ignored alerts during last run. - nullable: true - type: number - new: - description: Number of new alerts during last run. - nullable: true - type: number - recovered: - description: Number of recovered alerts during last run. - nullable: true - type: number - outcome: - description: >- - Outcome of last run of the rule. Value could be - succeeded, warning or failed. - enum: - - succeeded - - warning - - failed - type: string - outcome_msg: - items: - description: Outcome message generated during last rule run. - type: string - nullable: true - type: array - outcome_order: - description: Order of the outcome. - type: number - warning: - description: Warning of last rule execution. - enum: - - read - - decrypt - - execute - - unknown - - license - - timeout - - disabled - - validate - - maxExecutableActions - - maxAlerts - - maxQueuedActions - - ruleExecution - nullable: true - type: string - required: - - outcome - - alerts_count - mapped_params: - additionalProperties: {} - type: object - monitoring: - additionalProperties: false - description: Monitoring details of the rule. - type: object - properties: - run: - additionalProperties: false - description: Rule run details. - type: object - properties: - calculated_metrics: - additionalProperties: false - description: >- - Calculation of different percentiles and success - ratio. - type: object - properties: - p50: - type: number - p95: - type: number - p99: - type: number - success_ratio: - type: number - required: - - success_ratio - history: - description: History of the rule run. - items: - additionalProperties: false - type: object - properties: - duration: - description: Duration of the rule run. - type: number - outcome: - additionalProperties: false - type: object - properties: - alerts_count: - additionalProperties: false - type: object - properties: - active: - description: Number of active alerts during last run. - nullable: true - type: number - ignored: - description: >- - Number of ignored alerts during last - run. - nullable: true - type: number - new: - description: Number of new alerts during last run. - nullable: true - type: number - recovered: - description: >- - Number of recovered alerts during last - run. - nullable: true - type: number - outcome: - description: >- - Outcome of last run of the rule. Value - could be succeeded, warning or failed. - enum: - - succeeded - - warning - - failed - type: string - outcome_msg: - items: - description: >- - Outcome message generated during last - rule run. - type: string - nullable: true - type: array - outcome_order: - description: Order of the outcome. - type: number - warning: - description: Warning of last rule execution. - enum: - - read - - decrypt - - execute - - unknown - - license - - timeout - - disabled - - validate - - maxExecutableActions - - maxAlerts - - maxQueuedActions - - ruleExecution - nullable: true - type: string - required: - - outcome - - alerts_count - success: - description: >- - Indicates whether the rule run was - successful. - type: boolean - timestamp: - description: Time of rule run. - type: number - required: - - success - - timestamp - type: array - last_run: - additionalProperties: false - type: object - properties: - metrics: - additionalProperties: false - type: object - properties: - duration: - description: Duration of most recent rule run. - type: number - gap_duration_s: - description: Duration in seconds of rule run gap. - nullable: true - type: number - total_alerts_created: - description: >- - Total number of alerts created during last - rule run. - nullable: true - type: number - total_alerts_detected: - description: >- - Total number of alerts detected during - last rule run. - nullable: true - type: number - total_indexing_duration_ms: - description: >- - Total time spent indexing documents during - last rule run in milliseconds. - nullable: true - type: number - total_search_duration_ms: - description: >- - Total time spent performing Elasticsearch - searches as measured by Kibana; includes - network latency and time spent serializing - or deserializing the request and response. - nullable: true - type: number - timestamp: - description: Time of the most recent rule run. - type: string - required: - - timestamp - - metrics - required: - - history - - calculated_metrics - - last_run - required: - - run - mute_all: - description: Indicates whether all alerts are muted. - type: boolean - muted_alert_ids: - items: - description: 'List of identifiers of muted alerts. ' - type: string - type: array - name: - description: ' The name of the rule.' - type: string - next_run: - description: Date and time of the next run of the rule. - nullable: true - type: string - notify_when: - description: >- - Indicates how often alerts generate actions. Valid values - include: `onActionGroupChange`: Actions run when the alert - status changes; `onActiveAlert`: Actions run when the - alert becomes active and at each check interval while the - rule conditions are met; `onThrottleInterval`: Actions run - when the alert becomes active and at the interval - specified in the throttle property while the rule - conditions are met. NOTE: You cannot specify `notify_when` - at both the rule and action level. The recommended method - is to set it for each action. If you set it at the rule - level then update the rule in Kibana, it is automatically - changed to use action-specific values. - enum: - - onActionGroupChange - - onActiveAlert - - onThrottleInterval - nullable: true - type: string - params: - additionalProperties: {} - description: The parameters for the rule. - type: object - revision: - description: The rule revision number. - type: number - rule_type_id: - description: The rule type identifier. - type: string - running: - description: Indicates whether the rule is running. - nullable: true - type: boolean - schedule: - additionalProperties: false - type: object - properties: - interval: - description: >- - The interval is specified in seconds, minutes, hours, - or days. - type: string - required: - - interval - scheduled_task_id: - description: Identifier of the scheduled task. - type: string - snooze_schedule: - items: - additionalProperties: false - type: object - properties: - duration: - description: Duration of the rule snooze schedule. - type: number - id: - description: Identifier of the rule snooze schedule. - type: string - rRule: - additionalProperties: false - type: object - properties: - byhour: - items: - description: Indicates hours of the day to recur. - type: number - type: array - byminute: - items: - description: Indicates minutes of the hour to recur. - type: number - type: array - bymonth: - items: - description: >- - Indicates months of the year that this rule - should recur. - type: number - type: array - bymonthday: - items: - description: Indicates the days of the month to recur. - type: number - type: array - bysecond: - items: - description: Indicates seconds of the day to recur. - type: number - type: array - bysetpos: - items: - description: >- - A positive or negative integer affecting the - nth day of the month. For example, -2 combined - with `byweekday` of FR is 2nd to last Friday - of the month. It is recommended to not set - this manually and just use `byweekday`. - type: number - type: array - byweekday: - items: - anyOf: - - type: string - - type: number - description: >- - Indicates the days of the week to recur or - else nth-day-of-month strings. For example, - "+2TU" second Tuesday of month, "-1FR" last - Friday of the month, which are internally - converted to a `byweekday/bysetpos` - combination. - type: array - byweekno: - items: - description: Indicates number of the week hours to recur. - type: number - type: array - byyearday: - items: - description: >- - Indicates the days of the year that this rule - should recur. - type: number - type: array - count: - description: >- - Number of times the rule should recur until it - stops. - type: number - dtstart: - description: >- - Rule start date in Coordinated Universal Time - (UTC). - type: string - freq: - description: >- - Indicates frequency of the rule. Options are - YEARLY, MONTHLY, WEEKLY, DAILY. - enum: - - 0 - - 1 - - 2 - - 3 - - 4 - - 5 - - 6 - type: integer - interval: - description: >- - Indicates the interval of frequency. For - example, 1 and YEARLY is every 1 year, 2 and - WEEKLY is every 2 weeks. - type: number - tzid: - description: Indicates timezone abbreviation. - type: string - until: - description: Recur the rule until this date. - type: string - wkst: - description: Indicates the start of week, defaults to Monday. - enum: - - MO - - TU - - WE - - TH - - FR - - SA - - SU - type: string - required: - - dtstart - - tzid - skipRecurrences: - items: - description: Skips recurrence of rule on this date. - type: string - type: array - required: - - duration - - rRule - type: array - tags: - items: - description: The tags for the rule. - type: string - type: array - throttle: - deprecated: true - description: >- - Deprecated in 8.13.0. Use the `throttle` property in the - action `frequency` object instead. The throttle interval, - which defines how often an alert generates repeated - actions. NOTE: You cannot specify the throttle interval at - both the rule and action level. If you set it at the rule - level then update the rule in Kibana, it is automatically - changed to use action-specific values. - nullable: true - type: string - updated_at: - description: The date and time that the rule was updated most recently. - type: string - updated_by: - description: >- - The identifier for the user that updated this rule most - recently. - nullable: true - type: string - view_in_app_relative_url: - description: Relative URL to view rule in the app. - nullable: true - type: string - required: - - id - - enabled - - name - - tags - - rule_type_id - - consumer - - schedule - - actions - - params - - created_by - - updated_by - - created_at - - updated_at - - api_key_owner - - mute_all - - muted_alert_ids - - execution_status - - revision - description: Indicates a successful call. - '400': - description: Indicates an invalid schema or parameters. - '403': - description: Indicates that this call is forbidden. - summary: Get information about rules - tags: - - alerting - /api/alerts/alert/{alertId}: - delete: - deprecated: true - description: > - Deprecated in 7.13.0. Use the delete rule API instead. WARNING: After - you delete an alert, you cannot recover it. - operationId: legaryDeleteAlert - parameters: - - $ref: '#/components/parameters/Alerting_kbn_xsrf' - - description: The identifier for the alert. - in: path - name: alertId - required: true - schema: - example: 41893910-6bca-11eb-9e0d-85d233e3ee35 - type: string - responses: - '204': - description: Indicates a successful call. - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Alerting_401_response' - description: Authorization information is missing or invalid. - summary: Delete an alert - tags: - - alerting - get: - deprecated: true - description: Deprecated in 7.13.0. Use the get rule API instead. - operationId: legacyGetAlert - parameters: - - description: The identifier for the alert. - in: path - name: alertId - required: true - schema: - example: 41893910-6bca-11eb-9e0d-85d233e3ee35 - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Alerting_alert_response_properties' - description: Indicates a successful call. - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Alerting_401_response' - description: Authorization information is missing or invalid. - summary: Get an alert by identifier - tags: - - alerting - post: - deprecated: true - description: Deprecated in 7.13.0. Use the create rule API instead. - operationId: legacyCreateAlert - parameters: - - $ref: '#/components/parameters/Alerting_kbn_xsrf' - - description: >- - An UUID v1 or v4 identifier for the alert. If this parameter is - omitted, the identifier is randomly generated. - in: path - name: alertId - required: true - schema: - example: 41893910-6bca-11eb-9e0d-85d233e3ee35 - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - title: Legacy create alert request properties - type: object - properties: - actions: - items: - type: object - properties: - actionTypeId: - description: The identifier for the action type. - type: string - group: - description: > - Grouping actions is recommended for escalations for - different types of alert instances. If you don't need - this functionality, set it to `default`. - type: string - id: - description: The ID of the action saved object. - type: string - params: - description: > - The map to the `params` that the action type will - receive. `params` are handled as Mustache templates - and passed a default set of context. - type: object - required: - - actionTypeId - - group - - id - - params - type: array - alertTypeId: - description: >- - The ID of the alert type that you want to call when the - alert is scheduled to run. - type: string - consumer: - description: >- - The name of the application that owns the alert. This name - has to match the Kibana feature name, as that dictates the - required role-based access control privileges. - type: string - enabled: - description: >- - Indicates if you want to run the alert on an interval basis - after it is created. - type: boolean - name: - description: A name to reference and search. - type: string - notifyWhen: - description: The condition for throttling the notification. - enum: - - onActionGroupChange - - onActiveAlert - - onThrottleInterval - type: string - params: - description: >- - The parameters to pass to the alert type executor `params` - value. This will also validate against the alert type params - validator, if defined. - type: object - schedule: - description: > - The schedule specifying when this alert should be run. A - schedule is structured such that the key specifies the - format you wish to use and its value specifies the schedule. - type: object - properties: - interval: - description: >- - The interval format specifies the interval in seconds, - minutes, hours or days at which the alert should run. - example: 10s - type: string - tags: - description: A list of keywords to reference and search. - items: - type: string - type: array - throttle: - description: > - How often this alert should fire the same actions. This will - prevent the alert from sending out the same notification - over and over. For example, if an alert with a schedule of 1 - minute stays in a triggered state for 90 minutes, setting a - throttle of `10m` or `1h` will prevent it from sending 90 - notifications during this period. - type: string - required: - - alertTypeId - - consumer - - name - - notifyWhen - - params - - schedule - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Alerting_alert_response_properties' - description: Indicates a successful call. - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Alerting_401_response' - description: Authorization information is missing or invalid. - summary: Create an alert - tags: - - alerting - put: - deprecated: true - description: Deprecated in 7.13.0. Use the update rule API instead. - operationId: legacyUpdateAlert - parameters: - - $ref: '#/components/parameters/Alerting_kbn_xsrf' - - description: The identifier for the alert. - in: path - name: alertId - required: true - schema: - example: 41893910-6bca-11eb-9e0d-85d233e3ee35 - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - title: Legacy update alert request properties - type: object - properties: - actions: - items: - type: object - properties: - actionTypeId: - description: The identifier for the action type. - type: string - group: - description: > - Grouping actions is recommended for escalations for - different types of alert instances. If you don't need - this functionality, set it to `default`. - type: string - id: - description: The ID of the action saved object. - type: string - params: - description: > - The map to the `params` that the action type will - receive. `params` are handled as Mustache templates - and passed a default set of context. - type: object - required: - - actionTypeId - - group - - id - - params - type: array - name: - description: A name to reference and search. - type: string - notifyWhen: - description: The condition for throttling the notification. - enum: - - onActionGroupChange - - onActiveAlert - - onThrottleInterval - type: string - params: - description: >- - The parameters to pass to the alert type executor `params` - value. This will also validate against the alert type params - validator, if defined. - type: object - schedule: - description: > - The schedule specifying when this alert should be run. A - schedule is structured such that the key specifies the - format you wish to use and its value specifies the schedule. - type: object - properties: - interval: - description: >- - The interval format specifies the interval in seconds, - minutes, hours or days at which the alert should run. - example: 1d - type: string - tags: - description: A list of keywords to reference and search. - items: - type: string - type: array - throttle: - description: > - How often this alert should fire the same actions. This will - prevent the alert from sending out the same notification - over and over. For example, if an alert with a schedule of 1 - minute stays in a triggered state for 90 minutes, setting a - throttle of `10m` or `1h` will prevent it from sending 90 - notifications during this period. - type: string - required: - - name - - notifyWhen - - params - - schedule - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Alerting_alert_response_properties' - description: Indicates a successful call. - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Alerting_401_response' - description: Authorization information is missing or invalid. - summary: Update an alert - tags: - - alerting - /api/alerts/alert/{alertId}/_disable: - post: - deprecated: true - description: Deprecated in 7.13.0. Use the disable rule API instead. - operationId: legacyDisableAlert - parameters: - - $ref: '#/components/parameters/Alerting_kbn_xsrf' - - description: The identifier for the alert. - in: path - name: alertId - required: true - schema: - example: 41893910-6bca-11eb-9e0d-85d233e3ee35 - type: string - responses: - '204': - description: Indicates a successful call. - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Alerting_401_response' - description: Authorization information is missing or invalid. - summary: Disable an alert - tags: - - alerting - /api/alerts/alert/{alertId}/_enable: - post: - deprecated: true - description: Deprecated in 7.13.0. Use the enable rule API instead. - operationId: legacyEnableAlert - parameters: - - $ref: '#/components/parameters/Alerting_kbn_xsrf' - - description: The identifier for the alert. - in: path - name: alertId - required: true - schema: - example: 41893910-6bca-11eb-9e0d-85d233e3ee35 - type: string - responses: - '204': - description: Indicates a successful call. - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Alerting_401_response' - description: Authorization information is missing or invalid. - summary: Enable an alert - tags: - - alerting - /api/alerts/alert/{alertId}/_mute_all: - post: - deprecated: true - description: Deprecated in 7.13.0. Use the mute all alerts API instead. - operationId: legacyMuteAllAlertInstances - parameters: - - $ref: '#/components/parameters/Alerting_kbn_xsrf' - - description: The identifier for the alert. - in: path - name: alertId - required: true - schema: - example: 41893910-6bca-11eb-9e0d-85d233e3ee35 - type: string - responses: - '204': - description: Indicates a successful call. - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Alerting_401_response' - description: Authorization information is missing or invalid. - summary: Mute all alert instances - tags: - - alerting - /api/alerts/alert/{alertId}/_unmute_all: - post: - deprecated: true - description: Deprecated in 7.13.0. Use the unmute all alerts API instead. - operationId: legacyUnmuteAllAlertInstances - parameters: - - $ref: '#/components/parameters/Alerting_kbn_xsrf' - - description: The identifier for the alert. - in: path - name: alertId - required: true - schema: - example: 41893910-6bca-11eb-9e0d-85d233e3ee35 - type: string - responses: - '204': - description: Indicates a successful call. - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Alerting_401_response' - description: Authorization information is missing or invalid. - summary: Unmute all alert instances - tags: - - alerting - /api/alerts/alert/{alertId}/alert_instance/{alertInstanceId}/_mute: - post: - deprecated: true - description: Deprecated in 7.13.0. Use the mute alert API instead. - operationId: legacyMuteAlertInstance - parameters: - - $ref: '#/components/parameters/Alerting_kbn_xsrf' - - description: An identifier for the alert. - in: path - name: alertId - required: true - schema: - example: 41893910-6bca-11eb-9e0d-85d233e3ee35 - type: string - - description: An identifier for the alert instance. - in: path - name: alertInstanceId - required: true - schema: - example: dceeb5d0-6b41-11eb-802b-85b0c1bc8ba2 - type: string - responses: - '204': - description: Indicates a successful call. - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Alerting_401_response' - description: Authorization information is missing or invalid. - summary: Mute an alert instance - tags: - - alerting - /api/alerts/alert/{alertId}/alert_instance/{alertInstanceId}/_unmute: - post: - deprecated: true - description: Deprecated in 7.13.0. Use the unmute alert API instead. - operationId: legacyUnmuteAlertInstance - parameters: - - $ref: '#/components/parameters/Alerting_kbn_xsrf' - - description: An identifier for the alert. - in: path - name: alertId - required: true - schema: - example: 41893910-6bca-11eb-9e0d-85d233e3ee35 - type: string - - description: An identifier for the alert instance. - in: path - name: alertInstanceId - required: true - schema: - example: dceeb5d0-6b41-11eb-802b-85b0c1bc8ba2 - type: string - responses: - '204': - description: Indicates a successful call. - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Alerting_401_response' - description: Authorization information is missing or invalid. - summary: Unmute an alert instance - tags: - - alerting - /api/alerts/alerts/_find: - get: - deprecated: true - description: > - Deprecated in 7.13.0. Use the find rules API instead. NOTE: Alert - `params` are stored as a flattened field type and analyzed as keywords. - As alerts change in Kibana, the results on each page of the response - also change. Use the find API for traditional paginated results, but - avoid using it to export large amounts of data. - operationId: legacyFindAlerts - parameters: - - description: The default operator to use for the `simple_query_string`. - example: OR - in: query - name: default_search_operator - schema: - default: OR - type: string - - description: The fields to return in the `attributes` key of the response. - in: query - name: fields - schema: - items: - type: string - type: array - - description: > - A KQL string that you filter with an attribute from your saved - object. It should look like `savedObjectType.attributes.title: - "myTitle"`. However, if you used a direct attribute of a saved - object, such as `updatedAt`, you must define your filter, for - example, `savedObjectType.updatedAt > 2018-12-22`. - in: query - name: filter - schema: - type: string - - description: >- - Filters the rules that have a relation with the reference objects - with a specific type and identifier. - in: query - name: has_reference - schema: - type: object - properties: - id: - type: string - type: - type: string - - description: The page number to return. - example: 1 - in: query - name: page - schema: - default: 1 - type: integer - - description: The number of alerts to return per page. - example: 20 - in: query - name: per_page - schema: - default: 20 - type: integer - - description: >- - An Elasticsearch `simple_query_string` query that filters the alerts - in the response. - in: query - name: search - schema: - type: string - - description: >- - The fields to perform the `simple_query_string` parsed query - against. - in: query - name: search_fields - schema: - oneOf: - - type: string - - items: - type: string - type: array - - description: > - Determines which field is used to sort the results. The field must - exist in the `attributes` key of the response. - in: query - name: sort_field - schema: - type: string - - description: Determines the sort order. - example: asc - in: query - name: sort_order - schema: - default: desc - enum: - - asc - - desc - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - data: - items: - $ref: '#/components/schemas/Alerting_alert_response_properties' - type: array - page: - type: integer - perPage: - type: integer - total: - type: integer - description: Indicates a successful call. - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Alerting_401_response' - description: Authorization information is missing or invalid. - summary: Get a paginated set of alerts - tags: - - alerting - /api/alerts/alerts/_health: - get: - deprecated: true - description: Deprecated in 7.13.0. Use the get alerting framework health API instead. - operationId: legacyGetAlertingHealth - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - alertingFrameworkHealth: - description: > - Three substates identify the health of the alerting - framework: `decryptionHealth`, `executionHealth`, and - `readHealth`. - type: object - properties: - decryptionHealth: - description: The timestamp and status of the alert decryption. - type: object - properties: - status: - enum: - - error - - ok - - warn - example: ok - type: string - timestamp: - example: '2023-01-13T01:28:00.280Z' - format: date-time - type: string - executionHealth: - description: The timestamp and status of the alert execution. - type: object - properties: - status: - enum: - - error - - ok - - warn - example: ok - type: string - timestamp: - example: '2023-01-13T01:28:00.280Z' - format: date-time - type: string - readHealth: - description: The timestamp and status of the alert reading events. - type: object - properties: - status: - enum: - - error - - ok - - warn - example: ok - type: string - timestamp: - example: '2023-01-13T01:28:00.280Z' - format: date-time - type: string - hasPermanentEncryptionKey: - description: >- - If `false`, the encrypted saved object plugin does not - have a permanent encryption key. - example: true - type: boolean - isSufficientlySecure: - description: If `false`, security is enabled but TLS is not. - example: true - type: boolean - description: Indicates a successful call. - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Alerting_401_response' - description: Authorization information is missing or invalid. - summary: Get the alerting framework health - tags: - - alerting - /api/alerts/alerts/list_alert_types: - get: - deprecated: true - description: Deprecated in 7.13.0. Use the get rule types API instead. - operationId: legacyGetAlertTypes - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - items: - type: object - properties: - actionGroups: - description: > - An explicit list of groups for which the alert type can - schedule actions, each with the action group's unique ID - and human readable name. Alert actions validation uses - this configuration to ensure that groups are valid. - items: - type: object - properties: - id: - type: string - name: - type: string - type: array - actionVariables: - description: > - A list of action variables that the alert type makes - available via context and state in action parameter - templates, and a short human readable description. The - Alert UI will use this information to prompt users for - these variables in action parameter editors. - type: object - properties: - context: - items: - type: object - properties: - description: - type: string - name: - type: string - type: array - params: - items: - type: object - properties: - description: - type: string - name: - type: string - type: array - state: - items: - type: object - properties: - description: - type: string - name: - type: string - type: array - authorizedConsumers: - description: >- - The list of the plugins IDs that have access to the - alert type. - type: object - defaultActionGroupId: - description: The default identifier for the alert type group. - type: string - enabledInLicense: - description: >- - Indicates whether the rule type is enabled based on the - subscription. - type: boolean - id: - description: The unique identifier for the alert type. - type: string - isExportable: - description: >- - Indicates whether the alert type is exportable in Saved - Objects Management UI. - type: boolean - minimumLicenseRequired: - description: The subscriptions required to use the alert type. - type: string - name: - description: The descriptive name of the alert type. - type: string - producer: - description: >- - An identifier for the application that produces this - alert type. - type: string - recoveryActionGroup: - description: > - An action group to use when an alert instance goes from - an active state to an inactive one. If it is not - specified, the default recovered action group is used. - type: object - properties: - id: - type: string - name: - type: string - type: array - description: Indicates a successful call. - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Alerting_401_response' - description: Authorization information is missing or invalid. - summary: Get the alert types - tags: - - alerting - /api/apm/agent_keys: - post: - description: Create a new agent key for APM. - operationId: createAgentKey - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - name: - type: string - privileges: - items: - enum: - - event:write - - config_agent:read - type: string - type: array - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - api_key: - type: string - encoded: - type: string - expiration: - format: int64 - type: integer - id: - type: string - name: - type: string - description: Agent key created successfully - summary: Create an APM agent key - tags: - - APM agent keys - /api/apm/services/{serviceName}/annotation: - post: - description: Create a new annotation for a specific service. - operationId: createAnnotation - parameters: - - description: The name of the service - in: path - name: serviceName - required: true - schema: - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - '@timestamp': - type: string - message: - type: string - service: - type: object - properties: - environment: - type: string - version: - type: string - tags: - items: - type: string - type: array - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - _id: - type: string - _index: - type: string - _source: - type: object - properties: - '@timestamp': - type: string - annotation: - type: string - event: - type: object - properties: - created: - type: string - message: - type: string - service: - type: object - properties: - environment: - type: string - name: - type: string - version: - type: string - tags: - items: - type: string - type: array - description: Annotation created successfully - summary: Create a service annotation - tags: - - APM annotations - /api/apm/services/{serviceName}/annotation/search: - get: - description: Search for annotations related to a specific service. - operationId: getAnnotation - parameters: - - description: The name of the service - in: path - name: serviceName - required: true - schema: - type: string - - description: The environment to filter annotations by - in: query - name: environment - required: false - schema: - type: string - - description: The start date for the search - in: query - name: start - required: false - schema: - type: string - - description: The end date for the search - in: query - name: end - required: false - schema: - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - annotations: - items: - type: object - properties: - '@timestamp': - type: number - id: - type: string - text: - type: string - type: - enum: - - version - type: string - type: array - description: Successful response - summary: Search for annotations - tags: - - APM annotations - /api/asset_criticality: - delete: - description: Delete the asset criticality record for a specific entity. - operationId: DeleteAssetCriticalityRecord - parameters: - - description: The ID value of the asset. - in: query - name: id_value - required: true - schema: - type: string - - description: The field representing the ID. - example: host.name - in: query - name: id_field - required: true - schema: - $ref: '#/components/schemas/Security_Entity_Analytics_API_IdField' - - description: If 'wait_for' the request will wait for the index refresh. - in: query - name: refresh - required: false - schema: - enum: - - wait_for - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - deleted: - description: >- - True if the record was deleted or false if the record did - not exist. - type: boolean - record: - $ref: >- - #/components/schemas/Security_Entity_Analytics_API_AssetCriticalityRecord - description: The deleted record if it existed. - required: - - deleted - description: Successful response - '400': - description: Invalid request - summary: Delete an asset criticality record - tags: - - Security Entity Analytics API - get: - description: Get the asset criticality record for a specific entity. - operationId: GetAssetCriticalityRecord - parameters: - - description: The ID value of the asset. - in: query - name: id_value - required: true - schema: - type: string - - description: The field representing the ID. - example: host.name - in: query - name: id_field - required: true - schema: - $ref: '#/components/schemas/Security_Entity_Analytics_API_IdField' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Entity_Analytics_API_AssetCriticalityRecord - description: Successful response - '400': - description: Invalid request - '404': - description: Criticality record not found - summary: Get an asset criticality record - tags: - - Security Entity Analytics API - post: - description: > - Create or update an asset criticality record for a specific entity. - - - If a record already exists for the specified entity, that record is - overwritten with the specified value. If a record doesn't exist for the - specified entity, a new record is created. - operationId: CreateAssetCriticalityRecord - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - allOf: - - $ref: >- - #/components/schemas/Security_Entity_Analytics_API_CreateAssetCriticalityRecord - - type: object - properties: - refresh: - description: >- - If 'wait_for' the request will wait for the index - refresh. - enum: - - wait_for - type: string - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Entity_Analytics_API_AssetCriticalityRecord - description: Successful response - '400': - description: Invalid request - summary: Upsert an asset criticality record - tags: - - Security Entity Analytics API - /api/asset_criticality/bulk: - post: - description: > - Bulk upsert up to 1000 asset criticality records. - - - If asset criticality records already exist for the specified entities, - those records are overwritten with the specified values. If asset - criticality records don't exist for the specified entities, new records - are created. - operationId: BulkUpsertAssetCriticalityRecords - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - example: - records: - - criticality_level: low_impact - id_field: host.name - id_value: host-1 - - criticality_level: medium_impact - id_field: host.name - id_value: host-2 - type: object - properties: - records: - items: - $ref: >- - #/components/schemas/Security_Entity_Analytics_API_CreateAssetCriticalityRecord - maxItems: 1000 - minItems: 1 - type: array - required: - - records - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - example: - errors: - - index: 0 - message: Invalid ID field - stats: - failed: 1 - successful: 1 - total: 2 - type: object - properties: - errors: - items: - $ref: >- - #/components/schemas/Security_Entity_Analytics_API_AssetCriticalityBulkUploadErrorItem - type: array - stats: - $ref: >- - #/components/schemas/Security_Entity_Analytics_API_AssetCriticalityBulkUploadStats - required: - - errors - - stats - description: Bulk upload successful - '413': - description: File too large - summary: Bulk upsert asset criticality records - tags: - - Security Entity Analytics API - /api/asset_criticality/list: - get: - description: List asset criticality records, paging, sorting and filtering as needed. - operationId: FindAssetCriticalityRecords - parameters: - - description: The field to sort by. - in: query - name: sort_field - required: false - schema: - enum: - - id_value - - id_field - - criticality_level - - \@timestamp - type: string - - description: The order to sort by. - in: query - name: sort_direction - required: false - schema: - enum: - - asc - - desc - type: string - - description: The page number to return. - in: query - name: page - required: false - schema: - minimum: 1 - type: integer - - description: The number of records to return per page. - in: query - name: per_page - required: false - schema: - maximum: 1000 - minimum: 1 - type: integer - - description: The kuery to filter by. - in: query - name: kuery - required: false - schema: - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - page: - minimum: 1 - type: integer - per_page: - maximum: 1000 - minimum: 1 - type: integer - records: - items: - $ref: >- - #/components/schemas/Security_Entity_Analytics_API_AssetCriticalityRecord - type: array - total: - minimum: 0 - type: integer - required: - - records - - page - - per_page - - total - description: Bulk upload successful - summary: List asset criticality records - tags: - - Security Entity Analytics API - /api/cases: - delete: - description: > - You must have `read` or `all` privileges and the `delete` sub-feature - privilege for the **Cases** feature in the **Management**, - **Observability**, or **Security** section of the Kibana feature - privileges, depending on the owner of the cases you're deleting. - operationId: deleteCaseDefaultSpace - parameters: - - $ref: '#/components/parameters/Cases_kbn_xsrf' - - $ref: '#/components/parameters/Cases_ids' - responses: - '204': - description: Indicates a successful call. - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Cases_4xx_response' - description: Authorization information is missing or invalid. - summary: Delete cases - tags: - - cases - patch: - description: > - You must have `all` privileges for the **Cases** feature in the - **Management**, **Observability**, or **Security** section of the - Kibana feature privileges, depending on the owner of the case you're - updating. - operationId: updateCaseDefaultSpace - parameters: - - $ref: '#/components/parameters/Cases_kbn_xsrf' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - examples: - updateCaseRequest: - $ref: '#/components/examples/Cases_update_case_request' - schema: - $ref: '#/components/schemas/Cases_update_case_request' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - examples: - updateCaseResponse: - $ref: '#/components/examples/Cases_update_case_response' - schema: - items: - $ref: '#/components/schemas/Cases_case_response_properties' - type: array - description: Indicates a successful call. - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Cases_4xx_response' - description: Authorization information is missing or invalid. - summary: Update cases - tags: - - cases - post: - description: > - You must have `all` privileges for the **Cases** feature in the - **Management**, **Observability**, or **Security** section of the - Kibana feature privileges, depending on the owner of the case you're - creating. - operationId: createCaseDefaultSpace - parameters: - - $ref: '#/components/parameters/Cases_kbn_xsrf' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - examples: - createCaseRequest: - $ref: '#/components/examples/Cases_create_case_request' - schema: - $ref: '#/components/schemas/Cases_create_case_request' - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - examples: - createCaseResponse: - $ref: '#/components/examples/Cases_create_case_response' - schema: - $ref: '#/components/schemas/Cases_case_response_properties' - description: Indicates a successful call. - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Cases_4xx_response' - description: Authorization information is missing or invalid. - summary: Create a case - tags: - - cases - /api/cases/_find: - get: - description: > - You must have `read` privileges for the **Cases** feature in the - **Management**, **Observability**, or **Security** section of the Kibana - feature privileges, depending on the owner of the cases you're seeking. - operationId: findCasesDefaultSpace - parameters: - - $ref: '#/components/parameters/Cases_assignees_filter' - - $ref: '#/components/parameters/Cases_category' - - $ref: '#/components/parameters/Cases_defaultSearchOperator' - - $ref: '#/components/parameters/Cases_from' - - $ref: '#/components/parameters/Cases_owner_filter' - - $ref: '#/components/parameters/Cases_page_index' - - $ref: '#/components/parameters/Cases_page_size' - - $ref: '#/components/parameters/Cases_reporters' - - $ref: '#/components/parameters/Cases_search' - - $ref: '#/components/parameters/Cases_searchFields' - - $ref: '#/components/parameters/Cases_severity' - - $ref: '#/components/parameters/Cases_sortField' - - $ref: '#/components/parameters/Cases_sort_order' - - $ref: '#/components/parameters/Cases_status' - - $ref: '#/components/parameters/Cases_tags' - - $ref: '#/components/parameters/Cases_to' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - examples: - findCaseResponse: - $ref: '#/components/examples/Cases_find_case_response' - schema: - type: object - properties: - cases: - items: - $ref: '#/components/schemas/Cases_case_response_properties' - maxItems: 10000 - type: array - count_closed_cases: - type: integer - count_in_progress_cases: - type: integer - count_open_cases: - type: integer - page: - type: integer - per_page: - type: integer - total: - type: integer - description: Indicates a successful call. - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Cases_4xx_response' - description: Authorization information is missing or invalid. - summary: Search cases - tags: - - cases - /api/cases/{caseId}: - get: - description: > - You must have `read` privileges for the **Cases** feature in the - **Management**, **Observability**, or **Security** section of the Kibana - feature privileges, depending on the owner of the case you're seeking. - operationId: getCaseDefaultSpace - parameters: - - $ref: '#/components/parameters/Cases_case_id' - - $ref: '#/components/parameters/Cases_includeComments' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - examples: - getDefaultCaseResponse: - $ref: '#/components/examples/Cases_get_case_response' - getDefaultObservabilityCaseReponse: - $ref: '#/components/examples/Cases_get_case_observability_response' - schema: - $ref: '#/components/schemas/Cases_case_response_properties' - description: Indicates a successful call. - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Cases_4xx_response' - description: Authorization information is missing or invalid. - summary: Get case information - tags: - - cases - /api/cases/{caseId}/alerts: - get: - description: > - You must have `read` privileges for the **Cases** feature in the - **Management**, **Observability**, or **Security** section of the Kibana - feature privileges, depending on the owner of the cases you're seeking. - operationId: getCaseAlertsDefaultSpace - parameters: - - $ref: '#/components/parameters/Cases_case_id' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - examples: - getCaseAlertsResponse: - $ref: '#/components/examples/Cases_get_case_alerts_response' - schema: - items: - $ref: '#/components/schemas/Cases_alert_response_properties' - type: array - description: Indicates a successful call. - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Cases_4xx_response' - description: Authorization information is missing or invalid. - summary: Get all alerts for a case - tags: - - cases - x-state: Technical preview - /api/cases/{caseId}/comments: - delete: - description: > - Deletes all comments and alerts from a case. You must have `all` - privileges for the **Cases** feature in the **Management**, - **Observability**, or **Security** section of the Kibana feature - privileges, depending on the owner of the cases you're deleting. - operationId: deleteCaseCommentsDefaultSpace - parameters: - - $ref: '#/components/parameters/Cases_kbn_xsrf' - - $ref: '#/components/parameters/Cases_case_id' - responses: - '204': - description: Indicates a successful call. - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Cases_4xx_response' - description: Authorization information is missing or invalid. - summary: Delete all case comments and alerts - tags: - - cases - get: - deprecated: true - description: > - Deprecated in 8.1.0. This API is deprecated and will be removed in a - future release; instead, use the get case comment API, which requires a - comment identifier in the path. You must have `read` privileges for the - **Cases** feature in the **Management**, **Observability**, or - **Security** section of the Kibana feature privileges, depending on the - owner of the cases with the comments you're seeking. - operationId: getAllCaseCommentsDefaultSpace - parameters: - - $ref: '#/components/parameters/Cases_case_id' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Cases_case_response_properties' - description: Indicates a successful call. - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Cases_4xx_response' - description: Authorization information is missing or invalid. - summary: Get all case comments - tags: - - cases - patch: - description: > - You must have `all` privileges for the **Cases** feature in the - **Management**, **Observability**, or **Security** section of the Kibana - feature privileges, depending on the owner of the case you're updating. - NOTE: You cannot change the comment type or the owner of a comment. - operationId: updateCaseCommentDefaultSpace - parameters: - - $ref: '#/components/parameters/Cases_kbn_xsrf' - - $ref: '#/components/parameters/Cases_case_id' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - examples: - updateCaseCommentRequest: - $ref: '#/components/examples/Cases_update_comment_request' - schema: - $ref: '#/components/schemas/Cases_update_case_comment_request' - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - examples: - updateCaseCommentResponse: - $ref: '#/components/examples/Cases_update_comment_response' - schema: - $ref: '#/components/schemas/Cases_case_response_properties' - description: Indicates a successful call. - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Cases_4xx_response' - description: Authorization information is missing or invalid. - summary: Update a case comment or alert - tags: - - cases - post: - description: > - You must have `all` privileges for the **Cases** feature in the - **Management**, **Observability**, or **Security** section of the Kibana - feature privileges, depending on the owner of the case you're creating. - NOTE: Each case can have a maximum of 1,000 alerts. - operationId: addCaseCommentDefaultSpace - parameters: - - $ref: '#/components/parameters/Cases_kbn_xsrf' - - $ref: '#/components/parameters/Cases_case_id' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - examples: - createCaseCommentRequest: - $ref: '#/components/examples/Cases_add_comment_request' - schema: - $ref: '#/components/schemas/Cases_add_case_comment_request' - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - examples: - createCaseCommentResponse: - $ref: '#/components/examples/Cases_add_comment_response' - schema: - $ref: '#/components/schemas/Cases_case_response_properties' - description: Indicates a successful call. - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Cases_4xx_response' - description: Authorization information is missing or invalid. - summary: Add a case comment or alert - tags: - - cases - /api/cases/{caseId}/comments/_find: - get: - description: > - Retrieves a paginated list of comments for a case. You must have `read` - privileges for the **Cases** feature in the **Management**, - **Observability**, or **Security** section of the Kibana feature - privileges, depending on the owner of the cases with the comments you're - seeking. - operationId: findCaseCommentsDefaultSpace - parameters: - - $ref: '#/components/parameters/Cases_case_id' - - $ref: '#/components/parameters/Cases_page_index' - - $ref: '#/components/parameters/Cases_page_size' - - $ref: '#/components/parameters/Cases_sort_order' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Cases_case_response_properties' - description: Indicates a successful call. - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Cases_4xx_response' - description: Authorization information is missing or invalid. - summary: Find case comments and alerts - tags: - - cases - /api/cases/{caseId}/comments/{commentId}: - delete: - description: > - You must have `all` privileges for the **Cases** feature in the - **Management**, **Observability**, or **Security** section of the Kibana - feature privileges, depending on the owner of the cases you're deleting. - operationId: deleteCaseCommentDefaultSpace - parameters: - - $ref: '#/components/parameters/Cases_kbn_xsrf' - - $ref: '#/components/parameters/Cases_case_id' - - $ref: '#/components/parameters/Cases_comment_id' - responses: - '204': - description: Indicates a successful call. - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Cases_4xx_response' - description: Authorization information is missing or invalid. - summary: Delete a case comment or alert - tags: - - cases - get: - description: > - You must have `read` privileges for the **Cases** feature in the - **Management**, **Observability**, or **Security** section of the Kibana - feature privileges, depending on the owner of the cases with the - comments you're seeking. - operationId: getCaseCommentDefaultSpace - parameters: - - $ref: '#/components/parameters/Cases_case_id' - - $ref: '#/components/parameters/Cases_comment_id' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - examples: - getCaseCommentResponse: - $ref: '#/components/examples/Cases_get_comment_response' - schema: - oneOf: - - $ref: >- - #/components/schemas/Cases_alert_comment_response_properties - - $ref: >- - #/components/schemas/Cases_user_comment_response_properties - description: Indicates a successful call. - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Cases_4xx_response' - description: Authorization information is missing or invalid. - summary: Get a case comment or alert - tags: - - cases - /api/cases/{caseId}/connector/{connectorId}/_push: - post: - description: > - You must have `all` privileges for the **Actions and Connectors** - feature in the **Management** section of the Kibana feature privileges. - You must also have `all` privileges for the **Cases** feature in the - **Management**, **Observability**, or **Security** section of the Kibana - feature privileges, depending on the owner of the case you're pushing. - operationId: pushCaseDefaultSpace - parameters: - - $ref: '#/components/parameters/Cases_case_id' - - $ref: '#/components/parameters/Cases_connector_id' - - $ref: '#/components/parameters/Cases_kbn_xsrf' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - nullable: true - type: object - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - examples: - pushCaseResponse: - $ref: '#/components/examples/Cases_push_case_response' - schema: - $ref: '#/components/schemas/Cases_case_response_properties' - description: Indicates a successful call. - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Cases_4xx_response' - description: Authorization information is missing or invalid. - summary: Push a case to an external service - tags: - - cases - /api/cases/{caseId}/user_actions: - get: - deprecated: true - description: > - Returns all user activity for a case. Deprecated in 8.1.0. This API is - deprecated and will be removed in a future release; use the find user - actions API instead. You must have `read` privileges for the **Cases** - feature in the **Management**, **Observability**, or **Security** - section of the Kibana feature privileges, depending on the owner of the - case you're seeking. - operationId: getCaseActivityDefaultSpace - parameters: - - $ref: '#/components/parameters/Cases_case_id' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - items: - $ref: '#/components/schemas/Cases_user_actions_response_properties' - type: array - description: Indicates a successful call. - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Cases_4xx_response' - description: Authorization information is missing or invalid. - summary: Get case activity - tags: - - cases - /api/cases/{caseId}/user_actions/_find: - get: - description: > - Retrives a paginated list of user activity for a case. You must have - `read` privileges for the **Cases** feature in the **Management**, - **Observability**, or **Security** section of the Kibana feature - privileges, depending on the owner of the case you're seeking. - operationId: findCaseActivityDefaultSpace - parameters: - - $ref: '#/components/parameters/Cases_case_id' - - $ref: '#/components/parameters/Cases_page_index' - - $ref: '#/components/parameters/Cases_page_size' - - $ref: '#/components/parameters/Cases_sort_order' - - $ref: '#/components/parameters/Cases_user_action_types' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - examples: - findCaseActivityResponse: - $ref: '#/components/examples/Cases_find_case_activity_response' - schema: - type: object - properties: - page: - type: integer - perPage: - type: integer - total: - type: integer - userActions: - items: - $ref: >- - #/components/schemas/Cases_user_actions_find_response_properties - maxItems: 10000 - type: array - description: Indicates a successful call. - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Cases_4xx_response' - description: Authorization information is missing or invalid. - summary: Find case activity - tags: - - cases - /api/cases/alerts/{alertId}: - get: - description: > - You must have `read` privileges for the **Cases** feature in the - **Management**, **Observability**, or **Security** section of the Kibana - feature privileges, depending on the owner of the cases you're seeking. - operationId: getCasesByAlertDefaultSpace - parameters: - - $ref: '#/components/parameters/Cases_alert_id' - - $ref: '#/components/parameters/Cases_owner_filter' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - example: - - id: 06116b80-e1c3-11ec-be9b-9b1838238ee6 - title: security_case - items: - type: object - properties: - id: - description: The case identifier. - type: string - title: - description: The case title. - type: string - maxItems: 10000 - type: array - description: Indicates a successful call. - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Cases_4xx_response' - description: Authorization information is missing or invalid. - summary: Get cases for an alert - tags: - - cases - x-state: Technical preview - /api/cases/configure: - get: - description: > - Get setting details such as the closure type, custom fields, templatse, - and the default connector for cases. You must have `read` privileges for - the **Cases** feature in the **Management**, **Observability**, or - **Security** section of the Kibana feature privileges, depending on - where the cases were created. - operationId: getCaseConfigurationDefaultSpace - parameters: - - $ref: '#/components/parameters/Cases_owner_filter' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - examples: - getConfigurationResponse: - $ref: '#/components/examples/Cases_get_case_configuration_response' - schema: - items: - type: object - properties: - closure_type: - $ref: '#/components/schemas/Cases_closure_types' - connector: - type: object - properties: - fields: - description: >- - The fields specified in the case configuration are - not used and are not propagated to individual cases, - therefore it is recommended to set it to `null`. - nullable: true - type: object - id: - description: >- - The identifier for the connector. If you do not want - a default connector, use `none`. To retrieve - connector IDs, use the find connectors API. - example: none - type: string - name: - description: >- - The name of the connector. If you do not want a - default connector, use `none`. To retrieve connector - names, use the find connectors API. - example: none - type: string - type: - $ref: '#/components/schemas/Cases_connector_types' - created_at: - example: '2022-06-01T17:07:17.767Z' - format: date-time - type: string - created_by: - type: object - properties: - email: - example: null - nullable: true - type: string - full_name: - example: null - nullable: true - type: string - profile_uid: - example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 - type: string - username: - example: elastic - nullable: true - type: string - required: - - email - - full_name - - username - customFields: - description: Custom fields configuration details. - items: - type: object - properties: - defaultValue: - description: > - A default value for the custom field. If the - `type` is `text`, the default value must be a - string. If the `type` is `toggle`, the default - value must be boolean. - oneOf: - - type: string - - type: boolean - key: - description: > - A unique key for the custom field. Must be lower - case and composed only of a-z, 0-9, '_', and '-' - characters. It is used in API calls to refer to a - specific custom field. - maxLength: 36 - minLength: 1 - type: string - label: - description: >- - The custom field label that is displayed in the - case. - maxLength: 50 - minLength: 1 - type: string - type: - description: The type of the custom field. - enum: - - text - - toggle - type: string - required: - description: > - Indicates whether the field is required. If - `false`, the custom field can be set to null or - omitted when a case is created or updated. - type: boolean - type: array - error: - example: null - nullable: true - type: string - id: - example: 4a97a440-e1cd-11ec-be9b-9b1838238ee6 - type: string - mappings: - items: - type: object - properties: - action_type: - example: overwrite - type: string - source: - example: title - type: string - target: - example: summary - type: string - type: array - owner: - $ref: '#/components/schemas/Cases_owner' - templates: - $ref: '#/components/schemas/Cases_templates' - updated_at: - example: '2022-06-01T19:58:48.169Z' - format: date-time - nullable: true - type: string - updated_by: - nullable: true - type: object - properties: - email: - example: null - nullable: true - type: string - full_name: - example: null - nullable: true - type: string - profile_uid: - example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 - type: string - username: - example: elastic - nullable: true - type: string - required: - - email - - full_name - - username - version: - example: WzIwNzMsMV0= - type: string - type: array - description: Indicates a successful call. - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Cases_4xx_response' - description: Authorization information is missing or invalid. - summary: Get case settings - tags: - - cases - post: - description: > - Case settings include external connection details, custom fields, and - templates. Connectors are used to interface with external systems. You - must create a connector before you can use it in your cases. If you set - a default connector, it is automatically selected when you create cases - in Kibana. If you use the create case API, however, you must still - specify all of the connector details. You must have `all` privileges for - the **Cases** feature in the **Management**, **Observability**, or - **Security** section of the Kibana feature privileges, depending on - where you are creating cases. - operationId: setCaseConfigurationDefaultSpace - parameters: - - $ref: '#/components/parameters/Cases_kbn_xsrf' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - examples: - setCaseConfigRequest: - $ref: '#/components/examples/Cases_set_case_configuration_request' - schema: - $ref: '#/components/schemas/Cases_set_case_configuration_request' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - examples: - setCaseConfigResponse: - $ref: '#/components/examples/Cases_set_case_configuration_response' - schema: - type: object - properties: - closure_type: - $ref: '#/components/schemas/Cases_closure_types' - connector: - type: object - properties: - fields: - description: >- - The fields specified in the case configuration are not - used and are not propagated to individual cases, - therefore it is recommended to set it to `null`. - nullable: true - type: object - id: - description: >- - The identifier for the connector. If you do not want a - default connector, use `none`. To retrieve connector - IDs, use the find connectors API. - example: none - type: string - name: - description: >- - The name of the connector. If you do not want a - default connector, use `none`. To retrieve connector - names, use the find connectors API. - example: none - type: string - type: - $ref: '#/components/schemas/Cases_connector_types' - created_at: - example: '2022-06-01T17:07:17.767Z' - format: date-time - type: string - created_by: - type: object - properties: - email: - example: null - nullable: true - type: string - full_name: - example: null - nullable: true - type: string - profile_uid: - example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 - type: string - username: - example: elastic - nullable: true - type: string - required: - - email - - full_name - - username - customFields: - description: Custom fields configuration details. - items: - type: object - properties: - defaultValue: - description: > - A default value for the custom field. If the `type` - is `text`, the default value must be a string. If - the `type` is `toggle`, the default value must be - boolean. - oneOf: - - type: string - - type: boolean - key: - description: > - A unique key for the custom field. Must be lower - case and composed only of a-z, 0-9, '_', and '-' - characters. It is used in API calls to refer to a - specific custom field. - maxLength: 36 - minLength: 1 - type: string - label: - description: >- - The custom field label that is displayed in the - case. - maxLength: 50 - minLength: 1 - type: string - type: - description: The type of the custom field. - enum: - - text - - toggle - type: string - required: - description: > - Indicates whether the field is required. If `false`, - the custom field can be set to null or omitted when - a case is created or updated. - type: boolean - type: array - error: - example: null - nullable: true - type: string - id: - example: 4a97a440-e1cd-11ec-be9b-9b1838238ee6 - type: string - mappings: - items: - type: object - properties: - action_type: - example: overwrite - type: string - source: - example: title - type: string - target: - example: summary - type: string - type: array - owner: - $ref: '#/components/schemas/Cases_owner' - templates: - $ref: '#/components/schemas/Cases_templates' - updated_at: - example: '2022-06-01T19:58:48.169Z' - format: date-time - nullable: true - type: string - updated_by: - nullable: true - type: object - properties: - email: - example: null - nullable: true - type: string - full_name: - example: null - nullable: true - type: string - profile_uid: - example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 - type: string - username: - example: elastic - nullable: true - type: string - required: - - email - - full_name - - username - version: - example: WzIwNzMsMV0= - type: string - description: Indicates a successful call. - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Cases_4xx_response' - description: Authorization information is missing or invalid. - summary: Add case settings - tags: - - cases - /api/cases/configure/{configurationId}: - patch: - description: > - Updates setting details such as the closure type, custom fields, - templates, and the default connector for cases. Connectors are used to - interface with external systems. You must create a connector before you - can use it in your cases. You must have `all` privileges for the - **Cases** feature in the **Management**, **Observability**, or - **Security** section of the Kibana feature privileges, depending on - where the case was created. - operationId: updateCaseConfigurationDefaultSpace - parameters: - - $ref: '#/components/parameters/Cases_kbn_xsrf' - - $ref: '#/components/parameters/Cases_configuration_id' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - examples: - updateCaseConfigurationRequest: - $ref: '#/components/examples/Cases_update_case_configuration_request' - schema: - $ref: '#/components/schemas/Cases_update_case_configuration_request' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - examples: - updateCaseConfigurationResponse: - $ref: >- - #/components/examples/Cases_update_case_configuration_response - schema: - type: object - properties: - closure_type: - $ref: '#/components/schemas/Cases_closure_types' - connector: - type: object - properties: - fields: - description: >- - The fields specified in the case configuration are not - used and are not propagated to individual cases, - therefore it is recommended to set it to `null`. - nullable: true - type: object - id: - description: >- - The identifier for the connector. If you do not want a - default connector, use `none`. To retrieve connector - IDs, use the find connectors API. - example: none - type: string - name: - description: >- - The name of the connector. If you do not want a - default connector, use `none`. To retrieve connector - names, use the find connectors API. - example: none - type: string - type: - $ref: '#/components/schemas/Cases_connector_types' - created_at: - example: '2022-06-01T17:07:17.767Z' - format: date-time - type: string - created_by: - type: object - properties: - email: - example: null - nullable: true - type: string - full_name: - example: null - nullable: true - type: string - profile_uid: - example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 - type: string - username: - example: elastic - nullable: true - type: string - required: - - email - - full_name - - username - customFields: - description: Custom fields configuration details. - items: - type: object - properties: - defaultValue: - description: > - A default value for the custom field. If the `type` - is `text`, the default value must be a string. If - the `type` is `toggle`, the default value must be - boolean. - oneOf: - - type: string - - type: boolean - key: - description: > - A unique key for the custom field. Must be lower - case and composed only of a-z, 0-9, '_', and '-' - characters. It is used in API calls to refer to a - specific custom field. - maxLength: 36 - minLength: 1 - type: string - label: - description: >- - The custom field label that is displayed in the - case. - maxLength: 50 - minLength: 1 - type: string - type: - description: The type of the custom field. - enum: - - text - - toggle - type: string - required: - description: > - Indicates whether the field is required. If `false`, - the custom field can be set to null or omitted when - a case is created or updated. - type: boolean - type: array - error: - example: null - nullable: true - type: string - id: - example: 4a97a440-e1cd-11ec-be9b-9b1838238ee6 - type: string - mappings: - items: - type: object - properties: - action_type: - example: overwrite - type: string - source: - example: title - type: string - target: - example: summary - type: string - type: array - owner: - $ref: '#/components/schemas/Cases_owner' - templates: - $ref: '#/components/schemas/Cases_templates' - updated_at: - example: '2022-06-01T19:58:48.169Z' - format: date-time - nullable: true - type: string - updated_by: - nullable: true - type: object - properties: - email: - example: null - nullable: true - type: string - full_name: - example: null - nullable: true - type: string - profile_uid: - example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 - type: string - username: - example: elastic - nullable: true - type: string - required: - - email - - full_name - - username - version: - example: WzIwNzMsMV0= - type: string - description: Indicates a successful call. - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Cases_4xx_response' - description: Authorization information is missing or invalid. - summary: Update case settings - tags: - - cases - /api/cases/configure/connectors/_find: - get: - description: > - Get information about connectors that are supported for use in cases. - You must have `read` privileges for the **Actions and Connectors** - feature in the **Management** section of the Kibana feature privileges. - operationId: findCaseConnectorsDefaultSpace - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - examples: - findConnectorResponse: - $ref: '#/components/examples/Cases_find_connector_response' - schema: - items: - type: object - properties: - actionTypeId: - $ref: '#/components/schemas/Cases_connector_types' - config: - additionalProperties: true - type: object - properties: - apiUrl: - type: string - projectKey: - type: string - id: - type: string - isDeprecated: - type: boolean - isMissingSecrets: - type: boolean - isPreconfigured: - type: boolean - name: - type: string - referencedByCount: - type: integer - maxItems: 1000 - type: array - description: Indicates a successful call. - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Cases_4xx_response' - description: Authorization information is missing or invalid. - summary: Get case connectors - tags: - - cases - /api/cases/reporters: - get: - description: > - Returns information about the users who opened cases. You must have read - privileges for the **Cases** feature in the **Management**, - **Observability**, or **Security** section of the Kibana feature - privileges, depending on the owner of the cases. The API returns - information about the users as they existed at the time of the case - creation, including their name, full name, and email address. If any of - those details change thereafter or if a user is deleted, the information - returned by this API is unchanged. - operationId: getCaseReportersDefaultSpace - parameters: - - $ref: '#/components/parameters/Cases_owner_filter' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - examples: - getReportersResponse: - $ref: '#/components/examples/Cases_get_reporters_response' - schema: - items: - type: object - properties: - email: - example: null - nullable: true - type: string - full_name: - example: null - nullable: true - type: string - profile_uid: - example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 - type: string - username: - example: elastic - nullable: true - type: string - required: - - email - - full_name - - username - maxItems: 10000 - type: array - description: Indicates a successful call. - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Cases_4xx_response' - description: Authorization information is missing or invalid. - summary: Get case creators - tags: - - cases - /api/cases/status: - get: - deprecated: true - description: > - Returns the number of cases that are open, closed, and in progress. - Deprecated in 8.1.0. This API is deprecated and will be removed in a - future release; use the find cases API instead. You must have `read` - privileges for the **Cases** feature in the **Management**, - **Observability**, or **Security** section of the Kibana feature - privileges, depending on the owner of the cases you're seeking. - operationId: getCaseStatusDefaultSpace - parameters: - - $ref: '#/components/parameters/Cases_owner_filter' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - count_closed_cases: - type: integer - count_in_progress_cases: - type: integer - count_open_cases: - type: integer - description: Indicates a successful call. - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Cases_4xx_response' - description: Authorization information is missing or invalid. - summary: Get case status summary - tags: - - cases - /api/cases/tags: - get: - description: > - Aggregates and returns a list of case tags. You must have read - privileges for the **Cases** feature in the **Management**, - **Observability**, or **Security** section of the Kibana feature - privileges, depending on the owner of the cases you're seeking. - operationId: getCaseTagsDefaultSpace - parameters: - - $ref: '#/components/parameters/Cases_owner_filter' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - examples: - getTagsResponse: - $ref: '#/components/examples/Cases_get_tags_response' - schema: - items: - type: string - maxItems: 10000 - type: array - description: Indicates a successful call. - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Cases_4xx_response' - description: Authorization information is missing or invalid. - summary: Get case tags - tags: - - cases - /api/data_views: - get: - operationId: getAllDataViewsDefault - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - examples: - getAllDataViewsResponse: - $ref: '#/components/examples/Data_views_get_data_views_response' - schema: - type: object - properties: - data_view: - items: - type: object - properties: - id: - type: string - name: - type: string - namespaces: - items: - type: string - type: array - title: - type: string - typeMeta: - type: object - type: array - description: Indicates a successful call. - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Data_views_400_response' - description: Bad request - summary: Get all data views - tags: - - data views - /api/data_views/data_view: - post: - operationId: createDataViewDefaultw - parameters: - - $ref: '#/components/parameters/Data_views_kbn_xsrf' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - examples: - createDataViewRequest: - $ref: '#/components/examples/Data_views_create_data_view_request' - schema: - $ref: '#/components/schemas/Data_views_create_data_view_request_object' - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Data_views_data_view_response_object' - description: Indicates a successful call. - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Data_views_400_response' - description: Bad request - summary: Create a data view - tags: - - data views - /api/data_views/data_view/{viewId}: - delete: - description: | - WARNING: When you delete a data view, it cannot be recovered. - operationId: deleteDataViewDefault - parameters: - - $ref: '#/components/parameters/Data_views_kbn_xsrf' - - $ref: '#/components/parameters/Data_views_view_id' - responses: - '204': - description: Indicates a successful call. - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Data_views_404_response' - description: Object is not found. - summary: Delete a data view - tags: - - data views - get: - operationId: getDataViewDefault - parameters: - - $ref: '#/components/parameters/Data_views_view_id' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - examples: - getDataViewResponse: - $ref: '#/components/examples/Data_views_get_data_view_response' - schema: - $ref: '#/components/schemas/Data_views_data_view_response_object' - description: Indicates a successful call. - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Data_views_404_response' - description: Object is not found. - summary: Get a data view - tags: - - data views - post: - operationId: updateDataViewDefault - parameters: - - $ref: '#/components/parameters/Data_views_kbn_xsrf' - - $ref: '#/components/parameters/Data_views_view_id' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - examples: - updateDataViewRequest: - $ref: '#/components/examples/Data_views_update_data_view_request' - schema: - $ref: '#/components/schemas/Data_views_update_data_view_request_object' - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Data_views_data_view_response_object' - description: Indicates a successful call. - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Data_views_400_response' - description: Bad request - summary: Update a data view - tags: - - data views - /api/data_views/data_view/{viewId}/fields: - post: - description: > - Update fields presentation metadata such as count, customLabel, - customDescription, and format. - operationId: updateFieldsMetadataDefault - parameters: - - $ref: '#/components/parameters/Data_views_kbn_xsrf' - - $ref: '#/components/parameters/Data_views_view_id' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - examples: - updateFieldsMetadataRequest: - $ref: '#/components/examples/Data_views_update_field_metadata_request' - schema: - type: object - properties: - fields: - description: The field object. - type: object - required: - - fields - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - acknowledged: - type: boolean - description: Indicates a successful call. - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Data_views_400_response' - description: Bad request - summary: Update data view fields metadata - tags: - - data views - /api/data_views/data_view/{viewId}/runtime_field: - post: - operationId: createRuntimeFieldDefault - parameters: - - $ref: '#/components/parameters/Data_views_kbn_xsrf' - - $ref: '#/components/parameters/Data_views_view_id' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - examples: - createRuntimeFieldRequest: - $ref: '#/components/examples/Data_views_create_runtime_field_request' - schema: - type: object - properties: - name: - description: | - The name for a runtime field. - type: string - runtimeField: - description: | - The runtime field definition object. - type: object - required: - - name - - runtimeField - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - description: Indicates a successful call. - summary: Create a runtime field - tags: - - data views - put: - operationId: createUpdateRuntimeFieldDefault - parameters: - - $ref: '#/components/parameters/Data_views_kbn_xsrf' - - description: | - The ID of the data view fields you want to update. - in: path - name: viewId - required: true - schema: - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - examples: - updateRuntimeFieldRequest: - $ref: '#/components/examples/Data_views_create_runtime_field_request' - schema: - type: object - properties: - name: - description: | - The name for a runtime field. - type: string - runtimeField: - description: | - The runtime field definition object. - type: object - required: - - name - - runtimeField - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - data_view: - type: object - fields: - items: - type: object - type: array - description: Indicates a successful call. - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Data_views_400_response' - description: Bad request - summary: Create or update a runtime field - tags: - - data views - /api/data_views/data_view/{viewId}/runtime_field/{fieldName}: - delete: - operationId: deleteRuntimeFieldDefault - parameters: - - $ref: '#/components/parameters/Data_views_field_name' - - $ref: '#/components/parameters/Data_views_view_id' - responses: - '200': - description: Indicates a successful call. - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Data_views_404_response' - description: Object is not found. - summary: Delete a runtime field from a data view - tags: - - data views - get: - operationId: getRuntimeFieldDefault - parameters: - - $ref: '#/components/parameters/Data_views_field_name' - - $ref: '#/components/parameters/Data_views_view_id' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - examples: - getRuntimeFieldResponse: - $ref: '#/components/examples/Data_views_get_runtime_field_response' - schema: - type: object - properties: - data_view: - type: object - fields: - items: - type: object - type: array - description: Indicates a successful call. - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Data_views_404_response' - description: Object is not found. - summary: Get a runtime field - tags: - - data views - post: - operationId: updateRuntimeFieldDefault - parameters: - - $ref: '#/components/parameters/Data_views_field_name' - - $ref: '#/components/parameters/Data_views_view_id' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - examples: - updateRuntimeFieldRequest: - $ref: '#/components/examples/Data_views_update_runtime_field_request' - schema: - type: object - properties: - runtimeField: - description: | - The runtime field definition object. - - You can update following fields: - - - `type` - - `script` - type: object - required: - - runtimeField - required: true - responses: - '200': - description: Indicates a successful call. - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Data_views_400_response' - description: Bad request - summary: Update a runtime field - tags: - - data views - /api/data_views/default: - get: - operationId: getDefaultDataViewDefault - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - examples: - getDefaultDataViewResponse: - $ref: >- - #/components/examples/Data_views_get_default_data_view_response - schema: - type: object - properties: - data_view_id: - type: string - description: Indicates a successful call. - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Data_views_400_response' - description: Bad request - summary: Get the default data view - tags: - - data views - post: - operationId: setDefaultDatailViewDefault - parameters: - - $ref: '#/components/parameters/Data_views_kbn_xsrf' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - examples: - setDefaultDataViewRequest: - $ref: '#/components/examples/Data_views_set_default_data_view_request' - schema: - type: object - properties: - data_view_id: - description: > - The data view identifier. NOTE: The API does not validate - whether it is a valid identifier. Use `null` to unset the - default data view. - nullable: true - type: string - force: - default: false - description: Update an existing default data view identifier. - type: boolean - required: - - data_view_id - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - acknowledged: - type: boolean - description: Indicates a successful call. - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Data_views_400_response' - description: Bad request - summary: Set the default data view - tags: - - data views - /api/data_views/swap_references: - post: - description: > - Changes saved object references from one data view identifier to - another. WARNING: Misuse can break large numbers of saved objects! - Practicing with a backup is recommended. - operationId: swapDataViewsDefault - parameters: - - $ref: '#/components/parameters/Data_views_kbn_xsrf' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - examples: - swapDataViewRequest: - $ref: '#/components/examples/Data_views_swap_data_view_request' - schema: - $ref: '#/components/schemas/Data_views_swap_data_view_request_object' - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - deleteStatus: - type: object - properties: - deletePerformed: - type: boolean - remainingRefs: - type: integer - result: - items: - type: object - properties: - id: - description: A saved object identifier. - type: string - type: - description: The saved object type. - type: string - type: array - description: Indicates a successful call. - summary: Swap saved object references - tags: - - data views - /api/data_views/swap_references/_preview: - post: - description: > - Preview the impact of swapping saved object references from one data - view identifier to another. - operationId: previewSwapDataViewsDefault - parameters: - - $ref: '#/components/parameters/Data_views_kbn_xsrf' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - examples: - previewSwapDataViewRequest: - $ref: >- - #/components/examples/Data_views_preview_swap_data_view_request - schema: - $ref: '#/components/schemas/Data_views_swap_data_view_request_object' - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - result: - items: - type: object - properties: - id: - description: A saved object identifier. - type: string - type: - description: The saved object type. - type: string - type: array - description: Indicates a successful call. - summary: Preview a saved object reference swap - tags: - - data views - /api/detection_engine/index: - delete: - operationId: DeleteAlertsIndex - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - acknowledged: - type: boolean - required: - - acknowledged - description: Successful response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Detections_API_PlatformErrorResponse - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Detections_API_SiemErrorResponse' - description: Not enough permissions response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: string - description: Index does not exist response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Detections_API_SiemErrorResponse' - description: Internal server error response - summary: Delete an alerts index - tags: - - Security Detections API - - Alert index API - get: - operationId: ReadAlertsIndex - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - index_mapping_outdated: - nullable: true - type: boolean - name: - type: string - required: - - name - - index_mapping_outdated - description: Successful response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Detections_API_PlatformErrorResponse - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Detections_API_SiemErrorResponse' - description: Not enough permissions response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Detections_API_SiemErrorResponse' - description: Not found - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Detections_API_SiemErrorResponse' - description: Internal server error response - summary: Reads the alert index name if it exists - tags: - - Security Detections API - - Alert index API - post: - operationId: CreateAlertsIndex - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - acknowledged: - type: boolean - required: - - acknowledged - description: Successful response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Detections_API_PlatformErrorResponse - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Detections_API_SiemErrorResponse' - description: Not enough permissions response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Detections_API_SiemErrorResponse' - description: Not found - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Detections_API_SiemErrorResponse' - description: Internal server error response - summary: Create an alerts index - tags: - - Security Detections API - - Alert index API - /api/detection_engine/privileges: - get: - description: > - Retrieves whether or not the user is authenticated, and the user's - Kibana - - space and index privileges, which determine if the user can create an - - index for the Elastic Security alerts generated by - - detection engine rules. - operationId: ReadPrivileges - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - has_encryption_key: - type: boolean - is_authenticated: - type: boolean - required: - - is_authenticated - - has_encryption_key - description: Successful response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Detections_API_PlatformErrorResponse - description: Unsuccessful authentication response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Detections_API_SiemErrorResponse' - description: Internal server error response - summary: Returns user privileges for the Kibana space - tags: - - Security Detections API - - Privileges API - /api/detection_engine/rules: - delete: - description: Delete a detection rule using the `rule_id` or `id` field. - operationId: DeleteRule - parameters: - - description: The rule's `id` value. - in: query - name: id - required: false - schema: - $ref: '#/components/schemas/Security_Detections_API_RuleObjectId' - - description: The rule's `rule_id` value. - in: query - name: rule_id - required: false - schema: - $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Detections_API_RuleResponse' - description: Indicates a successful call. - summary: Delete a detection rule - tags: - - Security Detections API - - Rules API - get: - description: Retrieve a detection rule using the `rule_id` or `id` field. - operationId: ReadRule - parameters: - - description: The rule's `id` value. - in: query - name: id - required: false - schema: - $ref: '#/components/schemas/Security_Detections_API_RuleObjectId' - - description: The rule's `rule_id` value. - in: query - name: rule_id - required: false - schema: - $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Detections_API_RuleResponse' - description: Indicates a successful call. - summary: Retrieve a detection rule - tags: - - Security Detections API - - Rules API - patch: - description: >- - Update specific fields of an existing detection rule using the `rule_id` - or `id` field. - operationId: PatchRule - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Detections_API_RulePatchProps' - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Detections_API_RuleResponse' - description: Indicates a successful call. - summary: Patch a detection rule - tags: - - Security Detections API - - Rules API - post: - description: Create a new detection rule. - operationId: CreateRule - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Detections_API_RuleCreateProps' - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Detections_API_RuleResponse' - description: Indicates a successful call. - summary: Create a detection rule - tags: - - Security Detections API - - Rules API - put: - description: > - Update a detection rule using the `rule_id` or `id` field. The original - rule is replaced, and all unspecified fields are deleted. - - > info - - > You cannot modify the `id` or `rule_id` values. - operationId: UpdateRule - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Detections_API_RuleUpdateProps' - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Detections_API_RuleResponse' - description: Indicates a successful call. - summary: Update a detection rule - tags: - - Security Detections API - - Rules API - /api/detection_engine/rules/_bulk_action: - post: - description: >- - Apply a bulk action, such as bulk edit, duplicate, or delete, to - multiple detection rules. The bulk action is applied to all rules that - match the query or to the rules listed by their IDs. - operationId: PerformRulesBulkAction - parameters: - - description: Enables dry run mode for the request call. - in: query - name: dry_run - required: false - schema: - type: boolean - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: '#/components/schemas/Security_Detections_API_BulkDeleteRules' - - $ref: >- - #/components/schemas/Security_Detections_API_BulkDisableRules - - $ref: '#/components/schemas/Security_Detections_API_BulkEnableRules' - - $ref: '#/components/schemas/Security_Detections_API_BulkExportRules' - - $ref: >- - #/components/schemas/Security_Detections_API_BulkDuplicateRules - - $ref: >- - #/components/schemas/Security_Detections_API_BulkManualRuleRun - - $ref: '#/components/schemas/Security_Detections_API_BulkEditRules' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Detections_API_BulkEditActionResponse - - $ref: >- - #/components/schemas/Security_Detections_API_BulkExportActionResponse - description: OK - summary: Apply a bulk action to detection rules - tags: - - Security Detections API - - Bulk API - /api/detection_engine/rules/_bulk_create: - post: - deprecated: true - description: Create new detection rules in bulk. - operationId: BulkCreateRules - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleCreateProps' - type: array - description: A JSON array of rules, where each rule contains the required fields. - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Detections_API_BulkCrudRulesResponse - description: Indicates a successful call. - summary: Create multiple detection rules - tags: - - Security Detections API - - Bulk API - /api/detection_engine/rules/_bulk_delete: - delete: - deprecated: true - description: Delete detection rules in bulk. - operationId: BulkDeleteRules - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - items: - type: object - properties: - id: - $ref: '#/components/schemas/Security_Detections_API_RuleObjectId' - rule_id: - $ref: >- - #/components/schemas/Security_Detections_API_RuleSignatureId - type: array - description: >- - A JSON array of `id` or `rule_id` fields of the rules you want to - delete. - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Detections_API_BulkCrudRulesResponse - description: Indicates a successful call. - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Detections_API_PlatformErrorResponse - - $ref: >- - #/components/schemas/Security_Detections_API_SiemErrorResponse - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Detections_API_PlatformErrorResponse - description: Unsuccessful authentication response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Detections_API_SiemErrorResponse' - description: Internal server error response - summary: Delete multiple detection rules - tags: - - Security Detections API - - Bulk API - post: - deprecated: true - description: Deletes multiple rules. - operationId: BulkDeleteRulesPost - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - items: - type: object - properties: - id: - $ref: '#/components/schemas/Security_Detections_API_RuleObjectId' - rule_id: - $ref: >- - #/components/schemas/Security_Detections_API_RuleSignatureId - type: array - description: >- - A JSON array of `id` or `rule_id` fields of the rules you want to - delete. - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Detections_API_BulkCrudRulesResponse - description: Indicates a successful call. - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Detections_API_PlatformErrorResponse - - $ref: >- - #/components/schemas/Security_Detections_API_SiemErrorResponse - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Detections_API_PlatformErrorResponse - description: Unsuccessful authentication response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Detections_API_SiemErrorResponse' - description: Internal server error response - summary: Delete multiple detection rules - tags: - - Security Detections API - - Bulk API - /api/detection_engine/rules/_bulk_update: - patch: - deprecated: true - description: >- - Update specific fields of existing detection rules using the `rule_id` - or `id` field. - operationId: BulkPatchRules - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - items: - $ref: '#/components/schemas/Security_Detections_API_RulePatchProps' - type: array - description: A JSON array of rules, where each rule contains the required fields. - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Detections_API_BulkCrudRulesResponse - description: Indicates a successful call. - summary: Patch multiple detection rules - tags: - - Security Detections API - - Bulk API - put: - deprecated: true - description: > - Update multiple detection rules using the `rule_id` or `id` field. The - original rules are replaced, and all unspecified fields are deleted. - - > info - - > You cannot modify the `id` or `rule_id` values. - operationId: BulkUpdateRules - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleUpdateProps' - type: array - description: >- - A JSON array where each element includes the `id` or `rule_id` field - of the rule you want to update and the fields you want to modify. - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Detections_API_BulkCrudRulesResponse - description: Indicates a successful call. - summary: Update multiple detection rules - tags: - - Security Detections API - - Bulk API - /api/detection_engine/rules/_export: - post: - description: > - Export detection rules to an `.ndjson` file. The following configuration - items are also included in the `.ndjson` file: - - - Actions - - - Exception lists - - > info - - > You cannot export prebuilt rules. - operationId: ExportRules - parameters: - - description: Determines whether a summary of the exported rules is returned. - in: query - name: exclude_export_details - required: false - schema: - default: false - type: boolean - - description: File name for saving the exported rules. - in: query - name: file_name - required: false - schema: - default: export.ndjson - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - nullable: true - type: object - properties: - objects: - description: >- - Array of `rule_id` fields. Exports all rules when - unspecified. - items: - type: object - properties: - rule_id: - $ref: >- - #/components/schemas/Security_Detections_API_RuleSignatureId - required: - - rule_id - type: array - required: - - objects - required: false - responses: - '200': - content: - application/ndjson; Elastic-Api-Version=2023-10-31: - schema: - description: An `.ndjson` file containing the returned rules. - format: binary - type: string - description: Indicates a successful call. - summary: Export detection rules - tags: - - Security Detections API - - Import/Export API - /api/detection_engine/rules/_find: - get: - description: >- - Retrieve a paginated list of detection rules. By default, the first page - is returned, with 20 results per page. - operationId: FindRules - parameters: - - in: query - name: fields - required: false - schema: - items: - type: string - type: array - - description: Search query - in: query - name: filter - required: false - schema: - type: string - - description: Field to sort by - in: query - name: sort_field - required: false - schema: - $ref: '#/components/schemas/Security_Detections_API_FindRulesSortField' - - description: Sort order - in: query - name: sort_order - required: false - schema: - $ref: '#/components/schemas/Security_Detections_API_SortOrder' - - description: Page number - in: query - name: page - required: false - schema: - default: 1 - minimum: 1 - type: integer - - description: Rules per page - in: query - name: per_page - required: false - schema: - default: 20 - minimum: 0 - type: integer - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - data: - items: - $ref: >- - #/components/schemas/Security_Detections_API_RuleResponse - type: array - page: - type: integer - perPage: - type: integer - total: - type: integer - required: - - page - - perPage - - total - - data - description: Successful response - summary: List all detection rules - tags: - - Security Detections API - - Rules API - /api/detection_engine/rules/_import: - post: - description: > - Import detection rules from an `.ndjson` file, including actions and - exception lists. The request must include: - - - The `Content-Type: multipart/form-data` HTTP header. - - - A link to the `.ndjson` file containing the rules. - operationId: ImportRules - parameters: - - description: >- - Determines whether existing rules with the same `rule_id` are - overwritten. - in: query - name: overwrite - required: false - schema: - default: false - type: boolean - - description: >- - Determines whether existing exception lists with the same `list_id` - are overwritten. - in: query - name: overwrite_exceptions - required: false - schema: - default: false - type: boolean - - description: >- - Determines whether existing actions with the same - `kibana.alert.rule.actions.id` are overwritten. - in: query - name: overwrite_action_connectors - required: false - schema: - default: false - type: boolean - - description: Generates a new list ID for each imported exception list. - in: query - name: as_new_list - required: false - schema: - default: false - type: boolean - requestBody: - content: - multipart/form-data; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - file: - description: The `.ndjson` file containing the rules. - format: binary - type: string - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - action_connectors_errors: - items: - $ref: '#/components/schemas/Security_Detections_API_ErrorSchema' - type: array - action_connectors_success: - type: boolean - action_connectors_success_count: - minimum: 0 - type: integer - action_connectors_warnings: - items: - $ref: >- - #/components/schemas/Security_Detections_API_WarningSchema - type: array - errors: - items: - $ref: '#/components/schemas/Security_Detections_API_ErrorSchema' - type: array - exceptions_errors: - items: - $ref: '#/components/schemas/Security_Detections_API_ErrorSchema' - type: array - exceptions_success: - type: boolean - exceptions_success_count: - minimum: 0 - type: integer - rules_count: - minimum: 0 - type: integer - success: - type: boolean - success_count: - minimum: 0 - type: integer - required: - - exceptions_success - - exceptions_success_count - - exceptions_errors - - rules_count - - success - - success_count - - errors - - action_connectors_errors - - action_connectors_warnings - - action_connectors_success - - action_connectors_success_count - description: Indicates a successful call. - summary: Import detection rules - tags: - - Security Detections API - - Import/Export API - /api/detection_engine/rules/{id}/exceptions: - post: - description: Create exception items that apply to a single detection rule. - operationId: CreateRuleExceptionListItems - parameters: - - description: Detection rule's identifier - in: path - name: id - required: true - schema: - $ref: '#/components/schemas/Security_Exceptions_API_RuleId' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - items: - items: - $ref: >- - #/components/schemas/Security_Exceptions_API_CreateRuleExceptionListItemProps - type: array - required: - - items - description: Rule exception list items - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - items: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListItem - type: array - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Exceptions_API_PlatformErrorResponse - - $ref: >- - #/components/schemas/Security_Exceptions_API_SiemErrorResponse - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Exceptions_API_PlatformErrorResponse - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Exceptions_API_PlatformErrorResponse - description: Not enough privileges response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' - description: Internal server error response - summary: Create rule exception list items - tags: - - Security Exceptions API - /api/detection_engine/rules/prepackaged: - put: - description: Install and update all Elastic prebuilt detection rules and Timelines. - operationId: InstallPrebuiltRulesAndTimelines - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - rules_installed: - description: The number of rules installed - minimum: 0 - type: integer - rules_updated: - description: The number of rules updated - minimum: 0 - type: integer - timelines_installed: - description: The number of timelines installed - minimum: 0 - type: integer - timelines_updated: - description: The number of timelines updated - minimum: 0 - type: integer - required: - - rules_installed - - rules_updated - - timelines_installed - - timelines_updated - description: Indicates a successful call - summary: Install prebuilt detection rules and Timelines - tags: - - Security Detections API - - Prebuilt Rules API - /api/detection_engine/rules/prepackaged/_status: - get: - description: >- - Retrieve the status of all Elastic prebuilt detection rules and - Timelines. - operationId: ReadPrebuiltRulesAndTimelinesStatus - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - rules_custom_installed: - description: The total number of custom rules - minimum: 0 - type: integer - rules_installed: - description: The total number of installed prebuilt rules - minimum: 0 - type: integer - rules_not_installed: - description: >- - The total number of available prebuilt rules that are not - installed - minimum: 0 - type: integer - rules_not_updated: - description: The total number of outdated prebuilt rules - minimum: 0 - type: integer - timelines_installed: - description: The total number of installed prebuilt timelines - minimum: 0 - type: integer - timelines_not_installed: - description: >- - The total number of available prebuilt timelines that are - not installed - minimum: 0 - type: integer - timelines_not_updated: - description: The total number of outdated prebuilt timelines - minimum: 0 - type: integer - required: - - rules_custom_installed - - rules_installed - - rules_not_installed - - rules_not_updated - - timelines_installed - - timelines_not_installed - - timelines_not_updated - description: Indicates a successful call - summary: Retrieve the status of prebuilt detection rules and Timelines - tags: - - Security Detections API - - Prebuilt Rules API - /api/detection_engine/rules/preview: - post: - operationId: RulePreview - parameters: - - description: >- - Enables logging and returning in response ES queries, performed - during rule execution - in: query - name: enable_logged_requests - required: false - schema: - type: boolean - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - anyOf: - - allOf: - - $ref: >- - #/components/schemas/Security_Detections_API_EqlRuleCreateProps - - $ref: >- - #/components/schemas/Security_Detections_API_RulePreviewParams - - allOf: - - $ref: >- - #/components/schemas/Security_Detections_API_QueryRuleCreateProps - - $ref: >- - #/components/schemas/Security_Detections_API_RulePreviewParams - - allOf: - - $ref: >- - #/components/schemas/Security_Detections_API_SavedQueryRuleCreateProps - - $ref: >- - #/components/schemas/Security_Detections_API_RulePreviewParams - - allOf: - - $ref: >- - #/components/schemas/Security_Detections_API_ThresholdRuleCreateProps - - $ref: >- - #/components/schemas/Security_Detections_API_RulePreviewParams - - allOf: - - $ref: >- - #/components/schemas/Security_Detections_API_ThreatMatchRuleCreateProps - - $ref: >- - #/components/schemas/Security_Detections_API_RulePreviewParams - - allOf: - - $ref: >- - #/components/schemas/Security_Detections_API_MachineLearningRuleCreateProps - - $ref: >- - #/components/schemas/Security_Detections_API_RulePreviewParams - - allOf: - - $ref: >- - #/components/schemas/Security_Detections_API_NewTermsRuleCreateProps - - $ref: >- - #/components/schemas/Security_Detections_API_RulePreviewParams - - allOf: - - $ref: >- - #/components/schemas/Security_Detections_API_EsqlRuleCreateProps - - $ref: >- - #/components/schemas/Security_Detections_API_RulePreviewParams - discriminator: - propertyName: type - description: >- - An object containing tags to add or remove and alert ids the changes - will be applied - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - isAborted: - type: boolean - logs: - items: - $ref: >- - #/components/schemas/Security_Detections_API_RulePreviewLogs - type: array - previewId: - $ref: >- - #/components/schemas/Security_Detections_API_NonEmptyString - required: - - logs - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Detections_API_PlatformErrorResponse - - $ref: >- - #/components/schemas/Security_Detections_API_SiemErrorResponse - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Detections_API_PlatformErrorResponse - description: Unsuccessful authentication response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Detections_API_SiemErrorResponse' - description: Internal server error response - summary: Preview rule alerts generated on specified time range - tags: - - Security Detections API - - Rule preview API - /api/detection_engine/signals/assignees: - post: - description: | - Assign users to detection alerts, and unassign them from alerts. - > info - > You cannot add and remove the same assignee in the same request. - operationId: SetAlertAssignees - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - assignees: - $ref: '#/components/schemas/Security_Detections_API_AlertAssignees' - description: Details about the assignees to assign and unassign. - ids: - $ref: '#/components/schemas/Security_Detections_API_AlertIds' - description: List of alerts ids to assign and unassign passed assignees. - required: - - assignees - - ids - required: true - responses: - '200': - description: Indicates a successful call. - '400': - description: Invalid request. - summary: Assign and unassign users from detection alerts - tags: - - Security Detections API - /api/detection_engine/signals/finalize_migration: - post: - description: > - Finalize successful migrations of detection alerts. This replaces the - original index's alias with the successfully migrated index's alias. - - The endpoint is idempotent; therefore, it can safely be used to poll a - given migration and, upon completion, - - finalize it. - operationId: FinalizeAlertsMigration - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - migration_ids: - items: - type: string - minItems: 1 - type: array - required: - - migration_ids - description: Array of `migration_id`s to finalize - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - items: - $ref: >- - #/components/schemas/Security_Detections_API_MigrationFinalizationResult - type: array - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Detections_API_PlatformErrorResponse - - $ref: >- - #/components/schemas/Security_Detections_API_SiemErrorResponse - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Detections_API_PlatformErrorResponse - description: Unsuccessful authentication response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Detections_API_SiemErrorResponse' - description: Internal server error response - summary: Finalize detection alert migrations - tags: - - Security Detections API - - Alerts migration API - /api/detection_engine/signals/migration: - delete: - description: > - Migrations favor data integrity over shard size. Consequently, unused or - orphaned indices are artifacts of - - the migration process. A successful migration will result in both the - old and new indices being present. - - As such, the old, orphaned index can (and likely should) be deleted. - - - While you can delete these indices manually, - - the endpoint accomplishes this task by applying a deletion policy to the - relevant index, causing it to be deleted - - after 30 days. It also deletes other artifacts specific to the migration - implementation. - operationId: AlertsMigrationCleanup - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - migration_ids: - items: - type: string - minItems: 1 - type: array - required: - - migration_ids - description: Array of `migration_id`s to cleanup - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - items: - $ref: >- - #/components/schemas/Security_Detections_API_MigrationCleanupResult - type: array - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Detections_API_PlatformErrorResponse - - $ref: >- - #/components/schemas/Security_Detections_API_SiemErrorResponse - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Detections_API_PlatformErrorResponse - description: Unsuccessful authentication response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Detections_API_SiemErrorResponse' - description: Internal server error response - summary: Clean up detection alert migrations - tags: - - Security Detections API - - Alerts migration API - post: - description: > - Initiate a migration of detection alerts. - - Migrations are initiated per index. While the process is neither - destructive nor interferes with existing data, it may be - resource-intensive. As such, it is recommended that you plan your - migrations accordingly. - operationId: CreateAlertsMigration - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - allOf: - - type: object - properties: - index: - items: - $ref: >- - #/components/schemas/Security_Detections_API_NonEmptyString - minItems: 1 - type: array - required: - - index - - $ref: >- - #/components/schemas/Security_Detections_API_AlertsReindexOptions - description: Alerts migration parameters - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - indices: - items: - oneOf: - - $ref: >- - #/components/schemas/Security_Detections_API_AlertsIndexMigrationSuccess - - $ref: >- - #/components/schemas/Security_Detections_API_AlertsIndexMigrationError - - $ref: >- - #/components/schemas/Security_Detections_API_SkippedAlertsIndexMigration - type: array - required: - - indices - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Detections_API_PlatformErrorResponse - - $ref: >- - #/components/schemas/Security_Detections_API_SiemErrorResponse - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Detections_API_PlatformErrorResponse - description: Unsuccessful authentication response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Detections_API_SiemErrorResponse' - description: Internal server error response - summary: Initiate a detection alert migration - tags: - - Security Detections API - - Alerts migration API - /api/detection_engine/signals/migration_status: - post: - description: >- - Retrieve indices that contain detection alerts of a particular age, - along with migration information for each of those indices. - operationId: ReadAlertsMigrationStatus - parameters: - - description: Maximum age of qualifying detection alerts - in: query - name: from - required: true - schema: - description: > - Time from which data is analyzed. For example, now-4200s means the - rule analyzes data from 70 minutes - - before its start time. Defaults to now-6m (analyzes data from 6 - minutes before the start time). - format: date-math - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - indices: - items: - $ref: >- - #/components/schemas/Security_Detections_API_IndexMigrationStatus - type: array - required: - - indices - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Detections_API_PlatformErrorResponse - - $ref: >- - #/components/schemas/Security_Detections_API_SiemErrorResponse - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Detections_API_PlatformErrorResponse - description: Unsuccessful authentication response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Detections_API_SiemErrorResponse' - description: Internal server error response - summary: Retrieve the status of detection alert migrations - tags: - - Security Detections API - - Alerts migration API - /api/detection_engine/signals/search: - post: - description: Find and/or aggregate detection alerts that match the given query. - operationId: SearchAlerts - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - description: Elasticsearch query and aggregation request - type: object - properties: - _source: - oneOf: - - type: boolean - - type: string - - items: - type: string - type: array - aggs: - additionalProperties: true - type: object - fields: - items: - type: string - type: array - query: - additionalProperties: true - type: object - runtime_mappings: - additionalProperties: true - type: object - size: - minimum: 0 - type: integer - sort: - $ref: '#/components/schemas/Security_Detections_API_AlertsSort' - track_total_hits: - type: boolean - description: Search and/or aggregation query - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: true - description: Elasticsearch search response - type: object - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Detections_API_PlatformErrorResponse - - $ref: >- - #/components/schemas/Security_Detections_API_SiemErrorResponse - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Detections_API_PlatformErrorResponse - description: Unsuccessful authentication response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Detections_API_SiemErrorResponse' - description: Internal server error response - summary: Find and/or aggregate detection alerts - tags: - - Security Detections API - - Alerts API - /api/detection_engine/signals/status: - post: - description: Set the status of one or more detection alerts. - operationId: SetAlertsStatus - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Detections_API_SetAlertsStatusByIds - - $ref: >- - #/components/schemas/Security_Detections_API_SetAlertsStatusByQuery - description: >- - An object containing desired status and explicit alert ids or a query - to select alerts - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: true - description: Elasticsearch update by query response - type: object - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Detections_API_PlatformErrorResponse - - $ref: >- - #/components/schemas/Security_Detections_API_SiemErrorResponse - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Detections_API_PlatformErrorResponse - description: Unsuccessful authentication response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Detections_API_SiemErrorResponse' - description: Internal server error response - summary: Set a detection alert status - tags: - - Security Detections API - - Alerts API - /api/detection_engine/signals/tags: - post: - description: | - And tags to detection alerts, and remove them from alerts. - > info - > You cannot add and remove the same alert tag in the same request. - operationId: SetAlertTags - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - ids: - $ref: '#/components/schemas/Security_Detections_API_AlertIds' - tags: - $ref: '#/components/schemas/Security_Detections_API_SetAlertTags' - required: - - ids - - tags - description: >- - An object containing tags to add or remove and alert ids the changes - will be applied - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: true - description: Elasticsearch update by query response - type: object - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Detections_API_PlatformErrorResponse - - $ref: >- - #/components/schemas/Security_Detections_API_SiemErrorResponse - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Detections_API_PlatformErrorResponse - description: Unsuccessful authentication response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Detections_API_SiemErrorResponse' - description: Internal server error response - summary: Add and remove detection alert tags - tags: - - Security Detections API - - Alerts API - /api/detection_engine/tags: - get: - description: List all unique tags from all detection rules. - operationId: ReadTags - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' - description: Indicates a successful call - summary: List all detection rule tags - tags: - - Security Detections API - - Tags API - /api/encrypted_saved_objects/_rotate_key: - post: - description: > - Superuser role required. - - - If a saved object cannot be decrypted using the primary encryption key, - then Kibana will attempt to decrypt it using the specified - decryption-only keys. In most of the cases this overhead is negligible, - but if you're dealing with a large number of saved objects and - experiencing performance issues, you may want to rotate the encryption - key. - - - This functionality is in technical preview and may be changed or removed - in a future release. Elastic will work to fix any issues, but features - in technical preview are not subject to the support SLA of official GA - features. - operationId: rotateEncryptionKey - parameters: - - description: > - Specifies a maximum number of saved objects that Kibana can process - in a single batch. Bulk key rotation is an iterative process since - Kibana may not be able to fetch and process all required saved - objects in one go and splits processing into consequent batches. By - default, the batch size is 10000, which is also a maximum allowed - value. - in: query - name: batch_size - required: false - schema: - default: 10000 - type: number - - description: > - Limits encryption key rotation only to the saved objects with the - specified type. By default, Kibana tries to rotate the encryption - key for all saved object types that may contain encrypted - attributes. - in: query - name: type - required: false - schema: - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - examples: - rotateEncryptionKeyResponse: - $ref: '#/components/examples/Saved_objects_key_rotation_response' - schema: - type: object - properties: - failed: - description: > - Indicates the number of the saved objects that were still - encrypted with one of the old encryption keys that Kibana - failed to re-encrypt with the primary key. - type: number - successful: - description: > - Indicates the total number of all encrypted saved objects - (optionally filtered by the requested `type`), regardless - of the key Kibana used for encryption. - - - NOTE: In most cases, `total` will be greater than - `successful` even if `failed` is zero. The reason is that - Kibana may not need or may not be able to rotate - encryption keys for all encrypted saved objects. - type: number - total: - description: > - Indicates the total number of all encrypted saved objects - (optionally filtered by the requested `type`), regardless - of the key Kibana used for encryption. - type: number - description: Indicates a successful call. - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Saved_objects_400_response' - description: Bad request - '429': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - description: Already in progress. - summary: Rotate a key for encrypted saved objects - tags: - - saved objects - /api/endpoint_list: - post: - description: >- - Create an endpoint exception list, which groups endpoint exception list - items. If an endpoint exception list already exists, an empty response - is returned. - operationId: CreateEndpointList - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_EndpointList - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_PlatformErrorResponse - - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_SiemErrorResponse - description: Invalid input data - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_PlatformErrorResponse - description: Unsuccessful authentication - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_PlatformErrorResponse - description: Insufficient privileges - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_SiemErrorResponse - description: Internal server error - summary: Create an endpoint exception list - tags: - - Security Endpoint Exceptions API - /api/endpoint_list/items: - delete: - description: >- - Delete an endpoint exception list item using the `id` or `item_id` - field. - operationId: DeleteEndpointListItem - parameters: - - description: Either `id` or `item_id` must be specified - in: query - name: id - required: false - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemId - - description: Either `id` or `item_id` must be specified - in: query - name: item_id - required: false - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemHumanId - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_EndpointListItem - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_PlatformErrorResponse - - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_SiemErrorResponse - description: Invalid input data - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_PlatformErrorResponse - description: Unsuccessful authentication - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_PlatformErrorResponse - description: Insufficient privileges - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_SiemErrorResponse - description: Endpoint list item not found - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_SiemErrorResponse - description: Internal server error - summary: Delete an endpoint exception list item - tags: - - Security Endpoint Exceptions API - get: - description: >- - Get the details of an endpoint exception list item using the `id` or - `item_id` field. - operationId: ReadEndpointListItem - parameters: - - description: Either `id` or `item_id` must be specified - in: query - name: id - required: false - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemId - - description: Either `id` or `item_id` must be specified - in: query - name: item_id - required: false - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemHumanId - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - items: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_EndpointListItem - type: array - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_PlatformErrorResponse - - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_SiemErrorResponse - description: Invalid input data - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_PlatformErrorResponse - description: Unsuccessful authentication - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_PlatformErrorResponse - description: Insufficient privileges - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_SiemErrorResponse - description: Endpoint list item not found - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_SiemErrorResponse - description: Internal server error - summary: Get an endpoint exception list item - tags: - - Security Endpoint Exceptions API - post: - description: >- - Create an endpoint exception list item, and associate it with the - endpoint exception list. - operationId: CreateEndpointListItem - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - comments: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemCommentArray - default: [] - description: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemDescription - entries: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemEntryArray - item_id: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemHumanId - meta: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemMeta - name: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemName - os_types: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemOsTypeArray - default: [] - tags: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemTags - default: [] - type: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemType - required: - - type - - name - - description - - entries - description: Exception list item's properties - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_EndpointListItem - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_PlatformErrorResponse - - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_SiemErrorResponse - description: Invalid input data - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_PlatformErrorResponse - description: Unsuccessful authentication - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_PlatformErrorResponse - description: Insufficient privileges - '409': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_SiemErrorResponse - description: Endpoint list item already exists - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_SiemErrorResponse - description: Internal server error - summary: Create an endpoint exception list item - tags: - - Security Endpoint Exceptions API - put: - description: >- - Update an endpoint exception list item using the `id` or `item_id` - field. - operationId: UpdateEndpointListItem - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - _version: - type: string - comments: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemCommentArray - default: [] - description: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemDescription - entries: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemEntryArray - id: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemId - description: Either `id` or `item_id` must be specified - item_id: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemHumanId - description: Either `id` or `item_id` must be specified - meta: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemMeta - name: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemName - os_types: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemOsTypeArray - default: [] - tags: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemTags - type: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemType - required: - - type - - name - - description - - entries - description: Exception list item's properties - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_EndpointListItem - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_PlatformErrorResponse - - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_SiemErrorResponse - description: Invalid input data - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_PlatformErrorResponse - description: Unsuccessful authentication - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_PlatformErrorResponse - description: Insufficient privileges - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_SiemErrorResponse - description: Endpoint list item not found - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_SiemErrorResponse - description: Internal server error - summary: Update an endpoint exception list item - tags: - - Security Endpoint Exceptions API - /api/endpoint_list/items/_find: - get: - description: Get a list of all endpoint exception list items. - operationId: FindEndpointListItems - parameters: - - description: > - Filters the returned results according to the value of the specified - field, - - using the `:` syntax. - in: query - name: filter - required: false - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_FindEndpointListItemsFilter - - description: The page number to return - in: query - name: page - required: false - schema: - minimum: 0 - type: integer - - description: The number of exception list items to return per page - in: query - name: per_page - required: false - schema: - minimum: 0 - type: integer - - description: Determines which field is used to sort the results - in: query - name: sort_field - required: false - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_NonEmptyString - - description: Determines the sort order, which can be `desc` or `asc` - in: query - name: sort_order - required: false - schema: - enum: - - desc - - asc - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - data: - items: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_EndpointListItem - type: array - page: - minimum: 0 - type: integer - per_page: - minimum: 0 - type: integer - pit: - type: string - total: - minimum: 0 - type: integer - required: - - data - - page - - per_page - - total - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_PlatformErrorResponse - - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_SiemErrorResponse - description: Invalid input data - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_PlatformErrorResponse - description: Unsuccessful authentication - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_PlatformErrorResponse - description: Insufficient privileges - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_SiemErrorResponse - description: Endpoint list not found - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_SiemErrorResponse - description: Internal server error - summary: Get endpoint exception list items - tags: - - Security Endpoint Exceptions API - /api/endpoint/action: - get: - description: Get a list of all response actions. - operationId: EndpointGetActionsList - parameters: - - in: query - name: query - required: true - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_GetEndpointActionListRouteQuery - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_SuccessResponse - description: OK - summary: Get response actions - tags: - - Security Endpoint Management API - /api/endpoint/action_log/{agent_id}: - get: - deprecated: true - description: Get an action request log for the specified agent ID. - operationId: EndpointGetActionLog - parameters: - - in: path - name: agent_id - required: true - schema: - $ref: '#/components/schemas/Security_Endpoint_Management_API_AgentId' - - in: query - name: query - required: true - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_ActionLogRequestQuery - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_SuccessResponse - description: OK - summary: Get an action request log - tags: - - Security Endpoint Management API - /api/endpoint/action_status: - get: - description: Get the status of response actions for the specified agent IDs. - operationId: EndpointGetActionsStatus - parameters: - - in: query - name: query - required: true - schema: - type: object - properties: - agent_ids: - $ref: '#/components/schemas/Security_Endpoint_Management_API_AgentIds' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_ActionStatusSuccessResponse - description: OK - summary: Get response actions status - tags: - - Security Endpoint Management API - /api/endpoint/action/{action_id}: - get: - description: Get the details of a response action using the action ID. - operationId: EndpointGetActionsDetails - parameters: - - in: path - name: action_id - required: true - schema: - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_SuccessResponse - description: OK - summary: Get action details - tags: - - Security Endpoint Management API - /api/endpoint/action/{action_id}/file/{file_id}: - get: - description: Get information for the specified file using the file ID. - operationId: EndpointFileInfo - parameters: - - in: path - name: action_id - required: true - schema: - type: string - - in: path - name: file_id - required: true - schema: - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_SuccessResponse - description: OK - summary: Get file information - tags: - - Security Endpoint Management API - /api/endpoint/action/{action_id}/file/{file_id}/download: - get: - description: Download a file from an endpoint. - operationId: EndpointFileDownload - parameters: - - in: path - name: action_id - required: true - schema: - type: string - - in: path - name: file_id - required: true - schema: - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_SuccessResponse - description: OK - summary: Download a file - tags: - - Security Endpoint Management API - /api/endpoint/action/execute: - post: - description: Run a shell command on an endpoint. - operationId: EndpointExecuteAction - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_ExecuteRouteRequestBody - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_SuccessResponse - description: OK - summary: Run a command - tags: - - Security Endpoint Management API - /api/endpoint/action/get_file: - post: - description: Get a file from an endpoint. - operationId: EndpointGetFileAction - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_GetFileRouteRequestBody - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_SuccessResponse - description: OK - summary: Get a file - tags: - - Security Endpoint Management API - /api/endpoint/action/isolate: - post: - description: >- - Isolate an endpoint from the network. The endpoint remains isolated - until it's released. - operationId: EndpointIsolateAction - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_IsolateRouteRequestBody - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_SuccessResponse - description: OK - summary: Isolate an endpoint - tags: - - Security Endpoint Management API - /api/endpoint/action/kill_process: - post: - description: Terminate a running process on an endpoint. - operationId: EndpointKillProcessAction - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_KillProcessRouteRequestBody - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_SuccessResponse - description: OK - summary: Terminate a process - tags: - - Security Endpoint Management API - /api/endpoint/action/running_procs: - post: - description: Get a list of all processes running on an endpoint. - operationId: EndpointGetProcessesAction - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_GetProcessesRouteRequestBody - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_SuccessResponse - description: OK - summary: Get running processes - tags: - - Security Endpoint Management API - /api/endpoint/action/scan: - post: - description: Scan a specific file or directory on an endpoint for malware. - operationId: EndpointScanAction - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_ScanRouteRequestBody - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_SuccessResponse - description: OK - summary: Scan a file or directory - tags: - - Security Endpoint Management API - /api/endpoint/action/state: - get: - description: >- - Get a response actions state, which reports whether encryption is - enabled. - operationId: EndpointGetActionsState - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_ActionStateSuccessResponse - description: OK - summary: Get actions state - tags: - - Security Endpoint Management API - /api/endpoint/action/suspend_process: - post: - description: Suspend a running process on an endpoint. - operationId: EndpointSuspendProcessAction - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_SuspendProcessRouteRequestBody - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_SuccessResponse - description: OK - summary: Suspend a process - tags: - - Security Endpoint Management API - /api/endpoint/action/unisolate: - post: - description: Release an isolated endpoint, allowing it to rejoin a network. - operationId: EndpointUnisolateAction - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_UnisolateRouteRequestBody - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_SuccessResponse - description: OK - summary: Release an isolated endpoint - tags: - - Security Endpoint Management API - /api/endpoint/action/upload: - post: - description: Upload a file to an endpoint. - operationId: EndpointUploadAction - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_UploadRouteRequestBody - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_SuccessResponse - description: OK - summary: Upload a file - tags: - - Security Endpoint Management API - /api/endpoint/isolate: - post: - deprecated: true - description: > - Isolate an endpoint from the network. - - > info - - > This URL will return a 308 permanent redirect to `POST :/api/endpoint/action/isolate`. - operationId: EndpointIsolateRedirect - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - agent_type: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_AgentTypes - alert_ids: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_AlertIds - case_ids: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_CaseIds - comment: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_Comment - endpoint_ids: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_EndpointIds - parameters: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_Parameters - required: - - endpoint_ids - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_SuccessResponse - description: OK - '308': - description: Permanent Redirect - headers: - Location: - description: Permanently redirects to "/api/endpoint/action/isolate" - schema: - example: /api/endpoint/action/isolate - type: string - summary: Isolate an endpoint - tags: - - Security Endpoint Management API - /api/endpoint/metadata: - get: - operationId: GetEndpointMetadataList - parameters: - - in: query - name: query - required: true - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_ListRequestQuery - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_SuccessResponse - description: OK - summary: Get a metadata list - tags: - - Security Endpoint Management API - /api/endpoint/metadata/{id}: - get: - operationId: GetEndpointMetadata - parameters: - - in: path - name: id - required: true - schema: - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_SuccessResponse - description: OK - summary: Get metadata - tags: - - Security Endpoint Management API - /api/endpoint/metadata/transforms: - get: - deprecated: true - operationId: GetEndpointMetadataTransform - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_SuccessResponse - description: OK - summary: Get metadata transforms - tags: - - Security Endpoint Management API - /api/endpoint/policy_response: - get: - operationId: GetPolicyResponse - parameters: - - in: query - name: query - required: true - schema: - type: object - properties: - agentId: - $ref: '#/components/schemas/Security_Endpoint_Management_API_AgentId' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_SuccessResponse - description: OK - summary: Get a policy response - tags: - - Security Endpoint Management API - /api/endpoint/policy/summaries: - get: - deprecated: true - operationId: GetAgentPolicySummary - parameters: - - in: query - name: query - required: true - schema: - type: object - properties: - package_name: - type: string - policy_id: - nullable: true - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_SuccessResponse - description: OK - summary: Get an agent policy summary - tags: - - Security Endpoint Management API - /api/endpoint/protection_updates_note/{package_policy_id}: - get: - operationId: GetProtectionUpdatesNote - parameters: - - in: path - name: package_policy_id - required: true - schema: - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_ProtectionUpdatesNoteResponse - description: OK - summary: Get a protection updates note - tags: - - Security Endpoint Management API - post: - operationId: CreateUpdateProtectionUpdatesNote - parameters: - - in: path - name: package_policy_id - required: true - schema: - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - note: - type: string - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_ProtectionUpdatesNoteResponse - description: OK - summary: Create or update a protection updates note - tags: - - Security Endpoint Management API - /api/endpoint/suggestions/{suggestion_type}: - post: - deprecated: true - operationId: GetEndpointSuggestions - parameters: - - in: path - name: suggestion_type - required: true - schema: - enum: - - eventFilters - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - field: - type: string - fieldMeta: {} - filters: {} - query: - type: string - required: - - parameters - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_SuccessResponse - description: OK - summary: Get suggestions - tags: - - Security Endpoint Management API - /api/endpoint/unisolate: - post: - deprecated: true - description: > - Release an isolated endpoint, allowing it to rejoin a network. - - > info - - > This URL will return a 308 permanent redirect to `POST :/api/endpoint/action/unisolate`. - operationId: EndpointUnisolateRedirect - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - agent_type: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_AgentTypes - alert_ids: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_AlertIds - case_ids: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_CaseIds - comment: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_Comment - endpoint_ids: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_EndpointIds - parameters: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_Parameters - required: - - endpoint_ids - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_SuccessResponse - description: OK - '308': - description: Permanent Redirect - headers: - Location: - description: Permanently redirects to "/api/endpoint/action/unisolate" - schema: - example: /api/endpoint/action/unisolate - type: string - summary: Release an isolated endpoint - tags: - - Security Endpoint Management API - /api/entity_store/engines: - get: - operationId: ListEntityEngines - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - count: - type: integer - engines: - items: - $ref: >- - #/components/schemas/Security_Entity_Analytics_API_EngineDescriptor - type: array - description: Successful response - summary: List the Entity Engines - tags: - - Security Entity Analytics API - /api/entity_store/engines/{entityType}: - delete: - operationId: DeleteEntityEngine - parameters: - - description: The entity type of the engine (either 'user' or 'host'). - in: path - name: entityType - required: true - schema: - $ref: '#/components/schemas/Security_Entity_Analytics_API_EntityType' - - description: Control flag to also delete the entity data. - in: query - name: data - required: false - schema: - type: boolean - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - deleted: - type: boolean - description: Successful response - summary: Delete the Entity Engine - tags: - - Security Entity Analytics API - get: - operationId: GetEntityEngine - parameters: - - description: The entity type of the engine (either 'user' or 'host'). - in: path - name: entityType - required: true - schema: - $ref: '#/components/schemas/Security_Entity_Analytics_API_EntityType' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Entity_Analytics_API_EngineDescriptor - description: Successful response - summary: Get an Entity Engine - tags: - - Security Entity Analytics API - /api/entity_store/engines/{entityType}/init: - post: - operationId: InitEntityEngine - parameters: - - description: The entity type of the engine (either 'user' or 'host'). - in: path - name: entityType - required: true - schema: - $ref: '#/components/schemas/Security_Entity_Analytics_API_EntityType' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - fieldHistoryLength: - default: 10 - description: The number of historical values to keep for each field. - type: integer - filter: - type: string - indexPattern: - $ref: >- - #/components/schemas/Security_Entity_Analytics_API_IndexPattern - description: Schema for the engine initialization - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Entity_Analytics_API_EngineDescriptor - description: Successful response - summary: Initialize an Entity Engine - tags: - - Security Entity Analytics API - /api/entity_store/engines/{entityType}/start: - post: - operationId: StartEntityEngine - parameters: - - description: The entity type of the engine (either 'user' or 'host'). - in: path - name: entityType - required: true - schema: - $ref: '#/components/schemas/Security_Entity_Analytics_API_EntityType' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - started: - type: boolean - description: Successful response - summary: Start an Entity Engine - tags: - - Security Entity Analytics API - /api/entity_store/engines/{entityType}/stats: - post: - operationId: GetEntityEngineStats - parameters: - - description: The entity type of the engine (either 'user' or 'host'). - in: path - name: entityType - required: true - schema: - $ref: '#/components/schemas/Security_Entity_Analytics_API_EntityType' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - indexPattern: - $ref: >- - #/components/schemas/Security_Entity_Analytics_API_IndexPattern - indices: - items: - type: object - type: array - status: - $ref: >- - #/components/schemas/Security_Entity_Analytics_API_EngineStatus - transforms: - items: - type: object - type: array - type: - $ref: >- - #/components/schemas/Security_Entity_Analytics_API_EntityType - description: Successful response - summary: Get Entity Engine stats - tags: - - Security Entity Analytics API - /api/entity_store/engines/{entityType}/stop: - post: - operationId: StopEntityEngine - parameters: - - description: The entity type of the engine (either 'user' or 'host'). - in: path - name: entityType - required: true - schema: - $ref: '#/components/schemas/Security_Entity_Analytics_API_EntityType' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - stopped: - type: boolean - description: Successful response - summary: Stop an Entity Engine - tags: - - Security Entity Analytics API - /api/entity_store/engines/apply_dataview_indices: - post: - operationId: ApplyEntityEngineDataviewIndices - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - result: - items: - $ref: >- - #/components/schemas/Security_Entity_Analytics_API_EngineDataviewUpdateResult - type: array - success: - type: boolean - description: Successful response - '207': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - errors: - items: - type: string - type: array - result: - items: - $ref: >- - #/components/schemas/Security_Entity_Analytics_API_EngineDataviewUpdateResult - type: array - success: - type: boolean - description: Partial successful response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - body: - type: string - statusCode: - type: number - description: Error response - summary: Apply DataView indices to all installed engines - tags: - - Security Entity Analytics API - /api/entity_store/entities/list: - get: - description: List entities records, paging, sorting and filtering as needed. - operationId: ListEntities - parameters: - - in: query - name: sort_field - required: false - schema: - type: string - - in: query - name: sort_order - required: false - schema: - enum: - - asc - - desc - type: string - - in: query - name: page - required: false - schema: - minimum: 1 - type: integer - - in: query - name: per_page - required: false - schema: - maximum: 10000 - minimum: 1 - type: integer - - description: An ES query to filter by. - in: query - name: filterQuery - required: false - schema: - type: string - - in: query - name: entities_types - required: true - schema: - items: - $ref: '#/components/schemas/Security_Entity_Analytics_API_EntityType' - type: array - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - inspect: - $ref: >- - #/components/schemas/Security_Entity_Analytics_API_InspectQuery - page: - minimum: 1 - type: integer - per_page: - maximum: 1000 - minimum: 1 - type: integer - records: - items: - $ref: >- - #/components/schemas/Security_Entity_Analytics_API_Entity - type: array - total: - minimum: 0 - type: integer - required: - - records - - page - - per_page - - total - description: Entities returned successfully - summary: List Entity Store Entities - tags: - - Security Entity Analytics API - /api/exception_lists: - delete: - description: Delete an exception list using the `id` or `list_id` field. - operationId: DeleteExceptionList - parameters: - - description: Either `id` or `list_id` must be specified - in: query - name: id - required: false - schema: - $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListId' - - description: Either `id` or `list_id` must be specified - in: query - name: list_id - required: false - schema: - $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListHumanId' - - in: query - name: namespace_type - required: false - schema: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionNamespaceType - default: single - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Exceptions_API_ExceptionList' - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Exceptions_API_PlatformErrorResponse - - $ref: >- - #/components/schemas/Security_Exceptions_API_SiemErrorResponse - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Exceptions_API_PlatformErrorResponse - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Exceptions_API_PlatformErrorResponse - description: Not enough privileges response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' - description: Exception list not found response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' - description: Internal server error response - summary: Delete an exception list - tags: - - Security Exceptions API - get: - description: Get the details of an exception list using the `id` or `list_id` field. - operationId: ReadExceptionList - parameters: - - description: Either `id` or `list_id` must be specified - in: query - name: id - required: false - schema: - $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListId' - - description: Either `id` or `list_id` must be specified - in: query - name: list_id - required: false - schema: - $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListHumanId' - - in: query - name: namespace_type - required: false - schema: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionNamespaceType - default: single - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Exceptions_API_ExceptionList' - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Exceptions_API_PlatformErrorResponse - - $ref: >- - #/components/schemas/Security_Exceptions_API_SiemErrorResponse - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Exceptions_API_PlatformErrorResponse - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Exceptions_API_PlatformErrorResponse - description: Not enough privileges response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' - description: Exception list item not found response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' - description: Internal server error response - summary: Get exception list details - tags: - - Security Exceptions API - post: - description: > - An exception list groups exception items and can be associated with - detection rules. You can assign detection rules with multiple exception - lists. - - > info - - > All exception items added to the same list are evaluated using `OR` - logic. That is, if any of the items in a list evaluate to `true`, the - exception prevents the rule from generating an alert. Likewise, `OR` - logic is used for evaluating exceptions when more than one exception - list is assigned to a rule. To use the `AND` operator, you can define - multiple clauses (`entries`) in a single exception item. - operationId: CreateExceptionList - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - description: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListDescription - list_id: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListHumanId - meta: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListMeta - name: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListName - namespace_type: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionNamespaceType - default: single - os_types: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListOsTypeArray - tags: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListTags - default: [] - type: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListType - version: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListVersion - default: 1 - required: - - name - - description - - type - description: Exception list's properties - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Exceptions_API_ExceptionList' - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Exceptions_API_PlatformErrorResponse - - $ref: >- - #/components/schemas/Security_Exceptions_API_SiemErrorResponse - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Exceptions_API_PlatformErrorResponse - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Exceptions_API_PlatformErrorResponse - description: Not enough privileges response - '409': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' - description: Exception list already exists response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' - description: Internal server error response - summary: Create an exception list - tags: - - Security Exceptions API - put: - description: Update an exception list using the `id` or `list_id` field. - operationId: UpdateExceptionList - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - _version: - type: string - description: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListDescription - id: - $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListId' - list_id: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListHumanId - meta: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListMeta - name: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListName - namespace_type: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionNamespaceType - default: single - os_types: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListOsTypeArray - default: [] - tags: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListTags - type: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListType - version: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListVersion - required: - - name - - description - - type - description: Exception list's properties - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Exceptions_API_ExceptionList' - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Exceptions_API_PlatformErrorResponse - - $ref: >- - #/components/schemas/Security_Exceptions_API_SiemErrorResponse - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Exceptions_API_PlatformErrorResponse - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Exceptions_API_PlatformErrorResponse - description: Not enough privileges response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' - description: Exception list not found response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' - description: Internal server error response - summary: Update an exception list - tags: - - Security Exceptions API - /api/exception_lists/_duplicate: - post: - description: Duplicate an existing exception list. - operationId: DuplicateExceptionList - parameters: - - description: Exception list's human identifier - in: query - name: list_id - required: true - schema: - $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListHumanId' - - in: query - name: namespace_type - required: true - schema: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionNamespaceType - - description: >- - Determines whether to include expired exceptions in the exported - list - in: query - name: include_expired_exceptions - required: true - schema: - default: 'true' - enum: - - 'true' - - 'false' - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Exceptions_API_ExceptionList' - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Exceptions_API_PlatformErrorResponse - - $ref: >- - #/components/schemas/Security_Exceptions_API_SiemErrorResponse - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Exceptions_API_PlatformErrorResponse - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Exceptions_API_PlatformErrorResponse - description: Not enough privileges response - '405': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' - description: Exception list to duplicate not found response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' - description: Internal server error response - summary: Duplicate an exception list - tags: - - Security Exceptions API - /api/exception_lists/_export: - post: - description: Export an exception list and its associated items to an NDJSON file. - operationId: ExportExceptionList - parameters: - - description: Exception list's identifier - in: query - name: id - required: true - schema: - $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListId' - - description: Exception list's human identifier - in: query - name: list_id - required: true - schema: - $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListHumanId' - - in: query - name: namespace_type - required: true - schema: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionNamespaceType - - description: >- - Determines whether to include expired exceptions in the exported - list - in: query - name: include_expired_exceptions - required: true - schema: - default: 'true' - enum: - - 'true' - - 'false' - type: string - responses: - '200': - content: - application/ndjson; Elastic-Api-Version=2023-10-31: - schema: - description: >- - A `.ndjson` file containing specified exception list and its - items - format: binary - type: string - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Exceptions_API_PlatformErrorResponse - - $ref: >- - #/components/schemas/Security_Exceptions_API_SiemErrorResponse - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Exceptions_API_PlatformErrorResponse - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Exceptions_API_PlatformErrorResponse - description: Not enough privileges response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' - description: Exception list not found response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' - description: Internal server error response - summary: Export an exception list - tags: - - Security Exceptions API - /api/exception_lists/_find: - get: - description: Get a list of all exception lists. - operationId: FindExceptionLists - parameters: - - description: > - Filters the returned results according to the value of the specified - field. - - - Uses the `so type.field name:field` value syntax, where `so type` - can be: - - - - `exception-list`: Specify a space-aware exception list. - - - `exception-list-agnostic`: Specify an exception list that is - shared across spaces. - in: query - name: filter - required: false - schema: - $ref: >- - #/components/schemas/Security_Exceptions_API_FindExceptionListsFilter - - description: > - Determines whether the returned containers are Kibana associated - with a Kibana space - - or available in all spaces (`agnostic` or `single`) - in: query - name: namespace_type - required: false - schema: - default: - - single - items: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionNamespaceType - type: array - - description: The page number to return - in: query - name: page - required: false - schema: - minimum: 1 - type: integer - - description: The number of exception lists to return per page - in: query - name: per_page - required: false - schema: - minimum: 1 - type: integer - - description: Determines which field is used to sort the results - in: query - name: sort_field - required: false - schema: - type: string - - description: Determines the sort order, which can be `desc` or `asc` - in: query - name: sort_order - required: false - schema: - enum: - - desc - - asc - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - data: - items: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionList - type: array - page: - minimum: 1 - type: integer - per_page: - minimum: 1 - type: integer - total: - minimum: 0 - type: integer - required: - - data - - page - - per_page - - total - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Exceptions_API_PlatformErrorResponse - - $ref: >- - #/components/schemas/Security_Exceptions_API_SiemErrorResponse - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Exceptions_API_PlatformErrorResponse - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Exceptions_API_PlatformErrorResponse - description: Not enough privileges response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' - description: Internal server error response - summary: Get exception lists - tags: - - Security Exceptions API - /api/exception_lists/_import: - post: - description: Import an exception list and its associated items from an NDJSON file. - operationId: ImportExceptionList - parameters: - - description: > - Determines whether existing exception lists with the same `list_id` - are overwritten. - - If any exception items have the same `item_id`, those are also - overwritten. - in: query - name: overwrite - required: false - schema: - default: false - type: boolean - - in: query - name: overwrite_exceptions - required: false - schema: - default: false - type: boolean - - in: query - name: overwrite_action_connectors - required: false - schema: - default: false - type: boolean - - description: > - Determines whether the list being imported will have a new `list_id` - generated. - - Additional `item_id`'s are generated for each exception item. Both - the exception - - list and its items are overwritten. - in: query - name: as_new_list - required: false - schema: - default: false - type: boolean - requestBody: - content: - multipart/form-data; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - file: - description: A `.ndjson` file containing the exception list - format: binary - type: string - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - errors: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListsImportBulkErrorArray - success: - type: boolean - success_count: - minimum: 0 - type: integer - success_count_exception_list_items: - minimum: 0 - type: integer - success_count_exception_lists: - minimum: 0 - type: integer - success_exception_list_items: - type: boolean - success_exception_lists: - type: boolean - required: - - errors - - success - - success_count - - success_exception_lists - - success_count_exception_lists - - success_exception_list_items - - success_count_exception_list_items - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Exceptions_API_PlatformErrorResponse - - $ref: >- - #/components/schemas/Security_Exceptions_API_SiemErrorResponse - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Exceptions_API_PlatformErrorResponse - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Exceptions_API_PlatformErrorResponse - description: Not enough privileges response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' - description: Internal server error response - summary: Import an exception list - tags: - - Security Exceptions API - /api/exception_lists/items: - delete: - description: Delete an exception list item using the `id` or `item_id` field. - operationId: DeleteExceptionListItem - parameters: - - description: Either `id` or `item_id` must be specified - in: query - name: id - required: false - schema: - $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListItemId' - - description: Either `id` or `item_id` must be specified - in: query - name: item_id - required: false - schema: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListItemHumanId - - in: query - name: namespace_type - required: false - schema: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionNamespaceType - default: single - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListItem' - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Exceptions_API_PlatformErrorResponse - - $ref: >- - #/components/schemas/Security_Exceptions_API_SiemErrorResponse - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Exceptions_API_PlatformErrorResponse - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Exceptions_API_PlatformErrorResponse - description: Not enough privileges response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' - description: Exception list item not found response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' - description: Internal server error response - summary: Delete an exception list item - tags: - - Security Exceptions API - get: - description: >- - Get the details of an exception list item using the `id` or `item_id` - field. - operationId: ReadExceptionListItem - parameters: - - description: Either `id` or `item_id` must be specified - in: query - name: id - required: false - schema: - $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListItemId' - - description: Either `id` or `item_id` must be specified - in: query - name: item_id - required: false - schema: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListItemHumanId - - in: query - name: namespace_type - required: false - schema: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionNamespaceType - default: single - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListItem' - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Exceptions_API_PlatformErrorResponse - - $ref: >- - #/components/schemas/Security_Exceptions_API_SiemErrorResponse - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Exceptions_API_PlatformErrorResponse - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Exceptions_API_PlatformErrorResponse - description: Not enough privileges response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' - description: Exception list item not found response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' - description: Internal server error response - summary: Get an exception list item - tags: - - Security Exceptions API - post: - description: > - Create an exception item and associate it with the specified exception - list. - - > info - - > Before creating exception items, you must create an exception list. - operationId: CreateExceptionListItem - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - comments: - $ref: >- - #/components/schemas/Security_Exceptions_API_CreateExceptionListItemCommentArray - default: [] - description: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListItemDescription - entries: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListItemEntryArray - expire_time: - format: date-time - type: string - item_id: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListItemHumanId - list_id: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListHumanId - meta: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListItemMeta - name: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListItemName - namespace_type: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionNamespaceType - default: single - os_types: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListItemOsTypeArray - default: [] - tags: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListItemTags - default: [] - type: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListItemType - required: - - list_id - - type - - name - - description - - entries - description: Exception list item's properties - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListItem' - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Exceptions_API_PlatformErrorResponse - - $ref: >- - #/components/schemas/Security_Exceptions_API_SiemErrorResponse - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Exceptions_API_PlatformErrorResponse - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Exceptions_API_PlatformErrorResponse - description: Not enough privileges response - '409': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' - description: Exception list item already exists response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' - description: Internal server error response - summary: Create an exception list item - tags: - - Security Exceptions API - put: - description: Update an exception list item using the `id` or `item_id` field. - operationId: UpdateExceptionListItem - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - _version: - type: string - comments: - $ref: >- - #/components/schemas/Security_Exceptions_API_UpdateExceptionListItemCommentArray - default: [] - description: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListItemDescription - entries: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListItemEntryArray - expire_time: - format: date-time - type: string - id: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListItemId - description: Either `id` or `item_id` must be specified - item_id: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListItemHumanId - description: Either `id` or `item_id` must be specified - list_id: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListHumanId - meta: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListItemMeta - name: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListItemName - namespace_type: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionNamespaceType - default: single - os_types: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListItemOsTypeArray - default: [] - tags: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListItemTags - type: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListItemType - required: - - type - - name - - description - - entries - description: Exception list item's properties - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListItem' - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Exceptions_API_PlatformErrorResponse - - $ref: >- - #/components/schemas/Security_Exceptions_API_SiemErrorResponse - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Exceptions_API_PlatformErrorResponse - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Exceptions_API_PlatformErrorResponse - description: Not enough privileges response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' - description: Exception list item not found response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' - description: Internal server error response - summary: Update an exception list item - tags: - - Security Exceptions API - /api/exception_lists/items/_find: - get: - description: Get a list of all exception list items in the specified list. - operationId: FindExceptionListItems - parameters: - - description: List's id - in: query - name: list_id - required: true - schema: - items: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListHumanId - type: array - - description: > - Filters the returned results according to the value of the specified - field, - - using the `:` syntax. - in: query - name: filter - required: false - schema: - default: [] - items: - $ref: >- - #/components/schemas/Security_Exceptions_API_FindExceptionListItemsFilter - type: array - - description: > - Determines whether the returned containers are Kibana associated - with a Kibana space - - or available in all spaces (`agnostic` or `single`) - in: query - name: namespace_type - required: false - schema: - default: - - single - items: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionNamespaceType - type: array - - in: query - name: search - required: false - schema: - type: string - - description: The page number to return - in: query - name: page - required: false - schema: - minimum: 0 - type: integer - - description: The number of exception list items to return per page - in: query - name: per_page - required: false - schema: - minimum: 0 - type: integer - - description: Determines which field is used to sort the results - in: query - name: sort_field - required: false - schema: - $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' - - description: Determines the sort order, which can be `desc` or `asc` - in: query - name: sort_order - required: false - schema: - enum: - - desc - - asc - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - data: - items: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListItem - type: array - page: - minimum: 1 - type: integer - per_page: - minimum: 1 - type: integer - pit: - type: string - total: - minimum: 0 - type: integer - required: - - data - - page - - per_page - - total - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Exceptions_API_PlatformErrorResponse - - $ref: >- - #/components/schemas/Security_Exceptions_API_SiemErrorResponse - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Exceptions_API_PlatformErrorResponse - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Exceptions_API_PlatformErrorResponse - description: Not enough privileges response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' - description: Exception list not found response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' - description: Internal server error response - summary: Get exception list items - tags: - - Security Exceptions API - /api/exception_lists/summary: - get: - description: Get a summary of the specified exception list. - operationId: ReadExceptionListSummary - parameters: - - description: Exception list's identifier generated upon creation - in: query - name: id - required: false - schema: - $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListId' - - description: Exception list's human readable identifier - in: query - name: list_id - required: false - schema: - $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListHumanId' - - in: query - name: namespace_type - required: false - schema: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionNamespaceType - default: single - - description: Search filter clause - in: query - name: filter - required: false - schema: - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - linux: - minimum: 0 - type: integer - macos: - minimum: 0 - type: integer - total: - minimum: 0 - type: integer - windows: - minimum: 0 - type: integer - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Exceptions_API_PlatformErrorResponse - - $ref: >- - #/components/schemas/Security_Exceptions_API_SiemErrorResponse - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Exceptions_API_PlatformErrorResponse - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Exceptions_API_PlatformErrorResponse - description: Not enough privileges response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' - description: Exception list not found response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' - description: Internal server error response - summary: Get an exception list summary - tags: - - Security Exceptions API - /api/exceptions/shared: - post: - description: > - An exception list groups exception items and can be associated with - detection rules. A shared exception list can apply to multiple detection - rules. - - > info - - > All exception items added to the same list are evaluated using `OR` - logic. That is, if any of the items in a list evaluate to `true`, the - exception prevents the rule from generating an alert. Likewise, `OR` - logic is used for evaluating exceptions when more than one exception - list is assigned to a rule. To use the `AND` operator, you can define - multiple clauses (`entries`) in a single exception item. - operationId: CreateSharedExceptionList - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - description: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListDescription - name: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListName - required: - - name - - description - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Exceptions_API_ExceptionList' - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Exceptions_API_PlatformErrorResponse - - $ref: >- - #/components/schemas/Security_Exceptions_API_SiemErrorResponse - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Exceptions_API_PlatformErrorResponse - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Exceptions_API_PlatformErrorResponse - description: Not enough privileges response - '409': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' - description: Exception list already exists response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Exceptions_API_SiemErrorResponse' - description: Internal server error response - summary: Create a shared exception list - tags: - - Security Exceptions API - /api/fleet/agent_download_sources: - get: - description: List agent binary download sources - operationId: '%2Fapi%2Ffleet%2Fagent_download_sources#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - items: - items: - additionalProperties: false - type: object - properties: - host: - format: uri - type: string - id: - type: string - is_default: - default: false - type: boolean - name: - type: string - proxy_id: - description: >- - The ID of the proxy to use for this download source. - See the proxies API for more information. - nullable: true - type: string - required: - - id - - name - - host - type: array - page: - type: number - perPage: - type: number - total: - type: number - required: - - items - - total - - page - - perPage - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Agent binary download sources - post: - description: Create agent binary download source - operationId: '%2Fapi%2Ffleet%2Fagent_download_sources#1' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - host: - format: uri - type: string - id: - type: string - is_default: - default: false - type: boolean - name: - type: string - proxy_id: - description: >- - The ID of the proxy to use for this download source. See the - proxies API for more information. - nullable: true - type: string - required: - - name - - host - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - item: - additionalProperties: false - type: object - properties: - host: - format: uri - type: string - id: - type: string - is_default: - default: false - type: boolean - name: - type: string - proxy_id: - description: >- - The ID of the proxy to use for this download source. - See the proxies API for more information. - nullable: true - type: string - required: - - id - - name - - host - required: - - item - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Agent binary download sources - /api/fleet/agent_download_sources/{sourceId}: - delete: - description: Delete agent binary download source by ID - operationId: '%2Fapi%2Ffleet%2Fagent_download_sources%2F%7BsourceId%7D#2' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - in: path - name: sourceId - required: true - schema: - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - id: - type: string - required: - - id - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Agent binary download sources - get: - description: Get agent binary download source by ID - operationId: '%2Fapi%2Ffleet%2Fagent_download_sources%2F%7BsourceId%7D#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - in: path - name: sourceId - required: true - schema: - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - item: - additionalProperties: false - type: object - properties: - host: - format: uri - type: string - id: - type: string - is_default: - default: false - type: boolean - name: - type: string - proxy_id: - description: >- - The ID of the proxy to use for this download source. - See the proxies API for more information. - nullable: true - type: string - required: - - id - - name - - host - required: - - item - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Agent binary download sources - put: - description: Update agent binary download source by ID - operationId: '%2Fapi%2Ffleet%2Fagent_download_sources%2F%7BsourceId%7D#1' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - in: path - name: sourceId - required: true - schema: - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - host: - format: uri - type: string - id: - type: string - is_default: - default: false - type: boolean - name: - type: string - proxy_id: - description: >- - The ID of the proxy to use for this download source. See the - proxies API for more information. - nullable: true - type: string - required: - - name - - host - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - item: - additionalProperties: false - type: object - properties: - host: - format: uri - type: string - id: - type: string - is_default: - default: false - type: boolean - name: - type: string - proxy_id: - description: >- - The ID of the proxy to use for this download source. - See the proxies API for more information. - nullable: true - type: string - required: - - id - - name - - host - required: - - item - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Agent binary download sources - /api/fleet/agent_policies: - get: - description: List agent policies - operationId: '%2Fapi%2Ffleet%2Fagent_policies#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - in: query - name: page - required: false - schema: - type: number - - in: query - name: perPage - required: false - schema: - type: number - - in: query - name: sortField - required: false - schema: - type: string - - in: query - name: sortOrder - required: false - schema: - enum: - - desc - - asc - type: string - - in: query - name: showUpgradeable - required: false - schema: - type: boolean - - in: query - name: kuery - required: false - schema: - type: string - - description: use withAgentCount instead - in: query - name: noAgentCount - required: false - schema: - deprecated: true - type: boolean - - description: get policies with agent count - in: query - name: withAgentCount - required: false - schema: - type: boolean - - description: get full policies with package policies populated - in: query - name: full - required: false - schema: - type: boolean - - in: query - name: format - required: false - schema: - enum: - - simplified - - legacy - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - items: - items: - additionalProperties: false - type: object - properties: - advanced_settings: - additionalProperties: false - type: object - properties: - agent_download_target_directory: - nullable: true - agent_download_timeout: - default: 2h - nullable: true - agent_limits_go_max_procs: - nullable: true - agent_logging_level: - default: info - nullable: true - agent_logging_metrics_period: - default: 30s - nullable: true - agent_features: - items: - additionalProperties: false - type: object - properties: - enabled: - type: boolean - name: - type: string - required: - - name - - enabled - type: array - agents: - type: number - data_output_id: - nullable: true - type: string - description: - type: string - download_source_id: - nullable: true - type: string - fleet_server_host_id: - nullable: true - type: string - global_data_tags: - description: >- - User defined data tags that are added to all of the - inputs. The values can be strings or numbers. - items: - additionalProperties: false - type: object - properties: - name: - type: string - value: - anyOf: - - type: string - - type: number - required: - - name - - value - type: array - has_fleet_server: - type: boolean - id: - type: string - inactivity_timeout: - default: 1209600 - minimum: 0 - type: number - is_default: - type: boolean - is_default_fleet_server: - type: boolean - is_managed: - type: boolean - is_preconfigured: - type: boolean - is_protected: - description: >- - Indicates whether the agent policy has tamper - protection enabled. Default false. - type: boolean - keep_monitoring_alive: - default: false - description: >- - When set to true, monitoring will be enabled but - logs/metrics collection will be disabled - nullable: true - type: boolean - monitoring_diagnostics: - additionalProperties: false - type: object - properties: - limit: - additionalProperties: false - type: object - properties: - burst: - type: number - interval: - type: string - uploader: - additionalProperties: false - type: object - properties: - init_dur: - type: string - max_dur: - type: string - max_retries: - type: number - monitoring_enabled: - items: - enum: - - logs - - metrics - - traces - type: string - type: array - monitoring_http: - additionalProperties: false - type: object - properties: - buffer: - additionalProperties: false - type: object - properties: - enabled: - default: false - type: boolean - enabled: - type: boolean - host: - type: string - port: - maximum: 65353 - minimum: 0 - type: number - required: - - enabled - monitoring_output_id: - nullable: true - type: string - monitoring_pprof_enabled: - type: boolean - name: - minLength: 1 - type: string - namespace: - minLength: 1 - type: string - overrides: - additionalProperties: {} - description: >- - Override settings that are defined in the agent - policy. Input settings cannot be overridden. The - override option should be used only in unusual - circumstances and not as a routine procedure. - nullable: true - type: object - package_policies: - anyOf: - - items: - type: string - type: array - - description: >- - This field is present only when retrieving a - single agent policy, or when retrieving a list - of agent policies with the ?full=true parameter - items: - additionalProperties: false - type: object - properties: - created_at: - type: string - created_by: - type: string - description: - description: Package policy description - type: string - elasticsearch: - additionalProperties: true - type: object - properties: - privileges: - additionalProperties: true - type: object - properties: - cluster: - items: - type: string - type: array - enabled: - type: boolean - id: - type: string - inputs: - items: - additionalProperties: false - type: object - properties: - compiled_input: {} - config: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - enabled: - type: boolean - id: - type: string - keep_enabled: - type: boolean - policy_template: - type: string - streams: - items: - additionalProperties: false - type: object - properties: - compiled_stream: {} - config: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - data_stream: - additionalProperties: false - type: object - properties: - dataset: - type: string - elasticsearch: - additionalProperties: false - type: object - properties: - dynamic_dataset: - type: boolean - dynamic_namespace: - type: boolean - privileges: - additionalProperties: false - type: object - properties: - indices: - items: - type: string - type: array - type: - type: string - required: - - dataset - - type - enabled: - type: boolean - id: - type: string - keep_enabled: - type: boolean - release: - enum: - - ga - - beta - - experimental - type: string - vars: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - required: - - enabled - - data_stream - - compiled_stream - type: array - type: - type: string - vars: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - required: - - type - - enabled - - streams - - compiled_input - type: array - is_managed: - type: boolean - name: - description: Package policy name (should be unique) - type: string - namespace: - description: >- - The package policy namespace. Leave blank - to inherit the agent policy's namespace. - type: string - output_id: - nullable: true - type: string - overrides: - additionalProperties: false - description: >- - Override settings that are defined in the - package policy. The override option should - be used only in unusual circumstances and - not as a routine procedure. - nullable: true - type: object - properties: - inputs: - additionalProperties: {} - type: object - package: - additionalProperties: false - type: object - properties: - experimental_data_stream_features: - items: - additionalProperties: false - type: object - properties: - data_stream: - type: string - features: - additionalProperties: false - type: object - properties: - doc_value_only_numeric: - type: boolean - doc_value_only_other: - type: boolean - synthetic_source: - type: boolean - tsdb: - type: boolean - required: - - data_stream - - features - type: array - name: - description: Package name - type: string - requires_root: - type: boolean - title: - type: string - version: - description: Package version - type: string - required: - - name - - version - policy_id: - deprecated: true - description: >- - Agent policy ID where that package policy - will be added - nullable: true - type: string - policy_ids: - items: - description: >- - Agent policy IDs where that package - policy will be added - type: string - type: array - revision: - type: number - secret_references: - items: - additionalProperties: false - type: object - properties: - id: - type: string - required: - - id - type: array - updated_at: - type: string - updated_by: - type: string - vars: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - version: - type: string - required: - - name - - enabled - - inputs - - id - - revision - - updated_at - - updated_by - - created_at - - created_by - type: array - revision: - type: number - schema_version: - type: string - space_ids: - items: - type: string - type: array - status: - enum: - - active - - inactive - type: string - supports_agentless: - default: false - description: >- - Indicates whether the agent policy supports - agentless integrations. - nullable: true - type: boolean - unenroll_timeout: - minimum: 0 - type: number - unprivileged_agents: - type: number - updated_at: - type: string - updated_by: - type: string - version: - type: string - required: - - id - - name - - namespace - - is_managed - - is_protected - - status - - updated_at - - updated_by - - revision - type: array - page: - type: number - perPage: - type: number - total: - type: number - required: - - items - - total - - page - - perPage - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Agent policies - post: - description: Create an agent policy - operationId: '%2Fapi%2Ffleet%2Fagent_policies#1' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - in: query - name: sys_monitoring - required: false - schema: - type: boolean - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - advanced_settings: - additionalProperties: false - type: object - properties: - agent_download_target_directory: - nullable: true - agent_download_timeout: - default: 2h - nullable: true - agent_limits_go_max_procs: - nullable: true - agent_logging_level: - default: info - nullable: true - agent_logging_metrics_period: - default: 30s - nullable: true - agent_features: - items: - additionalProperties: false - type: object - properties: - enabled: - type: boolean - name: - type: string - required: - - name - - enabled - type: array - data_output_id: - nullable: true - type: string - description: - type: string - download_source_id: - nullable: true - type: string - fleet_server_host_id: - nullable: true - type: string - force: - type: boolean - global_data_tags: - description: >- - User defined data tags that are added to all of the inputs. - The values can be strings or numbers. - items: - additionalProperties: false - type: object - properties: - name: - type: string - value: - anyOf: - - type: string - - type: number - required: - - name - - value - type: array - has_fleet_server: - type: boolean - id: - type: string - inactivity_timeout: - default: 1209600 - minimum: 0 - type: number - is_default: - type: boolean - is_default_fleet_server: - type: boolean - is_managed: - type: boolean - is_protected: - type: boolean - keep_monitoring_alive: - default: false - description: >- - When set to true, monitoring will be enabled but - logs/metrics collection will be disabled - nullable: true - type: boolean - monitoring_diagnostics: - additionalProperties: false - type: object - properties: - limit: - additionalProperties: false - type: object - properties: - burst: - type: number - interval: - type: string - uploader: - additionalProperties: false - type: object - properties: - init_dur: - type: string - max_dur: - type: string - max_retries: - type: number - monitoring_enabled: - items: - enum: - - logs - - metrics - - traces - type: string - type: array - monitoring_http: - additionalProperties: false - type: object - properties: - buffer: - additionalProperties: false - type: object - properties: - enabled: - default: false - type: boolean - enabled: - type: boolean - host: - type: string - port: - maximum: 65353 - minimum: 0 - type: number - required: - - enabled - monitoring_output_id: - nullable: true - type: string - monitoring_pprof_enabled: - type: boolean - name: - minLength: 1 - type: string - namespace: - minLength: 1 - type: string - overrides: - additionalProperties: {} - description: >- - Override settings that are defined in the agent policy. - Input settings cannot be overridden. The override option - should be used only in unusual circumstances and not as a - routine procedure. - nullable: true - type: object - space_ids: - items: - type: string - type: array - supports_agentless: - default: false - description: >- - Indicates whether the agent policy supports agentless - integrations. - nullable: true - type: boolean - unenroll_timeout: - minimum: 0 - type: number - required: - - name - - namespace - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - item: - additionalProperties: false - type: object - properties: - advanced_settings: - additionalProperties: false - type: object - properties: - agent_download_target_directory: - nullable: true - agent_download_timeout: - default: 2h - nullable: true - agent_limits_go_max_procs: - nullable: true - agent_logging_level: - default: info - nullable: true - agent_logging_metrics_period: - default: 30s - nullable: true - agent_features: - items: - additionalProperties: false - type: object - properties: - enabled: - type: boolean - name: - type: string - required: - - name - - enabled - type: array - agents: - type: number - data_output_id: - nullable: true - type: string - description: - type: string - download_source_id: - nullable: true - type: string - fleet_server_host_id: - nullable: true - type: string - global_data_tags: - description: >- - User defined data tags that are added to all of the - inputs. The values can be strings or numbers. - items: - additionalProperties: false - type: object - properties: - name: - type: string - value: - anyOf: - - type: string - - type: number - required: - - name - - value - type: array - has_fleet_server: - type: boolean - id: - type: string - inactivity_timeout: - default: 1209600 - minimum: 0 - type: number - is_default: - type: boolean - is_default_fleet_server: - type: boolean - is_managed: - type: boolean - is_preconfigured: - type: boolean - is_protected: - description: >- - Indicates whether the agent policy has tamper - protection enabled. Default false. - type: boolean - keep_monitoring_alive: - default: false - description: >- - When set to true, monitoring will be enabled but - logs/metrics collection will be disabled - nullable: true - type: boolean - monitoring_diagnostics: - additionalProperties: false - type: object - properties: - limit: - additionalProperties: false - type: object - properties: - burst: - type: number - interval: - type: string - uploader: - additionalProperties: false - type: object - properties: - init_dur: - type: string - max_dur: - type: string - max_retries: - type: number - monitoring_enabled: - items: - enum: - - logs - - metrics - - traces - type: string - type: array - monitoring_http: - additionalProperties: false - type: object - properties: - buffer: - additionalProperties: false - type: object - properties: - enabled: - default: false - type: boolean - enabled: - type: boolean - host: - type: string - port: - maximum: 65353 - minimum: 0 - type: number - required: - - enabled - monitoring_output_id: - nullable: true - type: string - monitoring_pprof_enabled: - type: boolean - name: - minLength: 1 - type: string - namespace: - minLength: 1 - type: string - overrides: - additionalProperties: {} - description: >- - Override settings that are defined in the agent - policy. Input settings cannot be overridden. The - override option should be used only in unusual - circumstances and not as a routine procedure. - nullable: true - type: object - package_policies: - anyOf: - - items: - type: string - type: array - - description: >- - This field is present only when retrieving a - single agent policy, or when retrieving a list of - agent policies with the ?full=true parameter - items: - additionalProperties: false - type: object - properties: - created_at: - type: string - created_by: - type: string - description: - description: Package policy description - type: string - elasticsearch: - additionalProperties: true - type: object - properties: - privileges: - additionalProperties: true - type: object - properties: - cluster: - items: - type: string - type: array - enabled: - type: boolean - id: - type: string - inputs: - items: - additionalProperties: false - type: object - properties: - compiled_input: {} - config: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - enabled: - type: boolean - id: - type: string - keep_enabled: - type: boolean - policy_template: - type: string - streams: - items: - additionalProperties: false - type: object - properties: - compiled_stream: {} - config: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - data_stream: - additionalProperties: false - type: object - properties: - dataset: - type: string - elasticsearch: - additionalProperties: false - type: object - properties: - dynamic_dataset: - type: boolean - dynamic_namespace: - type: boolean - privileges: - additionalProperties: false - type: object - properties: - indices: - items: - type: string - type: array - type: - type: string - required: - - dataset - - type - enabled: - type: boolean - id: - type: string - keep_enabled: - type: boolean - release: - enum: - - ga - - beta - - experimental - type: string - vars: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - required: - - enabled - - data_stream - - compiled_stream - type: array - type: - type: string - vars: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - required: - - type - - enabled - - streams - - compiled_input - type: array - is_managed: - type: boolean - name: - description: Package policy name (should be unique) - type: string - namespace: - description: >- - The package policy namespace. Leave blank to - inherit the agent policy's namespace. - type: string - output_id: - nullable: true - type: string - overrides: - additionalProperties: false - description: >- - Override settings that are defined in the - package policy. The override option should - be used only in unusual circumstances and - not as a routine procedure. - nullable: true - type: object - properties: - inputs: - additionalProperties: {} - type: object - package: - additionalProperties: false - type: object - properties: - experimental_data_stream_features: - items: - additionalProperties: false - type: object - properties: - data_stream: - type: string - features: - additionalProperties: false - type: object - properties: - doc_value_only_numeric: - type: boolean - doc_value_only_other: - type: boolean - synthetic_source: - type: boolean - tsdb: - type: boolean - required: - - data_stream - - features - type: array - name: - description: Package name - type: string - requires_root: - type: boolean - title: - type: string - version: - description: Package version - type: string - required: - - name - - version - policy_id: - deprecated: true - description: >- - Agent policy ID where that package policy - will be added - nullable: true - type: string - policy_ids: - items: - description: >- - Agent policy IDs where that package policy - will be added - type: string - type: array - revision: - type: number - secret_references: - items: - additionalProperties: false - type: object - properties: - id: - type: string - required: - - id - type: array - updated_at: - type: string - updated_by: - type: string - vars: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - version: - type: string - required: - - name - - enabled - - inputs - - id - - revision - - updated_at - - updated_by - - created_at - - created_by - type: array - revision: - type: number - schema_version: - type: string - space_ids: - items: - type: string - type: array - status: - enum: - - active - - inactive - type: string - supports_agentless: - default: false - description: >- - Indicates whether the agent policy supports agentless - integrations. - nullable: true - type: boolean - unenroll_timeout: - minimum: 0 - type: number - unprivileged_agents: - type: number - updated_at: - type: string - updated_by: - type: string - version: - type: string - required: - - id - - name - - namespace - - is_managed - - is_protected - - status - - updated_at - - updated_by - - revision - required: - - item - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Agent policies - /api/fleet/agent_policies/_bulk_get: - post: - description: Bulk get agent policies - operationId: '%2Fapi%2Ffleet%2Fagent_policies%2F_bulk_get#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - in: query - name: format - required: false - schema: - enum: - - simplified - - legacy - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - full: - description: get full policies with package policies populated - type: boolean - ids: - description: list of package policy ids - items: - type: string - type: array - ignoreMissing: - type: boolean - required: - - ids - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - items: - items: - additionalProperties: false - type: object - properties: - advanced_settings: - additionalProperties: false - type: object - properties: - agent_download_target_directory: - nullable: true - agent_download_timeout: - default: 2h - nullable: true - agent_limits_go_max_procs: - nullable: true - agent_logging_level: - default: info - nullable: true - agent_logging_metrics_period: - default: 30s - nullable: true - agent_features: - items: - additionalProperties: false - type: object - properties: - enabled: - type: boolean - name: - type: string - required: - - name - - enabled - type: array - agents: - type: number - data_output_id: - nullable: true - type: string - description: - type: string - download_source_id: - nullable: true - type: string - fleet_server_host_id: - nullable: true - type: string - global_data_tags: - description: >- - User defined data tags that are added to all of the - inputs. The values can be strings or numbers. - items: - additionalProperties: false - type: object - properties: - name: - type: string - value: - anyOf: - - type: string - - type: number - required: - - name - - value - type: array - has_fleet_server: - type: boolean - id: - type: string - inactivity_timeout: - default: 1209600 - minimum: 0 - type: number - is_default: - type: boolean - is_default_fleet_server: - type: boolean - is_managed: - type: boolean - is_preconfigured: - type: boolean - is_protected: - description: >- - Indicates whether the agent policy has tamper - protection enabled. Default false. - type: boolean - keep_monitoring_alive: - default: false - description: >- - When set to true, monitoring will be enabled but - logs/metrics collection will be disabled - nullable: true - type: boolean - monitoring_diagnostics: - additionalProperties: false - type: object - properties: - limit: - additionalProperties: false - type: object - properties: - burst: - type: number - interval: - type: string - uploader: - additionalProperties: false - type: object - properties: - init_dur: - type: string - max_dur: - type: string - max_retries: - type: number - monitoring_enabled: - items: - enum: - - logs - - metrics - - traces - type: string - type: array - monitoring_http: - additionalProperties: false - type: object - properties: - buffer: - additionalProperties: false - type: object - properties: - enabled: - default: false - type: boolean - enabled: - type: boolean - host: - type: string - port: - maximum: 65353 - minimum: 0 - type: number - required: - - enabled - monitoring_output_id: - nullable: true - type: string - monitoring_pprof_enabled: - type: boolean - name: - minLength: 1 - type: string - namespace: - minLength: 1 - type: string - overrides: - additionalProperties: {} - description: >- - Override settings that are defined in the agent - policy. Input settings cannot be overridden. The - override option should be used only in unusual - circumstances and not as a routine procedure. - nullable: true - type: object - package_policies: - anyOf: - - items: - type: string - type: array - - description: >- - This field is present only when retrieving a - single agent policy, or when retrieving a list - of agent policies with the ?full=true parameter - items: - additionalProperties: false - type: object - properties: - created_at: - type: string - created_by: - type: string - description: - description: Package policy description - type: string - elasticsearch: - additionalProperties: true - type: object - properties: - privileges: - additionalProperties: true - type: object - properties: - cluster: - items: - type: string - type: array - enabled: - type: boolean - id: - type: string - inputs: - items: - additionalProperties: false - type: object - properties: - compiled_input: {} - config: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - enabled: - type: boolean - id: - type: string - keep_enabled: - type: boolean - policy_template: - type: string - streams: - items: - additionalProperties: false - type: object - properties: - compiled_stream: {} - config: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - data_stream: - additionalProperties: false - type: object - properties: - dataset: - type: string - elasticsearch: - additionalProperties: false - type: object - properties: - dynamic_dataset: - type: boolean - dynamic_namespace: - type: boolean - privileges: - additionalProperties: false - type: object - properties: - indices: - items: - type: string - type: array - type: - type: string - required: - - dataset - - type - enabled: - type: boolean - id: - type: string - keep_enabled: - type: boolean - release: - enum: - - ga - - beta - - experimental - type: string - vars: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - required: - - enabled - - data_stream - - compiled_stream - type: array - type: - type: string - vars: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - required: - - type - - enabled - - streams - - compiled_input - type: array - is_managed: - type: boolean - name: - description: Package policy name (should be unique) - type: string - namespace: - description: >- - The package policy namespace. Leave blank - to inherit the agent policy's namespace. - type: string - output_id: - nullable: true - type: string - overrides: - additionalProperties: false - description: >- - Override settings that are defined in the - package policy. The override option should - be used only in unusual circumstances and - not as a routine procedure. - nullable: true - type: object - properties: - inputs: - additionalProperties: {} - type: object - package: - additionalProperties: false - type: object - properties: - experimental_data_stream_features: - items: - additionalProperties: false - type: object - properties: - data_stream: - type: string - features: - additionalProperties: false - type: object - properties: - doc_value_only_numeric: - type: boolean - doc_value_only_other: - type: boolean - synthetic_source: - type: boolean - tsdb: - type: boolean - required: - - data_stream - - features - type: array - name: - description: Package name - type: string - requires_root: - type: boolean - title: - type: string - version: - description: Package version - type: string - required: - - name - - version - policy_id: - deprecated: true - description: >- - Agent policy ID where that package policy - will be added - nullable: true - type: string - policy_ids: - items: - description: >- - Agent policy IDs where that package - policy will be added - type: string - type: array - revision: - type: number - secret_references: - items: - additionalProperties: false - type: object - properties: - id: - type: string - required: - - id - type: array - updated_at: - type: string - updated_by: - type: string - vars: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - version: - type: string - required: - - name - - enabled - - inputs - - id - - revision - - updated_at - - updated_by - - created_at - - created_by - type: array - revision: - type: number - schema_version: - type: string - space_ids: - items: - type: string - type: array - status: - enum: - - active - - inactive - type: string - supports_agentless: - default: false - description: >- - Indicates whether the agent policy supports - agentless integrations. - nullable: true - type: boolean - unenroll_timeout: - minimum: 0 - type: number - unprivileged_agents: - type: number - updated_at: - type: string - updated_by: - type: string - version: - type: string - required: - - id - - name - - namespace - - is_managed - - is_protected - - status - - updated_at - - updated_by - - revision - type: array - required: - - items - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Agent policies - /api/fleet/agent_policies/{agentPolicyId}: - get: - description: Get an agent policy by ID - operationId: '%2Fapi%2Ffleet%2Fagent_policies%2F%7BagentPolicyId%7D#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - in: path - name: agentPolicyId - required: true - schema: - type: string - - in: query - name: format - required: false - schema: - enum: - - simplified - - legacy - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - item: - additionalProperties: false - type: object - properties: - advanced_settings: - additionalProperties: false - type: object - properties: - agent_download_target_directory: - nullable: true - agent_download_timeout: - default: 2h - nullable: true - agent_limits_go_max_procs: - nullable: true - agent_logging_level: - default: info - nullable: true - agent_logging_metrics_period: - default: 30s - nullable: true - agent_features: - items: - additionalProperties: false - type: object - properties: - enabled: - type: boolean - name: - type: string - required: - - name - - enabled - type: array - agents: - type: number - data_output_id: - nullable: true - type: string - description: - type: string - download_source_id: - nullable: true - type: string - fleet_server_host_id: - nullable: true - type: string - global_data_tags: - description: >- - User defined data tags that are added to all of the - inputs. The values can be strings or numbers. - items: - additionalProperties: false - type: object - properties: - name: - type: string - value: - anyOf: - - type: string - - type: number - required: - - name - - value - type: array - has_fleet_server: - type: boolean - id: - type: string - inactivity_timeout: - default: 1209600 - minimum: 0 - type: number - is_default: - type: boolean - is_default_fleet_server: - type: boolean - is_managed: - type: boolean - is_preconfigured: - type: boolean - is_protected: - description: >- - Indicates whether the agent policy has tamper - protection enabled. Default false. - type: boolean - keep_monitoring_alive: - default: false - description: >- - When set to true, monitoring will be enabled but - logs/metrics collection will be disabled - nullable: true - type: boolean - monitoring_diagnostics: - additionalProperties: false - type: object - properties: - limit: - additionalProperties: false - type: object - properties: - burst: - type: number - interval: - type: string - uploader: - additionalProperties: false - type: object - properties: - init_dur: - type: string - max_dur: - type: string - max_retries: - type: number - monitoring_enabled: - items: - enum: - - logs - - metrics - - traces - type: string - type: array - monitoring_http: - additionalProperties: false - type: object - properties: - buffer: - additionalProperties: false - type: object - properties: - enabled: - default: false - type: boolean - enabled: - type: boolean - host: - type: string - port: - maximum: 65353 - minimum: 0 - type: number - required: - - enabled - monitoring_output_id: - nullable: true - type: string - monitoring_pprof_enabled: - type: boolean - name: - minLength: 1 - type: string - namespace: - minLength: 1 - type: string - overrides: - additionalProperties: {} - description: >- - Override settings that are defined in the agent - policy. Input settings cannot be overridden. The - override option should be used only in unusual - circumstances and not as a routine procedure. - nullable: true - type: object - package_policies: - anyOf: - - items: - type: string - type: array - - description: >- - This field is present only when retrieving a - single agent policy, or when retrieving a list of - agent policies with the ?full=true parameter - items: - additionalProperties: false - type: object - properties: - created_at: - type: string - created_by: - type: string - description: - description: Package policy description - type: string - elasticsearch: - additionalProperties: true - type: object - properties: - privileges: - additionalProperties: true - type: object - properties: - cluster: - items: - type: string - type: array - enabled: - type: boolean - id: - type: string - inputs: - items: - additionalProperties: false - type: object - properties: - compiled_input: {} - config: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - enabled: - type: boolean - id: - type: string - keep_enabled: - type: boolean - policy_template: - type: string - streams: - items: - additionalProperties: false - type: object - properties: - compiled_stream: {} - config: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - data_stream: - additionalProperties: false - type: object - properties: - dataset: - type: string - elasticsearch: - additionalProperties: false - type: object - properties: - dynamic_dataset: - type: boolean - dynamic_namespace: - type: boolean - privileges: - additionalProperties: false - type: object - properties: - indices: - items: - type: string - type: array - type: - type: string - required: - - dataset - - type - enabled: - type: boolean - id: - type: string - keep_enabled: - type: boolean - release: - enum: - - ga - - beta - - experimental - type: string - vars: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - required: - - enabled - - data_stream - - compiled_stream - type: array - type: - type: string - vars: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - required: - - type - - enabled - - streams - - compiled_input - type: array - is_managed: - type: boolean - name: - description: Package policy name (should be unique) - type: string - namespace: - description: >- - The package policy namespace. Leave blank to - inherit the agent policy's namespace. - type: string - output_id: - nullable: true - type: string - overrides: - additionalProperties: false - description: >- - Override settings that are defined in the - package policy. The override option should - be used only in unusual circumstances and - not as a routine procedure. - nullable: true - type: object - properties: - inputs: - additionalProperties: {} - type: object - package: - additionalProperties: false - type: object - properties: - experimental_data_stream_features: - items: - additionalProperties: false - type: object - properties: - data_stream: - type: string - features: - additionalProperties: false - type: object - properties: - doc_value_only_numeric: - type: boolean - doc_value_only_other: - type: boolean - synthetic_source: - type: boolean - tsdb: - type: boolean - required: - - data_stream - - features - type: array - name: - description: Package name - type: string - requires_root: - type: boolean - title: - type: string - version: - description: Package version - type: string - required: - - name - - version - policy_id: - deprecated: true - description: >- - Agent policy ID where that package policy - will be added - nullable: true - type: string - policy_ids: - items: - description: >- - Agent policy IDs where that package policy - will be added - type: string - type: array - revision: - type: number - secret_references: - items: - additionalProperties: false - type: object - properties: - id: - type: string - required: - - id - type: array - updated_at: - type: string - updated_by: - type: string - vars: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - version: - type: string - required: - - name - - enabled - - inputs - - id - - revision - - updated_at - - updated_by - - created_at - - created_by - type: array - revision: - type: number - schema_version: - type: string - space_ids: - items: - type: string - type: array - status: - enum: - - active - - inactive - type: string - supports_agentless: - default: false - description: >- - Indicates whether the agent policy supports agentless - integrations. - nullable: true - type: boolean - unenroll_timeout: - minimum: 0 - type: number - unprivileged_agents: - type: number - updated_at: - type: string - updated_by: - type: string - version: - type: string - required: - - id - - name - - namespace - - is_managed - - is_protected - - status - - updated_at - - updated_by - - revision - required: - - item - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Agent policies - put: - description: Update an agent policy by ID - operationId: '%2Fapi%2Ffleet%2Fagent_policies%2F%7BagentPolicyId%7D#1' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - in: path - name: agentPolicyId - required: true - schema: - type: string - - in: query - name: format - required: false - schema: - enum: - - simplified - - legacy - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - advanced_settings: - additionalProperties: false - type: object - properties: - agent_download_target_directory: - nullable: true - agent_download_timeout: - default: 2h - nullable: true - agent_limits_go_max_procs: - nullable: true - agent_logging_level: - default: info - nullable: true - agent_logging_metrics_period: - default: 30s - nullable: true - agent_features: - items: - additionalProperties: false - type: object - properties: - enabled: - type: boolean - name: - type: string - required: - - name - - enabled - type: array - data_output_id: - nullable: true - type: string - description: - type: string - download_source_id: - nullable: true - type: string - fleet_server_host_id: - nullable: true - type: string - force: - type: boolean - global_data_tags: - description: >- - User defined data tags that are added to all of the inputs. - The values can be strings or numbers. - items: - additionalProperties: false - type: object - properties: - name: - type: string - value: - anyOf: - - type: string - - type: number - required: - - name - - value - type: array - has_fleet_server: - type: boolean - id: - type: string - inactivity_timeout: - default: 1209600 - minimum: 0 - type: number - is_default: - type: boolean - is_default_fleet_server: - type: boolean - is_managed: - type: boolean - is_protected: - type: boolean - keep_monitoring_alive: - default: false - description: >- - When set to true, monitoring will be enabled but - logs/metrics collection will be disabled - nullable: true - type: boolean - monitoring_diagnostics: - additionalProperties: false - type: object - properties: - limit: - additionalProperties: false - type: object - properties: - burst: - type: number - interval: - type: string - uploader: - additionalProperties: false - type: object - properties: - init_dur: - type: string - max_dur: - type: string - max_retries: - type: number - monitoring_enabled: - items: - enum: - - logs - - metrics - - traces - type: string - type: array - monitoring_http: - additionalProperties: false - type: object - properties: - buffer: - additionalProperties: false - type: object - properties: - enabled: - default: false - type: boolean - enabled: - type: boolean - host: - type: string - port: - maximum: 65353 - minimum: 0 - type: number - required: - - enabled - monitoring_output_id: - nullable: true - type: string - monitoring_pprof_enabled: - type: boolean - name: - minLength: 1 - type: string - namespace: - minLength: 1 - type: string - overrides: - additionalProperties: {} - description: >- - Override settings that are defined in the agent policy. - Input settings cannot be overridden. The override option - should be used only in unusual circumstances and not as a - routine procedure. - nullable: true - type: object - space_ids: - items: - type: string - type: array - supports_agentless: - default: false - description: >- - Indicates whether the agent policy supports agentless - integrations. - nullable: true - type: boolean - unenroll_timeout: - minimum: 0 - type: number - required: - - name - - namespace - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - item: - additionalProperties: false - type: object - properties: - advanced_settings: - additionalProperties: false - type: object - properties: - agent_download_target_directory: - nullable: true - agent_download_timeout: - default: 2h - nullable: true - agent_limits_go_max_procs: - nullable: true - agent_logging_level: - default: info - nullable: true - agent_logging_metrics_period: - default: 30s - nullable: true - agent_features: - items: - additionalProperties: false - type: object - properties: - enabled: - type: boolean - name: - type: string - required: - - name - - enabled - type: array - agents: - type: number - data_output_id: - nullable: true - type: string - description: - type: string - download_source_id: - nullable: true - type: string - fleet_server_host_id: - nullable: true - type: string - global_data_tags: - description: >- - User defined data tags that are added to all of the - inputs. The values can be strings or numbers. - items: - additionalProperties: false - type: object - properties: - name: - type: string - value: - anyOf: - - type: string - - type: number - required: - - name - - value - type: array - has_fleet_server: - type: boolean - id: - type: string - inactivity_timeout: - default: 1209600 - minimum: 0 - type: number - is_default: - type: boolean - is_default_fleet_server: - type: boolean - is_managed: - type: boolean - is_preconfigured: - type: boolean - is_protected: - description: >- - Indicates whether the agent policy has tamper - protection enabled. Default false. - type: boolean - keep_monitoring_alive: - default: false - description: >- - When set to true, monitoring will be enabled but - logs/metrics collection will be disabled - nullable: true - type: boolean - monitoring_diagnostics: - additionalProperties: false - type: object - properties: - limit: - additionalProperties: false - type: object - properties: - burst: - type: number - interval: - type: string - uploader: - additionalProperties: false - type: object - properties: - init_dur: - type: string - max_dur: - type: string - max_retries: - type: number - monitoring_enabled: - items: - enum: - - logs - - metrics - - traces - type: string - type: array - monitoring_http: - additionalProperties: false - type: object - properties: - buffer: - additionalProperties: false - type: object - properties: - enabled: - default: false - type: boolean - enabled: - type: boolean - host: - type: string - port: - maximum: 65353 - minimum: 0 - type: number - required: - - enabled - monitoring_output_id: - nullable: true - type: string - monitoring_pprof_enabled: - type: boolean - name: - minLength: 1 - type: string - namespace: - minLength: 1 - type: string - overrides: - additionalProperties: {} - description: >- - Override settings that are defined in the agent - policy. Input settings cannot be overridden. The - override option should be used only in unusual - circumstances and not as a routine procedure. - nullable: true - type: object - package_policies: - anyOf: - - items: - type: string - type: array - - description: >- - This field is present only when retrieving a - single agent policy, or when retrieving a list of - agent policies with the ?full=true parameter - items: - additionalProperties: false - type: object - properties: - created_at: - type: string - created_by: - type: string - description: - description: Package policy description - type: string - elasticsearch: - additionalProperties: true - type: object - properties: - privileges: - additionalProperties: true - type: object - properties: - cluster: - items: - type: string - type: array - enabled: - type: boolean - id: - type: string - inputs: - items: - additionalProperties: false - type: object - properties: - compiled_input: {} - config: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - enabled: - type: boolean - id: - type: string - keep_enabled: - type: boolean - policy_template: - type: string - streams: - items: - additionalProperties: false - type: object - properties: - compiled_stream: {} - config: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - data_stream: - additionalProperties: false - type: object - properties: - dataset: - type: string - elasticsearch: - additionalProperties: false - type: object - properties: - dynamic_dataset: - type: boolean - dynamic_namespace: - type: boolean - privileges: - additionalProperties: false - type: object - properties: - indices: - items: - type: string - type: array - type: - type: string - required: - - dataset - - type - enabled: - type: boolean - id: - type: string - keep_enabled: - type: boolean - release: - enum: - - ga - - beta - - experimental - type: string - vars: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - required: - - enabled - - data_stream - - compiled_stream - type: array - type: - type: string - vars: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - required: - - type - - enabled - - streams - - compiled_input - type: array - is_managed: - type: boolean - name: - description: Package policy name (should be unique) - type: string - namespace: - description: >- - The package policy namespace. Leave blank to - inherit the agent policy's namespace. - type: string - output_id: - nullable: true - type: string - overrides: - additionalProperties: false - description: >- - Override settings that are defined in the - package policy. The override option should - be used only in unusual circumstances and - not as a routine procedure. - nullable: true - type: object - properties: - inputs: - additionalProperties: {} - type: object - package: - additionalProperties: false - type: object - properties: - experimental_data_stream_features: - items: - additionalProperties: false - type: object - properties: - data_stream: - type: string - features: - additionalProperties: false - type: object - properties: - doc_value_only_numeric: - type: boolean - doc_value_only_other: - type: boolean - synthetic_source: - type: boolean - tsdb: - type: boolean - required: - - data_stream - - features - type: array - name: - description: Package name - type: string - requires_root: - type: boolean - title: - type: string - version: - description: Package version - type: string - required: - - name - - version - policy_id: - deprecated: true - description: >- - Agent policy ID where that package policy - will be added - nullable: true - type: string - policy_ids: - items: - description: >- - Agent policy IDs where that package policy - will be added - type: string - type: array - revision: - type: number - secret_references: - items: - additionalProperties: false - type: object - properties: - id: - type: string - required: - - id - type: array - updated_at: - type: string - updated_by: - type: string - vars: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - version: - type: string - required: - - name - - enabled - - inputs - - id - - revision - - updated_at - - updated_by - - created_at - - created_by - type: array - revision: - type: number - schema_version: - type: string - space_ids: - items: - type: string - type: array - status: - enum: - - active - - inactive - type: string - supports_agentless: - default: false - description: >- - Indicates whether the agent policy supports agentless - integrations. - nullable: true - type: boolean - unenroll_timeout: - minimum: 0 - type: number - unprivileged_agents: - type: number - updated_at: - type: string - updated_by: - type: string - version: - type: string - required: - - id - - name - - namespace - - is_managed - - is_protected - - status - - updated_at - - updated_by - - revision - required: - - item - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Agent policies - /api/fleet/agent_policies/{agentPolicyId}/copy: - post: - description: Copy an agent policy by ID - operationId: '%2Fapi%2Ffleet%2Fagent_policies%2F%7BagentPolicyId%7D%2Fcopy#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - in: path - name: agentPolicyId - required: true - schema: - type: string - - in: query - name: format - required: false - schema: - enum: - - simplified - - legacy - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - description: - type: string - name: - minLength: 1 - type: string - required: - - name - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - item: - additionalProperties: false - type: object - properties: - advanced_settings: - additionalProperties: false - type: object - properties: - agent_download_target_directory: - nullable: true - agent_download_timeout: - default: 2h - nullable: true - agent_limits_go_max_procs: - nullable: true - agent_logging_level: - default: info - nullable: true - agent_logging_metrics_period: - default: 30s - nullable: true - agent_features: - items: - additionalProperties: false - type: object - properties: - enabled: - type: boolean - name: - type: string - required: - - name - - enabled - type: array - agents: - type: number - data_output_id: - nullable: true - type: string - description: - type: string - download_source_id: - nullable: true - type: string - fleet_server_host_id: - nullable: true - type: string - global_data_tags: - description: >- - User defined data tags that are added to all of the - inputs. The values can be strings or numbers. - items: - additionalProperties: false - type: object - properties: - name: - type: string - value: - anyOf: - - type: string - - type: number - required: - - name - - value - type: array - has_fleet_server: - type: boolean - id: - type: string - inactivity_timeout: - default: 1209600 - minimum: 0 - type: number - is_default: - type: boolean - is_default_fleet_server: - type: boolean - is_managed: - type: boolean - is_preconfigured: - type: boolean - is_protected: - description: >- - Indicates whether the agent policy has tamper - protection enabled. Default false. - type: boolean - keep_monitoring_alive: - default: false - description: >- - When set to true, monitoring will be enabled but - logs/metrics collection will be disabled - nullable: true - type: boolean - monitoring_diagnostics: - additionalProperties: false - type: object - properties: - limit: - additionalProperties: false - type: object - properties: - burst: - type: number - interval: - type: string - uploader: - additionalProperties: false - type: object - properties: - init_dur: - type: string - max_dur: - type: string - max_retries: - type: number - monitoring_enabled: - items: - enum: - - logs - - metrics - - traces - type: string - type: array - monitoring_http: - additionalProperties: false - type: object - properties: - buffer: - additionalProperties: false - type: object - properties: - enabled: - default: false - type: boolean - enabled: - type: boolean - host: - type: string - port: - maximum: 65353 - minimum: 0 - type: number - required: - - enabled - monitoring_output_id: - nullable: true - type: string - monitoring_pprof_enabled: - type: boolean - name: - minLength: 1 - type: string - namespace: - minLength: 1 - type: string - overrides: - additionalProperties: {} - description: >- - Override settings that are defined in the agent - policy. Input settings cannot be overridden. The - override option should be used only in unusual - circumstances and not as a routine procedure. - nullable: true - type: object - package_policies: - anyOf: - - items: - type: string - type: array - - description: >- - This field is present only when retrieving a - single agent policy, or when retrieving a list of - agent policies with the ?full=true parameter - items: - additionalProperties: false - type: object - properties: - created_at: - type: string - created_by: - type: string - description: - description: Package policy description - type: string - elasticsearch: - additionalProperties: true - type: object - properties: - privileges: - additionalProperties: true - type: object - properties: - cluster: - items: - type: string - type: array - enabled: - type: boolean - id: - type: string - inputs: - items: - additionalProperties: false - type: object - properties: - compiled_input: {} - config: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - enabled: - type: boolean - id: - type: string - keep_enabled: - type: boolean - policy_template: - type: string - streams: - items: - additionalProperties: false - type: object - properties: - compiled_stream: {} - config: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - data_stream: - additionalProperties: false - type: object - properties: - dataset: - type: string - elasticsearch: - additionalProperties: false - type: object - properties: - dynamic_dataset: - type: boolean - dynamic_namespace: - type: boolean - privileges: - additionalProperties: false - type: object - properties: - indices: - items: - type: string - type: array - type: - type: string - required: - - dataset - - type - enabled: - type: boolean - id: - type: string - keep_enabled: - type: boolean - release: - enum: - - ga - - beta - - experimental - type: string - vars: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - required: - - enabled - - data_stream - - compiled_stream - type: array - type: - type: string - vars: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - required: - - type - - enabled - - streams - - compiled_input - type: array - is_managed: - type: boolean - name: - description: Package policy name (should be unique) - type: string - namespace: - description: >- - The package policy namespace. Leave blank to - inherit the agent policy's namespace. - type: string - output_id: - nullable: true - type: string - overrides: - additionalProperties: false - description: >- - Override settings that are defined in the - package policy. The override option should - be used only in unusual circumstances and - not as a routine procedure. - nullable: true - type: object - properties: - inputs: - additionalProperties: {} - type: object - package: - additionalProperties: false - type: object - properties: - experimental_data_stream_features: - items: - additionalProperties: false - type: object - properties: - data_stream: - type: string - features: - additionalProperties: false - type: object - properties: - doc_value_only_numeric: - type: boolean - doc_value_only_other: - type: boolean - synthetic_source: - type: boolean - tsdb: - type: boolean - required: - - data_stream - - features - type: array - name: - description: Package name - type: string - requires_root: - type: boolean - title: - type: string - version: - description: Package version - type: string - required: - - name - - version - policy_id: - deprecated: true - description: >- - Agent policy ID where that package policy - will be added - nullable: true - type: string - policy_ids: - items: - description: >- - Agent policy IDs where that package policy - will be added - type: string - type: array - revision: - type: number - secret_references: - items: - additionalProperties: false - type: object - properties: - id: - type: string - required: - - id - type: array - updated_at: - type: string - updated_by: - type: string - vars: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - version: - type: string - required: - - name - - enabled - - inputs - - id - - revision - - updated_at - - updated_by - - created_at - - created_by - type: array - revision: - type: number - schema_version: - type: string - space_ids: - items: - type: string - type: array - status: - enum: - - active - - inactive - type: string - supports_agentless: - default: false - description: >- - Indicates whether the agent policy supports agentless - integrations. - nullable: true - type: boolean - unenroll_timeout: - minimum: 0 - type: number - unprivileged_agents: - type: number - updated_at: - type: string - updated_by: - type: string - version: - type: string - required: - - id - - name - - namespace - - is_managed - - is_protected - - status - - updated_at - - updated_by - - revision - required: - - item - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Agent policies - /api/fleet/agent_policies/{agentPolicyId}/download: - get: - description: Download an agent policy by ID - operationId: '%2Fapi%2Ffleet%2Fagent_policies%2F%7BagentPolicyId%7D%2Fdownload#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - in: path - name: agentPolicyId - required: true - schema: - type: string - - in: query - name: download - required: false - schema: - type: boolean - - in: query - name: standalone - required: false - schema: - type: boolean - - in: query - name: kubernetes - required: false - schema: - type: boolean - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: string - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Agent policies - /api/fleet/agent_policies/{agentPolicyId}/full: - get: - description: Get a full agent policy by ID - operationId: '%2Fapi%2Ffleet%2Fagent_policies%2F%7BagentPolicyId%7D%2Ffull#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - in: path - name: agentPolicyId - required: true - schema: - type: string - - in: query - name: download - required: false - schema: - type: boolean - - in: query - name: standalone - required: false - schema: - type: boolean - - in: query - name: kubernetes - required: false - schema: - type: boolean - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - item: - anyOf: - - type: string - - additionalProperties: false - type: object - properties: - agent: - additionalProperties: false - type: object - properties: - download: - additionalProperties: false - type: object - properties: - sourceURI: - type: string - required: - - sourceURI - features: - additionalProperties: - additionalProperties: false - type: object - properties: - enabled: - type: boolean - required: - - enabled - type: object - monitoring: - additionalProperties: false - type: object - properties: - enabled: - type: boolean - logs: - type: boolean - metrics: - type: boolean - namespace: - type: string - traces: - type: boolean - use_output: - type: string - required: - - enabled - - metrics - - logs - - traces - protection: - additionalProperties: false - type: object - properties: - enabled: - type: boolean - signing_key: - type: string - uninstall_token_hash: - type: string - required: - - enabled - - uninstall_token_hash - - signing_key - required: - - monitoring - - download - - features - fleet: - anyOf: - - additionalProperties: false - type: object - properties: - hosts: - items: - type: string - type: array - proxy_headers: {} - proxy_url: - type: string - ssl: - additionalProperties: false - type: object - properties: - certificate: - type: string - certificate_authorities: - items: - type: string - type: array - key: - type: string - renegotiation: - type: string - verification_mode: - type: string - required: - - hosts - - proxy_headers - - additionalProperties: false - type: object - properties: - kibana: - additionalProperties: false - type: object - properties: - hosts: - items: - type: string - type: array - path: - type: string - protocol: - type: string - required: - - hosts - - protocol - required: - - kibana - id: - type: string - inputs: - items: - additionalProperties: true - type: object - properties: - data_stream: - additionalProperties: true - type: object - properties: - namespace: - type: string - required: - - namespace - id: - type: string - meta: - additionalProperties: true - type: object - properties: - package: - additionalProperties: true - type: object - properties: - name: - type: string - version: - type: string - required: - - name - - version - name: - type: string - package_policy_id: - type: string - processors: - items: - additionalProperties: true - type: object - properties: - add_fields: - additionalProperties: true - type: object - properties: - fields: - additionalProperties: - anyOf: - - type: string - - type: number - type: object - target: - type: string - required: - - target - - fields - required: - - add_fields - type: array - revision: - type: number - streams: - items: - additionalProperties: true - type: object - properties: - data_stream: - additionalProperties: true - type: object - properties: - dataset: - type: string - type: - type: string - required: - - dataset - id: - type: string - required: - - id - - data_stream - type: array - type: - type: string - use_output: - type: string - required: - - id - - name - - revision - - type - - data_stream - - use_output - - package_policy_id - type: array - namespaces: - items: - type: string - type: array - output_permissions: - additionalProperties: - additionalProperties: {} - type: object - type: object - outputs: - additionalProperties: - additionalProperties: true - type: object - properties: - ca_sha256: - nullable: true - type: string - hosts: - items: - type: string - type: array - proxy_headers: {} - proxy_url: - type: string - type: - type: string - required: - - type - - proxy_headers - type: object - revision: - type: number - secret_references: - items: - additionalProperties: false - type: object - properties: - id: - type: string - required: - - id - type: array - signed: - additionalProperties: false - type: object - properties: - data: - type: string - signature: - type: string - required: - - data - - signature - required: - - id - - outputs - - inputs - required: - - item - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Agent policies - /api/fleet/agent_policies/{agentPolicyId}/outputs: - get: - description: Get list of outputs associated with agent policy by policy id - operationId: '%2Fapi%2Ffleet%2Fagent_policies%2F%7BagentPolicyId%7D%2Foutputs#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - in: path - name: agentPolicyId - required: true - schema: - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - item: - additionalProperties: false - type: object - properties: - agentPolicyId: - type: string - data: - additionalProperties: false - type: object - properties: - integrations: - items: - additionalProperties: false - type: object - properties: - id: - type: string - integrationPolicyName: - type: string - name: - type: string - pkgName: - type: string - type: array - output: - additionalProperties: false - type: object - properties: - id: - type: string - name: - type: string - required: - - id - - name - required: - - output - monitoring: - additionalProperties: false - type: object - properties: - output: - additionalProperties: false - type: object - properties: - id: - type: string - name: - type: string - required: - - id - - name - required: - - output - required: - - monitoring - - data - required: - - item - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Agent policies - /api/fleet/agent_policies/delete: - post: - description: Delete agent policy by ID - operationId: '%2Fapi%2Ffleet%2Fagent_policies%2Fdelete#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - agentPolicyId: - type: string - force: - description: >- - bypass validation checks that can prevent agent policy - deletion - type: boolean - required: - - agentPolicyId - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - id: - type: string - name: - type: string - required: - - id - - name - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Agent policies - /api/fleet/agent_policies/outputs: - post: - description: Get list of outputs associated with agent policies - operationId: '%2Fapi%2Ffleet%2Fagent_policies%2Foutputs#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - ids: - description: list of package policy ids - items: - type: string - type: array - required: - - ids - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - items: - items: - additionalProperties: false - type: object - properties: - agentPolicyId: - type: string - data: - additionalProperties: false - type: object - properties: - integrations: - items: - additionalProperties: false - type: object - properties: - id: - type: string - integrationPolicyName: - type: string - name: - type: string - pkgName: - type: string - type: array - output: - additionalProperties: false - type: object - properties: - id: - type: string - name: - type: string - required: - - id - - name - required: - - output - monitoring: - additionalProperties: false - type: object - properties: - output: - additionalProperties: false - type: object - properties: - id: - type: string - name: - type: string - required: - - id - - name - required: - - output - required: - - monitoring - - data - type: array - required: - - items - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Agent policies - /api/fleet/agent_status: - get: - description: Get agent status summary - operationId: '%2Fapi%2Ffleet%2Fagent_status#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - in: query - name: policyId - required: false - schema: - type: string - - in: query - name: policyIds - required: false - schema: - anyOf: - - items: - type: string - type: array - - type: string - - in: query - name: kuery - required: false - schema: - deprecated: true - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - results: - additionalProperties: false - type: object - properties: - active: - type: number - all: - type: number - error: - type: number - events: - type: number - inactive: - type: number - offline: - type: number - online: - type: number - other: - type: number - total: - deprecated: true - type: number - unenrolled: - type: number - updating: - type: number - required: - - events - - total - - online - - error - - offline - - other - - updating - - inactive - - unenrolled - - all - - active - required: - - results - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Agent status - /api/fleet/agent_status/data: - get: - description: Get incoming agent data - operationId: '%2Fapi%2Ffleet%2Fagent_status%2Fdata#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - in: query - name: agentsIds - required: true - schema: - anyOf: - - items: - type: string - type: array - - type: string - - in: query - name: previewData - required: false - schema: - default: false - type: boolean - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - dataPreview: - items: {} - type: array - items: - items: - additionalProperties: - additionalProperties: false - type: object - properties: - data: - type: boolean - required: - - data - type: object - type: array - required: - - items - - dataPreview - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Agents - /api/fleet/agent-status: - get: - deprecated: true - operationId: '%2Fapi%2Ffleet%2Fagent-status#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - in: query - name: policyId - required: false - schema: - type: string - - in: query - name: policyIds - required: false - schema: - anyOf: - - items: - type: string - type: array - - type: string - - in: query - name: kuery - required: false - schema: - deprecated: true - type: string - responses: {} - summary: '' - tags: [] - /api/fleet/agents: - get: - description: List agents - operationId: '%2Fapi%2Ffleet%2Fagents#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - in: query - name: page - required: false - schema: - default: 1 - type: number - - in: query - name: perPage - required: false - schema: - default: 20 - type: number - - in: query - name: kuery - required: false - schema: - type: string - - in: query - name: showInactive - required: false - schema: - default: false - type: boolean - - in: query - name: withMetrics - required: false - schema: - default: false - type: boolean - - in: query - name: showUpgradeable - required: false - schema: - default: false - type: boolean - - in: query - name: getStatusSummary - required: false - schema: - default: false - type: boolean - - in: query - name: sortField - required: false - schema: - type: string - - in: query - name: sortOrder - required: false - schema: - enum: - - asc - - desc - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - items: - items: - additionalProperties: false - type: object - properties: - access_api_key: - type: string - access_api_key_id: - type: string - active: - type: boolean - agent: - additionalProperties: true - type: object - properties: - id: - type: string - version: - type: string - required: - - id - - version - components: - items: - additionalProperties: false - type: object - properties: - id: - type: string - message: - type: string - status: - enum: - - STARTING - - CONFIGURING - - HEALTHY - - DEGRADED - - FAILED - - STOPPING - - STOPPED - type: string - type: - type: string - units: - items: - additionalProperties: false - type: object - properties: - id: - type: string - message: - type: string - payload: - additionalProperties: {} - type: object - status: - enum: - - STARTING - - CONFIGURING - - HEALTHY - - DEGRADED - - FAILED - - STOPPING - - STOPPED - type: string - type: - enum: - - input - - output - type: string - required: - - id - - type - - status - - message - type: array - required: - - id - - type - - status - - message - type: array - default_api_key: - type: string - default_api_key_history: - items: - additionalProperties: false - deprecated: true - type: object - properties: - id: - type: string - retired_at: - type: string - required: - - id - - retired_at - type: array - default_api_key_id: - type: string - enrolled_at: - type: string - id: - type: string - last_checkin: - type: string - last_checkin_message: - type: string - last_checkin_status: - enum: - - error - - online - - degraded - - updating - - starting - type: string - local_metadata: - additionalProperties: {} - type: object - metrics: - additionalProperties: false - type: object - properties: - cpu_avg: - type: number - memory_size_byte_avg: - type: number - namespaces: - items: - type: string - type: array - outputs: - additionalProperties: - additionalProperties: false - type: object - properties: - api_key_id: - type: string - to_retire_api_key_ids: - items: - additionalProperties: false - type: object - properties: - id: - type: string - retired_at: - type: string - required: - - id - - retired_at - type: array - type: - type: string - required: - - api_key_id - - type - type: object - packages: - items: - type: string - type: array - policy_id: - type: string - policy_revision: - nullable: true - type: number - sort: - items: - anyOf: - - type: number - - type: string - - enum: [] - nullable: true - type: array - status: - enum: - - offline - - error - - online - - inactive - - enrolling - - unenrolling - - unenrolled - - updating - - degraded - type: string - tags: - items: - type: string - type: array - type: - enum: - - PERMANENT - - EPHEMERAL - - TEMPORARY - type: string - unenrolled_at: - type: string - unenrollment_started_at: - type: string - unhealthy_reason: - items: - enum: - - input - - output - - other - type: string - nullable: true - type: array - upgrade_details: - additionalProperties: false - type: object - properties: - action_id: - type: string - metadata: - additionalProperties: false - type: object - properties: - download_percent: - type: number - download_rate: - type: number - error_msg: - type: string - failed_state: - enum: - - UPG_REQUESTED - - UPG_SCHEDULED - - UPG_DOWNLOADING - - UPG_EXTRACTING - - UPG_REPLACING - - UPG_RESTARTING - - UPG_FAILED - - UPG_WATCHING - - UPG_ROLLBACK - type: string - retry_error_msg: - type: string - retry_until: - type: string - scheduled_at: - type: string - state: - enum: - - UPG_REQUESTED - - UPG_SCHEDULED - - UPG_DOWNLOADING - - UPG_EXTRACTING - - UPG_REPLACING - - UPG_RESTARTING - - UPG_FAILED - - UPG_WATCHING - - UPG_ROLLBACK - type: string - target_version: - type: string - required: - - target_version - - action_id - - state - upgrade_started_at: - nullable: true - type: string - upgraded_at: - nullable: true - type: string - user_provided_metadata: - additionalProperties: {} - type: object - required: - - id - - packages - - type - - active - - enrolled_at - - local_metadata - type: array - list: - deprecated: true - items: - additionalProperties: false - type: object - properties: - access_api_key: - type: string - access_api_key_id: - type: string - active: - type: boolean - agent: - additionalProperties: true - type: object - properties: - id: - type: string - version: - type: string - required: - - id - - version - components: - items: - additionalProperties: false - type: object - properties: - id: - type: string - message: - type: string - status: - enum: - - STARTING - - CONFIGURING - - HEALTHY - - DEGRADED - - FAILED - - STOPPING - - STOPPED - type: string - type: - type: string - units: - items: - additionalProperties: false - type: object - properties: - id: - type: string - message: - type: string - payload: - additionalProperties: {} - type: object - status: - enum: - - STARTING - - CONFIGURING - - HEALTHY - - DEGRADED - - FAILED - - STOPPING - - STOPPED - type: string - type: - enum: - - input - - output - type: string - required: - - id - - type - - status - - message - type: array - required: - - id - - type - - status - - message - type: array - default_api_key: - type: string - default_api_key_history: - items: - additionalProperties: false - deprecated: true - type: object - properties: - id: - type: string - retired_at: - type: string - required: - - id - - retired_at - type: array - default_api_key_id: - type: string - enrolled_at: - type: string - id: - type: string - last_checkin: - type: string - last_checkin_message: - type: string - last_checkin_status: - enum: - - error - - online - - degraded - - updating - - starting - type: string - local_metadata: - additionalProperties: {} - type: object - metrics: - additionalProperties: false - type: object - properties: - cpu_avg: - type: number - memory_size_byte_avg: - type: number - namespaces: - items: - type: string - type: array - outputs: - additionalProperties: - additionalProperties: false - type: object - properties: - api_key_id: - type: string - to_retire_api_key_ids: - items: - additionalProperties: false - type: object - properties: - id: - type: string - retired_at: - type: string - required: - - id - - retired_at - type: array - type: - type: string - required: - - api_key_id - - type - type: object - packages: - items: - type: string - type: array - policy_id: - type: string - policy_revision: - nullable: true - type: number - sort: - items: - anyOf: - - type: number - - type: string - - enum: [] - nullable: true - type: array - status: - enum: - - offline - - error - - online - - inactive - - enrolling - - unenrolling - - unenrolled - - updating - - degraded - type: string - tags: - items: - type: string - type: array - type: - enum: - - PERMANENT - - EPHEMERAL - - TEMPORARY - type: string - unenrolled_at: - type: string - unenrollment_started_at: - type: string - unhealthy_reason: - items: - enum: - - input - - output - - other - type: string - nullable: true - type: array - upgrade_details: - additionalProperties: false - type: object - properties: - action_id: - type: string - metadata: - additionalProperties: false - type: object - properties: - download_percent: - type: number - download_rate: - type: number - error_msg: - type: string - failed_state: - enum: - - UPG_REQUESTED - - UPG_SCHEDULED - - UPG_DOWNLOADING - - UPG_EXTRACTING - - UPG_REPLACING - - UPG_RESTARTING - - UPG_FAILED - - UPG_WATCHING - - UPG_ROLLBACK - type: string - retry_error_msg: - type: string - retry_until: - type: string - scheduled_at: - type: string - state: - enum: - - UPG_REQUESTED - - UPG_SCHEDULED - - UPG_DOWNLOADING - - UPG_EXTRACTING - - UPG_REPLACING - - UPG_RESTARTING - - UPG_FAILED - - UPG_WATCHING - - UPG_ROLLBACK - type: string - target_version: - type: string - required: - - target_version - - action_id - - state - upgrade_started_at: - nullable: true - type: string - upgraded_at: - nullable: true - type: string - user_provided_metadata: - additionalProperties: {} - type: object - required: - - id - - packages - - type - - active - - enrolled_at - - local_metadata - type: array - page: - type: number - perPage: - type: number - statusSummary: - additionalProperties: - type: number - type: object - total: - type: number - required: - - items - - total - - page - - perPage - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Agents - post: - description: List agents by action ids - operationId: '%2Fapi%2Ffleet%2Fagents#1' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - actionIds: - items: - type: string - type: array - required: - - actionIds - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - items: - items: - type: string - type: array - required: - - items - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Agents - /api/fleet/agents/{agentId}: - delete: - description: Delete agent by ID - operationId: '%2Fapi%2Ffleet%2Fagents%2F%7BagentId%7D#2' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - in: path - name: agentId - required: true - schema: - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - action: - enum: - - deleted - type: string - required: - - action - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Agents - get: - description: Get agent by ID - operationId: '%2Fapi%2Ffleet%2Fagents%2F%7BagentId%7D#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - in: path - name: agentId - required: true - schema: - type: string - - in: query - name: withMetrics - required: false - schema: - default: false - type: boolean - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - item: - additionalProperties: false - type: object - properties: - access_api_key: - type: string - access_api_key_id: - type: string - active: - type: boolean - agent: - additionalProperties: true - type: object - properties: - id: - type: string - version: - type: string - required: - - id - - version - components: - items: - additionalProperties: false - type: object - properties: - id: - type: string - message: - type: string - status: - enum: - - STARTING - - CONFIGURING - - HEALTHY - - DEGRADED - - FAILED - - STOPPING - - STOPPED - type: string - type: - type: string - units: - items: - additionalProperties: false - type: object - properties: - id: - type: string - message: - type: string - payload: - additionalProperties: {} - type: object - status: - enum: - - STARTING - - CONFIGURING - - HEALTHY - - DEGRADED - - FAILED - - STOPPING - - STOPPED - type: string - type: - enum: - - input - - output - type: string - required: - - id - - type - - status - - message - type: array - required: - - id - - type - - status - - message - type: array - default_api_key: - type: string - default_api_key_history: - items: - additionalProperties: false - deprecated: true - type: object - properties: - id: - type: string - retired_at: - type: string - required: - - id - - retired_at - type: array - default_api_key_id: - type: string - enrolled_at: - type: string - id: - type: string - last_checkin: - type: string - last_checkin_message: - type: string - last_checkin_status: - enum: - - error - - online - - degraded - - updating - - starting - type: string - local_metadata: - additionalProperties: {} - type: object - metrics: - additionalProperties: false - type: object - properties: - cpu_avg: - type: number - memory_size_byte_avg: - type: number - namespaces: - items: - type: string - type: array - outputs: - additionalProperties: - additionalProperties: false - type: object - properties: - api_key_id: - type: string - to_retire_api_key_ids: - items: - additionalProperties: false - type: object - properties: - id: - type: string - retired_at: - type: string - required: - - id - - retired_at - type: array - type: - type: string - required: - - api_key_id - - type - type: object - packages: - items: - type: string - type: array - policy_id: - type: string - policy_revision: - nullable: true - type: number - sort: - items: - anyOf: - - type: number - - type: string - - enum: [] - nullable: true - type: array - status: - enum: - - offline - - error - - online - - inactive - - enrolling - - unenrolling - - unenrolled - - updating - - degraded - type: string - tags: - items: - type: string - type: array - type: - enum: - - PERMANENT - - EPHEMERAL - - TEMPORARY - type: string - unenrolled_at: - type: string - unenrollment_started_at: - type: string - unhealthy_reason: - items: - enum: - - input - - output - - other - type: string - nullable: true - type: array - upgrade_details: - additionalProperties: false - type: object - properties: - action_id: - type: string - metadata: - additionalProperties: false - type: object - properties: - download_percent: - type: number - download_rate: - type: number - error_msg: - type: string - failed_state: - enum: - - UPG_REQUESTED - - UPG_SCHEDULED - - UPG_DOWNLOADING - - UPG_EXTRACTING - - UPG_REPLACING - - UPG_RESTARTING - - UPG_FAILED - - UPG_WATCHING - - UPG_ROLLBACK - type: string - retry_error_msg: - type: string - retry_until: - type: string - scheduled_at: - type: string - state: - enum: - - UPG_REQUESTED - - UPG_SCHEDULED - - UPG_DOWNLOADING - - UPG_EXTRACTING - - UPG_REPLACING - - UPG_RESTARTING - - UPG_FAILED - - UPG_WATCHING - - UPG_ROLLBACK - type: string - target_version: - type: string - required: - - target_version - - action_id - - state - upgrade_started_at: - nullable: true - type: string - upgraded_at: - nullable: true - type: string - user_provided_metadata: - additionalProperties: {} - type: object - required: - - id - - packages - - type - - active - - enrolled_at - - local_metadata - required: - - item - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Agents - put: - description: Update agent by ID - operationId: '%2Fapi%2Ffleet%2Fagents%2F%7BagentId%7D#1' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - in: path - name: agentId - required: true - schema: - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - tags: - items: - type: string - type: array - user_provided_metadata: - additionalProperties: {} - type: object - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - item: - additionalProperties: false - type: object - properties: - access_api_key: - type: string - access_api_key_id: - type: string - active: - type: boolean - agent: - additionalProperties: true - type: object - properties: - id: - type: string - version: - type: string - required: - - id - - version - components: - items: - additionalProperties: false - type: object - properties: - id: - type: string - message: - type: string - status: - enum: - - STARTING - - CONFIGURING - - HEALTHY - - DEGRADED - - FAILED - - STOPPING - - STOPPED - type: string - type: - type: string - units: - items: - additionalProperties: false - type: object - properties: - id: - type: string - message: - type: string - payload: - additionalProperties: {} - type: object - status: - enum: - - STARTING - - CONFIGURING - - HEALTHY - - DEGRADED - - FAILED - - STOPPING - - STOPPED - type: string - type: - enum: - - input - - output - type: string - required: - - id - - type - - status - - message - type: array - required: - - id - - type - - status - - message - type: array - default_api_key: - type: string - default_api_key_history: - items: - additionalProperties: false - deprecated: true - type: object - properties: - id: - type: string - retired_at: - type: string - required: - - id - - retired_at - type: array - default_api_key_id: - type: string - enrolled_at: - type: string - id: - type: string - last_checkin: - type: string - last_checkin_message: - type: string - last_checkin_status: - enum: - - error - - online - - degraded - - updating - - starting - type: string - local_metadata: - additionalProperties: {} - type: object - metrics: - additionalProperties: false - type: object - properties: - cpu_avg: - type: number - memory_size_byte_avg: - type: number - namespaces: - items: - type: string - type: array - outputs: - additionalProperties: - additionalProperties: false - type: object - properties: - api_key_id: - type: string - to_retire_api_key_ids: - items: - additionalProperties: false - type: object - properties: - id: - type: string - retired_at: - type: string - required: - - id - - retired_at - type: array - type: - type: string - required: - - api_key_id - - type - type: object - packages: - items: - type: string - type: array - policy_id: - type: string - policy_revision: - nullable: true - type: number - sort: - items: - anyOf: - - type: number - - type: string - - enum: [] - nullable: true - type: array - status: - enum: - - offline - - error - - online - - inactive - - enrolling - - unenrolling - - unenrolled - - updating - - degraded - type: string - tags: - items: - type: string - type: array - type: - enum: - - PERMANENT - - EPHEMERAL - - TEMPORARY - type: string - unenrolled_at: - type: string - unenrollment_started_at: - type: string - unhealthy_reason: - items: - enum: - - input - - output - - other - type: string - nullable: true - type: array - upgrade_details: - additionalProperties: false - type: object - properties: - action_id: - type: string - metadata: - additionalProperties: false - type: object - properties: - download_percent: - type: number - download_rate: - type: number - error_msg: - type: string - failed_state: - enum: - - UPG_REQUESTED - - UPG_SCHEDULED - - UPG_DOWNLOADING - - UPG_EXTRACTING - - UPG_REPLACING - - UPG_RESTARTING - - UPG_FAILED - - UPG_WATCHING - - UPG_ROLLBACK - type: string - retry_error_msg: - type: string - retry_until: - type: string - scheduled_at: - type: string - state: - enum: - - UPG_REQUESTED - - UPG_SCHEDULED - - UPG_DOWNLOADING - - UPG_EXTRACTING - - UPG_REPLACING - - UPG_RESTARTING - - UPG_FAILED - - UPG_WATCHING - - UPG_ROLLBACK - type: string - target_version: - type: string - required: - - target_version - - action_id - - state - upgrade_started_at: - nullable: true - type: string - upgraded_at: - nullable: true - type: string - user_provided_metadata: - additionalProperties: {} - type: object - required: - - id - - packages - - type - - active - - enrolled_at - - local_metadata - required: - - item - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Agents - /api/fleet/agents/{agentId}/actions: - post: - description: Create agent action - operationId: '%2Fapi%2Ffleet%2Fagents%2F%7BagentId%7D%2Factions#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - in: path - name: agentId - required: true - schema: - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - action: - anyOf: - - additionalProperties: false - type: object - properties: - ack_data: {} - data: {} - type: - enum: - - UNENROLL - - UPGRADE - - POLICY_REASSIGN - type: string - required: - - type - - data - - ack_data - - additionalProperties: false - type: object - properties: - data: - additionalProperties: false - type: object - properties: - log_level: - enum: - - debug - - info - - warning - - error - nullable: true - type: string - required: - - log_level - type: - enum: - - SETTINGS - type: string - required: - - type - - data - required: - - action - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - item: - additionalProperties: false - type: object - properties: - ack_data: {} - agents: - items: - type: string - type: array - created_at: - type: string - data: {} - expiration: - type: string - id: - type: string - minimum_execution_duration: - type: number - namespaces: - items: - type: string - type: array - rollout_duration_seconds: - type: number - sent_at: - type: string - source_uri: - type: string - start_time: - type: string - total: - type: number - type: - type: string - required: - - id - - type - - data - - created_at - - ack_data - - agents - required: - - item - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Agent actions - /api/fleet/agents/{agentId}/reassign: - post: - description: Reassign agent - operationId: '%2Fapi%2Ffleet%2Fagents%2F%7BagentId%7D%2Freassign#1' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - in: path - name: agentId - required: true - schema: - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - policy_id: - type: string - required: - - policy_id - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: {} - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Agent actions - put: - deprecated: true - operationId: '%2Fapi%2Ffleet%2Fagents%2F%7BagentId%7D%2Freassign#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - in: path - name: agentId - required: true - schema: - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - policy_id: - type: string - required: - - policy_id - responses: {} - summary: '' - tags: [] - /api/fleet/agents/{agentId}/request_diagnostics: - post: - description: Request agent diagnostics - operationId: '%2Fapi%2Ffleet%2Fagents%2F%7BagentId%7D%2Frequest_diagnostics#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - in: path - name: agentId - required: true - schema: - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - nullable: true - type: object - properties: - additional_metrics: - items: - enum: - - CPU - type: string - type: array - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - actionId: - type: string - required: - - actionId - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Agent actions - /api/fleet/agents/{agentId}/unenroll: - post: - description: Unenroll agent - operationId: '%2Fapi%2Ffleet%2Fagents%2F%7BagentId%7D%2Funenroll#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - in: path - name: agentId - required: true - schema: - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - nullable: true - type: object - properties: - force: - type: boolean - revoke: - type: boolean - responses: {} - summary: '' - tags: - - Elastic Agent actions - /api/fleet/agents/{agentId}/upgrade: - post: - description: Upgrade agent - operationId: '%2Fapi%2Ffleet%2Fagents%2F%7BagentId%7D%2Fupgrade#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - in: path - name: agentId - required: true - schema: - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - force: - type: boolean - skipRateLimitCheck: - type: boolean - source_uri: - type: string - version: - type: string - required: - - version - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: {} - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Agent actions - /api/fleet/agents/{agentId}/uploads: - get: - description: List agent uploads - operationId: '%2Fapi%2Ffleet%2Fagents%2F%7BagentId%7D%2Fuploads#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - in: path - name: agentId - required: true - schema: - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - items: - items: - additionalProperties: false - type: object - properties: - actionId: - type: string - createTime: - type: string - error: - type: string - filePath: - type: string - id: - type: string - name: - type: string - status: - enum: - - READY - - AWAITING_UPLOAD - - DELETED - - EXPIRED - - IN_PROGRESS - - FAILED - type: string - required: - - id - - name - - filePath - - createTime - - status - - actionId - type: array - required: - - items - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Agents - /api/fleet/agents/action_status: - get: - description: Get agent action status - operationId: '%2Fapi%2Ffleet%2Fagents%2Faction_status#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - in: query - name: page - required: false - schema: - default: 0 - type: number - - in: query - name: perPage - required: false - schema: - default: 20 - type: number - - in: query - name: date - required: false - schema: - type: string - - in: query - name: latest - required: false - schema: - type: number - - in: query - name: errorSize - required: false - schema: - default: 5 - type: number - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - items: - items: - additionalProperties: false - type: object - properties: - actionId: - type: string - cancellationTime: - type: string - completionTime: - type: string - creationTime: - description: creation time of action - type: string - expiration: - type: string - hasRolloutPeriod: - type: boolean - latestErrors: - items: - additionalProperties: false - description: >- - latest errors that happened when the agents - executed the action - type: object - properties: - agentId: - type: string - error: - type: string - hostname: - type: string - timestamp: - type: string - required: - - agentId - - error - - timestamp - type: array - nbAgentsAck: - description: number of agents that acknowledged the action - type: number - nbAgentsActionCreated: - description: number of agents included in action from kibana - type: number - nbAgentsActioned: - description: number of agents actioned - type: number - nbAgentsFailed: - description: number of agents that failed to execute the action - type: number - newPolicyId: - description: new policy id (POLICY_REASSIGN action) - type: string - policyId: - description: policy id (POLICY_CHANGE action) - type: string - revision: - description: new policy revision (POLICY_CHANGE action) - type: number - startTime: - description: start time of action (scheduled actions) - type: string - status: - enum: - - COMPLETE - - EXPIRED - - CANCELLED - - FAILED - - IN_PROGRESS - - ROLLOUT_PASSED - type: string - type: - enum: - - UPGRADE - - UNENROLL - - SETTINGS - - POLICY_REASSIGN - - CANCEL - - FORCE_UNENROLL - - REQUEST_DIAGNOSTICS - - UPDATE_TAGS - - POLICY_CHANGE - - INPUT_ACTION - type: string - version: - description: agent version number (UPGRADE action) - type: string - required: - - actionId - - nbAgentsActionCreated - - nbAgentsAck - - nbAgentsFailed - - type - - nbAgentsActioned - - status - - creationTime - type: array - required: - - items - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Agent actions - /api/fleet/agents/actions/{actionId}/cancel: - post: - description: Cancel agent action - operationId: '%2Fapi%2Ffleet%2Fagents%2Factions%2F%7BactionId%7D%2Fcancel#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - in: path - name: actionId - required: true - schema: - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - item: - additionalProperties: false - type: object - properties: - ack_data: {} - agents: - items: - type: string - type: array - created_at: - type: string - data: {} - expiration: - type: string - id: - type: string - minimum_execution_duration: - type: number - namespaces: - items: - type: string - type: array - rollout_duration_seconds: - type: number - sent_at: - type: string - source_uri: - type: string - start_time: - type: string - total: - type: number - type: - type: string - required: - - id - - type - - data - - created_at - - ack_data - - agents - required: - - item - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Agent actions - /api/fleet/agents/available_versions: - get: - description: Get available agent versions - operationId: '%2Fapi%2Ffleet%2Fagents%2Favailable_versions#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - items: - items: - type: string - type: array - required: - - items - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Agents - /api/fleet/agents/bulk_reassign: - post: - description: Bulk reassign agents - operationId: '%2Fapi%2Ffleet%2Fagents%2Fbulk_reassign#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - agents: - anyOf: - - items: - type: string - type: array - - type: string - batchSize: - type: number - includeInactive: - default: false - type: boolean - policy_id: - type: string - required: - - policy_id - - agents - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - actionId: - type: string - required: - - actionId - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Agent actions - /api/fleet/agents/bulk_request_diagnostics: - post: - description: Bulk request diagnostics from agents - operationId: '%2Fapi%2Ffleet%2Fagents%2Fbulk_request_diagnostics#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - additional_metrics: - items: - enum: - - CPU - type: string - type: array - agents: - anyOf: - - items: - type: string - type: array - - type: string - batchSize: - type: number - required: - - agents - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - actionId: - type: string - required: - - actionId - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Agent actions - /api/fleet/agents/bulk_unenroll: - post: - description: Bulk unenroll agents - operationId: '%2Fapi%2Ffleet%2Fagents%2Fbulk_unenroll#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - agents: - anyOf: - - items: - description: KQL query string, leave empty to action all agents - type: string - type: array - - description: list of agent IDs - type: string - batchSize: - type: number - force: - description: Unenrolls hosted agents too - type: boolean - includeInactive: - description: >- - When passing agents by KQL query, unenrolls inactive agents - too - type: boolean - revoke: - description: Revokes API keys of agents - type: boolean - required: - - agents - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - actionId: - type: string - required: - - actionId - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Agent actions - /api/fleet/agents/bulk_update_agent_tags: - post: - description: Bulk update agent tags - operationId: '%2Fapi%2Ffleet%2Fagents%2Fbulk_update_agent_tags#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - agents: - anyOf: - - items: - type: string - type: array - - type: string - batchSize: - type: number - includeInactive: - default: false - type: boolean - tagsToAdd: - items: - type: string - type: array - tagsToRemove: - items: - type: string - type: array - required: - - agents - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - actionId: - type: string - required: - - actionId - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Agent actions - /api/fleet/agents/bulk_upgrade: - post: - description: Bulk upgrade agents - operationId: '%2Fapi%2Ffleet%2Fagents%2Fbulk_upgrade#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - agents: - anyOf: - - items: - type: string - type: array - - type: string - batchSize: - type: number - force: - type: boolean - includeInactive: - default: false - type: boolean - rollout_duration_seconds: - minimum: 600 - type: number - skipRateLimitCheck: - type: boolean - source_uri: - type: string - start_time: - type: string - version: - type: string - required: - - agents - - version - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - actionId: - type: string - required: - - actionId - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Agent actions - /api/fleet/agents/files/{fileId}: - delete: - description: Delete file uploaded by agent - operationId: '%2Fapi%2Ffleet%2Fagents%2Ffiles%2F%7BfileId%7D#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - in: path - name: fileId - required: true - schema: - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - deleted: - type: boolean - id: - type: string - required: - - id - - deleted - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Agents - /api/fleet/agents/files/{fileId}/{fileName}: - get: - description: Get file uploaded by agent - operationId: '%2Fapi%2Ffleet%2Fagents%2Ffiles%2F%7BfileId%7D%2F%7BfileName%7D#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - in: path - name: fileId - required: true - schema: - type: string - - in: path - name: fileName - required: true - schema: - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Agents - /api/fleet/agents/setup: - get: - description: Get agent setup info - operationId: '%2Fapi%2Ffleet%2Fagents%2Fsetup#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: >- - A summary of the agent setup status. `isReady` indicates - whether the setup is ready. If the setup is not ready, - `missing_requirements` lists which requirements are missing. - type: object - properties: - is_secrets_storage_enabled: - type: boolean - is_space_awareness_enabled: - type: boolean - isReady: - type: boolean - missing_optional_features: - items: - enum: - - encrypted_saved_object_encryption_key_required - type: string - type: array - missing_requirements: - items: - enum: - - security_required - - tls_required - - api_keys - - fleet_admin_user - - fleet_server - type: string - type: array - package_verification_key_id: - type: string - required: - - isReady - - missing_requirements - - missing_optional_features - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Agents - post: - description: Initiate agent setup - operationId: '%2Fapi%2Ffleet%2Fagents%2Fsetup#1' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: >- - A summary of the result of Fleet's `setup` lifecycle. If - `isInitialized` is true, Fleet is ready to accept agent - enrollment. `nonFatalErrors` may include useful insight into - non-blocking issues with Fleet setup. - type: object - properties: - isInitialized: - type: boolean - nonFatalErrors: - items: - additionalProperties: false - type: object - properties: - message: - type: string - name: - type: string - required: - - name - - message - type: array - required: - - isInitialized - - nonFatalErrors - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Agents - /api/fleet/agents/tags: - get: - description: List agent tags - operationId: '%2Fapi%2Ffleet%2Fagents%2Ftags#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - in: query - name: kuery - required: false - schema: - type: string - - in: query - name: showInactive - required: false - schema: - default: false - type: boolean - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - items: - items: - type: string - type: array - required: - - items - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Agents - /api/fleet/check-permissions: - get: - description: Check permissions - operationId: '%2Fapi%2Ffleet%2Fcheck-permissions#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - in: query - name: fleetServerSetup - required: false - schema: - type: boolean - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - error: - enum: - - MISSING_SECURITY - - MISSING_PRIVILEGES - - MISSING_FLEET_SERVER_SETUP_PRIVILEGES - type: string - success: - type: boolean - required: - - success - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Fleet internals - /api/fleet/data_streams: - get: - description: List data streams - operationId: '%2Fapi%2Ffleet%2Fdata_streams#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - data_streams: - items: - additionalProperties: false - type: object - properties: - dashboards: - items: - additionalProperties: false - type: object - properties: - id: - type: string - title: - type: string - required: - - id - - title - type: array - dataset: - type: string - index: - type: string - last_activity_ms: - type: number - namespace: - type: string - package: - type: string - package_version: - type: string - serviceDetails: - additionalProperties: false - nullable: true - type: object - properties: - environment: - type: string - serviceName: - type: string - required: - - environment - - serviceName - size_in_bytes: - type: number - size_in_bytes_formatted: - anyOf: - - type: number - - type: string - type: - type: string - required: - - index - - dataset - - namespace - - type - - package - - package_version - - last_activity_ms - - size_in_bytes - - size_in_bytes_formatted - - dashboards - - serviceDetails - type: array - required: - - data_streams - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Data streams - /api/fleet/enrollment_api_keys: - get: - description: List enrollment API keys - operationId: '%2Fapi%2Ffleet%2Fenrollment_api_keys#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - in: query - name: page - required: false - schema: - default: 1 - type: number - - in: query - name: perPage - required: false - schema: - default: 20 - type: number - - in: query - name: kuery - required: false - schema: - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - items: - items: - additionalProperties: false - type: object - properties: - active: - description: >- - When false, the enrollment API key is revoked and - cannot be used for enrolling Elastic Agents. - type: boolean - api_key: - description: >- - The enrollment API key (token) used for enrolling - Elastic Agents. - type: string - api_key_id: - description: The ID of the API key in the Security API. - type: string - created_at: - type: string - id: - type: string - name: - description: The name of the enrollment API key. - type: string - policy_id: - description: >- - The ID of the agent policy the Elastic Agent will be - enrolled in. - type: string - required: - - id - - api_key_id - - api_key - - active - - created_at - type: array - list: - deprecated: true - items: - additionalProperties: false - type: object - properties: - active: - description: >- - When false, the enrollment API key is revoked and - cannot be used for enrolling Elastic Agents. - type: boolean - api_key: - description: >- - The enrollment API key (token) used for enrolling - Elastic Agents. - type: string - api_key_id: - description: The ID of the API key in the Security API. - type: string - created_at: - type: string - id: - type: string - name: - description: The name of the enrollment API key. - type: string - policy_id: - description: >- - The ID of the agent policy the Elastic Agent will be - enrolled in. - type: string - required: - - id - - api_key_id - - api_key - - active - - created_at - type: array - page: - type: number - perPage: - type: number - total: - type: number - required: - - items - - total - - page - - perPage - - list - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Fleet enrollment API keys - post: - description: Create enrollment API key - operationId: '%2Fapi%2Ffleet%2Fenrollment_api_keys#1' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - expiration: - type: string - name: - type: string - policy_id: - type: string - required: - - policy_id - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - action: - enum: - - created - type: string - item: - additionalProperties: false - type: object - properties: - active: - description: >- - When false, the enrollment API key is revoked and - cannot be used for enrolling Elastic Agents. - type: boolean - api_key: - description: >- - The enrollment API key (token) used for enrolling - Elastic Agents. - type: string - api_key_id: - description: The ID of the API key in the Security API. - type: string - created_at: - type: string - id: - type: string - name: - description: The name of the enrollment API key. - type: string - policy_id: - description: >- - The ID of the agent policy the Elastic Agent will be - enrolled in. - type: string - required: - - id - - api_key_id - - api_key - - active - - created_at - required: - - item - - action - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Fleet enrollment API keys - /api/fleet/enrollment_api_keys/{keyId}: - delete: - description: Revoke enrollment API key by ID by marking it as inactive - operationId: '%2Fapi%2Ffleet%2Fenrollment_api_keys%2F%7BkeyId%7D#1' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - in: path - name: keyId - required: true - schema: - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - action: - enum: - - deleted - type: string - required: - - action - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Fleet enrollment API keys - get: - description: Get enrollment API key by ID - operationId: '%2Fapi%2Ffleet%2Fenrollment_api_keys%2F%7BkeyId%7D#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - in: path - name: keyId - required: true - schema: - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - item: - additionalProperties: false - type: object - properties: - active: - description: >- - When false, the enrollment API key is revoked and - cannot be used for enrolling Elastic Agents. - type: boolean - api_key: - description: >- - The enrollment API key (token) used for enrolling - Elastic Agents. - type: string - api_key_id: - description: The ID of the API key in the Security API. - type: string - created_at: - type: string - id: - type: string - name: - description: The name of the enrollment API key. - type: string - policy_id: - description: >- - The ID of the agent policy the Elastic Agent will be - enrolled in. - type: string - required: - - id - - api_key_id - - api_key - - active - - created_at - required: - - item - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Fleet enrollment API keys - /api/fleet/enrollment-api-keys: - get: - deprecated: true - operationId: '%2Fapi%2Ffleet%2Fenrollment-api-keys#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - in: query - name: page - required: false - schema: - default: 1 - type: number - - in: query - name: perPage - required: false - schema: - default: 20 - type: number - - in: query - name: kuery - required: false - schema: - type: string - responses: {} - summary: '' - tags: [] - post: - deprecated: true - operationId: '%2Fapi%2Ffleet%2Fenrollment-api-keys#1' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - expiration: - type: string - name: - type: string - policy_id: - type: string - required: - - policy_id - responses: {} - summary: '' - tags: [] - /api/fleet/enrollment-api-keys/{keyId}: - delete: - deprecated: true - operationId: '%2Fapi%2Ffleet%2Fenrollment-api-keys%2F%7BkeyId%7D#1' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - in: path - name: keyId - required: true - schema: - type: string - responses: {} - summary: '' - tags: [] - get: - deprecated: true - operationId: '%2Fapi%2Ffleet%2Fenrollment-api-keys%2F%7BkeyId%7D#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - in: path - name: keyId - required: true - schema: - type: string - responses: {} - summary: '' - tags: [] - /api/fleet/epm/bulk_assets: - post: - description: Bulk get assets - operationId: '%2Fapi%2Ffleet%2Fepm%2Fbulk_assets#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - assetIds: - items: - additionalProperties: false - type: object - properties: - id: - type: string - type: - type: string - required: - - id - - type - type: array - required: - - assetIds - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - items: - items: - additionalProperties: false - type: object - properties: - appLink: - type: string - attributes: - additionalProperties: false - type: object - properties: - description: - type: string - service: - type: string - title: - type: string - id: - type: string - type: - type: string - updatedAt: - type: string - required: - - id - - type - - attributes - type: array - required: - - items - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Package Manager (EPM) - /api/fleet/epm/categories: - get: - description: List package categories - operationId: '%2Fapi%2Ffleet%2Fepm%2Fcategories#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - in: query - name: prerelease - required: false - schema: - type: boolean - - in: query - name: experimental - required: false - schema: - type: boolean - - in: query - name: include_policy_templates - required: false - schema: - type: boolean - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - items: - items: - additionalProperties: false - type: object - properties: - count: - type: number - id: - type: string - parent_id: - type: string - parent_title: - type: string - title: - type: string - required: - - id - - title - - count - type: array - response: - items: - additionalProperties: false - deprecated: true - type: object - properties: - count: - type: number - id: - type: string - parent_id: - type: string - parent_title: - type: string - title: - type: string - required: - - id - - title - - count - type: array - required: - - items - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Package Manager (EPM) - /api/fleet/epm/custom_integrations: - post: - description: Create custom integration - operationId: '%2Fapi%2Ffleet%2Fepm%2Fcustom_integrations#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - datasets: - items: - additionalProperties: false - type: object - properties: - name: - type: string - type: - enum: - - logs - - metrics - - traces - - synthetics - - profiling - type: string - required: - - name - - type - type: array - force: - type: boolean - integrationName: - type: string - required: - - integrationName - - datasets - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - _meta: - additionalProperties: false - type: object - properties: - install_source: - type: string - required: - - install_source - items: - items: - anyOf: - - additionalProperties: false - type: object - properties: - id: - type: string - originId: - type: string - type: - enum: - - dashboard - - lens - - visualization - - search - - index-pattern - - map - - ml-module - - security-rule - - csp-rule-template - - osquery-pack-asset - - osquery-saved-query - - tag - type: string - required: - - id - - type - - additionalProperties: false - type: object - properties: - deferred: - type: boolean - id: - type: string - type: - enum: - - index - - index_template - - component_template - - ingest_pipeline - - ilm_policy - - data_stream_ilm_policy - - transform - - ml_model - type: string - version: - type: string - required: - - id - - type - type: array - response: - deprecated: true - items: - anyOf: - - additionalProperties: false - type: object - properties: - id: - type: string - originId: - type: string - type: - enum: - - dashboard - - lens - - visualization - - search - - index-pattern - - map - - ml-module - - security-rule - - csp-rule-template - - osquery-pack-asset - - osquery-saved-query - - tag - type: string - required: - - id - - type - - additionalProperties: false - type: object - properties: - deferred: - type: boolean - id: - type: string - type: - enum: - - index - - index_template - - component_template - - ingest_pipeline - - ilm_policy - - data_stream_ilm_policy - - transform - - ml_model - type: string - version: - type: string - required: - - id - - type - type: array - required: - - items - - _meta - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Package Manager (EPM) - /api/fleet/epm/data_streams: - get: - description: List data streams - operationId: '%2Fapi%2Ffleet%2Fepm%2Fdata_streams#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - in: query - name: type - required: false - schema: - enum: - - logs - - metrics - - traces - - synthetics - - profiling - type: string - - in: query - name: datasetQuery - required: false - schema: - type: string - - in: query - name: sortOrder - required: false - schema: - default: asc - enum: - - asc - - desc - type: string - - in: query - name: uncategorisedOnly - required: false - schema: - default: false - type: boolean - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - items: - items: - additionalProperties: false - type: object - properties: - name: - type: string - required: - - name - type: array - required: - - items - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Data streams - /api/fleet/epm/packages: - get: - description: List packages - operationId: '%2Fapi%2Ffleet%2Fepm%2Fpackages#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - in: query - name: category - required: false - schema: - type: string - - in: query - name: prerelease - required: false - schema: - type: boolean - - in: query - name: experimental - required: false - schema: - type: boolean - - in: query - name: excludeInstallStatus - required: false - schema: - type: boolean - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - items: - items: - additionalProperties: true - type: object - properties: - categories: - items: - type: string - type: array - conditions: - additionalProperties: true - type: object - properties: - elastic: - additionalProperties: true - type: object - properties: - capabilities: - items: - type: string - type: array - subscription: - type: string - kibana: - additionalProperties: true - type: object - properties: - version: - type: string - data_streams: - items: - additionalProperties: {} - type: object - type: array - description: - type: string - discovery: - additionalProperties: true - type: object - properties: - fields: - items: - additionalProperties: true - type: object - properties: - name: - type: string - required: - - name - type: array - download: - type: string - format_version: - type: string - icons: - items: - additionalProperties: true - type: object - properties: - dark_mode: - type: boolean - path: - type: string - size: - type: string - src: - type: string - title: - type: string - type: - type: string - required: - - src - type: array - id: - type: string - installationInfo: - additionalProperties: true - type: object - properties: - additional_spaces_installed_kibana: - additionalProperties: - items: - additionalProperties: true - type: object - properties: - id: - type: string - originId: - type: string - type: - enum: - - dashboard - - lens - - visualization - - search - - index-pattern - - map - - ml-module - - security-rule - - csp-rule-template - - osquery-pack-asset - - osquery-saved-query - - tag - type: string - required: - - id - - type - type: array - type: object - created_at: - type: string - experimental_data_stream_features: - items: - additionalProperties: true - type: object - properties: - data_stream: - type: string - features: - additionalProperties: true - type: object - properties: - doc_value_only_numeric: - type: boolean - doc_value_only_other: - type: boolean - synthetic_source: - type: boolean - tsdb: - type: boolean - required: - - data_stream - - features - type: array - install_format_schema_version: - type: string - install_source: - enum: - - registry - - upload - - bundled - - custom - type: string - install_status: - enum: - - installed - - installing - - install_failed - type: string - installed_es: - items: - additionalProperties: true - type: object - properties: - deferred: - type: boolean - id: - type: string - type: - enum: - - index - - index_template - - component_template - - ingest_pipeline - - ilm_policy - - data_stream_ilm_policy - - transform - - ml_model - type: string - version: - type: string - required: - - id - - type - type: array - installed_kibana: - items: - additionalProperties: true - type: object - properties: - id: - type: string - originId: - type: string - type: - enum: - - dashboard - - lens - - visualization - - search - - index-pattern - - map - - ml-module - - security-rule - - csp-rule-template - - osquery-pack-asset - - osquery-saved-query - - tag - type: string - required: - - id - - type - type: array - installed_kibana_space_id: - type: string - latest_executed_state: - additionalProperties: true - type: object - properties: - error: - type: string - name: - type: string - started_at: - type: string - required: - - name - - started_at - latest_install_failed_attempts: - items: - additionalProperties: true - type: object - properties: - created_at: - type: string - error: - additionalProperties: true - type: object - properties: - message: - type: string - name: - type: string - stack: - type: string - required: - - name - - message - target_version: - type: string - required: - - created_at - - target_version - - error - type: array - name: - type: string - namespaces: - items: - type: string - type: array - type: - type: string - updated_at: - type: string - verification_key_id: - nullable: true - type: string - verification_status: - enum: - - unverified - - verified - - unknown - type: string - version: - type: string - required: - - type - - installed_kibana - - installed_es - - name - - version - - install_status - - install_source - - verification_status - integration: - type: string - internal: - type: boolean - latestVersion: - type: string - name: - type: string - owner: - additionalProperties: true - type: object - properties: - github: - type: string - type: - enum: - - elastic - - partner - - community - type: string - path: - type: string - policy_templates: - items: - additionalProperties: {} - type: object - type: array - readme: - type: string - release: - enum: - - ga - - beta - - experimental - type: string - savedObject: {} - signature_path: - type: string - source: - additionalProperties: true - type: object - properties: - license: - type: string - required: - - license - status: - type: string - title: - type: string - type: - enum: - - integration - - input - - content - type: string - vars: - items: - additionalProperties: {} - type: object - type: array - version: - type: string - required: - - savedObject - - name - - version - - title - - id - type: array - response: - items: - additionalProperties: true - deprecated: true - type: object - properties: - categories: - items: - type: string - type: array - conditions: - additionalProperties: true - type: object - properties: - elastic: - additionalProperties: true - type: object - properties: - capabilities: - items: - type: string - type: array - subscription: - type: string - kibana: - additionalProperties: true - type: object - properties: - version: - type: string - data_streams: - items: - additionalProperties: {} - type: object - type: array - description: - type: string - discovery: - additionalProperties: true - type: object - properties: - fields: - items: - additionalProperties: true - type: object - properties: - name: - type: string - required: - - name - type: array - download: - type: string - format_version: - type: string - icons: - items: - additionalProperties: true - type: object - properties: - dark_mode: - type: boolean - path: - type: string - size: - type: string - src: - type: string - title: - type: string - type: - type: string - required: - - src - type: array - id: - type: string - installationInfo: - additionalProperties: true - type: object - properties: - additional_spaces_installed_kibana: - additionalProperties: - items: - additionalProperties: true - type: object - properties: - id: - type: string - originId: - type: string - type: - enum: - - dashboard - - lens - - visualization - - search - - index-pattern - - map - - ml-module - - security-rule - - csp-rule-template - - osquery-pack-asset - - osquery-saved-query - - tag - type: string - required: - - id - - type - type: array - type: object - created_at: - type: string - experimental_data_stream_features: - items: - additionalProperties: true - type: object - properties: - data_stream: - type: string - features: - additionalProperties: true - type: object - properties: - doc_value_only_numeric: - type: boolean - doc_value_only_other: - type: boolean - synthetic_source: - type: boolean - tsdb: - type: boolean - required: - - data_stream - - features - type: array - install_format_schema_version: - type: string - install_source: - enum: - - registry - - upload - - bundled - - custom - type: string - install_status: - enum: - - installed - - installing - - install_failed - type: string - installed_es: - items: - additionalProperties: true - type: object - properties: - deferred: - type: boolean - id: - type: string - type: - enum: - - index - - index_template - - component_template - - ingest_pipeline - - ilm_policy - - data_stream_ilm_policy - - transform - - ml_model - type: string - version: - type: string - required: - - id - - type - type: array - installed_kibana: - items: - additionalProperties: true - type: object - properties: - id: - type: string - originId: - type: string - type: - enum: - - dashboard - - lens - - visualization - - search - - index-pattern - - map - - ml-module - - security-rule - - csp-rule-template - - osquery-pack-asset - - osquery-saved-query - - tag - type: string - required: - - id - - type - type: array - installed_kibana_space_id: - type: string - latest_executed_state: - additionalProperties: true - type: object - properties: - error: - type: string - name: - type: string - started_at: - type: string - required: - - name - - started_at - latest_install_failed_attempts: - items: - additionalProperties: true - type: object - properties: - created_at: - type: string - error: - additionalProperties: true - type: object - properties: - message: - type: string - name: - type: string - stack: - type: string - required: - - name - - message - target_version: - type: string - required: - - created_at - - target_version - - error - type: array - name: - type: string - namespaces: - items: - type: string - type: array - type: - type: string - updated_at: - type: string - verification_key_id: - nullable: true - type: string - verification_status: - enum: - - unverified - - verified - - unknown - type: string - version: - type: string - required: - - type - - installed_kibana - - installed_es - - name - - version - - install_status - - install_source - - verification_status - integration: - type: string - internal: - type: boolean - latestVersion: - type: string - name: - type: string - owner: - additionalProperties: true - type: object - properties: - github: - type: string - type: - enum: - - elastic - - partner - - community - type: string - path: - type: string - policy_templates: - items: - additionalProperties: {} - type: object - type: array - readme: - type: string - release: - enum: - - ga - - beta - - experimental - type: string - savedObject: {} - signature_path: - type: string - source: - additionalProperties: true - type: object - properties: - license: - type: string - required: - - license - status: - type: string - title: - type: string - type: - enum: - - integration - - input - - content - type: string - vars: - items: - additionalProperties: {} - type: object - type: array - version: - type: string - required: - - savedObject - - name - - version - - title - - id - type: array - required: - - items - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Package Manager (EPM) - post: - description: Install package by upload - operationId: '%2Fapi%2Ffleet%2Fepm%2Fpackages#1' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - in: query - name: ignoreMappingUpdateErrors - required: false - schema: - default: false - type: boolean - - in: query - name: skipDataStreamRollover - required: false - schema: - default: false - type: boolean - requestBody: - content: - application/gzip; application/zip; Elastic-Api-Version=2023-10-31: - schema: - format: binary - type: string - responses: - '200': - content: - application/gzip; application/zip; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - _meta: - additionalProperties: false - type: object - properties: - install_source: - type: string - required: - - install_source - items: - items: - anyOf: - - additionalProperties: false - type: object - properties: - id: - type: string - originId: - type: string - type: - enum: - - dashboard - - lens - - visualization - - search - - index-pattern - - map - - ml-module - - security-rule - - csp-rule-template - - osquery-pack-asset - - osquery-saved-query - - tag - type: string - required: - - id - - type - - additionalProperties: false - type: object - properties: - deferred: - type: boolean - id: - type: string - type: - enum: - - index - - index_template - - component_template - - ingest_pipeline - - ilm_policy - - data_stream_ilm_policy - - transform - - ml_model - type: string - version: - type: string - required: - - id - - type - type: array - response: - deprecated: true - items: - anyOf: - - additionalProperties: false - type: object - properties: - id: - type: string - originId: - type: string - type: - enum: - - dashboard - - lens - - visualization - - search - - index-pattern - - map - - ml-module - - security-rule - - csp-rule-template - - osquery-pack-asset - - osquery-saved-query - - tag - type: string - required: - - id - - type - - additionalProperties: false - type: object - properties: - deferred: - type: boolean - id: - type: string - type: - enum: - - index - - index_template - - component_template - - ingest_pipeline - - ilm_policy - - data_stream_ilm_policy - - transform - - ml_model - type: string - version: - type: string - required: - - id - - type - type: array - required: - - items - - _meta - '400': - content: - application/gzip; application/zip; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Package Manager (EPM) - /api/fleet/epm/packages/_bulk: - post: - description: Bulk install packages - operationId: '%2Fapi%2Ffleet%2Fepm%2Fpackages%2F_bulk#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - in: query - name: prerelease - required: false - schema: - type: boolean - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - force: - default: false - type: boolean - packages: - items: - anyOf: - - type: string - - additionalProperties: false - type: object - properties: - name: - type: string - prerelease: - type: boolean - version: - type: string - required: - - name - - version - minItems: 1 - type: array - required: - - packages - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - items: - items: - anyOf: - - additionalProperties: false - type: object - properties: - name: - type: string - result: - additionalProperties: false - type: object - properties: - assets: - items: - anyOf: - - additionalProperties: false - type: object - properties: - id: - type: string - originId: - type: string - type: - enum: - - dashboard - - lens - - visualization - - search - - index-pattern - - map - - ml-module - - security-rule - - csp-rule-template - - osquery-pack-asset - - osquery-saved-query - - tag - type: string - required: - - id - - type - - additionalProperties: false - type: object - properties: - deferred: - type: boolean - id: - type: string - type: - enum: - - index - - index_template - - component_template - - ingest_pipeline - - ilm_policy - - data_stream_ilm_policy - - transform - - ml_model - type: string - version: - type: string - required: - - id - - type - type: array - error: {} - installSource: - type: string - installType: - type: string - status: - enum: - - installed - - already_installed - type: string - required: - - error - - installType - version: - type: string - required: - - name - - version - - result - - additionalProperties: false - type: object - properties: - error: - anyOf: - - type: string - - {} - name: - type: string - statusCode: - type: number - required: - - name - - statusCode - - error - type: array - response: - deprecated: true - items: - anyOf: - - additionalProperties: false - type: object - properties: - name: - type: string - result: - additionalProperties: false - type: object - properties: - assets: - items: - anyOf: - - additionalProperties: false - type: object - properties: - id: - type: string - originId: - type: string - type: - enum: - - dashboard - - lens - - visualization - - search - - index-pattern - - map - - ml-module - - security-rule - - csp-rule-template - - osquery-pack-asset - - osquery-saved-query - - tag - type: string - required: - - id - - type - - additionalProperties: false - type: object - properties: - deferred: - type: boolean - id: - type: string - type: - enum: - - index - - index_template - - component_template - - ingest_pipeline - - ilm_policy - - data_stream_ilm_policy - - transform - - ml_model - type: string - version: - type: string - required: - - id - - type - type: array - error: {} - installSource: - type: string - installType: - type: string - status: - enum: - - installed - - already_installed - type: string - required: - - error - - installType - version: - type: string - required: - - name - - version - - result - - additionalProperties: false - type: object - properties: - error: - anyOf: - - type: string - - {} - name: - type: string - statusCode: - type: number - required: - - name - - statusCode - - error - type: array - required: - - items - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Package Manager (EPM) - /api/fleet/epm/packages/{pkgkey}: - delete: - deprecated: true - operationId: '%2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7Bpkgkey%7D#3' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - in: path - name: pkgkey - required: true - schema: - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - nullable: true - type: object - properties: - force: - type: boolean - required: - - force - responses: {} - summary: '' - tags: [] - get: - deprecated: true - operationId: '%2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7Bpkgkey%7D#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - in: path - name: pkgkey - required: true - schema: - type: string - - in: query - name: ignoreUnverified - required: false - schema: - type: boolean - - in: query - name: prerelease - required: false - schema: - type: boolean - - in: query - name: full - required: false - schema: - type: boolean - - in: query - name: withMetadata - required: false - schema: - default: false - type: boolean - responses: {} - summary: '' - tags: [] - post: - deprecated: true - operationId: '%2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7Bpkgkey%7D#2' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - in: path - name: pkgkey - required: true - schema: - type: string - - in: query - name: prerelease - required: false - schema: - type: boolean - - in: query - name: ignoreMappingUpdateErrors - required: false - schema: - default: false - type: boolean - - in: query - name: skipDataStreamRollover - required: false - schema: - default: false - type: boolean - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - nullable: true - type: object - properties: - force: - type: boolean - required: - - force - responses: {} - summary: '' - tags: [] - put: - deprecated: true - operationId: '%2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7Bpkgkey%7D#1' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - in: path - name: pkgkey - required: true - schema: - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - keepPoliciesUpToDate: - type: boolean - required: - - keepPoliciesUpToDate - responses: {} - summary: '' - tags: [] - /api/fleet/epm/packages/{pkgName}/{pkgVersion}: - delete: - description: Delete package - operationId: '%2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7BpkgName%7D%2F%7BpkgVersion%7D#3' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - in: path - name: pkgName - required: true - schema: - type: string - - in: path - name: pkgVersion - required: true - schema: - type: string - - in: query - name: force - required: false - schema: - type: boolean - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - nullable: true - type: object - properties: - force: - type: boolean - required: - - force - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - items: - items: - anyOf: - - additionalProperties: false - type: object - properties: - id: - type: string - originId: - type: string - type: - enum: - - dashboard - - lens - - visualization - - search - - index-pattern - - map - - ml-module - - security-rule - - csp-rule-template - - osquery-pack-asset - - osquery-saved-query - - tag - type: string - required: - - id - - type - - additionalProperties: false - type: object - properties: - deferred: - type: boolean - id: - type: string - type: - enum: - - index - - index_template - - component_template - - ingest_pipeline - - ilm_policy - - data_stream_ilm_policy - - transform - - ml_model - type: string - version: - type: string - required: - - id - - type - type: array - response: - deprecated: true - items: - anyOf: - - additionalProperties: false - type: object - properties: - id: - type: string - originId: - type: string - type: - enum: - - dashboard - - lens - - visualization - - search - - index-pattern - - map - - ml-module - - security-rule - - csp-rule-template - - osquery-pack-asset - - osquery-saved-query - - tag - type: string - required: - - id - - type - - additionalProperties: false - type: object - properties: - deferred: - type: boolean - id: - type: string - type: - enum: - - index - - index_template - - component_template - - ingest_pipeline - - ilm_policy - - data_stream_ilm_policy - - transform - - ml_model - type: string - version: - type: string - required: - - id - - type - type: array - required: - - items - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Package Manager (EPM) - get: - description: Get package - operationId: '%2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7BpkgName%7D%2F%7BpkgVersion%7D#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - in: path - name: pkgName - required: true - schema: - type: string - - in: path - name: pkgVersion - required: true - schema: - type: string - - in: query - name: ignoreUnverified - required: false - schema: - type: boolean - - in: query - name: prerelease - required: false - schema: - type: boolean - - in: query - name: full - required: false - schema: - type: boolean - - in: query - name: withMetadata - required: false - schema: - default: false - type: boolean - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - item: - additionalProperties: true - type: object - properties: - agent: - additionalProperties: false - type: object - properties: - privileges: - additionalProperties: false - type: object - properties: - root: - type: boolean - asset_tags: - items: - additionalProperties: false - type: object - properties: - asset_ids: - items: - type: string - type: array - asset_types: - items: - type: string - type: array - text: - type: string - required: - - text - type: array - assets: - additionalProperties: {} - type: object - categories: - items: - type: string - type: array - conditions: - additionalProperties: true - type: object - properties: - elastic: - additionalProperties: true - type: object - properties: - capabilities: - items: - type: string - type: array - subscription: - type: string - kibana: - additionalProperties: true - type: object - properties: - version: - type: string - data_streams: - items: - additionalProperties: {} - type: object - type: array - description: - type: string - discovery: - additionalProperties: true - type: object - properties: - fields: - items: - additionalProperties: true - type: object - properties: - name: - type: string - required: - - name - type: array - download: - type: string - elasticsearch: - additionalProperties: {} - type: object - format_version: - type: string - icons: - items: - additionalProperties: true - type: object - properties: - dark_mode: - type: boolean - path: - type: string - size: - type: string - src: - type: string - title: - type: string - type: - type: string - required: - - src - type: array - installationInfo: - additionalProperties: true - type: object - properties: - additional_spaces_installed_kibana: - additionalProperties: - items: - additionalProperties: true - type: object - properties: - id: - type: string - originId: - type: string - type: - enum: - - dashboard - - lens - - visualization - - search - - index-pattern - - map - - ml-module - - security-rule - - csp-rule-template - - osquery-pack-asset - - osquery-saved-query - - tag - type: string - required: - - id - - type - type: array - type: object - created_at: - type: string - experimental_data_stream_features: - items: - additionalProperties: true - type: object - properties: - data_stream: - type: string - features: - additionalProperties: true - type: object - properties: - doc_value_only_numeric: - type: boolean - doc_value_only_other: - type: boolean - synthetic_source: - type: boolean - tsdb: - type: boolean - required: - - data_stream - - features - type: array - install_format_schema_version: - type: string - install_source: - enum: - - registry - - upload - - bundled - - custom - type: string - install_status: - enum: - - installed - - installing - - install_failed - type: string - installed_es: - items: - additionalProperties: true - type: object - properties: - deferred: - type: boolean - id: - type: string - type: - enum: - - index - - index_template - - component_template - - ingest_pipeline - - ilm_policy - - data_stream_ilm_policy - - transform - - ml_model - type: string - version: - type: string - required: - - id - - type - type: array - installed_kibana: - items: - additionalProperties: true - type: object - properties: - id: - type: string - originId: - type: string - type: - enum: - - dashboard - - lens - - visualization - - search - - index-pattern - - map - - ml-module - - security-rule - - csp-rule-template - - osquery-pack-asset - - osquery-saved-query - - tag - type: string - required: - - id - - type - type: array - installed_kibana_space_id: - type: string - latest_executed_state: - additionalProperties: true - type: object - properties: - error: - type: string - name: - type: string - started_at: - type: string - required: - - name - - started_at - latest_install_failed_attempts: - items: - additionalProperties: true - type: object - properties: - created_at: - type: string - error: - additionalProperties: true - type: object - properties: - message: - type: string - name: - type: string - stack: - type: string - required: - - name - - message - target_version: - type: string - required: - - created_at - - target_version - - error - type: array - name: - type: string - namespaces: - items: - type: string - type: array - type: - type: string - updated_at: - type: string - verification_key_id: - nullable: true - type: string - verification_status: - enum: - - unverified - - verified - - unknown - type: string - version: - type: string - required: - - type - - installed_kibana - - installed_es - - name - - version - - install_status - - install_source - - verification_status - internal: - type: boolean - keepPoliciesUpToDate: - type: boolean - latestVersion: - type: string - license: - type: string - licensePath: - type: string - name: - type: string - notice: - type: string - owner: - additionalProperties: true - type: object - properties: - github: - type: string - type: - enum: - - elastic - - partner - - community - type: string - path: - type: string - policy_templates: - items: - additionalProperties: {} - type: object - type: array - readme: - type: string - release: - enum: - - ga - - beta - - experimental - type: string - savedObject: {} - screenshots: - items: - additionalProperties: false - type: object - properties: - dark_mode: - type: boolean - path: - type: string - size: - type: string - src: - type: string - title: - type: string - type: - type: string - required: - - src - type: array - signature_path: - type: string - source: - additionalProperties: true - type: object - properties: - license: - type: string - required: - - license - status: - type: string - title: - type: string - type: - enum: - - integration - - input - - content - type: string - vars: - items: - additionalProperties: {} - type: object - type: array - version: - type: string - required: - - savedObject - - name - - version - - title - - assets - metadata: - additionalProperties: false - type: object - properties: - has_policies: - type: boolean - required: - - has_policies - response: - additionalProperties: true - deprecated: true - type: object - properties: - agent: - additionalProperties: false - type: object - properties: - privileges: - additionalProperties: false - type: object - properties: - root: - type: boolean - asset_tags: - items: - additionalProperties: false - type: object - properties: - asset_ids: - items: - type: string - type: array - asset_types: - items: - type: string - type: array - text: - type: string - required: - - text - type: array - assets: - additionalProperties: {} - type: object - categories: - items: - type: string - type: array - conditions: - additionalProperties: true - type: object - properties: - elastic: - additionalProperties: true - type: object - properties: - capabilities: - items: - type: string - type: array - subscription: - type: string - kibana: - additionalProperties: true - type: object - properties: - version: - type: string - data_streams: - items: - additionalProperties: {} - type: object - type: array - description: - type: string - discovery: - additionalProperties: true - type: object - properties: - fields: - items: - additionalProperties: true - type: object - properties: - name: - type: string - required: - - name - type: array - download: - type: string - elasticsearch: - additionalProperties: {} - type: object - format_version: - type: string - icons: - items: - additionalProperties: true - type: object - properties: - dark_mode: - type: boolean - path: - type: string - size: - type: string - src: - type: string - title: - type: string - type: - type: string - required: - - src - type: array - installationInfo: - additionalProperties: true - type: object - properties: - additional_spaces_installed_kibana: - additionalProperties: - items: - additionalProperties: true - type: object - properties: - id: - type: string - originId: - type: string - type: - enum: - - dashboard - - lens - - visualization - - search - - index-pattern - - map - - ml-module - - security-rule - - csp-rule-template - - osquery-pack-asset - - osquery-saved-query - - tag - type: string - required: - - id - - type - type: array - type: object - created_at: - type: string - experimental_data_stream_features: - items: - additionalProperties: true - type: object - properties: - data_stream: - type: string - features: - additionalProperties: true - type: object - properties: - doc_value_only_numeric: - type: boolean - doc_value_only_other: - type: boolean - synthetic_source: - type: boolean - tsdb: - type: boolean - required: - - data_stream - - features - type: array - install_format_schema_version: - type: string - install_source: - enum: - - registry - - upload - - bundled - - custom - type: string - install_status: - enum: - - installed - - installing - - install_failed - type: string - installed_es: - items: - additionalProperties: true - type: object - properties: - deferred: - type: boolean - id: - type: string - type: - enum: - - index - - index_template - - component_template - - ingest_pipeline - - ilm_policy - - data_stream_ilm_policy - - transform - - ml_model - type: string - version: - type: string - required: - - id - - type - type: array - installed_kibana: - items: - additionalProperties: true - type: object - properties: - id: - type: string - originId: - type: string - type: - enum: - - dashboard - - lens - - visualization - - search - - index-pattern - - map - - ml-module - - security-rule - - csp-rule-template - - osquery-pack-asset - - osquery-saved-query - - tag - type: string - required: - - id - - type - type: array - installed_kibana_space_id: - type: string - latest_executed_state: - additionalProperties: true - type: object - properties: - error: - type: string - name: - type: string - started_at: - type: string - required: - - name - - started_at - latest_install_failed_attempts: - items: - additionalProperties: true - type: object - properties: - created_at: - type: string - error: - additionalProperties: true - type: object - properties: - message: - type: string - name: - type: string - stack: - type: string - required: - - name - - message - target_version: - type: string - required: - - created_at - - target_version - - error - type: array - name: - type: string - namespaces: - items: - type: string - type: array - type: - type: string - updated_at: - type: string - verification_key_id: - nullable: true - type: string - verification_status: - enum: - - unverified - - verified - - unknown - type: string - version: - type: string - required: - - type - - installed_kibana - - installed_es - - name - - version - - install_status - - install_source - - verification_status - internal: - type: boolean - keepPoliciesUpToDate: - type: boolean - latestVersion: - type: string - license: - type: string - licensePath: - type: string - name: - type: string - notice: - type: string - owner: - additionalProperties: true - type: object - properties: - github: - type: string - type: - enum: - - elastic - - partner - - community - type: string - path: - type: string - policy_templates: - items: - additionalProperties: {} - type: object - type: array - readme: - type: string - release: - enum: - - ga - - beta - - experimental - type: string - savedObject: {} - screenshots: - items: - additionalProperties: false - type: object - properties: - dark_mode: - type: boolean - path: - type: string - size: - type: string - src: - type: string - title: - type: string - type: - type: string - required: - - src - type: array - signature_path: - type: string - source: - additionalProperties: true - type: object - properties: - license: - type: string - required: - - license - status: - type: string - title: - type: string - type: - enum: - - integration - - input - - content - type: string - vars: - items: - additionalProperties: {} - type: object - type: array - version: - type: string - required: - - savedObject - - name - - version - - title - - assets - required: - - item - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Package Manager (EPM) - post: - description: Install package from registry - operationId: '%2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7BpkgName%7D%2F%7BpkgVersion%7D#2' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - in: path - name: pkgName - required: true - schema: - type: string - - in: path - name: pkgVersion - required: true - schema: - type: string - - in: query - name: prerelease - required: false - schema: - type: boolean - - in: query - name: ignoreMappingUpdateErrors - required: false - schema: - default: false - type: boolean - - in: query - name: skipDataStreamRollover - required: false - schema: - default: false - type: boolean - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - nullable: true - type: object - properties: - force: - default: false - type: boolean - ignore_constraints: - default: false - type: boolean - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - _meta: - additionalProperties: false - type: object - properties: - install_source: - type: string - required: - - install_source - items: - items: - anyOf: - - additionalProperties: false - type: object - properties: - id: - type: string - originId: - type: string - type: - enum: - - dashboard - - lens - - visualization - - search - - index-pattern - - map - - ml-module - - security-rule - - csp-rule-template - - osquery-pack-asset - - osquery-saved-query - - tag - type: string - required: - - id - - type - - additionalProperties: false - type: object - properties: - deferred: - type: boolean - id: - type: string - type: - enum: - - index - - index_template - - component_template - - ingest_pipeline - - ilm_policy - - data_stream_ilm_policy - - transform - - ml_model - type: string - version: - type: string - required: - - id - - type - type: array - response: - deprecated: true - items: - anyOf: - - additionalProperties: false - type: object - properties: - id: - type: string - originId: - type: string - type: - enum: - - dashboard - - lens - - visualization - - search - - index-pattern - - map - - ml-module - - security-rule - - csp-rule-template - - osquery-pack-asset - - osquery-saved-query - - tag - type: string - required: - - id - - type - - additionalProperties: false - type: object - properties: - deferred: - type: boolean - id: - type: string - type: - enum: - - index - - index_template - - component_template - - ingest_pipeline - - ilm_policy - - data_stream_ilm_policy - - transform - - ml_model - type: string - version: - type: string - required: - - id - - type - type: array - required: - - items - - _meta - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Package Manager (EPM) - put: - description: Update package settings - operationId: '%2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7BpkgName%7D%2F%7BpkgVersion%7D#1' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - in: path - name: pkgName - required: true - schema: - type: string - - in: path - name: pkgVersion - required: true - schema: - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - keepPoliciesUpToDate: - type: boolean - required: - - keepPoliciesUpToDate - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - item: - additionalProperties: true - type: object - properties: - agent: - additionalProperties: false - type: object - properties: - privileges: - additionalProperties: false - type: object - properties: - root: - type: boolean - asset_tags: - items: - additionalProperties: false - type: object - properties: - asset_ids: - items: - type: string - type: array - asset_types: - items: - type: string - type: array - text: - type: string - required: - - text - type: array - assets: - additionalProperties: {} - type: object - categories: - items: - type: string - type: array - conditions: - additionalProperties: true - type: object - properties: - elastic: - additionalProperties: true - type: object - properties: - capabilities: - items: - type: string - type: array - subscription: - type: string - kibana: - additionalProperties: true - type: object - properties: - version: - type: string - data_streams: - items: - additionalProperties: {} - type: object - type: array - description: - type: string - discovery: - additionalProperties: true - type: object - properties: - fields: - items: - additionalProperties: true - type: object - properties: - name: - type: string - required: - - name - type: array - download: - type: string - elasticsearch: - additionalProperties: {} - type: object - format_version: - type: string - icons: - items: - additionalProperties: true - type: object - properties: - dark_mode: - type: boolean - path: - type: string - size: - type: string - src: - type: string - title: - type: string - type: - type: string - required: - - src - type: array - installationInfo: - additionalProperties: true - type: object - properties: - additional_spaces_installed_kibana: - additionalProperties: - items: - additionalProperties: true - type: object - properties: - id: - type: string - originId: - type: string - type: - enum: - - dashboard - - lens - - visualization - - search - - index-pattern - - map - - ml-module - - security-rule - - csp-rule-template - - osquery-pack-asset - - osquery-saved-query - - tag - type: string - required: - - id - - type - type: array - type: object - created_at: - type: string - experimental_data_stream_features: - items: - additionalProperties: true - type: object - properties: - data_stream: - type: string - features: - additionalProperties: true - type: object - properties: - doc_value_only_numeric: - type: boolean - doc_value_only_other: - type: boolean - synthetic_source: - type: boolean - tsdb: - type: boolean - required: - - data_stream - - features - type: array - install_format_schema_version: - type: string - install_source: - enum: - - registry - - upload - - bundled - - custom - type: string - install_status: - enum: - - installed - - installing - - install_failed - type: string - installed_es: - items: - additionalProperties: true - type: object - properties: - deferred: - type: boolean - id: - type: string - type: - enum: - - index - - index_template - - component_template - - ingest_pipeline - - ilm_policy - - data_stream_ilm_policy - - transform - - ml_model - type: string - version: - type: string - required: - - id - - type - type: array - installed_kibana: - items: - additionalProperties: true - type: object - properties: - id: - type: string - originId: - type: string - type: - enum: - - dashboard - - lens - - visualization - - search - - index-pattern - - map - - ml-module - - security-rule - - csp-rule-template - - osquery-pack-asset - - osquery-saved-query - - tag - type: string - required: - - id - - type - type: array - installed_kibana_space_id: - type: string - latest_executed_state: - additionalProperties: true - type: object - properties: - error: - type: string - name: - type: string - started_at: - type: string - required: - - name - - started_at - latest_install_failed_attempts: - items: - additionalProperties: true - type: object - properties: - created_at: - type: string - error: - additionalProperties: true - type: object - properties: - message: - type: string - name: - type: string - stack: - type: string - required: - - name - - message - target_version: - type: string - required: - - created_at - - target_version - - error - type: array - name: - type: string - namespaces: - items: - type: string - type: array - type: - type: string - updated_at: - type: string - verification_key_id: - nullable: true - type: string - verification_status: - enum: - - unverified - - verified - - unknown - type: string - version: - type: string - required: - - type - - installed_kibana - - installed_es - - name - - version - - install_status - - install_source - - verification_status - internal: - type: boolean - keepPoliciesUpToDate: - type: boolean - latestVersion: - type: string - license: - type: string - licensePath: - type: string - name: - type: string - notice: - type: string - owner: - additionalProperties: true - type: object - properties: - github: - type: string - type: - enum: - - elastic - - partner - - community - type: string - path: - type: string - policy_templates: - items: - additionalProperties: {} - type: object - type: array - readme: - type: string - release: - enum: - - ga - - beta - - experimental - type: string - savedObject: {} - screenshots: - items: - additionalProperties: false - type: object - properties: - dark_mode: - type: boolean - path: - type: string - size: - type: string - src: - type: string - title: - type: string - type: - type: string - required: - - src - type: array - signature_path: - type: string - source: - additionalProperties: true - type: object - properties: - license: - type: string - required: - - license - status: - type: string - title: - type: string - type: - enum: - - integration - - input - - content - type: string - vars: - items: - additionalProperties: {} - type: object - type: array - version: - type: string - required: - - savedObject - - name - - version - - title - - assets - response: - additionalProperties: true - deprecated: true - type: object - properties: - agent: - additionalProperties: false - type: object - properties: - privileges: - additionalProperties: false - type: object - properties: - root: - type: boolean - asset_tags: - items: - additionalProperties: false - type: object - properties: - asset_ids: - items: - type: string - type: array - asset_types: - items: - type: string - type: array - text: - type: string - required: - - text - type: array - assets: - additionalProperties: {} - type: object - categories: - items: - type: string - type: array - conditions: - additionalProperties: true - type: object - properties: - elastic: - additionalProperties: true - type: object - properties: - capabilities: - items: - type: string - type: array - subscription: - type: string - kibana: - additionalProperties: true - type: object - properties: - version: - type: string - data_streams: - items: - additionalProperties: {} - type: object - type: array - description: - type: string - discovery: - additionalProperties: true - type: object - properties: - fields: - items: - additionalProperties: true - type: object - properties: - name: - type: string - required: - - name - type: array - download: - type: string - elasticsearch: - additionalProperties: {} - type: object - format_version: - type: string - icons: - items: - additionalProperties: true - type: object - properties: - dark_mode: - type: boolean - path: - type: string - size: - type: string - src: - type: string - title: - type: string - type: - type: string - required: - - src - type: array - installationInfo: - additionalProperties: true - type: object - properties: - additional_spaces_installed_kibana: - additionalProperties: - items: - additionalProperties: true - type: object - properties: - id: - type: string - originId: - type: string - type: - enum: - - dashboard - - lens - - visualization - - search - - index-pattern - - map - - ml-module - - security-rule - - csp-rule-template - - osquery-pack-asset - - osquery-saved-query - - tag - type: string - required: - - id - - type - type: array - type: object - created_at: - type: string - experimental_data_stream_features: - items: - additionalProperties: true - type: object - properties: - data_stream: - type: string - features: - additionalProperties: true - type: object - properties: - doc_value_only_numeric: - type: boolean - doc_value_only_other: - type: boolean - synthetic_source: - type: boolean - tsdb: - type: boolean - required: - - data_stream - - features - type: array - install_format_schema_version: - type: string - install_source: - enum: - - registry - - upload - - bundled - - custom - type: string - install_status: - enum: - - installed - - installing - - install_failed - type: string - installed_es: - items: - additionalProperties: true - type: object - properties: - deferred: - type: boolean - id: - type: string - type: - enum: - - index - - index_template - - component_template - - ingest_pipeline - - ilm_policy - - data_stream_ilm_policy - - transform - - ml_model - type: string - version: - type: string - required: - - id - - type - type: array - installed_kibana: - items: - additionalProperties: true - type: object - properties: - id: - type: string - originId: - type: string - type: - enum: - - dashboard - - lens - - visualization - - search - - index-pattern - - map - - ml-module - - security-rule - - csp-rule-template - - osquery-pack-asset - - osquery-saved-query - - tag - type: string - required: - - id - - type - type: array - installed_kibana_space_id: - type: string - latest_executed_state: - additionalProperties: true - type: object - properties: - error: - type: string - name: - type: string - started_at: - type: string - required: - - name - - started_at - latest_install_failed_attempts: - items: - additionalProperties: true - type: object - properties: - created_at: - type: string - error: - additionalProperties: true - type: object - properties: - message: - type: string - name: - type: string - stack: - type: string - required: - - name - - message - target_version: - type: string - required: - - created_at - - target_version - - error - type: array - name: - type: string - namespaces: - items: - type: string - type: array - type: - type: string - updated_at: - type: string - verification_key_id: - nullable: true - type: string - verification_status: - enum: - - unverified - - verified - - unknown - type: string - version: - type: string - required: - - type - - installed_kibana - - installed_es - - name - - version - - install_status - - install_source - - verification_status - internal: - type: boolean - keepPoliciesUpToDate: - type: boolean - latestVersion: - type: string - license: - type: string - licensePath: - type: string - name: - type: string - notice: - type: string - owner: - additionalProperties: true - type: object - properties: - github: - type: string - type: - enum: - - elastic - - partner - - community - type: string - path: - type: string - policy_templates: - items: - additionalProperties: {} - type: object - type: array - readme: - type: string - release: - enum: - - ga - - beta - - experimental - type: string - savedObject: {} - screenshots: - items: - additionalProperties: false - type: object - properties: - dark_mode: - type: boolean - path: - type: string - size: - type: string - src: - type: string - title: - type: string - type: - type: string - required: - - src - type: array - signature_path: - type: string - source: - additionalProperties: true - type: object - properties: - license: - type: string - required: - - license - status: - type: string - title: - type: string - type: - enum: - - integration - - input - - content - type: string - vars: - items: - additionalProperties: {} - type: object - type: array - version: - type: string - required: - - savedObject - - name - - version - - title - - assets - required: - - item - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Package Manager (EPM) - /api/fleet/epm/packages/{pkgName}/{pkgVersion}/{filePath*}: - get: - description: Get package file - operationId: >- - %2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7BpkgName%7D%2F%7BpkgVersion%7D%2F%7BfilePath*%7D#0 - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - in: path - name: pkgName - required: true - schema: - type: string - - in: path - name: pkgVersion - required: true - schema: - type: string - - in: path - name: filePath - required: true - schema: - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: {} - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Package Manager (EPM) - /api/fleet/epm/packages/{pkgName}/{pkgVersion}/transforms/authorize: - post: - description: Authorize transforms - operationId: >- - %2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7BpkgName%7D%2F%7BpkgVersion%7D%2Ftransforms%2Fauthorize#0 - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - in: path - name: pkgName - required: true - schema: - type: string - - in: path - name: pkgVersion - required: true - schema: - type: string - - in: query - name: prerelease - required: false - schema: - type: boolean - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - transforms: - items: - additionalProperties: false - type: object - properties: - transformId: - type: string - required: - - transformId - type: array - required: - - transforms - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - items: - additionalProperties: false - type: object - properties: - error: - nullable: true - success: - type: boolean - transformId: - type: string - required: - - transformId - - success - - error - type: array - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Package Manager (EPM) - /api/fleet/epm/packages/{pkgName}/stats: - get: - description: Get package stats - operationId: '%2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7BpkgName%7D%2Fstats#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - in: path - name: pkgName - required: true - schema: - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - response: - additionalProperties: false - type: object - properties: - agent_policy_count: - type: number - required: - - agent_policy_count - required: - - response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Package Manager (EPM) - /api/fleet/epm/packages/installed: - get: - description: Get installed packages - operationId: '%2Fapi%2Ffleet%2Fepm%2Fpackages%2Finstalled#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - in: query - name: dataStreamType - required: false - schema: - enum: - - logs - - metrics - - traces - - synthetics - - profiling - type: string - - in: query - name: showOnlyActiveDataStreams - required: false - schema: - type: boolean - - in: query - name: nameQuery - required: false - schema: - type: string - - in: query - name: searchAfter - required: false - schema: - items: - anyOf: - - type: string - - type: number - type: array - - in: query - name: perPage - required: false - schema: - default: 15 - type: number - - in: query - name: sortOrder - required: false - schema: - default: asc - enum: - - asc - - desc - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - items: - items: - additionalProperties: false - type: object - properties: - dataStreams: - items: - additionalProperties: false - type: object - properties: - name: - type: string - title: - type: string - required: - - name - - title - type: array - description: - type: string - icons: - items: - additionalProperties: false - type: object - properties: - dark_mode: - type: boolean - path: - type: string - size: - type: string - src: - type: string - title: - type: string - type: - type: string - required: - - src - type: array - name: - type: string - status: - type: string - title: - type: string - version: - type: string - required: - - name - - version - - status - - dataStreams - type: array - searchAfter: - items: - anyOf: - - type: string - - type: number - - type: boolean - - enum: [] - nullable: true - - {} - type: array - total: - type: number - required: - - items - - total - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Package Manager (EPM) - /api/fleet/epm/packages/limited: - get: - description: Get limited package list - operationId: '%2Fapi%2Ffleet%2Fepm%2Fpackages%2Flimited#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - items: - items: - type: string - type: array - response: - deprecated: true - items: - type: string - type: array - required: - - items - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Package Manager (EPM) - /api/fleet/epm/templates/{pkgName}/{pkgVersion}/inputs: - get: - description: Get inputs template - operationId: >- - %2Fapi%2Ffleet%2Fepm%2Ftemplates%2F%7BpkgName%7D%2F%7BpkgVersion%7D%2Finputs#0 - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - in: path - name: pkgName - required: true - schema: - type: string - - in: path - name: pkgVersion - required: true - schema: - type: string - - in: query - name: format - required: false - schema: - default: json - enum: - - json - - yml - - yaml - type: string - - in: query - name: prerelease - required: false - schema: - type: boolean - - in: query - name: ignoreUnverified - required: false - schema: - type: boolean - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - anyOf: - - type: string - - additionalProperties: false - type: object - properties: - inputs: - items: - additionalProperties: false - type: object - properties: - id: - type: string - streams: - items: - additionalProperties: true - type: object - properties: - data_stream: - additionalProperties: true - type: object - properties: - dataset: - type: string - type: - type: string - required: - - dataset - id: - type: string - required: - - id - - data_stream - type: array - type: - type: string - required: - - id - - type - type: array - required: - - inputs - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Package Manager (EPM) - /api/fleet/epm/verification_key_id: - get: - description: Get a package signature verification key ID - operationId: '%2Fapi%2Ffleet%2Fepm%2Fverification_key_id#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - id: - nullable: true - type: string - required: - - id - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Package Manager (EPM) - /api/fleet/fleet_server_hosts: - get: - description: List Fleet Server hosts - operationId: '%2Fapi%2Ffleet%2Ffleet_server_hosts#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - items: - items: - additionalProperties: false - type: object - properties: - host_urls: - items: - type: string - minItems: 1 - type: array - id: - type: string - is_default: - default: false - type: boolean - is_internal: - type: boolean - is_preconfigured: - default: false - type: boolean - name: - type: string - proxy_id: - nullable: true - type: string - required: - - id - - name - - host_urls - type: array - page: - type: number - perPage: - type: number - total: - type: number - required: - - items - - total - - page - - perPage - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Fleet Server hosts - post: - description: Create Fleet Server host - operationId: '%2Fapi%2Ffleet%2Ffleet_server_hosts#1' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - host_urls: - items: - type: string - minItems: 1 - type: array - id: - type: string - is_default: - default: false - type: boolean - is_internal: - type: boolean - is_preconfigured: - default: false - type: boolean - name: - type: string - proxy_id: - nullable: true - type: string - required: - - name - - host_urls - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - item: - additionalProperties: false - type: object - properties: - host_urls: - items: - type: string - minItems: 1 - type: array - id: - type: string - is_default: - default: false - type: boolean - is_internal: - type: boolean - is_preconfigured: - default: false - type: boolean - name: - type: string - proxy_id: - nullable: true - type: string - required: - - id - - name - - host_urls - required: - - item - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Fleet Server hosts - /api/fleet/fleet_server_hosts/{itemId}: - delete: - description: Delete Fleet Server host by ID - operationId: '%2Fapi%2Ffleet%2Ffleet_server_hosts%2F%7BitemId%7D#1' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - in: path - name: itemId - required: true - schema: - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - id: - type: string - required: - - id - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Fleet Server hosts - get: - description: Get Fleet Server host by ID - operationId: '%2Fapi%2Ffleet%2Ffleet_server_hosts%2F%7BitemId%7D#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - in: path - name: itemId - required: true - schema: - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - item: - additionalProperties: false - type: object - properties: - host_urls: - items: - type: string - minItems: 1 - type: array - id: - type: string - is_default: - default: false - type: boolean - is_internal: - type: boolean - is_preconfigured: - default: false - type: boolean - name: - type: string - proxy_id: - nullable: true - type: string - required: - - id - - name - - host_urls - required: - - item - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Fleet Server hosts - put: - description: Update Fleet Server host by ID - operationId: '%2Fapi%2Ffleet%2Ffleet_server_hosts%2F%7BitemId%7D#2' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - in: path - name: itemId - required: true - schema: - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - host_urls: - items: - type: string - minItems: 1 - type: array - is_default: - type: boolean - is_internal: - type: boolean - name: - type: string - proxy_id: - nullable: true - type: string - required: - - proxy_id - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - item: - additionalProperties: false - type: object - properties: - host_urls: - items: - type: string - minItems: 1 - type: array - id: - type: string - is_default: - default: false - type: boolean - is_internal: - type: boolean - is_preconfigured: - default: false - type: boolean - name: - type: string - proxy_id: - nullable: true - type: string - required: - - id - - name - - host_urls - required: - - item - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Fleet Server hosts - /api/fleet/health_check: - post: - description: Check Fleet Server health - operationId: '%2Fapi%2Ffleet%2Fhealth_check#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - host: - format: uri - type: string - id: - type: string - required: - - id - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - host: - deprecated: true - type: string - host_id: - type: string - name: - type: string - status: - type: string - required: - - status - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Fleet internals - /api/fleet/kubernetes: - get: - description: Get full K8s agent manifest - operationId: '%2Fapi%2Ffleet%2Fkubernetes#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - in: query - name: download - required: false - schema: - type: boolean - - in: query - name: fleetServer - required: false - schema: - type: string - - in: query - name: enrolToken - required: false - schema: - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - item: - type: string - required: - - item - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Agent policies - /api/fleet/kubernetes/download: - get: - operationId: '%2Fapi%2Ffleet%2Fkubernetes%2Fdownload#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - in: query - name: download - required: false - schema: - type: boolean - - in: query - name: fleetServer - required: false - schema: - type: string - - in: query - name: enrolToken - required: false - schema: - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: string - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Elastic Agent policies - /api/fleet/logstash_api_keys: - post: - description: Generate Logstash API key - operationId: '%2Fapi%2Ffleet%2Flogstash_api_keys#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - api_key: - type: string - required: - - api_key - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Fleet outputs - /api/fleet/message_signing_service/rotate_key_pair: - post: - description: Rotate fleet message signing key pair - operationId: '%2Fapi%2Ffleet%2Fmessage_signing_service%2Frotate_key_pair#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - in: query - name: acknowledge - required: false - schema: - default: false - type: boolean - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - message: - type: string - required: - - message - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Message Signing Service - /api/fleet/outputs: - get: - description: List outputs - operationId: '%2Fapi%2Ffleet%2Foutputs#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - items: - items: - anyOf: - - additionalProperties: true - type: object - properties: - allow_edit: - items: - type: string - type: array - ca_sha256: - nullable: true - type: string - ca_trusted_fingerprint: - nullable: true - type: string - config_yaml: - nullable: true - type: string - hosts: - items: - format: uri - type: string - minItems: 1 - type: array - id: - type: string - is_default: - default: false - type: boolean - is_default_monitoring: - default: false - type: boolean - is_internal: - type: boolean - is_preconfigured: - type: boolean - name: - type: string - preset: - enum: - - balanced - - custom - - throughput - - scale - - latency - type: string - proxy_id: - nullable: true - type: string - shipper: - additionalProperties: true - nullable: true - type: object - properties: - compression_level: - nullable: true - type: number - disk_queue_compression_enabled: - nullable: true - type: boolean - disk_queue_enabled: - default: false - nullable: true - type: boolean - disk_queue_encryption_enabled: - nullable: true - type: boolean - disk_queue_max_size: - nullable: true - type: number - disk_queue_path: - nullable: true - type: string - loadbalance: - nullable: true - type: boolean - max_batch_bytes: - nullable: true - type: number - mem_queue_events: - nullable: true - type: number - queue_flush_timeout: - nullable: true - type: number - required: - - disk_queue_path - - disk_queue_max_size - - disk_queue_encryption_enabled - - disk_queue_compression_enabled - - compression_level - - loadbalance - - mem_queue_events - - queue_flush_timeout - - max_batch_bytes - ssl: - additionalProperties: true - nullable: true - type: object - properties: - certificate: - type: string - certificate_authorities: - items: - type: string - type: array - key: - type: string - verification_mode: - enum: - - full - - none - - certificate - - strict - type: string - type: - enum: - - elasticsearch - type: string - required: - - name - - type - - hosts - - additionalProperties: true - type: object - properties: - allow_edit: - items: - type: string - type: array - ca_sha256: - nullable: true - type: string - ca_trusted_fingerprint: - nullable: true - type: string - config_yaml: - nullable: true - type: string - hosts: - items: - format: uri - type: string - minItems: 1 - type: array - id: - type: string - is_default: - default: false - type: boolean - is_default_monitoring: - default: false - type: boolean - is_internal: - type: boolean - is_preconfigured: - type: boolean - name: - type: string - preset: - enum: - - balanced - - custom - - throughput - - scale - - latency - type: string - proxy_id: - nullable: true - type: string - secrets: - additionalProperties: true - type: object - properties: - service_token: - anyOf: - - additionalProperties: true - type: object - properties: - id: - type: string - required: - - id - - type: string - service_token: - nullable: true - type: string - shipper: - additionalProperties: true - nullable: true - type: object - properties: - compression_level: - nullable: true - type: number - disk_queue_compression_enabled: - nullable: true - type: boolean - disk_queue_enabled: - default: false - nullable: true - type: boolean - disk_queue_encryption_enabled: - nullable: true - type: boolean - disk_queue_max_size: - nullable: true - type: number - disk_queue_path: - nullable: true - type: string - loadbalance: - nullable: true - type: boolean - max_batch_bytes: - nullable: true - type: number - mem_queue_events: - nullable: true - type: number - queue_flush_timeout: - nullable: true - type: number - required: - - disk_queue_path - - disk_queue_max_size - - disk_queue_encryption_enabled - - disk_queue_compression_enabled - - compression_level - - loadbalance - - mem_queue_events - - queue_flush_timeout - - max_batch_bytes - ssl: - additionalProperties: true - nullable: true - type: object - properties: - certificate: - type: string - certificate_authorities: - items: - type: string - type: array - key: - type: string - verification_mode: - enum: - - full - - none - - certificate - - strict - type: string - type: - enum: - - remote_elasticsearch - type: string - required: - - name - - type - - hosts - - additionalProperties: true - type: object - properties: - allow_edit: - items: - type: string - type: array - ca_sha256: - nullable: true - type: string - ca_trusted_fingerprint: - nullable: true - type: string - config_yaml: - nullable: true - type: string - hosts: - items: - type: string - minItems: 1 - type: array - id: - type: string - is_default: - default: false - type: boolean - is_default_monitoring: - default: false - type: boolean - is_internal: - type: boolean - is_preconfigured: - type: boolean - name: - type: string - proxy_id: - nullable: true - type: string - secrets: - additionalProperties: true - type: object - properties: - ssl: - additionalProperties: true - type: object - properties: - key: - anyOf: - - additionalProperties: true - type: object - properties: - id: - type: string - required: - - id - - type: string - shipper: - additionalProperties: true - nullable: true - type: object - properties: - compression_level: - nullable: true - type: number - disk_queue_compression_enabled: - nullable: true - type: boolean - disk_queue_enabled: - default: false - nullable: true - type: boolean - disk_queue_encryption_enabled: - nullable: true - type: boolean - disk_queue_max_size: - nullable: true - type: number - disk_queue_path: - nullable: true - type: string - loadbalance: - nullable: true - type: boolean - max_batch_bytes: - nullable: true - type: number - mem_queue_events: - nullable: true - type: number - queue_flush_timeout: - nullable: true - type: number - required: - - disk_queue_path - - disk_queue_max_size - - disk_queue_encryption_enabled - - disk_queue_compression_enabled - - compression_level - - loadbalance - - mem_queue_events - - queue_flush_timeout - - max_batch_bytes - ssl: - additionalProperties: true - nullable: true - type: object - properties: - certificate: - type: string - certificate_authorities: - items: - type: string - type: array - key: - type: string - verification_mode: - enum: - - full - - none - - certificate - - strict - type: string - type: - enum: - - logstash - type: string - required: - - name - - type - - hosts - - additionalProperties: true - type: object - properties: - allow_edit: - items: - type: string - type: array - auth_type: - enum: - - none - - user_pass - - ssl - - kerberos - type: string - broker_timeout: - type: number - ca_sha256: - nullable: true - type: string - ca_trusted_fingerprint: - nullable: true - type: string - client_id: - type: string - compression: - enum: - - gzip - - snappy - - lz4 - - none - type: string - compression_level: - anyOf: - - items: {} - type: array - - type: boolean - - type: number - - type: object - - type: string - nullable: true - oneOf: - - type: number - - not: {} - config_yaml: - nullable: true - type: string - connection_type: - anyOf: - - items: {} - type: array - - type: boolean - - type: number - - type: object - - type: string - nullable: true - oneOf: - - enum: - - plaintext - - encryption - type: string - - not: {} - hash: - additionalProperties: true - type: object - properties: - hash: - type: string - random: - type: boolean - headers: - items: - additionalProperties: true - type: object - properties: - key: - type: string - value: - type: string - required: - - key - - value - type: array - hosts: - items: - type: string - minItems: 1 - type: array - id: - type: string - is_default: - default: false - type: boolean - is_default_monitoring: - default: false - type: boolean - is_internal: - type: boolean - is_preconfigured: - type: boolean - key: - type: string - name: - type: string - partition: - enum: - - random - - round_robin - - hash - type: string - password: - anyOf: - - items: {} - type: array - - type: boolean - - type: number - - type: object - - type: string - nullable: true - oneOf: - - not: {} - - anyOf: - - items: {} - type: array - - type: boolean - - type: number - - type: object - - type: string - nullable: true - oneOf: - - type: string - - not: {} - proxy_id: - nullable: true - type: string - random: - additionalProperties: true - type: object - properties: - group_events: - type: number - required_acks: - enum: - - 1 - - 0 - - -1 - type: integer - round_robin: - additionalProperties: true - type: object - properties: - group_events: - type: number - sasl: - additionalProperties: true - nullable: true - type: object - properties: - mechanism: - enum: - - PLAIN - - SCRAM-SHA-256 - - SCRAM-SHA-512 - type: string - secrets: - additionalProperties: true - type: object - properties: - password: - anyOf: - - additionalProperties: true - type: object - properties: - id: - type: string - required: - - id - - type: string - ssl: - additionalProperties: true - type: object - properties: - key: - anyOf: - - additionalProperties: true - type: object - properties: - id: - type: string - required: - - id - - type: string - required: - - key - shipper: - additionalProperties: true - nullable: true - type: object - properties: - compression_level: - nullable: true - type: number - disk_queue_compression_enabled: - nullable: true - type: boolean - disk_queue_enabled: - default: false - nullable: true - type: boolean - disk_queue_encryption_enabled: - nullable: true - type: boolean - disk_queue_max_size: - nullable: true - type: number - disk_queue_path: - nullable: true - type: string - loadbalance: - nullable: true - type: boolean - max_batch_bytes: - nullable: true - type: number - mem_queue_events: - nullable: true - type: number - queue_flush_timeout: - nullable: true - type: number - required: - - disk_queue_path - - disk_queue_max_size - - disk_queue_encryption_enabled - - disk_queue_compression_enabled - - compression_level - - loadbalance - - mem_queue_events - - queue_flush_timeout - - max_batch_bytes - ssl: - additionalProperties: true - nullable: true - type: object - properties: - certificate: - type: string - certificate_authorities: - items: - type: string - type: array - key: - type: string - verification_mode: - enum: - - full - - none - - certificate - - strict - type: string - timeout: - type: number - topic: - type: string - topics: - items: - additionalProperties: true - type: object - properties: - topic: - type: string - when: - additionalProperties: true - type: object - properties: - condition: - type: string - type: - enum: - - equals - - contains - - regexp - type: string - required: - - topic - minItems: 1 - type: array - type: - enum: - - kafka - type: string - username: - anyOf: - - items: {} - type: array - - type: boolean - - type: number - - type: object - - type: string - nullable: true - oneOf: - - type: string - - not: {} - version: - type: string - required: - - name - - type - - hosts - - compression_level - - auth_type - - connection_type - - username - - password - type: array - page: - type: number - perPage: - type: number - total: - type: number - required: - - items - - total - - page - - perPage - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Fleet outputs - post: - description: Create output - operationId: '%2Fapi%2Ffleet%2Foutputs#1' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - anyOf: - - additionalProperties: false - type: object - properties: - allow_edit: - items: - type: string - type: array - ca_sha256: - nullable: true - type: string - ca_trusted_fingerprint: - nullable: true - type: string - config_yaml: - nullable: true - type: string - hosts: - items: - format: uri - type: string - minItems: 1 - type: array - id: - type: string - is_default: - default: false - type: boolean - is_default_monitoring: - default: false - type: boolean - is_internal: - type: boolean - is_preconfigured: - type: boolean - name: - type: string - preset: - enum: - - balanced - - custom - - throughput - - scale - - latency - type: string - proxy_id: - nullable: true - type: string - shipper: - additionalProperties: false - nullable: true - type: object - properties: - compression_level: - nullable: true - type: number - disk_queue_compression_enabled: - nullable: true - type: boolean - disk_queue_enabled: - default: false - nullable: true - type: boolean - disk_queue_encryption_enabled: - nullable: true - type: boolean - disk_queue_max_size: - nullable: true - type: number - disk_queue_path: - nullable: true - type: string - loadbalance: - nullable: true - type: boolean - max_batch_bytes: - nullable: true - type: number - mem_queue_events: - nullable: true - type: number - queue_flush_timeout: - nullable: true - type: number - required: - - disk_queue_path - - disk_queue_max_size - - disk_queue_encryption_enabled - - disk_queue_compression_enabled - - compression_level - - loadbalance - - mem_queue_events - - queue_flush_timeout - - max_batch_bytes - ssl: - additionalProperties: false - nullable: true - type: object - properties: - certificate: - type: string - certificate_authorities: - items: - type: string - type: array - key: - type: string - verification_mode: - enum: - - full - - none - - certificate - - strict - type: string - type: - enum: - - elasticsearch - type: string - required: - - name - - type - - hosts - - additionalProperties: false - type: object - properties: - allow_edit: - items: - type: string - type: array - ca_sha256: - nullable: true - type: string - ca_trusted_fingerprint: - nullable: true - type: string - config_yaml: - nullable: true - type: string - hosts: - items: - format: uri - type: string - minItems: 1 - type: array - id: - type: string - is_default: - default: false - type: boolean - is_default_monitoring: - default: false - type: boolean - is_internal: - type: boolean - is_preconfigured: - type: boolean - name: - type: string - preset: - enum: - - balanced - - custom - - throughput - - scale - - latency - type: string - proxy_id: - nullable: true - type: string - secrets: - additionalProperties: false - type: object - properties: - service_token: - anyOf: - - additionalProperties: false - type: object - properties: - id: - type: string - required: - - id - - type: string - service_token: - nullable: true - type: string - shipper: - additionalProperties: false - nullable: true - type: object - properties: - compression_level: - nullable: true - type: number - disk_queue_compression_enabled: - nullable: true - type: boolean - disk_queue_enabled: - default: false - nullable: true - type: boolean - disk_queue_encryption_enabled: - nullable: true - type: boolean - disk_queue_max_size: - nullable: true - type: number - disk_queue_path: - nullable: true - type: string - loadbalance: - nullable: true - type: boolean - max_batch_bytes: - nullable: true - type: number - mem_queue_events: - nullable: true - type: number - queue_flush_timeout: - nullable: true - type: number - required: - - disk_queue_path - - disk_queue_max_size - - disk_queue_encryption_enabled - - disk_queue_compression_enabled - - compression_level - - loadbalance - - mem_queue_events - - queue_flush_timeout - - max_batch_bytes - ssl: - additionalProperties: false - nullable: true - type: object - properties: - certificate: - type: string - certificate_authorities: - items: - type: string - type: array - key: - type: string - verification_mode: - enum: - - full - - none - - certificate - - strict - type: string - type: - enum: - - remote_elasticsearch - type: string - required: - - name - - type - - hosts - - additionalProperties: false - type: object - properties: - allow_edit: - items: - type: string - type: array - ca_sha256: - nullable: true - type: string - ca_trusted_fingerprint: - nullable: true - type: string - config_yaml: - nullable: true - type: string - hosts: - items: - type: string - minItems: 1 - type: array - id: - type: string - is_default: - default: false - type: boolean - is_default_monitoring: - default: false - type: boolean - is_internal: - type: boolean - is_preconfigured: - type: boolean - name: - type: string - proxy_id: - nullable: true - type: string - secrets: - additionalProperties: false - type: object - properties: - ssl: - additionalProperties: false - type: object - properties: - key: - anyOf: - - additionalProperties: false - type: object - properties: - id: - type: string - required: - - id - - type: string - shipper: - additionalProperties: false - nullable: true - type: object - properties: - compression_level: - nullable: true - type: number - disk_queue_compression_enabled: - nullable: true - type: boolean - disk_queue_enabled: - default: false - nullable: true - type: boolean - disk_queue_encryption_enabled: - nullable: true - type: boolean - disk_queue_max_size: - nullable: true - type: number - disk_queue_path: - nullable: true - type: string - loadbalance: - nullable: true - type: boolean - max_batch_bytes: - nullable: true - type: number - mem_queue_events: - nullable: true - type: number - queue_flush_timeout: - nullable: true - type: number - required: - - disk_queue_path - - disk_queue_max_size - - disk_queue_encryption_enabled - - disk_queue_compression_enabled - - compression_level - - loadbalance - - mem_queue_events - - queue_flush_timeout - - max_batch_bytes - ssl: - additionalProperties: false - nullable: true - type: object - properties: - certificate: - type: string - certificate_authorities: - items: - type: string - type: array - key: - type: string - verification_mode: - enum: - - full - - none - - certificate - - strict - type: string - type: - enum: - - logstash - type: string - required: - - name - - type - - hosts - - additionalProperties: false - type: object - properties: - allow_edit: - items: - type: string - type: array - auth_type: - enum: - - none - - user_pass - - ssl - - kerberos - type: string - broker_timeout: - type: number - ca_sha256: - nullable: true - type: string - ca_trusted_fingerprint: - nullable: true - type: string - client_id: - type: string - compression: - enum: - - gzip - - snappy - - lz4 - - none - type: string - compression_level: - anyOf: - - items: {} - type: array - - type: boolean - - type: number - - type: object - - type: string - nullable: true - oneOf: - - type: number - - not: {} - config_yaml: - nullable: true - type: string - connection_type: - anyOf: - - items: {} - type: array - - type: boolean - - type: number - - type: object - - type: string - nullable: true - oneOf: - - enum: - - plaintext - - encryption - type: string - - not: {} - hash: - additionalProperties: false - type: object - properties: - hash: - type: string - random: - type: boolean - headers: - items: - additionalProperties: false - type: object - properties: - key: - type: string - value: - type: string - required: - - key - - value - type: array - hosts: - items: - type: string - minItems: 1 - type: array - id: - type: string - is_default: - default: false - type: boolean - is_default_monitoring: - default: false - type: boolean - is_internal: - type: boolean - is_preconfigured: - type: boolean - key: - type: string - name: - type: string - partition: - enum: - - random - - round_robin - - hash - type: string - password: - anyOf: - - items: {} - type: array - - type: boolean - - type: number - - type: object - - type: string - nullable: true - oneOf: - - not: {} - - anyOf: - - items: {} - type: array - - type: boolean - - type: number - - type: object - - type: string - nullable: true - oneOf: - - type: string - - not: {} - proxy_id: - nullable: true - type: string - random: - additionalProperties: false - type: object - properties: - group_events: - type: number - required_acks: - enum: - - 1 - - 0 - - -1 - type: integer - round_robin: - additionalProperties: false - type: object - properties: - group_events: - type: number - sasl: - additionalProperties: false - nullable: true - type: object - properties: - mechanism: - enum: - - PLAIN - - SCRAM-SHA-256 - - SCRAM-SHA-512 - type: string - secrets: - additionalProperties: false - type: object - properties: - password: - anyOf: - - additionalProperties: false - type: object - properties: - id: - type: string - required: - - id - - type: string - ssl: - additionalProperties: false - type: object - properties: - key: - anyOf: - - additionalProperties: false - type: object - properties: - id: - type: string - required: - - id - - type: string - required: - - key - shipper: - additionalProperties: false - nullable: true - type: object - properties: - compression_level: - nullable: true - type: number - disk_queue_compression_enabled: - nullable: true - type: boolean - disk_queue_enabled: - default: false - nullable: true - type: boolean - disk_queue_encryption_enabled: - nullable: true - type: boolean - disk_queue_max_size: - nullable: true - type: number - disk_queue_path: - nullable: true - type: string - loadbalance: - nullable: true - type: boolean - max_batch_bytes: - nullable: true - type: number - mem_queue_events: - nullable: true - type: number - queue_flush_timeout: - nullable: true - type: number - required: - - disk_queue_path - - disk_queue_max_size - - disk_queue_encryption_enabled - - disk_queue_compression_enabled - - compression_level - - loadbalance - - mem_queue_events - - queue_flush_timeout - - max_batch_bytes - ssl: - additionalProperties: false - nullable: true - type: object - properties: - certificate: - type: string - certificate_authorities: - items: - type: string - type: array - key: - type: string - verification_mode: - enum: - - full - - none - - certificate - - strict - type: string - timeout: - type: number - topic: - type: string - topics: - items: - additionalProperties: false - type: object - properties: - topic: - type: string - when: - additionalProperties: false - type: object - properties: - condition: - type: string - type: - enum: - - equals - - contains - - regexp - type: string - required: - - topic - minItems: 1 - type: array - type: - enum: - - kafka - type: string - username: - anyOf: - - items: {} - type: array - - type: boolean - - type: number - - type: object - - type: string - nullable: true - oneOf: - - type: string - - not: {} - version: - type: string - required: - - name - - type - - hosts - - compression_level - - auth_type - - connection_type - - username - - password - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - item: - anyOf: - - additionalProperties: true - type: object - properties: - allow_edit: - items: - type: string - type: array - ca_sha256: - nullable: true - type: string - ca_trusted_fingerprint: - nullable: true - type: string - config_yaml: - nullable: true - type: string - hosts: - items: - format: uri - type: string - minItems: 1 - type: array - id: - type: string - is_default: - default: false - type: boolean - is_default_monitoring: - default: false - type: boolean - is_internal: - type: boolean - is_preconfigured: - type: boolean - name: - type: string - preset: - enum: - - balanced - - custom - - throughput - - scale - - latency - type: string - proxy_id: - nullable: true - type: string - shipper: - additionalProperties: true - nullable: true - type: object - properties: - compression_level: - nullable: true - type: number - disk_queue_compression_enabled: - nullable: true - type: boolean - disk_queue_enabled: - default: false - nullable: true - type: boolean - disk_queue_encryption_enabled: - nullable: true - type: boolean - disk_queue_max_size: - nullable: true - type: number - disk_queue_path: - nullable: true - type: string - loadbalance: - nullable: true - type: boolean - max_batch_bytes: - nullable: true - type: number - mem_queue_events: - nullable: true - type: number - queue_flush_timeout: - nullable: true - type: number - required: - - disk_queue_path - - disk_queue_max_size - - disk_queue_encryption_enabled - - disk_queue_compression_enabled - - compression_level - - loadbalance - - mem_queue_events - - queue_flush_timeout - - max_batch_bytes - ssl: - additionalProperties: true - nullable: true - type: object - properties: - certificate: - type: string - certificate_authorities: - items: - type: string - type: array - key: - type: string - verification_mode: - enum: - - full - - none - - certificate - - strict - type: string - type: - enum: - - elasticsearch - type: string - required: - - name - - type - - hosts - - additionalProperties: true - type: object - properties: - allow_edit: - items: - type: string - type: array - ca_sha256: - nullable: true - type: string - ca_trusted_fingerprint: - nullable: true - type: string - config_yaml: - nullable: true - type: string - hosts: - items: - format: uri - type: string - minItems: 1 - type: array - id: - type: string - is_default: - default: false - type: boolean - is_default_monitoring: - default: false - type: boolean - is_internal: - type: boolean - is_preconfigured: - type: boolean - name: - type: string - preset: - enum: - - balanced - - custom - - throughput - - scale - - latency - type: string - proxy_id: - nullable: true - type: string - secrets: - additionalProperties: true - type: object - properties: - service_token: - anyOf: - - additionalProperties: true - type: object - properties: - id: - type: string - required: - - id - - type: string - service_token: - nullable: true - type: string - shipper: - additionalProperties: true - nullable: true - type: object - properties: - compression_level: - nullable: true - type: number - disk_queue_compression_enabled: - nullable: true - type: boolean - disk_queue_enabled: - default: false - nullable: true - type: boolean - disk_queue_encryption_enabled: - nullable: true - type: boolean - disk_queue_max_size: - nullable: true - type: number - disk_queue_path: - nullable: true - type: string - loadbalance: - nullable: true - type: boolean - max_batch_bytes: - nullable: true - type: number - mem_queue_events: - nullable: true - type: number - queue_flush_timeout: - nullable: true - type: number - required: - - disk_queue_path - - disk_queue_max_size - - disk_queue_encryption_enabled - - disk_queue_compression_enabled - - compression_level - - loadbalance - - mem_queue_events - - queue_flush_timeout - - max_batch_bytes - ssl: - additionalProperties: true - nullable: true - type: object - properties: - certificate: - type: string - certificate_authorities: - items: - type: string - type: array - key: - type: string - verification_mode: - enum: - - full - - none - - certificate - - strict - type: string - type: - enum: - - remote_elasticsearch - type: string - required: - - name - - type - - hosts - - additionalProperties: true - type: object - properties: - allow_edit: - items: - type: string - type: array - ca_sha256: - nullable: true - type: string - ca_trusted_fingerprint: - nullable: true - type: string - config_yaml: - nullable: true - type: string - hosts: - items: - type: string - minItems: 1 - type: array - id: - type: string - is_default: - default: false - type: boolean - is_default_monitoring: - default: false - type: boolean - is_internal: - type: boolean - is_preconfigured: - type: boolean - name: - type: string - proxy_id: - nullable: true - type: string - secrets: - additionalProperties: true - type: object - properties: - ssl: - additionalProperties: true - type: object - properties: - key: - anyOf: - - additionalProperties: true - type: object - properties: - id: - type: string - required: - - id - - type: string - shipper: - additionalProperties: true - nullable: true - type: object - properties: - compression_level: - nullable: true - type: number - disk_queue_compression_enabled: - nullable: true - type: boolean - disk_queue_enabled: - default: false - nullable: true - type: boolean - disk_queue_encryption_enabled: - nullable: true - type: boolean - disk_queue_max_size: - nullable: true - type: number - disk_queue_path: - nullable: true - type: string - loadbalance: - nullable: true - type: boolean - max_batch_bytes: - nullable: true - type: number - mem_queue_events: - nullable: true - type: number - queue_flush_timeout: - nullable: true - type: number - required: - - disk_queue_path - - disk_queue_max_size - - disk_queue_encryption_enabled - - disk_queue_compression_enabled - - compression_level - - loadbalance - - mem_queue_events - - queue_flush_timeout - - max_batch_bytes - ssl: - additionalProperties: true - nullable: true - type: object - properties: - certificate: - type: string - certificate_authorities: - items: - type: string - type: array - key: - type: string - verification_mode: - enum: - - full - - none - - certificate - - strict - type: string - type: - enum: - - logstash - type: string - required: - - name - - type - - hosts - - additionalProperties: true - type: object - properties: - allow_edit: - items: - type: string - type: array - auth_type: - enum: - - none - - user_pass - - ssl - - kerberos - type: string - broker_timeout: - type: number - ca_sha256: - nullable: true - type: string - ca_trusted_fingerprint: - nullable: true - type: string - client_id: - type: string - compression: - enum: - - gzip - - snappy - - lz4 - - none - type: string - compression_level: - anyOf: - - items: {} - type: array - - type: boolean - - type: number - - type: object - - type: string - nullable: true - oneOf: - - type: number - - not: {} - config_yaml: - nullable: true - type: string - connection_type: - anyOf: - - items: {} - type: array - - type: boolean - - type: number - - type: object - - type: string - nullable: true - oneOf: - - enum: - - plaintext - - encryption - type: string - - not: {} - hash: - additionalProperties: true - type: object - properties: - hash: - type: string - random: - type: boolean - headers: - items: - additionalProperties: true - type: object - properties: - key: - type: string - value: - type: string - required: - - key - - value - type: array - hosts: - items: - type: string - minItems: 1 - type: array - id: - type: string - is_default: - default: false - type: boolean - is_default_monitoring: - default: false - type: boolean - is_internal: - type: boolean - is_preconfigured: - type: boolean - key: - type: string - name: - type: string - partition: - enum: - - random - - round_robin - - hash - type: string - password: - anyOf: - - items: {} - type: array - - type: boolean - - type: number - - type: object - - type: string - nullable: true - oneOf: - - not: {} - - anyOf: - - items: {} - type: array - - type: boolean - - type: number - - type: object - - type: string - nullable: true - oneOf: - - type: string - - not: {} - proxy_id: - nullable: true - type: string - random: - additionalProperties: true - type: object - properties: - group_events: - type: number - required_acks: - enum: - - 1 - - 0 - - -1 - type: integer - round_robin: - additionalProperties: true - type: object - properties: - group_events: - type: number - sasl: - additionalProperties: true - nullable: true - type: object - properties: - mechanism: - enum: - - PLAIN - - SCRAM-SHA-256 - - SCRAM-SHA-512 - type: string - secrets: - additionalProperties: true - type: object - properties: - password: - anyOf: - - additionalProperties: true - type: object - properties: - id: - type: string - required: - - id - - type: string - ssl: - additionalProperties: true - type: object - properties: - key: - anyOf: - - additionalProperties: true - type: object - properties: - id: - type: string - required: - - id - - type: string - required: - - key - shipper: - additionalProperties: true - nullable: true - type: object - properties: - compression_level: - nullable: true - type: number - disk_queue_compression_enabled: - nullable: true - type: boolean - disk_queue_enabled: - default: false - nullable: true - type: boolean - disk_queue_encryption_enabled: - nullable: true - type: boolean - disk_queue_max_size: - nullable: true - type: number - disk_queue_path: - nullable: true - type: string - loadbalance: - nullable: true - type: boolean - max_batch_bytes: - nullable: true - type: number - mem_queue_events: - nullable: true - type: number - queue_flush_timeout: - nullable: true - type: number - required: - - disk_queue_path - - disk_queue_max_size - - disk_queue_encryption_enabled - - disk_queue_compression_enabled - - compression_level - - loadbalance - - mem_queue_events - - queue_flush_timeout - - max_batch_bytes - ssl: - additionalProperties: true - nullable: true - type: object - properties: - certificate: - type: string - certificate_authorities: - items: - type: string - type: array - key: - type: string - verification_mode: - enum: - - full - - none - - certificate - - strict - type: string - timeout: - type: number - topic: - type: string - topics: - items: - additionalProperties: true - type: object - properties: - topic: - type: string - when: - additionalProperties: true - type: object - properties: - condition: - type: string - type: - enum: - - equals - - contains - - regexp - type: string - required: - - topic - minItems: 1 - type: array - type: - enum: - - kafka - type: string - username: - anyOf: - - items: {} - type: array - - type: boolean - - type: number - - type: object - - type: string - nullable: true - oneOf: - - type: string - - not: {} - version: - type: string - required: - - name - - type - - hosts - - compression_level - - auth_type - - connection_type - - username - - password - required: - - item - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Fleet outputs - /api/fleet/outputs/{outputId}: - delete: - description: Delete output by ID - operationId: '%2Fapi%2Ffleet%2Foutputs%2F%7BoutputId%7D#2' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - in: path - name: outputId - required: true - schema: - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - id: - type: string - required: - - id - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Fleet outputs - get: - description: Get output by ID - operationId: '%2Fapi%2Ffleet%2Foutputs%2F%7BoutputId%7D#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - in: path - name: outputId - required: true - schema: - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - item: - anyOf: - - additionalProperties: true - type: object - properties: - allow_edit: - items: - type: string - type: array - ca_sha256: - nullable: true - type: string - ca_trusted_fingerprint: - nullable: true - type: string - config_yaml: - nullable: true - type: string - hosts: - items: - format: uri - type: string - minItems: 1 - type: array - id: - type: string - is_default: - default: false - type: boolean - is_default_monitoring: - default: false - type: boolean - is_internal: - type: boolean - is_preconfigured: - type: boolean - name: - type: string - preset: - enum: - - balanced - - custom - - throughput - - scale - - latency - type: string - proxy_id: - nullable: true - type: string - shipper: - additionalProperties: true - nullable: true - type: object - properties: - compression_level: - nullable: true - type: number - disk_queue_compression_enabled: - nullable: true - type: boolean - disk_queue_enabled: - default: false - nullable: true - type: boolean - disk_queue_encryption_enabled: - nullable: true - type: boolean - disk_queue_max_size: - nullable: true - type: number - disk_queue_path: - nullable: true - type: string - loadbalance: - nullable: true - type: boolean - max_batch_bytes: - nullable: true - type: number - mem_queue_events: - nullable: true - type: number - queue_flush_timeout: - nullable: true - type: number - required: - - disk_queue_path - - disk_queue_max_size - - disk_queue_encryption_enabled - - disk_queue_compression_enabled - - compression_level - - loadbalance - - mem_queue_events - - queue_flush_timeout - - max_batch_bytes - ssl: - additionalProperties: true - nullable: true - type: object - properties: - certificate: - type: string - certificate_authorities: - items: - type: string - type: array - key: - type: string - verification_mode: - enum: - - full - - none - - certificate - - strict - type: string - type: - enum: - - elasticsearch - type: string - required: - - name - - type - - hosts - - additionalProperties: true - type: object - properties: - allow_edit: - items: - type: string - type: array - ca_sha256: - nullable: true - type: string - ca_trusted_fingerprint: - nullable: true - type: string - config_yaml: - nullable: true - type: string - hosts: - items: - format: uri - type: string - minItems: 1 - type: array - id: - type: string - is_default: - default: false - type: boolean - is_default_monitoring: - default: false - type: boolean - is_internal: - type: boolean - is_preconfigured: - type: boolean - name: - type: string - preset: - enum: - - balanced - - custom - - throughput - - scale - - latency - type: string - proxy_id: - nullable: true - type: string - secrets: - additionalProperties: true - type: object - properties: - service_token: - anyOf: - - additionalProperties: true - type: object - properties: - id: - type: string - required: - - id - - type: string - service_token: - nullable: true - type: string - shipper: - additionalProperties: true - nullable: true - type: object - properties: - compression_level: - nullable: true - type: number - disk_queue_compression_enabled: - nullable: true - type: boolean - disk_queue_enabled: - default: false - nullable: true - type: boolean - disk_queue_encryption_enabled: - nullable: true - type: boolean - disk_queue_max_size: - nullable: true - type: number - disk_queue_path: - nullable: true - type: string - loadbalance: - nullable: true - type: boolean - max_batch_bytes: - nullable: true - type: number - mem_queue_events: - nullable: true - type: number - queue_flush_timeout: - nullable: true - type: number - required: - - disk_queue_path - - disk_queue_max_size - - disk_queue_encryption_enabled - - disk_queue_compression_enabled - - compression_level - - loadbalance - - mem_queue_events - - queue_flush_timeout - - max_batch_bytes - ssl: - additionalProperties: true - nullable: true - type: object - properties: - certificate: - type: string - certificate_authorities: - items: - type: string - type: array - key: - type: string - verification_mode: - enum: - - full - - none - - certificate - - strict - type: string - type: - enum: - - remote_elasticsearch - type: string - required: - - name - - type - - hosts - - additionalProperties: true - type: object - properties: - allow_edit: - items: - type: string - type: array - ca_sha256: - nullable: true - type: string - ca_trusted_fingerprint: - nullable: true - type: string - config_yaml: - nullable: true - type: string - hosts: - items: - type: string - minItems: 1 - type: array - id: - type: string - is_default: - default: false - type: boolean - is_default_monitoring: - default: false - type: boolean - is_internal: - type: boolean - is_preconfigured: - type: boolean - name: - type: string - proxy_id: - nullable: true - type: string - secrets: - additionalProperties: true - type: object - properties: - ssl: - additionalProperties: true - type: object - properties: - key: - anyOf: - - additionalProperties: true - type: object - properties: - id: - type: string - required: - - id - - type: string - shipper: - additionalProperties: true - nullable: true - type: object - properties: - compression_level: - nullable: true - type: number - disk_queue_compression_enabled: - nullable: true - type: boolean - disk_queue_enabled: - default: false - nullable: true - type: boolean - disk_queue_encryption_enabled: - nullable: true - type: boolean - disk_queue_max_size: - nullable: true - type: number - disk_queue_path: - nullable: true - type: string - loadbalance: - nullable: true - type: boolean - max_batch_bytes: - nullable: true - type: number - mem_queue_events: - nullable: true - type: number - queue_flush_timeout: - nullable: true - type: number - required: - - disk_queue_path - - disk_queue_max_size - - disk_queue_encryption_enabled - - disk_queue_compression_enabled - - compression_level - - loadbalance - - mem_queue_events - - queue_flush_timeout - - max_batch_bytes - ssl: - additionalProperties: true - nullable: true - type: object - properties: - certificate: - type: string - certificate_authorities: - items: - type: string - type: array - key: - type: string - verification_mode: - enum: - - full - - none - - certificate - - strict - type: string - type: - enum: - - logstash - type: string - required: - - name - - type - - hosts - - additionalProperties: true - type: object - properties: - allow_edit: - items: - type: string - type: array - auth_type: - enum: - - none - - user_pass - - ssl - - kerberos - type: string - broker_timeout: - type: number - ca_sha256: - nullable: true - type: string - ca_trusted_fingerprint: - nullable: true - type: string - client_id: - type: string - compression: - enum: - - gzip - - snappy - - lz4 - - none - type: string - compression_level: - anyOf: - - items: {} - type: array - - type: boolean - - type: number - - type: object - - type: string - nullable: true - oneOf: - - type: number - - not: {} - config_yaml: - nullable: true - type: string - connection_type: - anyOf: - - items: {} - type: array - - type: boolean - - type: number - - type: object - - type: string - nullable: true - oneOf: - - enum: - - plaintext - - encryption - type: string - - not: {} - hash: - additionalProperties: true - type: object - properties: - hash: - type: string - random: - type: boolean - headers: - items: - additionalProperties: true - type: object - properties: - key: - type: string - value: - type: string - required: - - key - - value - type: array - hosts: - items: - type: string - minItems: 1 - type: array - id: - type: string - is_default: - default: false - type: boolean - is_default_monitoring: - default: false - type: boolean - is_internal: - type: boolean - is_preconfigured: - type: boolean - key: - type: string - name: - type: string - partition: - enum: - - random - - round_robin - - hash - type: string - password: - anyOf: - - items: {} - type: array - - type: boolean - - type: number - - type: object - - type: string - nullable: true - oneOf: - - not: {} - - anyOf: - - items: {} - type: array - - type: boolean - - type: number - - type: object - - type: string - nullable: true - oneOf: - - type: string - - not: {} - proxy_id: - nullable: true - type: string - random: - additionalProperties: true - type: object - properties: - group_events: - type: number - required_acks: - enum: - - 1 - - 0 - - -1 - type: integer - round_robin: - additionalProperties: true - type: object - properties: - group_events: - type: number - sasl: - additionalProperties: true - nullable: true - type: object - properties: - mechanism: - enum: - - PLAIN - - SCRAM-SHA-256 - - SCRAM-SHA-512 - type: string - secrets: - additionalProperties: true - type: object - properties: - password: - anyOf: - - additionalProperties: true - type: object - properties: - id: - type: string - required: - - id - - type: string - ssl: - additionalProperties: true - type: object - properties: - key: - anyOf: - - additionalProperties: true - type: object - properties: - id: - type: string - required: - - id - - type: string - required: - - key - shipper: - additionalProperties: true - nullable: true - type: object - properties: - compression_level: - nullable: true - type: number - disk_queue_compression_enabled: - nullable: true - type: boolean - disk_queue_enabled: - default: false - nullable: true - type: boolean - disk_queue_encryption_enabled: - nullable: true - type: boolean - disk_queue_max_size: - nullable: true - type: number - disk_queue_path: - nullable: true - type: string - loadbalance: - nullable: true - type: boolean - max_batch_bytes: - nullable: true - type: number - mem_queue_events: - nullable: true - type: number - queue_flush_timeout: - nullable: true - type: number - required: - - disk_queue_path - - disk_queue_max_size - - disk_queue_encryption_enabled - - disk_queue_compression_enabled - - compression_level - - loadbalance - - mem_queue_events - - queue_flush_timeout - - max_batch_bytes - ssl: - additionalProperties: true - nullable: true - type: object - properties: - certificate: - type: string - certificate_authorities: - items: - type: string - type: array - key: - type: string - verification_mode: - enum: - - full - - none - - certificate - - strict - type: string - timeout: - type: number - topic: - type: string - topics: - items: - additionalProperties: true - type: object - properties: - topic: - type: string - when: - additionalProperties: true - type: object - properties: - condition: - type: string - type: - enum: - - equals - - contains - - regexp - type: string - required: - - topic - minItems: 1 - type: array - type: - enum: - - kafka - type: string - username: - anyOf: - - items: {} - type: array - - type: boolean - - type: number - - type: object - - type: string - nullable: true - oneOf: - - type: string - - not: {} - version: - type: string - required: - - name - - type - - hosts - - compression_level - - auth_type - - connection_type - - username - - password - required: - - item - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Fleet outputs - put: - description: Update output by ID - operationId: '%2Fapi%2Ffleet%2Foutputs%2F%7BoutputId%7D#1' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - in: path - name: outputId - required: true - schema: - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - anyOf: - - additionalProperties: false - type: object - properties: - allow_edit: - items: - type: string - type: array - ca_sha256: - nullable: true - type: string - ca_trusted_fingerprint: - nullable: true - type: string - config_yaml: - nullable: true - type: string - hosts: - items: - format: uri - type: string - minItems: 1 - type: array - id: - type: string - is_default: - type: boolean - is_default_monitoring: - type: boolean - is_internal: - type: boolean - is_preconfigured: - type: boolean - name: - type: string - preset: - enum: - - balanced - - custom - - throughput - - scale - - latency - type: string - proxy_id: - nullable: true - type: string - shipper: - additionalProperties: false - nullable: true - type: object - properties: - compression_level: - nullable: true - type: number - disk_queue_compression_enabled: - nullable: true - type: boolean - disk_queue_enabled: - default: false - nullable: true - type: boolean - disk_queue_encryption_enabled: - nullable: true - type: boolean - disk_queue_max_size: - nullable: true - type: number - disk_queue_path: - nullable: true - type: string - loadbalance: - nullable: true - type: boolean - max_batch_bytes: - nullable: true - type: number - mem_queue_events: - nullable: true - type: number - queue_flush_timeout: - nullable: true - type: number - required: - - disk_queue_path - - disk_queue_max_size - - disk_queue_encryption_enabled - - disk_queue_compression_enabled - - compression_level - - loadbalance - - mem_queue_events - - queue_flush_timeout - - max_batch_bytes - ssl: - additionalProperties: false - nullable: true - type: object - properties: - certificate: - type: string - certificate_authorities: - items: - type: string - type: array - key: - type: string - verification_mode: - enum: - - full - - none - - certificate - - strict - type: string - type: - enum: - - elasticsearch - type: string - - additionalProperties: false - type: object - properties: - allow_edit: - items: - type: string - type: array - ca_sha256: - nullable: true - type: string - ca_trusted_fingerprint: - nullable: true - type: string - config_yaml: - nullable: true - type: string - hosts: - items: - format: uri - type: string - minItems: 1 - type: array - id: - type: string - is_default: - type: boolean - is_default_monitoring: - type: boolean - is_internal: - type: boolean - is_preconfigured: - type: boolean - name: - type: string - preset: - enum: - - balanced - - custom - - throughput - - scale - - latency - type: string - proxy_id: - nullable: true - type: string - secrets: - additionalProperties: false - type: object - properties: - service_token: - anyOf: - - additionalProperties: false - type: object - properties: - id: - type: string - required: - - id - - type: string - service_token: - nullable: true - type: string - shipper: - additionalProperties: false - nullable: true - type: object - properties: - compression_level: - nullable: true - type: number - disk_queue_compression_enabled: - nullable: true - type: boolean - disk_queue_enabled: - default: false - nullable: true - type: boolean - disk_queue_encryption_enabled: - nullable: true - type: boolean - disk_queue_max_size: - nullable: true - type: number - disk_queue_path: - nullable: true - type: string - loadbalance: - nullable: true - type: boolean - max_batch_bytes: - nullable: true - type: number - mem_queue_events: - nullable: true - type: number - queue_flush_timeout: - nullable: true - type: number - required: - - disk_queue_path - - disk_queue_max_size - - disk_queue_encryption_enabled - - disk_queue_compression_enabled - - compression_level - - loadbalance - - mem_queue_events - - queue_flush_timeout - - max_batch_bytes - ssl: - additionalProperties: false - nullable: true - type: object - properties: - certificate: - type: string - certificate_authorities: - items: - type: string - type: array - key: - type: string - verification_mode: - enum: - - full - - none - - certificate - - strict - type: string - type: - enum: - - remote_elasticsearch - type: string - - additionalProperties: false - type: object - properties: - allow_edit: - items: - type: string - type: array - ca_sha256: - nullable: true - type: string - ca_trusted_fingerprint: - nullable: true - type: string - config_yaml: - nullable: true - type: string - hosts: - items: - type: string - minItems: 1 - type: array - id: - type: string - is_default: - type: boolean - is_default_monitoring: - type: boolean - is_internal: - type: boolean - is_preconfigured: - type: boolean - name: - type: string - proxy_id: - nullable: true - type: string - secrets: - additionalProperties: false - type: object - properties: - ssl: - additionalProperties: false - type: object - properties: - key: - anyOf: - - additionalProperties: false - type: object - properties: - id: - type: string - required: - - id - - type: string - shipper: - additionalProperties: false - nullable: true - type: object - properties: - compression_level: - nullable: true - type: number - disk_queue_compression_enabled: - nullable: true - type: boolean - disk_queue_enabled: - default: false - nullable: true - type: boolean - disk_queue_encryption_enabled: - nullable: true - type: boolean - disk_queue_max_size: - nullable: true - type: number - disk_queue_path: - nullable: true - type: string - loadbalance: - nullable: true - type: boolean - max_batch_bytes: - nullable: true - type: number - mem_queue_events: - nullable: true - type: number - queue_flush_timeout: - nullable: true - type: number - required: - - disk_queue_path - - disk_queue_max_size - - disk_queue_encryption_enabled - - disk_queue_compression_enabled - - compression_level - - loadbalance - - mem_queue_events - - queue_flush_timeout - - max_batch_bytes - ssl: - additionalProperties: false - nullable: true - type: object - properties: - certificate: - type: string - certificate_authorities: - items: - type: string - type: array - key: - type: string - verification_mode: - enum: - - full - - none - - certificate - - strict - type: string - type: - enum: - - logstash - type: string - - additionalProperties: false - type: object - properties: - allow_edit: - items: - type: string - type: array - auth_type: - enum: - - none - - user_pass - - ssl - - kerberos - type: string - broker_timeout: - type: number - ca_sha256: - nullable: true - type: string - ca_trusted_fingerprint: - nullable: true - type: string - client_id: - type: string - compression: - enum: - - gzip - - snappy - - lz4 - - none - type: string - compression_level: - anyOf: - - items: {} - type: array - - type: boolean - - type: number - - type: object - - type: string - nullable: true - oneOf: - - type: number - - not: {} - config_yaml: - nullable: true - type: string - connection_type: - anyOf: - - items: {} - type: array - - type: boolean - - type: number - - type: object - - type: string - nullable: true - oneOf: - - enum: - - plaintext - - encryption - type: string - - not: {} - hash: - additionalProperties: false - type: object - properties: - hash: - type: string - random: - type: boolean - headers: - items: - additionalProperties: false - type: object - properties: - key: - type: string - value: - type: string - required: - - key - - value - type: array - hosts: - items: - type: string - minItems: 1 - type: array - id: - type: string - is_default: - default: false - type: boolean - is_default_monitoring: - default: false - type: boolean - is_internal: - type: boolean - is_preconfigured: - type: boolean - key: - type: string - name: - type: string - partition: - enum: - - random - - round_robin - - hash - type: string - password: - anyOf: - - items: {} - type: array - - type: boolean - - type: number - - type: object - - type: string - nullable: true - oneOf: - - not: {} - - anyOf: - - items: {} - type: array - - type: boolean - - type: number - - type: object - - type: string - nullable: true - oneOf: - - type: string - - not: {} - proxy_id: - nullable: true - type: string - random: - additionalProperties: false - type: object - properties: - group_events: - type: number - required_acks: - enum: - - 1 - - 0 - - -1 - type: integer - round_robin: - additionalProperties: false - type: object - properties: - group_events: - type: number - sasl: - additionalProperties: false - nullable: true - type: object - properties: - mechanism: - enum: - - PLAIN - - SCRAM-SHA-256 - - SCRAM-SHA-512 - type: string - secrets: - additionalProperties: false - type: object - properties: - password: - anyOf: - - additionalProperties: false - type: object - properties: - id: - type: string - required: - - id - - type: string - ssl: - additionalProperties: false - type: object - properties: - key: - anyOf: - - additionalProperties: false - type: object - properties: - id: - type: string - required: - - id - - type: string - required: - - key - shipper: - additionalProperties: false - nullable: true - type: object - properties: - compression_level: - nullable: true - type: number - disk_queue_compression_enabled: - nullable: true - type: boolean - disk_queue_enabled: - default: false - nullable: true - type: boolean - disk_queue_encryption_enabled: - nullable: true - type: boolean - disk_queue_max_size: - nullable: true - type: number - disk_queue_path: - nullable: true - type: string - loadbalance: - nullable: true - type: boolean - max_batch_bytes: - nullable: true - type: number - mem_queue_events: - nullable: true - type: number - queue_flush_timeout: - nullable: true - type: number - required: - - disk_queue_path - - disk_queue_max_size - - disk_queue_encryption_enabled - - disk_queue_compression_enabled - - compression_level - - loadbalance - - mem_queue_events - - queue_flush_timeout - - max_batch_bytes - ssl: - additionalProperties: false - nullable: true - type: object - properties: - certificate: - type: string - certificate_authorities: - items: - type: string - type: array - key: - type: string - verification_mode: - enum: - - full - - none - - certificate - - strict - type: string - timeout: - type: number - topic: - type: string - topics: - items: - additionalProperties: false - type: object - properties: - topic: - type: string - when: - additionalProperties: false - type: object - properties: - condition: - type: string - type: - enum: - - equals - - contains - - regexp - type: string - required: - - topic - minItems: 1 - type: array - type: - enum: - - kafka - type: string - username: - anyOf: - - items: {} - type: array - - type: boolean - - type: number - - type: object - - type: string - nullable: true - oneOf: - - type: string - - not: {} - version: - type: string - required: - - name - - compression_level - - connection_type - - username - - password - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - item: - anyOf: - - additionalProperties: true - type: object - properties: - allow_edit: - items: - type: string - type: array - ca_sha256: - nullable: true - type: string - ca_trusted_fingerprint: - nullable: true - type: string - config_yaml: - nullable: true - type: string - hosts: - items: - format: uri - type: string - minItems: 1 - type: array - id: - type: string - is_default: - default: false - type: boolean - is_default_monitoring: - default: false - type: boolean - is_internal: - type: boolean - is_preconfigured: - type: boolean - name: - type: string - preset: - enum: - - balanced - - custom - - throughput - - scale - - latency - type: string - proxy_id: - nullable: true - type: string - shipper: - additionalProperties: true - nullable: true - type: object - properties: - compression_level: - nullable: true - type: number - disk_queue_compression_enabled: - nullable: true - type: boolean - disk_queue_enabled: - default: false - nullable: true - type: boolean - disk_queue_encryption_enabled: - nullable: true - type: boolean - disk_queue_max_size: - nullable: true - type: number - disk_queue_path: - nullable: true - type: string - loadbalance: - nullable: true - type: boolean - max_batch_bytes: - nullable: true - type: number - mem_queue_events: - nullable: true - type: number - queue_flush_timeout: - nullable: true - type: number - required: - - disk_queue_path - - disk_queue_max_size - - disk_queue_encryption_enabled - - disk_queue_compression_enabled - - compression_level - - loadbalance - - mem_queue_events - - queue_flush_timeout - - max_batch_bytes - ssl: - additionalProperties: true - nullable: true - type: object - properties: - certificate: - type: string - certificate_authorities: - items: - type: string - type: array - key: - type: string - verification_mode: - enum: - - full - - none - - certificate - - strict - type: string - type: - enum: - - elasticsearch - type: string - required: - - name - - type - - hosts - - additionalProperties: true - type: object - properties: - allow_edit: - items: - type: string - type: array - ca_sha256: - nullable: true - type: string - ca_trusted_fingerprint: - nullable: true - type: string - config_yaml: - nullable: true - type: string - hosts: - items: - format: uri - type: string - minItems: 1 - type: array - id: - type: string - is_default: - default: false - type: boolean - is_default_monitoring: - default: false - type: boolean - is_internal: - type: boolean - is_preconfigured: - type: boolean - name: - type: string - preset: - enum: - - balanced - - custom - - throughput - - scale - - latency - type: string - proxy_id: - nullable: true - type: string - secrets: - additionalProperties: true - type: object - properties: - service_token: - anyOf: - - additionalProperties: true - type: object - properties: - id: - type: string - required: - - id - - type: string - service_token: - nullable: true - type: string - shipper: - additionalProperties: true - nullable: true - type: object - properties: - compression_level: - nullable: true - type: number - disk_queue_compression_enabled: - nullable: true - type: boolean - disk_queue_enabled: - default: false - nullable: true - type: boolean - disk_queue_encryption_enabled: - nullable: true - type: boolean - disk_queue_max_size: - nullable: true - type: number - disk_queue_path: - nullable: true - type: string - loadbalance: - nullable: true - type: boolean - max_batch_bytes: - nullable: true - type: number - mem_queue_events: - nullable: true - type: number - queue_flush_timeout: - nullable: true - type: number - required: - - disk_queue_path - - disk_queue_max_size - - disk_queue_encryption_enabled - - disk_queue_compression_enabled - - compression_level - - loadbalance - - mem_queue_events - - queue_flush_timeout - - max_batch_bytes - ssl: - additionalProperties: true - nullable: true - type: object - properties: - certificate: - type: string - certificate_authorities: - items: - type: string - type: array - key: - type: string - verification_mode: - enum: - - full - - none - - certificate - - strict - type: string - type: - enum: - - remote_elasticsearch - type: string - required: - - name - - type - - hosts - - additionalProperties: true - type: object - properties: - allow_edit: - items: - type: string - type: array - ca_sha256: - nullable: true - type: string - ca_trusted_fingerprint: - nullable: true - type: string - config_yaml: - nullable: true - type: string - hosts: - items: - type: string - minItems: 1 - type: array - id: - type: string - is_default: - default: false - type: boolean - is_default_monitoring: - default: false - type: boolean - is_internal: - type: boolean - is_preconfigured: - type: boolean - name: - type: string - proxy_id: - nullable: true - type: string - secrets: - additionalProperties: true - type: object - properties: - ssl: - additionalProperties: true - type: object - properties: - key: - anyOf: - - additionalProperties: true - type: object - properties: - id: - type: string - required: - - id - - type: string - shipper: - additionalProperties: true - nullable: true - type: object - properties: - compression_level: - nullable: true - type: number - disk_queue_compression_enabled: - nullable: true - type: boolean - disk_queue_enabled: - default: false - nullable: true - type: boolean - disk_queue_encryption_enabled: - nullable: true - type: boolean - disk_queue_max_size: - nullable: true - type: number - disk_queue_path: - nullable: true - type: string - loadbalance: - nullable: true - type: boolean - max_batch_bytes: - nullable: true - type: number - mem_queue_events: - nullable: true - type: number - queue_flush_timeout: - nullable: true - type: number - required: - - disk_queue_path - - disk_queue_max_size - - disk_queue_encryption_enabled - - disk_queue_compression_enabled - - compression_level - - loadbalance - - mem_queue_events - - queue_flush_timeout - - max_batch_bytes - ssl: - additionalProperties: true - nullable: true - type: object - properties: - certificate: - type: string - certificate_authorities: - items: - type: string - type: array - key: - type: string - verification_mode: - enum: - - full - - none - - certificate - - strict - type: string - type: - enum: - - logstash - type: string - required: - - name - - type - - hosts - - additionalProperties: true - type: object - properties: - allow_edit: - items: - type: string - type: array - auth_type: - enum: - - none - - user_pass - - ssl - - kerberos - type: string - broker_timeout: - type: number - ca_sha256: - nullable: true - type: string - ca_trusted_fingerprint: - nullable: true - type: string - client_id: - type: string - compression: - enum: - - gzip - - snappy - - lz4 - - none - type: string - compression_level: - anyOf: - - items: {} - type: array - - type: boolean - - type: number - - type: object - - type: string - nullable: true - oneOf: - - type: number - - not: {} - config_yaml: - nullable: true - type: string - connection_type: - anyOf: - - items: {} - type: array - - type: boolean - - type: number - - type: object - - type: string - nullable: true - oneOf: - - enum: - - plaintext - - encryption - type: string - - not: {} - hash: - additionalProperties: true - type: object - properties: - hash: - type: string - random: - type: boolean - headers: - items: - additionalProperties: true - type: object - properties: - key: - type: string - value: - type: string - required: - - key - - value - type: array - hosts: - items: - type: string - minItems: 1 - type: array - id: - type: string - is_default: - default: false - type: boolean - is_default_monitoring: - default: false - type: boolean - is_internal: - type: boolean - is_preconfigured: - type: boolean - key: - type: string - name: - type: string - partition: - enum: - - random - - round_robin - - hash - type: string - password: - anyOf: - - items: {} - type: array - - type: boolean - - type: number - - type: object - - type: string - nullable: true - oneOf: - - not: {} - - anyOf: - - items: {} - type: array - - type: boolean - - type: number - - type: object - - type: string - nullable: true - oneOf: - - type: string - - not: {} - proxy_id: - nullable: true - type: string - random: - additionalProperties: true - type: object - properties: - group_events: - type: number - required_acks: - enum: - - 1 - - 0 - - -1 - type: integer - round_robin: - additionalProperties: true - type: object - properties: - group_events: - type: number - sasl: - additionalProperties: true - nullable: true - type: object - properties: - mechanism: - enum: - - PLAIN - - SCRAM-SHA-256 - - SCRAM-SHA-512 - type: string - secrets: - additionalProperties: true - type: object - properties: - password: - anyOf: - - additionalProperties: true - type: object - properties: - id: - type: string - required: - - id - - type: string - ssl: - additionalProperties: true - type: object - properties: - key: - anyOf: - - additionalProperties: true - type: object - properties: - id: - type: string - required: - - id - - type: string - required: - - key - shipper: - additionalProperties: true - nullable: true - type: object - properties: - compression_level: - nullable: true - type: number - disk_queue_compression_enabled: - nullable: true - type: boolean - disk_queue_enabled: - default: false - nullable: true - type: boolean - disk_queue_encryption_enabled: - nullable: true - type: boolean - disk_queue_max_size: - nullable: true - type: number - disk_queue_path: - nullable: true - type: string - loadbalance: - nullable: true - type: boolean - max_batch_bytes: - nullable: true - type: number - mem_queue_events: - nullable: true - type: number - queue_flush_timeout: - nullable: true - type: number - required: - - disk_queue_path - - disk_queue_max_size - - disk_queue_encryption_enabled - - disk_queue_compression_enabled - - compression_level - - loadbalance - - mem_queue_events - - queue_flush_timeout - - max_batch_bytes - ssl: - additionalProperties: true - nullable: true - type: object - properties: - certificate: - type: string - certificate_authorities: - items: - type: string - type: array - key: - type: string - verification_mode: - enum: - - full - - none - - certificate - - strict - type: string - timeout: - type: number - topic: - type: string - topics: - items: - additionalProperties: true - type: object - properties: - topic: - type: string - when: - additionalProperties: true - type: object - properties: - condition: - type: string - type: - enum: - - equals - - contains - - regexp - type: string - required: - - topic - minItems: 1 - type: array - type: - enum: - - kafka - type: string - username: - anyOf: - - items: {} - type: array - - type: boolean - - type: number - - type: object - - type: string - nullable: true - oneOf: - - type: string - - not: {} - version: - type: string - required: - - name - - type - - hosts - - compression_level - - auth_type - - connection_type - - username - - password - required: - - item - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Fleet outputs - /api/fleet/outputs/{outputId}/health: - get: - description: Get latest output health - operationId: '%2Fapi%2Ffleet%2Foutputs%2F%7BoutputId%7D%2Fhealth#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - in: path - name: outputId - required: true - schema: - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - message: - description: long message if unhealthy - type: string - state: - description: state of output, HEALTHY or DEGRADED - type: string - timestamp: - description: timestamp of reported state - type: string - required: - - state - - message - - timestamp - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Fleet outputs - /api/fleet/package_policies: - get: - description: List package policies - operationId: '%2Fapi%2Ffleet%2Fpackage_policies#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - in: query - name: page - required: false - schema: - type: number - - in: query - name: perPage - required: false - schema: - type: number - - in: query - name: sortField - required: false - schema: - type: string - - in: query - name: sortOrder - required: false - schema: - enum: - - desc - - asc - type: string - - in: query - name: showUpgradeable - required: false - schema: - type: boolean - - in: query - name: kuery - required: false - schema: - type: string - - in: query - name: format - required: false - schema: - enum: - - simplified - - legacy - type: string - - in: query - name: withAgentCount - required: false - schema: - type: boolean - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - items: - items: - additionalProperties: false - type: object - properties: - agents: - type: number - created_at: - type: string - created_by: - type: string - description: - description: Package policy description - type: string - elasticsearch: - additionalProperties: true - type: object - properties: - privileges: - additionalProperties: true - type: object - properties: - cluster: - items: - type: string - type: array - enabled: - type: boolean - id: - type: string - inputs: - anyOf: - - items: - additionalProperties: false - type: object - properties: - compiled_input: {} - config: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - enabled: - type: boolean - id: - type: string - keep_enabled: - type: boolean - policy_template: - type: string - streams: - items: - additionalProperties: false - type: object - properties: - compiled_stream: {} - config: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - data_stream: - additionalProperties: false - type: object - properties: - dataset: - type: string - elasticsearch: - additionalProperties: false - type: object - properties: - dynamic_dataset: - type: boolean - dynamic_namespace: - type: boolean - privileges: - additionalProperties: false - type: object - properties: - indices: - items: - type: string - type: array - type: - type: string - required: - - dataset - - type - enabled: - type: boolean - id: - type: string - keep_enabled: - type: boolean - release: - enum: - - ga - - beta - - experimental - type: string - vars: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - required: - - enabled - - data_stream - - compiled_stream - type: array - type: - type: string - vars: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - required: - - type - - enabled - - streams - - compiled_input - type: array - - additionalProperties: - additionalProperties: false - type: object - properties: - enabled: - description: >- - enable or disable that input, (default to - true) - type: boolean - streams: - additionalProperties: - additionalProperties: false - type: object - properties: - enabled: - description: >- - enable or disable that stream, (default - to true) - type: boolean - vars: - additionalProperties: - anyOf: - - type: boolean - - type: string - - type: number - - items: - type: string - type: array - - items: - type: number - type: array - - additionalProperties: false - type: object - properties: - id: - type: string - isSecretRef: - type: boolean - required: - - id - - isSecretRef - nullable: true - description: >- - Input/stream level variable (see - integration documentation for more - information) - type: object - description: >- - Input streams (see integration - documentation to know what streams are - available) - type: object - vars: - additionalProperties: - anyOf: - - type: boolean - - type: string - - type: number - - items: - type: string - type: array - - items: - type: number - type: array - - additionalProperties: false - type: object - properties: - id: - type: string - isSecretRef: - type: boolean - required: - - id - - isSecretRef - nullable: true - description: >- - Input/stream level variable (see - integration documentation for more - information) - type: object - description: >- - Package policy inputs (see integration - documentation to know what inputs are available) - type: object - x-oas-optional: true - is_managed: - type: boolean - name: - description: Package policy name (should be unique) - type: string - namespace: - description: >- - The package policy namespace. Leave blank to inherit - the agent policy's namespace. - type: string - output_id: - nullable: true - type: string - overrides: - additionalProperties: false - description: >- - Override settings that are defined in the package - policy. The override option should be used only in - unusual circumstances and not as a routine - procedure. - nullable: true - type: object - properties: - inputs: - additionalProperties: {} - type: object - package: - additionalProperties: false - type: object - properties: - experimental_data_stream_features: - items: - additionalProperties: false - type: object - properties: - data_stream: - type: string - features: - additionalProperties: false - type: object - properties: - doc_value_only_numeric: - type: boolean - doc_value_only_other: - type: boolean - synthetic_source: - type: boolean - tsdb: - type: boolean - required: - - data_stream - - features - type: array - name: - description: Package name - type: string - requires_root: - type: boolean - title: - type: string - version: - description: Package version - type: string - required: - - name - - version - policy_id: - deprecated: true - description: >- - Agent policy ID where that package policy will be - added - nullable: true - type: string - policy_ids: - items: - description: >- - Agent policy IDs where that package policy will be - added - type: string - type: array - revision: - type: number - secret_references: - items: - additionalProperties: false - type: object - properties: - id: - type: string - required: - - id - type: array - spaceIds: - items: - type: string - type: array - updated_at: - type: string - updated_by: - type: string - vars: - anyOf: - - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration documentation - for more information) - type: object - - additionalProperties: - anyOf: - - type: boolean - - type: string - - type: number - - items: - type: string - type: array - - items: - type: number - type: array - - additionalProperties: false - type: object - properties: - id: - type: string - isSecretRef: - type: boolean - required: - - id - - isSecretRef - nullable: true - description: >- - Input/stream level variable (see integration - documentation for more information) - type: object - x-oas-optional: true - version: - type: string - required: - - name - - enabled - - inputs - - id - - revision - - updated_at - - updated_by - - created_at - - created_by - type: array - page: - type: number - perPage: - type: number - total: - type: number - required: - - items - - total - - page - - perPage - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Fleet package policies - post: - description: Create package policy - operationId: '%2Fapi%2Ffleet%2Fpackage_policies#1' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - in: query - name: format - required: false - schema: - enum: - - simplified - - legacy - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - anyOf: - - additionalProperties: false - type: object - properties: - description: - description: Package policy description - type: string - enabled: - type: boolean - force: - description: >- - Force package policy creation even if package is not - verified, or if the agent policy is managed. - type: boolean - id: - description: Package policy unique identifier - type: string - inputs: - items: - additionalProperties: false - type: object - properties: - config: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration documentation - for more information) - type: object - enabled: - type: boolean - id: - type: string - keep_enabled: - type: boolean - policy_template: - type: string - streams: - items: - additionalProperties: false - type: object - properties: - compiled_stream: {} - config: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - data_stream: - additionalProperties: false - type: object - properties: - dataset: - type: string - elasticsearch: - additionalProperties: false - type: object - properties: - dynamic_dataset: - type: boolean - dynamic_namespace: - type: boolean - privileges: - additionalProperties: false - type: object - properties: - indices: - items: - type: string - type: array - type: - type: string - required: - - dataset - - type - enabled: - type: boolean - id: - type: string - keep_enabled: - type: boolean - release: - enum: - - ga - - beta - - experimental - type: string - vars: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - required: - - enabled - - data_stream - - compiled_stream - type: array - type: - type: string - vars: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration documentation - for more information) - type: object - required: - - type - - enabled - type: array - is_managed: - type: boolean - name: - description: Package policy name (should be unique) - type: string - namespace: - description: >- - The package policy namespace. Leave blank to inherit the - agent policy's namespace. - type: string - output_id: - nullable: true - type: string - overrides: - additionalProperties: false - description: >- - Override settings that are defined in the package - policy. The override option should be used only in - unusual circumstances and not as a routine procedure. - nullable: true - type: object - properties: - inputs: - additionalProperties: {} - type: object - package: - additionalProperties: false - type: object - properties: - experimental_data_stream_features: - items: - additionalProperties: false - type: object - properties: - data_stream: - type: string - features: - additionalProperties: false - type: object - properties: - doc_value_only_numeric: - type: boolean - doc_value_only_other: - type: boolean - synthetic_source: - type: boolean - tsdb: - type: boolean - required: - - data_stream - - features - type: array - name: - description: Package name - type: string - requires_root: - type: boolean - title: - type: string - version: - description: Package version - type: string - required: - - name - - version - policy_id: - deprecated: true - description: Agent policy ID where that package policy will be added - nullable: true - type: string - policy_ids: - items: - description: >- - Agent policy IDs where that package policy will be - added - type: string - type: array - vars: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration documentation for more - information) - type: object - required: - - name - - inputs - - additionalProperties: false - type: object - properties: - description: - type: string - force: - type: boolean - id: - type: string - inputs: - additionalProperties: - additionalProperties: false - type: object - properties: - enabled: - description: enable or disable that input, (default to true) - type: boolean - streams: - additionalProperties: - additionalProperties: false - type: object - properties: - enabled: - description: >- - enable or disable that stream, (default to - true) - type: boolean - vars: - additionalProperties: - anyOf: - - type: boolean - - type: string - - type: number - - items: - type: string - type: array - - items: - type: number - type: array - - additionalProperties: false - type: object - properties: - id: - type: string - isSecretRef: - type: boolean - required: - - id - - isSecretRef - nullable: true - description: >- - Input/stream level variable (see integration - documentation for more information) - type: object - description: >- - Input streams (see integration documentation to - know what streams are available) - type: object - vars: - additionalProperties: - anyOf: - - type: boolean - - type: string - - type: number - - items: - type: string - type: array - - items: - type: number - type: array - - additionalProperties: false - type: object - properties: - id: - type: string - isSecretRef: - type: boolean - required: - - id - - isSecretRef - nullable: true - description: >- - Input/stream level variable (see integration - documentation for more information) - type: object - description: >- - Package policy inputs (see integration documentation to - know what inputs are available) - type: object - name: - type: string - namespace: - type: string - output_id: - nullable: true - type: string - package: - additionalProperties: false - type: object - properties: - experimental_data_stream_features: - items: - additionalProperties: false - type: object - properties: - data_stream: - type: string - features: - additionalProperties: false - type: object - properties: - doc_value_only_numeric: - type: boolean - doc_value_only_other: - type: boolean - synthetic_source: - type: boolean - tsdb: - type: boolean - required: - - data_stream - - features - type: array - name: - description: Package name - type: string - requires_root: - type: boolean - title: - type: string - version: - description: Package version - type: string - required: - - name - - version - policy_id: - nullable: true - type: string - policy_ids: - items: - type: string - type: array - vars: - additionalProperties: - anyOf: - - type: boolean - - type: string - - type: number - - items: - type: string - type: array - - items: - type: number - type: array - - additionalProperties: false - type: object - properties: - id: - type: string - isSecretRef: - type: boolean - required: - - id - - isSecretRef - nullable: true - description: >- - Input/stream level variable (see integration - documentation for more information) - type: object - required: - - name - - package - description: >- - You should use inputs as an object and not use the deprecated - inputs array. - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - item: - additionalProperties: false - type: object - properties: - agents: - type: number - created_at: - type: string - created_by: - type: string - description: - description: Package policy description - type: string - elasticsearch: - additionalProperties: true - type: object - properties: - privileges: - additionalProperties: true - type: object - properties: - cluster: - items: - type: string - type: array - enabled: - type: boolean - id: - type: string - inputs: - anyOf: - - items: - additionalProperties: false - type: object - properties: - compiled_input: {} - config: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - enabled: - type: boolean - id: - type: string - keep_enabled: - type: boolean - policy_template: - type: string - streams: - items: - additionalProperties: false - type: object - properties: - compiled_stream: {} - config: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - data_stream: - additionalProperties: false - type: object - properties: - dataset: - type: string - elasticsearch: - additionalProperties: false - type: object - properties: - dynamic_dataset: - type: boolean - dynamic_namespace: - type: boolean - privileges: - additionalProperties: false - type: object - properties: - indices: - items: - type: string - type: array - type: - type: string - required: - - dataset - - type - enabled: - type: boolean - id: - type: string - keep_enabled: - type: boolean - release: - enum: - - ga - - beta - - experimental - type: string - vars: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - required: - - enabled - - data_stream - - compiled_stream - type: array - type: - type: string - vars: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - required: - - type - - enabled - - streams - - compiled_input - type: array - - additionalProperties: - additionalProperties: false - type: object - properties: - enabled: - description: >- - enable or disable that input, (default to - true) - type: boolean - streams: - additionalProperties: - additionalProperties: false - type: object - properties: - enabled: - description: >- - enable or disable that stream, (default - to true) - type: boolean - vars: - additionalProperties: - anyOf: - - type: boolean - - type: string - - type: number - - items: - type: string - type: array - - items: - type: number - type: array - - additionalProperties: false - type: object - properties: - id: - type: string - isSecretRef: - type: boolean - required: - - id - - isSecretRef - nullable: true - description: >- - Input/stream level variable (see - integration documentation for more - information) - type: object - description: >- - Input streams (see integration documentation - to know what streams are available) - type: object - vars: - additionalProperties: - anyOf: - - type: boolean - - type: string - - type: number - - items: - type: string - type: array - - items: - type: number - type: array - - additionalProperties: false - type: object - properties: - id: - type: string - isSecretRef: - type: boolean - required: - - id - - isSecretRef - nullable: true - description: >- - Input/stream level variable (see integration - documentation for more information) - type: object - description: >- - Package policy inputs (see integration - documentation to know what inputs are available) - type: object - x-oas-optional: true - is_managed: - type: boolean - name: - description: Package policy name (should be unique) - type: string - namespace: - description: >- - The package policy namespace. Leave blank to inherit - the agent policy's namespace. - type: string - output_id: - nullable: true - type: string - overrides: - additionalProperties: false - description: >- - Override settings that are defined in the package - policy. The override option should be used only in - unusual circumstances and not as a routine procedure. - nullable: true - type: object - properties: - inputs: - additionalProperties: {} - type: object - package: - additionalProperties: false - type: object - properties: - experimental_data_stream_features: - items: - additionalProperties: false - type: object - properties: - data_stream: - type: string - features: - additionalProperties: false - type: object - properties: - doc_value_only_numeric: - type: boolean - doc_value_only_other: - type: boolean - synthetic_source: - type: boolean - tsdb: - type: boolean - required: - - data_stream - - features - type: array - name: - description: Package name - type: string - requires_root: - type: boolean - title: - type: string - version: - description: Package version - type: string - required: - - name - - version - policy_id: - deprecated: true - description: >- - Agent policy ID where that package policy will be - added - nullable: true - type: string - policy_ids: - items: - description: >- - Agent policy IDs where that package policy will be - added - type: string - type: array - revision: - type: number - secret_references: - items: - additionalProperties: false - type: object - properties: - id: - type: string - required: - - id - type: array - spaceIds: - items: - type: string - type: array - updated_at: - type: string - updated_by: - type: string - vars: - anyOf: - - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration documentation - for more information) - type: object - - additionalProperties: - anyOf: - - type: boolean - - type: string - - type: number - - items: - type: string - type: array - - items: - type: number - type: array - - additionalProperties: false - type: object - properties: - id: - type: string - isSecretRef: - type: boolean - required: - - id - - isSecretRef - nullable: true - description: >- - Input/stream level variable (see integration - documentation for more information) - type: object - x-oas-optional: true - version: - type: string - required: - - name - - enabled - - inputs - - id - - revision - - updated_at - - updated_by - - created_at - - created_by - required: - - item - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - '409': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Fleet package policies - /api/fleet/package_policies/_bulk_get: - post: - description: Bulk get package policies - operationId: '%2Fapi%2Ffleet%2Fpackage_policies%2F_bulk_get#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - in: query - name: format - required: false - schema: - enum: - - simplified - - legacy - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - ids: - description: list of package policy ids - items: - type: string - type: array - ignoreMissing: - type: boolean - required: - - ids - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - items: - items: - additionalProperties: false - type: object - properties: - agents: - type: number - created_at: - type: string - created_by: - type: string - description: - description: Package policy description - type: string - elasticsearch: - additionalProperties: true - type: object - properties: - privileges: - additionalProperties: true - type: object - properties: - cluster: - items: - type: string - type: array - enabled: - type: boolean - id: - type: string - inputs: - anyOf: - - items: - additionalProperties: false - type: object - properties: - compiled_input: {} - config: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - enabled: - type: boolean - id: - type: string - keep_enabled: - type: boolean - policy_template: - type: string - streams: - items: - additionalProperties: false - type: object - properties: - compiled_stream: {} - config: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - data_stream: - additionalProperties: false - type: object - properties: - dataset: - type: string - elasticsearch: - additionalProperties: false - type: object - properties: - dynamic_dataset: - type: boolean - dynamic_namespace: - type: boolean - privileges: - additionalProperties: false - type: object - properties: - indices: - items: - type: string - type: array - type: - type: string - required: - - dataset - - type - enabled: - type: boolean - id: - type: string - keep_enabled: - type: boolean - release: - enum: - - ga - - beta - - experimental - type: string - vars: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - required: - - enabled - - data_stream - - compiled_stream - type: array - type: - type: string - vars: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - required: - - type - - enabled - - streams - - compiled_input - type: array - - additionalProperties: - additionalProperties: false - type: object - properties: - enabled: - description: >- - enable or disable that input, (default to - true) - type: boolean - streams: - additionalProperties: - additionalProperties: false - type: object - properties: - enabled: - description: >- - enable or disable that stream, (default - to true) - type: boolean - vars: - additionalProperties: - anyOf: - - type: boolean - - type: string - - type: number - - items: - type: string - type: array - - items: - type: number - type: array - - additionalProperties: false - type: object - properties: - id: - type: string - isSecretRef: - type: boolean - required: - - id - - isSecretRef - nullable: true - description: >- - Input/stream level variable (see - integration documentation for more - information) - type: object - description: >- - Input streams (see integration - documentation to know what streams are - available) - type: object - vars: - additionalProperties: - anyOf: - - type: boolean - - type: string - - type: number - - items: - type: string - type: array - - items: - type: number - type: array - - additionalProperties: false - type: object - properties: - id: - type: string - isSecretRef: - type: boolean - required: - - id - - isSecretRef - nullable: true - description: >- - Input/stream level variable (see - integration documentation for more - information) - type: object - description: >- - Package policy inputs (see integration - documentation to know what inputs are available) - type: object - x-oas-optional: true - is_managed: - type: boolean - name: - description: Package policy name (should be unique) - type: string - namespace: - description: >- - The package policy namespace. Leave blank to inherit - the agent policy's namespace. - type: string - output_id: - nullable: true - type: string - overrides: - additionalProperties: false - description: >- - Override settings that are defined in the package - policy. The override option should be used only in - unusual circumstances and not as a routine - procedure. - nullable: true - type: object - properties: - inputs: - additionalProperties: {} - type: object - package: - additionalProperties: false - type: object - properties: - experimental_data_stream_features: - items: - additionalProperties: false - type: object - properties: - data_stream: - type: string - features: - additionalProperties: false - type: object - properties: - doc_value_only_numeric: - type: boolean - doc_value_only_other: - type: boolean - synthetic_source: - type: boolean - tsdb: - type: boolean - required: - - data_stream - - features - type: array - name: - description: Package name - type: string - requires_root: - type: boolean - title: - type: string - version: - description: Package version - type: string - required: - - name - - version - policy_id: - deprecated: true - description: >- - Agent policy ID where that package policy will be - added - nullable: true - type: string - policy_ids: - items: - description: >- - Agent policy IDs where that package policy will be - added - type: string - type: array - revision: - type: number - secret_references: - items: - additionalProperties: false - type: object - properties: - id: - type: string - required: - - id - type: array - spaceIds: - items: - type: string - type: array - updated_at: - type: string - updated_by: - type: string - vars: - anyOf: - - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration documentation - for more information) - type: object - - additionalProperties: - anyOf: - - type: boolean - - type: string - - type: number - - items: - type: string - type: array - - items: - type: number - type: array - - additionalProperties: false - type: object - properties: - id: - type: string - isSecretRef: - type: boolean - required: - - id - - isSecretRef - nullable: true - description: >- - Input/stream level variable (see integration - documentation for more information) - type: object - x-oas-optional: true - version: - type: string - required: - - name - - enabled - - inputs - - id - - revision - - updated_at - - updated_by - - created_at - - created_by - type: array - required: - - items - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - message: - type: string - required: - - message - summary: '' - tags: - - Fleet package policies - /api/fleet/package_policies/{packagePolicyId}: - delete: - description: Delete package policy by ID - operationId: '%2Fapi%2Ffleet%2Fpackage_policies%2F%7BpackagePolicyId%7D#2' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - in: path - name: packagePolicyId - required: true - schema: - type: string - - in: query - name: force - required: false - schema: - type: boolean - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - id: - type: string - required: - - id - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Fleet package policies - get: - description: Get package policy by ID - operationId: '%2Fapi%2Ffleet%2Fpackage_policies%2F%7BpackagePolicyId%7D#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - in: path - name: packagePolicyId - required: true - schema: - type: string - - in: query - name: format - required: false - schema: - enum: - - simplified - - legacy - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - item: - additionalProperties: false - type: object - properties: - agents: - type: number - created_at: - type: string - created_by: - type: string - description: - description: Package policy description - type: string - elasticsearch: - additionalProperties: true - type: object - properties: - privileges: - additionalProperties: true - type: object - properties: - cluster: - items: - type: string - type: array - enabled: - type: boolean - id: - type: string - inputs: - anyOf: - - items: - additionalProperties: false - type: object - properties: - compiled_input: {} - config: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - enabled: - type: boolean - id: - type: string - keep_enabled: - type: boolean - policy_template: - type: string - streams: - items: - additionalProperties: false - type: object - properties: - compiled_stream: {} - config: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - data_stream: - additionalProperties: false - type: object - properties: - dataset: - type: string - elasticsearch: - additionalProperties: false - type: object - properties: - dynamic_dataset: - type: boolean - dynamic_namespace: - type: boolean - privileges: - additionalProperties: false - type: object - properties: - indices: - items: - type: string - type: array - type: - type: string - required: - - dataset - - type - enabled: - type: boolean - id: - type: string - keep_enabled: - type: boolean - release: - enum: - - ga - - beta - - experimental - type: string - vars: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - required: - - enabled - - data_stream - - compiled_stream - type: array - type: - type: string - vars: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - required: - - type - - enabled - - streams - - compiled_input - type: array - - additionalProperties: - additionalProperties: false - type: object - properties: - enabled: - description: >- - enable or disable that input, (default to - true) - type: boolean - streams: - additionalProperties: - additionalProperties: false - type: object - properties: - enabled: - description: >- - enable or disable that stream, (default - to true) - type: boolean - vars: - additionalProperties: - anyOf: - - type: boolean - - type: string - - type: number - - items: - type: string - type: array - - items: - type: number - type: array - - additionalProperties: false - type: object - properties: - id: - type: string - isSecretRef: - type: boolean - required: - - id - - isSecretRef - nullable: true - description: >- - Input/stream level variable (see - integration documentation for more - information) - type: object - description: >- - Input streams (see integration documentation - to know what streams are available) - type: object - vars: - additionalProperties: - anyOf: - - type: boolean - - type: string - - type: number - - items: - type: string - type: array - - items: - type: number - type: array - - additionalProperties: false - type: object - properties: - id: - type: string - isSecretRef: - type: boolean - required: - - id - - isSecretRef - nullable: true - description: >- - Input/stream level variable (see integration - documentation for more information) - type: object - description: >- - Package policy inputs (see integration - documentation to know what inputs are available) - type: object - x-oas-optional: true - is_managed: - type: boolean - name: - description: Package policy name (should be unique) - type: string - namespace: - description: >- - The package policy namespace. Leave blank to inherit - the agent policy's namespace. - type: string - output_id: - nullable: true - type: string - overrides: - additionalProperties: false - description: >- - Override settings that are defined in the package - policy. The override option should be used only in - unusual circumstances and not as a routine procedure. - nullable: true - type: object - properties: - inputs: - additionalProperties: {} - type: object - package: - additionalProperties: false - type: object - properties: - experimental_data_stream_features: - items: - additionalProperties: false - type: object - properties: - data_stream: - type: string - features: - additionalProperties: false - type: object - properties: - doc_value_only_numeric: - type: boolean - doc_value_only_other: - type: boolean - synthetic_source: - type: boolean - tsdb: - type: boolean - required: - - data_stream - - features - type: array - name: - description: Package name - type: string - requires_root: - type: boolean - title: - type: string - version: - description: Package version - type: string - required: - - name - - version - policy_id: - deprecated: true - description: >- - Agent policy ID where that package policy will be - added - nullable: true - type: string - policy_ids: - items: - description: >- - Agent policy IDs where that package policy will be - added - type: string - type: array - revision: - type: number - secret_references: - items: - additionalProperties: false - type: object - properties: - id: - type: string - required: - - id - type: array - spaceIds: - items: - type: string - type: array - updated_at: - type: string - updated_by: - type: string - vars: - anyOf: - - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration documentation - for more information) - type: object - - additionalProperties: - anyOf: - - type: boolean - - type: string - - type: number - - items: - type: string - type: array - - items: - type: number - type: array - - additionalProperties: false - type: object - properties: - id: - type: string - isSecretRef: - type: boolean - required: - - id - - isSecretRef - nullable: true - description: >- - Input/stream level variable (see integration - documentation for more information) - type: object - x-oas-optional: true - version: - type: string - required: - - name - - enabled - - inputs - - id - - revision - - updated_at - - updated_by - - created_at - - created_by - required: - - item - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - message: - type: string - required: - - message - summary: '' - tags: - - Fleet package policies - put: - description: Update package policy by ID - operationId: '%2Fapi%2Ffleet%2Fpackage_policies%2F%7BpackagePolicyId%7D#1' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - in: path - name: packagePolicyId - required: true - schema: - type: string - - in: query - name: format - required: false - schema: - enum: - - simplified - - legacy - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - anyOf: - - additionalProperties: false - type: object - properties: - description: - description: Package policy description - type: string - enabled: - type: boolean - force: - type: boolean - inputs: - items: - additionalProperties: false - type: object - properties: - config: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration documentation - for more information) - type: object - enabled: - type: boolean - id: - type: string - keep_enabled: - type: boolean - policy_template: - type: string - streams: - items: - additionalProperties: false - type: object - properties: - compiled_stream: {} - config: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - data_stream: - additionalProperties: false - type: object - properties: - dataset: - type: string - elasticsearch: - additionalProperties: false - type: object - properties: - dynamic_dataset: - type: boolean - dynamic_namespace: - type: boolean - privileges: - additionalProperties: false - type: object - properties: - indices: - items: - type: string - type: array - type: - type: string - required: - - dataset - - type - enabled: - type: boolean - id: - type: string - keep_enabled: - type: boolean - release: - enum: - - ga - - beta - - experimental - type: string - vars: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - required: - - enabled - - data_stream - - compiled_stream - type: array - type: - type: string - vars: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration documentation - for more information) - type: object - required: - - type - - enabled - type: array - is_managed: - type: boolean - name: - type: string - namespace: - description: >- - The package policy namespace. Leave blank to inherit the - agent policy's namespace. - type: string - output_id: - nullable: true - type: string - overrides: - additionalProperties: false - description: >- - Override settings that are defined in the package - policy. The override option should be used only in - unusual circumstances and not as a routine procedure. - nullable: true - type: object - properties: - inputs: - additionalProperties: {} - type: object - package: - additionalProperties: false - type: object - properties: - experimental_data_stream_features: - items: - additionalProperties: false - type: object - properties: - data_stream: - type: string - features: - additionalProperties: false - type: object - properties: - doc_value_only_numeric: - type: boolean - doc_value_only_other: - type: boolean - synthetic_source: - type: boolean - tsdb: - type: boolean - required: - - data_stream - - features - type: array - name: - description: Package name - type: string - requires_root: - type: boolean - title: - type: string - version: - description: Package version - type: string - required: - - name - - version - policy_id: - deprecated: true - description: Agent policy ID where that package policy will be added - nullable: true - type: string - policy_ids: - items: - description: >- - Agent policy IDs where that package policy will be - added - type: string - type: array - vars: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration documentation for more - information) - type: object - version: - type: string - - additionalProperties: false - type: object - properties: - description: - type: string - force: - type: boolean - id: - type: string - inputs: - additionalProperties: - additionalProperties: false - type: object - properties: - enabled: - description: enable or disable that input, (default to true) - type: boolean - streams: - additionalProperties: - additionalProperties: false - type: object - properties: - enabled: - description: >- - enable or disable that stream, (default to - true) - type: boolean - vars: - additionalProperties: - anyOf: - - type: boolean - - type: string - - type: number - - items: - type: string - type: array - - items: - type: number - type: array - - additionalProperties: false - type: object - properties: - id: - type: string - isSecretRef: - type: boolean - required: - - id - - isSecretRef - nullable: true - description: >- - Input/stream level variable (see integration - documentation for more information) - type: object - description: >- - Input streams (see integration documentation to - know what streams are available) - type: object - vars: - additionalProperties: - anyOf: - - type: boolean - - type: string - - type: number - - items: - type: string - type: array - - items: - type: number - type: array - - additionalProperties: false - type: object - properties: - id: - type: string - isSecretRef: - type: boolean - required: - - id - - isSecretRef - nullable: true - description: >- - Input/stream level variable (see integration - documentation for more information) - type: object - description: >- - Package policy inputs (see integration documentation to - know what inputs are available) - type: object - name: - type: string - namespace: - type: string - output_id: - nullable: true - type: string - package: - additionalProperties: false - type: object - properties: - experimental_data_stream_features: - items: - additionalProperties: false - type: object - properties: - data_stream: - type: string - features: - additionalProperties: false - type: object - properties: - doc_value_only_numeric: - type: boolean - doc_value_only_other: - type: boolean - synthetic_source: - type: boolean - tsdb: - type: boolean - required: - - data_stream - - features - type: array - name: - description: Package name - type: string - requires_root: - type: boolean - title: - type: string - version: - description: Package version - type: string - required: - - name - - version - policy_id: - nullable: true - type: string - policy_ids: - items: - type: string - type: array - vars: - additionalProperties: - anyOf: - - type: boolean - - type: string - - type: number - - items: - type: string - type: array - - items: - type: number - type: array - - additionalProperties: false - type: object - properties: - id: - type: string - isSecretRef: - type: boolean - required: - - id - - isSecretRef - nullable: true - description: >- - Input/stream level variable (see integration - documentation for more information) - type: object - required: - - name - - package - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - item: - additionalProperties: false - type: object - properties: - agents: - type: number - created_at: - type: string - created_by: - type: string - description: - description: Package policy description - type: string - elasticsearch: - additionalProperties: true - type: object - properties: - privileges: - additionalProperties: true - type: object - properties: - cluster: - items: - type: string - type: array - enabled: - type: boolean - id: - type: string - inputs: - anyOf: - - items: - additionalProperties: false - type: object - properties: - compiled_input: {} - config: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - enabled: - type: boolean - id: - type: string - keep_enabled: - type: boolean - policy_template: - type: string - streams: - items: - additionalProperties: false - type: object - properties: - compiled_stream: {} - config: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - data_stream: - additionalProperties: false - type: object - properties: - dataset: - type: string - elasticsearch: - additionalProperties: false - type: object - properties: - dynamic_dataset: - type: boolean - dynamic_namespace: - type: boolean - privileges: - additionalProperties: false - type: object - properties: - indices: - items: - type: string - type: array - type: - type: string - required: - - dataset - - type - enabled: - type: boolean - id: - type: string - keep_enabled: - type: boolean - release: - enum: - - ga - - beta - - experimental - type: string - vars: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - required: - - enabled - - data_stream - - compiled_stream - type: array - type: - type: string - vars: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - required: - - type - - enabled - - streams - - compiled_input - type: array - - additionalProperties: - additionalProperties: false - type: object - properties: - enabled: - description: >- - enable or disable that input, (default to - true) - type: boolean - streams: - additionalProperties: - additionalProperties: false - type: object - properties: - enabled: - description: >- - enable or disable that stream, (default - to true) - type: boolean - vars: - additionalProperties: - anyOf: - - type: boolean - - type: string - - type: number - - items: - type: string - type: array - - items: - type: number - type: array - - additionalProperties: false - type: object - properties: - id: - type: string - isSecretRef: - type: boolean - required: - - id - - isSecretRef - nullable: true - description: >- - Input/stream level variable (see - integration documentation for more - information) - type: object - description: >- - Input streams (see integration documentation - to know what streams are available) - type: object - vars: - additionalProperties: - anyOf: - - type: boolean - - type: string - - type: number - - items: - type: string - type: array - - items: - type: number - type: array - - additionalProperties: false - type: object - properties: - id: - type: string - isSecretRef: - type: boolean - required: - - id - - isSecretRef - nullable: true - description: >- - Input/stream level variable (see integration - documentation for more information) - type: object - description: >- - Package policy inputs (see integration - documentation to know what inputs are available) - type: object - x-oas-optional: true - is_managed: - type: boolean - name: - description: Package policy name (should be unique) - type: string - namespace: - description: >- - The package policy namespace. Leave blank to inherit - the agent policy's namespace. - type: string - output_id: - nullable: true - type: string - overrides: - additionalProperties: false - description: >- - Override settings that are defined in the package - policy. The override option should be used only in - unusual circumstances and not as a routine procedure. - nullable: true - type: object - properties: - inputs: - additionalProperties: {} - type: object - package: - additionalProperties: false - type: object - properties: - experimental_data_stream_features: - items: - additionalProperties: false - type: object - properties: - data_stream: - type: string - features: - additionalProperties: false - type: object - properties: - doc_value_only_numeric: - type: boolean - doc_value_only_other: - type: boolean - synthetic_source: - type: boolean - tsdb: - type: boolean - required: - - data_stream - - features - type: array - name: - description: Package name - type: string - requires_root: - type: boolean - title: - type: string - version: - description: Package version - type: string - required: - - name - - version - policy_id: - deprecated: true - description: >- - Agent policy ID where that package policy will be - added - nullable: true - type: string - policy_ids: - items: - description: >- - Agent policy IDs where that package policy will be - added - type: string - type: array - revision: - type: number - secret_references: - items: - additionalProperties: false - type: object - properties: - id: - type: string - required: - - id - type: array - spaceIds: - items: - type: string - type: array - updated_at: - type: string - updated_by: - type: string - vars: - anyOf: - - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration documentation - for more information) - type: object - - additionalProperties: - anyOf: - - type: boolean - - type: string - - type: number - - items: - type: string - type: array - - items: - type: number - type: array - - additionalProperties: false - type: object - properties: - id: - type: string - isSecretRef: - type: boolean - required: - - id - - isSecretRef - nullable: true - description: >- - Input/stream level variable (see integration - documentation for more information) - type: object - x-oas-optional: true - version: - type: string - required: - - name - - enabled - - inputs - - id - - revision - - updated_at - - updated_by - - created_at - - created_by - required: - - item - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Fleet package policies - /api/fleet/package_policies/delete: - post: - description: Bulk delete package policies - operationId: '%2Fapi%2Ffleet%2Fpackage_policies%2Fdelete#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - force: - type: boolean - packagePolicyIds: - items: - type: string - type: array - required: - - packagePolicyIds - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - items: - additionalProperties: false - type: object - properties: - body: - additionalProperties: false - type: object - properties: - message: - type: string - required: - - message - id: - type: string - name: - type: string - output_id: - nullable: true - type: string - package: - additionalProperties: false - type: object - properties: - experimental_data_stream_features: - items: - additionalProperties: false - type: object - properties: - data_stream: - type: string - features: - additionalProperties: false - type: object - properties: - doc_value_only_numeric: - type: boolean - doc_value_only_other: - type: boolean - synthetic_source: - type: boolean - tsdb: - type: boolean - required: - - data_stream - - features - type: array - name: - description: Package name - type: string - requires_root: - type: boolean - title: - type: string - version: - description: Package version - type: string - required: - - name - - version - policy_id: - deprecated: true - description: Use `policy_ids` instead - nullable: true - type: string - policy_ids: - items: - type: string - type: array - statusCode: - type: number - success: - type: boolean - required: - - id - - success - - policy_ids - - package - type: array - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Fleet package policies - /api/fleet/package_policies/upgrade: - post: - description: Upgrade package policy to a newer package version - operationId: '%2Fapi%2Ffleet%2Fpackage_policies%2Fupgrade#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - packagePolicyIds: - items: - type: string - type: array - required: - - packagePolicyIds - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - items: - additionalProperties: false - type: object - properties: - body: - additionalProperties: false - type: object - properties: - message: - type: string - required: - - message - id: - type: string - name: - type: string - statusCode: - type: number - success: - type: boolean - required: - - id - - success - type: array - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Fleet package policies - /api/fleet/package_policies/upgrade/dryrun: - post: - description: Dry run package policy upgrade - operationId: '%2Fapi%2Ffleet%2Fpackage_policies%2Fupgrade%2Fdryrun#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - packagePolicyIds: - items: - type: string - type: array - packageVersion: - type: string - required: - - packagePolicyIds - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - items: - additionalProperties: false - type: object - properties: - agent_diff: - items: - items: - additionalProperties: true - type: object - properties: - data_stream: - additionalProperties: true - type: object - properties: - namespace: - type: string - required: - - namespace - id: - type: string - meta: - additionalProperties: true - type: object - properties: - package: - additionalProperties: true - type: object - properties: - name: - type: string - version: - type: string - required: - - name - - version - required: - - package - name: - type: string - package_policy_id: - type: string - processors: - items: - additionalProperties: true - type: object - properties: - add_fields: - additionalProperties: true - type: object - properties: - fields: - additionalProperties: - anyOf: - - type: string - - type: number - type: object - target: - type: string - required: - - target - - fields - required: - - add_fields - type: array - revision: - type: number - streams: - items: - additionalProperties: true - type: object - properties: - data_stream: - additionalProperties: true - type: object - properties: - dataset: - type: string - type: - type: string - required: - - dataset - id: - type: string - required: - - id - - data_stream - type: array - type: - type: string - use_output: - type: string - required: - - id - - name - - revision - - type - - data_stream - - use_output - - package_policy_id - type: array - type: array - body: - additionalProperties: false - type: object - properties: - message: - type: string - required: - - message - diff: - items: - anyOf: - - additionalProperties: false - type: object - properties: - agents: - type: number - created_at: - type: string - created_by: - type: string - description: - description: Package policy description - type: string - elasticsearch: - additionalProperties: true - type: object - properties: - privileges: - additionalProperties: true - type: object - properties: - cluster: - items: - type: string - type: array - enabled: - type: boolean - id: - type: string - inputs: - anyOf: - - items: - additionalProperties: false - type: object - properties: - compiled_input: {} - config: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - enabled: - type: boolean - id: - type: string - keep_enabled: - type: boolean - policy_template: - type: string - streams: - items: - additionalProperties: false - type: object - properties: - compiled_stream: {} - config: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - data_stream: - additionalProperties: false - type: object - properties: - dataset: - type: string - elasticsearch: - additionalProperties: false - type: object - properties: - dynamic_dataset: - type: boolean - dynamic_namespace: - type: boolean - privileges: - additionalProperties: false - type: object - properties: - indices: - items: - type: string - type: array - type: - type: string - required: - - dataset - - type - enabled: - type: boolean - id: - type: string - keep_enabled: - type: boolean - release: - enum: - - ga - - beta - - experimental - type: string - vars: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - required: - - enabled - - data_stream - - compiled_stream - type: array - type: - type: string - vars: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - required: - - type - - enabled - - streams - - compiled_input - type: array - - additionalProperties: - additionalProperties: false - type: object - properties: - enabled: - description: >- - enable or disable that input, (default - to true) - type: boolean - streams: - additionalProperties: - additionalProperties: false - type: object - properties: - enabled: - description: >- - enable or disable that stream, (default - to true) - type: boolean - vars: - additionalProperties: - anyOf: - - type: boolean - - type: string - - type: number - - items: - type: string - type: array - - items: - type: number - type: array - - additionalProperties: false - type: object - properties: - id: - type: string - isSecretRef: - type: boolean - required: - - id - - isSecretRef - nullable: true - description: >- - Input/stream level variable (see - integration documentation for more - information) - type: object - description: >- - Input streams (see integration - documentation to know what streams are - available) - type: object - vars: - additionalProperties: - anyOf: - - type: boolean - - type: string - - type: number - - items: - type: string - type: array - - items: - type: number - type: array - - additionalProperties: false - type: object - properties: - id: - type: string - isSecretRef: - type: boolean - required: - - id - - isSecretRef - nullable: true - description: >- - Input/stream level variable (see - integration documentation for more - information) - type: object - description: >- - Package policy inputs (see integration - documentation to know what inputs are - available) - type: object - x-oas-optional: true - is_managed: - type: boolean - name: - description: Package policy name (should be unique) - type: string - namespace: - description: >- - The package policy namespace. Leave blank to - inherit the agent policy's namespace. - type: string - output_id: - nullable: true - type: string - overrides: - additionalProperties: false - description: >- - Override settings that are defined in the - package policy. The override option should be - used only in unusual circumstances and not as - a routine procedure. - nullable: true - type: object - properties: - inputs: - additionalProperties: {} - type: object - package: - additionalProperties: false - type: object - properties: - experimental_data_stream_features: - items: - additionalProperties: false - type: object - properties: - data_stream: - type: string - features: - additionalProperties: false - type: object - properties: - doc_value_only_numeric: - type: boolean - doc_value_only_other: - type: boolean - synthetic_source: - type: boolean - tsdb: - type: boolean - required: - - data_stream - - features - type: array - name: - description: Package name - type: string - requires_root: - type: boolean - title: - type: string - version: - description: Package version - type: string - required: - - name - - version - policy_id: - deprecated: true - description: >- - Agent policy ID where that package policy will - be added - nullable: true - type: string - policy_ids: - items: - description: >- - Agent policy IDs where that package policy - will be added - type: string - type: array - revision: - type: number - secret_references: - items: - additionalProperties: false - type: object - properties: - id: - type: string - required: - - id - type: array - spaceIds: - items: - type: string - type: array - updated_at: - type: string - updated_by: - type: string - vars: - anyOf: - - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - - additionalProperties: - anyOf: - - type: boolean - - type: string - - type: number - - items: - type: string - type: array - - items: - type: number - type: array - - additionalProperties: false - type: object - properties: - id: - type: string - isSecretRef: - type: boolean - required: - - id - - isSecretRef - nullable: true - description: >- - Input/stream level variable (see - integration documentation for more - information) - type: object - x-oas-optional: true - version: - type: string - required: - - name - - enabled - - inputs - - revision - - updated_at - - updated_by - - created_at - - created_by - - additionalProperties: false - type: object - properties: - description: - description: Package policy description - type: string - enabled: - type: boolean - errors: - items: - additionalProperties: false - type: object - properties: - key: - type: string - message: - type: string - required: - - message - type: array - force: - type: boolean - id: - type: string - inputs: - items: - additionalProperties: false - type: object - properties: - config: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - enabled: - type: boolean - id: - type: string - keep_enabled: - type: boolean - policy_template: - type: string - streams: - items: - additionalProperties: false - type: object - properties: - compiled_stream: {} - config: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - data_stream: - additionalProperties: false - type: object - properties: - dataset: - type: string - elasticsearch: - additionalProperties: false - type: object - properties: - dynamic_dataset: - type: boolean - dynamic_namespace: - type: boolean - privileges: - additionalProperties: false - type: object - properties: - indices: - items: - type: string - type: array - type: - type: string - required: - - dataset - - type - enabled: - type: boolean - id: - type: string - keep_enabled: - type: boolean - release: - enum: - - ga - - beta - - experimental - type: string - vars: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - required: - - enabled - - data_stream - - compiled_stream - type: array - type: - type: string - vars: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - required: - - type - - enabled - - streams - type: array - is_managed: - type: boolean - missingVars: - items: - type: string - type: array - name: - description: Package policy name (should be unique) - type: string - namespace: - description: >- - The package policy namespace. Leave blank to - inherit the agent policy's namespace. - type: string - output_id: - nullable: true - type: string - overrides: - additionalProperties: false - description: >- - Override settings that are defined in the - package policy. The override option should be - used only in unusual circumstances and not as - a routine procedure. - nullable: true - type: object - properties: - inputs: - additionalProperties: {} - type: object - package: - additionalProperties: false - type: object - properties: - experimental_data_stream_features: - items: - additionalProperties: false - type: object - properties: - data_stream: - type: string - features: - additionalProperties: false - type: object - properties: - doc_value_only_numeric: - type: boolean - doc_value_only_other: - type: boolean - synthetic_source: - type: boolean - tsdb: - type: boolean - required: - - data_stream - - features - type: array - name: - description: Package name - type: string - requires_root: - type: boolean - title: - type: string - version: - description: Package version - type: string - required: - - name - - version - policy_id: - deprecated: true - description: >- - Agent policy ID where that package policy will - be added - nullable: true - type: string - policy_ids: - items: - description: >- - Agent policy IDs where that package policy - will be added - type: string - type: array - vars: - additionalProperties: - additionalProperties: false - type: object - properties: - frozen: - type: boolean - type: - type: string - value: {} - required: - - value - description: >- - Package variable (see integration - documentation for more information) - type: object - required: - - name - - enabled - - inputs - type: array - hasErrors: - type: boolean - name: - type: string - statusCode: - type: number - required: - - hasErrors - type: array - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Fleet package policies - /api/fleet/proxies: - get: - description: List proxies - operationId: '%2Fapi%2Ffleet%2Fproxies#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - items: - items: - additionalProperties: false - type: object - properties: - certificate: - nullable: true - type: string - certificate_authorities: - nullable: true - type: string - certificate_key: - nullable: true - type: string - id: - type: string - is_preconfigured: - default: false - type: boolean - name: - type: string - proxy_headers: - additionalProperties: - anyOf: - - type: string - - type: boolean - - type: number - nullable: true - type: object - url: - type: string - required: - - id - - url - - name - type: array - page: - type: number - perPage: - type: number - total: - type: number - required: - - items - - total - - page - - perPage - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Fleet proxies - post: - description: Create proxy - operationId: '%2Fapi%2Ffleet%2Fproxies#1' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - certificate: - nullable: true - type: string - certificate_authorities: - nullable: true - type: string - certificate_key: - nullable: true - type: string - id: - type: string - is_preconfigured: - default: false - type: boolean - name: - type: string - proxy_headers: - additionalProperties: - anyOf: - - type: string - - type: boolean - - type: number - nullable: true - type: object - url: - type: string - required: - - url - - name - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - item: - additionalProperties: false - type: object - properties: - certificate: - nullable: true - type: string - certificate_authorities: - nullable: true - type: string - certificate_key: - nullable: true - type: string - id: - type: string - is_preconfigured: - default: false - type: boolean - name: - type: string - proxy_headers: - additionalProperties: - anyOf: - - type: string - - type: boolean - - type: number - nullable: true - type: object - url: - type: string - required: - - id - - url - - name - required: - - item - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Fleet proxies - /api/fleet/proxies/{itemId}: - delete: - description: Delete proxy by ID - operationId: '%2Fapi%2Ffleet%2Fproxies%2F%7BitemId%7D#2' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - in: path - name: itemId - required: true - schema: - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - id: - type: string - required: - - id - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Fleet proxies - get: - description: Get proxy by ID - operationId: '%2Fapi%2Ffleet%2Fproxies%2F%7BitemId%7D#1' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - in: path - name: itemId - required: true - schema: - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - item: - additionalProperties: false - type: object - properties: - certificate: - nullable: true - type: string - certificate_authorities: - nullable: true - type: string - certificate_key: - nullable: true - type: string - id: - type: string - is_preconfigured: - default: false - type: boolean - name: - type: string - proxy_headers: - additionalProperties: - anyOf: - - type: string - - type: boolean - - type: number - nullable: true - type: object - url: - type: string - required: - - id - - url - - name - required: - - item - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Fleet proxies - put: - description: Update proxy by ID - operationId: '%2Fapi%2Ffleet%2Fproxies%2F%7BitemId%7D#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - in: path - name: itemId - required: true - schema: - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - certificate: - nullable: true - type: string - certificate_authorities: - nullable: true - type: string - certificate_key: - nullable: true - type: string - name: - type: string - proxy_headers: - additionalProperties: - anyOf: - - type: string - - type: boolean - - type: number - nullable: true - type: object - url: - type: string - required: - - proxy_headers - - certificate_authorities - - certificate - - certificate_key - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - item: - additionalProperties: false - type: object - properties: - certificate: - nullable: true - type: string - certificate_authorities: - nullable: true - type: string - certificate_key: - nullable: true - type: string - id: - type: string - is_preconfigured: - default: false - type: boolean - name: - type: string - proxy_headers: - additionalProperties: - anyOf: - - type: string - - type: boolean - - type: number - nullable: true - type: object - url: - type: string - required: - - id - - url - - name - required: - - item - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Fleet proxies - /api/fleet/service_tokens: - post: - description: Create a service token - operationId: '%2Fapi%2Ffleet%2Fservice_tokens#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - nullable: true - type: object - properties: - remote: - default: false - type: boolean - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - name: - type: string - value: - type: string - required: - - name - - value - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Fleet service tokens - /api/fleet/service-tokens: - post: - deprecated: true - description: Create a service token - operationId: '%2Fapi%2Ffleet%2Fservice-tokens#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - responses: {} - summary: '' - tags: [] - /api/fleet/settings: - get: - description: Get settings - operationId: '%2Fapi%2Ffleet%2Fsettings#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - item: - additionalProperties: false - type: object - properties: - delete_unenrolled_agents: - additionalProperties: false - type: object - properties: - enabled: - type: boolean - is_preconfigured: - type: boolean - required: - - enabled - - is_preconfigured - fleet_server_hosts: - items: - type: string - type: array - has_seen_add_data_notice: - type: boolean - id: - type: string - output_secret_storage_requirements_met: - type: boolean - preconfigured_fields: - items: - enum: - - fleet_server_hosts - type: string - type: array - prerelease_integrations_enabled: - type: boolean - secret_storage_requirements_met: - type: boolean - use_space_awareness_migration_started_at: - type: string - use_space_awareness_migration_status: - enum: - - pending - - success - - error - type: string - version: - type: string - required: - - id - required: - - item - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - message: - type: string - required: - - message - summary: '' - tags: - - Fleet internals - put: - description: Update settings - operationId: '%2Fapi%2Ffleet%2Fsettings#1' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - additional_yaml_config: - type: string - delete_unenrolled_agents: - additionalProperties: false - type: object - properties: - enabled: - type: boolean - is_preconfigured: - type: boolean - required: - - enabled - - is_preconfigured - fleet_server_hosts: - items: - format: uri - type: string - type: array - has_seen_add_data_notice: - type: boolean - kibana_ca_sha256: - type: string - kibana_urls: - items: - format: uri - type: string - type: array - prerelease_integrations_enabled: - type: boolean - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - item: - additionalProperties: false - type: object - properties: - delete_unenrolled_agents: - additionalProperties: false - type: object - properties: - enabled: - type: boolean - is_preconfigured: - type: boolean - required: - - enabled - - is_preconfigured - fleet_server_hosts: - items: - type: string - type: array - has_seen_add_data_notice: - type: boolean - id: - type: string - output_secret_storage_requirements_met: - type: boolean - preconfigured_fields: - items: - enum: - - fleet_server_hosts - type: string - type: array - prerelease_integrations_enabled: - type: boolean - secret_storage_requirements_met: - type: boolean - use_space_awareness_migration_started_at: - type: string - use_space_awareness_migration_status: - enum: - - pending - - success - - error - type: string - version: - type: string - required: - - id - required: - - item - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - message: - type: string - required: - - message - summary: '' - tags: - - Fleet internals - /api/fleet/setup: - post: - description: Initiate Fleet setup - operationId: '%2Fapi%2Ffleet%2Fsetup#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: >- - A summary of the result of Fleet's `setup` lifecycle. If - `isInitialized` is true, Fleet is ready to accept agent - enrollment. `nonFatalErrors` may include useful insight into - non-blocking issues with Fleet setup. - type: object - properties: - isInitialized: - type: boolean - nonFatalErrors: - items: - additionalProperties: false - type: object - properties: - message: - type: string - name: - type: string - required: - - name - - message - type: array - required: - - isInitialized - - nonFatalErrors - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Internal Server Error - type: object - properties: - message: - type: string - required: - - message - summary: '' - tags: - - Fleet internals - /api/fleet/uninstall_tokens: - get: - description: List metadata for latest uninstall tokens per agent policy - operationId: '%2Fapi%2Ffleet%2Funinstall_tokens#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: Partial match filtering for policy IDs - in: query - name: policyId - required: false - schema: - maxLength: 50 - type: string - - in: query - name: search - required: false - schema: - maxLength: 50 - type: string - - description: The number of items to return - in: query - name: perPage - required: false - schema: - minimum: 5 - type: number - - in: query - name: page - required: false - schema: - minimum: 1 - type: number - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - items: - items: - additionalProperties: false - type: object - properties: - created_at: - type: string - id: - type: string - namespaces: - items: - type: string - type: array - policy_id: - type: string - policy_name: - nullable: true - type: string - required: - - id - - policy_id - - created_at - type: array - page: - type: number - perPage: - type: number - total: - type: number - required: - - items - - total - - page - - perPage - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Fleet uninstall tokens - /api/fleet/uninstall_tokens/{uninstallTokenId}: - get: - description: Get one decrypted uninstall token by its ID - operationId: '%2Fapi%2Ffleet%2Funinstall_tokens%2F%7BuninstallTokenId%7D#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - in: path - name: uninstallTokenId - required: true - schema: - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - item: - additionalProperties: false - type: object - properties: - created_at: - type: string - id: - type: string - namespaces: - items: - type: string - type: array - policy_id: - type: string - policy_name: - nullable: true - type: string - token: - type: string - required: - - id - - policy_id - - created_at - - token - required: - - item - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - description: Generic Error - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - required: - - message - summary: '' - tags: - - Fleet uninstall tokens - /api/lists: - delete: - description: | - Delete a list using the list ID. - > info - > When you delete a list, all of its list items are also deleted. - operationId: DeleteList - parameters: - - description: List's `id` value - in: query - name: id - required: true - schema: - $ref: '#/components/schemas/Security_Lists_API_ListId' - - in: query - name: deleteReferences - required: false - schema: - default: false - type: boolean - - in: query - name: ignoreReferences - required: false - schema: - default: false - type: boolean - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_List' - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Lists_API_PlatformErrorResponse - - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Not enough privileges response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: List not found response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Internal server error response - summary: Delete a list - tags: - - Security Lists API - get: - description: Get the details of a list using the list ID. - operationId: ReadList - parameters: - - description: List's `id` value - in: query - name: id - required: true - schema: - $ref: '#/components/schemas/Security_Lists_API_ListId' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_List' - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Lists_API_PlatformErrorResponse - - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Not enough privileges response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: List not found response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Internal server error response - summary: Get list details - tags: - - Security Lists API - patch: - description: Update specific fields of an existing list using the list ID. - operationId: PatchList - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - _version: - type: string - description: - $ref: '#/components/schemas/Security_Lists_API_ListDescription' - id: - $ref: '#/components/schemas/Security_Lists_API_ListId' - meta: - $ref: '#/components/schemas/Security_Lists_API_ListMetadata' - name: - $ref: '#/components/schemas/Security_Lists_API_ListName' - version: - minimum: 1 - type: integer - required: - - id - description: List's properties - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_List' - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Lists_API_PlatformErrorResponse - - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Not enough privileges response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: List not found response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Internal server error response - summary: Patch a list - tags: - - Security Lists API - post: - description: Create a new list. - operationId: CreateList - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - description: - $ref: '#/components/schemas/Security_Lists_API_ListDescription' - deserializer: - type: string - id: - $ref: '#/components/schemas/Security_Lists_API_ListId' - meta: - $ref: '#/components/schemas/Security_Lists_API_ListMetadata' - name: - $ref: '#/components/schemas/Security_Lists_API_ListName' - serializer: - type: string - type: - $ref: '#/components/schemas/Security_Lists_API_ListType' - version: - default: 1 - minimum: 1 - type: integer - required: - - name - - description - - type - description: List's properties - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_List' - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Lists_API_PlatformErrorResponse - - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Not enough privileges response - '409': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: List already exists response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Internal server error response - summary: Create a list - tags: - - Security Lists API - put: - description: > - Update a list using the list ID. The original list is replaced, and all - unspecified fields are deleted. - - > info - - > You cannot modify the `id` value. - operationId: UpdateList - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - _version: - type: string - description: - $ref: '#/components/schemas/Security_Lists_API_ListDescription' - id: - $ref: '#/components/schemas/Security_Lists_API_ListId' - meta: - $ref: '#/components/schemas/Security_Lists_API_ListMetadata' - name: - $ref: '#/components/schemas/Security_Lists_API_ListName' - version: - minimum: 1 - type: integer - required: - - id - - name - - description - description: List's properties - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_List' - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Lists_API_PlatformErrorResponse - - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Not enough privileges response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: List not found response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Internal server error response - summary: Update a list - tags: - - Security Lists API - /api/lists/_find: - get: - description: >- - Get a paginated subset of lists. By default, the first page is returned, - with 20 results per page. - operationId: FindLists - parameters: - - description: The page number to return - in: query - name: page - required: false - schema: - type: integer - - description: The number of lists to return per page - in: query - name: per_page - required: false - schema: - type: integer - - description: Determines which field is used to sort the results - in: query - name: sort_field - required: false - schema: - $ref: '#/components/schemas/Security_Lists_API_NonEmptyString' - - description: Determines the sort order, which can be `desc` or `asc` - in: query - name: sort_order - required: false - schema: - enum: - - desc - - asc - type: string - - description: > - Returns the list that come after the last list returned in the - previous call - - (use the cursor value returned in the previous call). This parameter - uses - - the `tie_breaker_id` field to ensure all lists are sorted and - returned correctly. - in: query - name: cursor - required: false - schema: - $ref: '#/components/schemas/Security_Lists_API_FindListsCursor' - - description: > - Filters the returned results according to the value of the specified - field, - - using the : syntax. - in: query - name: filter - required: false - schema: - $ref: '#/components/schemas/Security_Lists_API_FindListsFilter' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - cursor: - $ref: '#/components/schemas/Security_Lists_API_FindListsCursor' - data: - items: - $ref: '#/components/schemas/Security_Lists_API_List' - type: array - page: - minimum: 0 - type: integer - per_page: - minimum: 0 - type: integer - total: - minimum: 0 - type: integer - required: - - data - - page - - per_page - - total - - cursor - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Lists_API_PlatformErrorResponse - - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Not enough privileges response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Internal server error response - summary: Get lists - tags: - - Security Lists API - /api/lists/index: - delete: - description: Delete the `.lists` and `.items` data streams. - operationId: DeleteListIndex - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - acknowledged: - type: boolean - required: - - acknowledged - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Lists_API_PlatformErrorResponse - - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Not enough privileges response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: List data stream not found response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Internal server error response - summary: Delete list data streams - tags: - - Security Lists API - get: - description: Verify that `.lists` and `.items` data streams exist. - operationId: ReadListIndex - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - list_index: - type: boolean - list_item_index: - type: boolean - required: - - list_index - - list_item_index - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Lists_API_PlatformErrorResponse - - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Not enough privileges response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: List data stream(s) not found response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Internal server error response - summary: Get status of list data streams - tags: - - Security Lists API - post: - description: Create `.lists` and `.items` data streams in the relevant space. - operationId: CreateListIndex - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - acknowledged: - type: boolean - required: - - acknowledged - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Lists_API_PlatformErrorResponse - - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Not enough privileges response - '409': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: List data stream exists response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Internal server error response - summary: Create list data streams - tags: - - Security Lists API - /api/lists/items: - delete: - description: Delete a list item using its `id`, or its `list_id` and `value` fields. - operationId: DeleteListItem - parameters: - - description: Required if `list_id` and `value` are not specified - in: query - name: id - required: false - schema: - $ref: '#/components/schemas/Security_Lists_API_ListId' - - description: Required if `id` is not specified - in: query - name: list_id - required: false - schema: - $ref: '#/components/schemas/Security_Lists_API_ListId' - - description: Required if `id` is not specified - in: query - name: value - required: false - schema: - type: string - - description: >- - Determines when changes made by the request are made visible to - search - in: query - name: refresh - required: false - schema: - default: 'false' - enum: - - 'true' - - 'false' - - wait_for - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: '#/components/schemas/Security_Lists_API_ListItem' - - items: - $ref: '#/components/schemas/Security_Lists_API_ListItem' - type: array - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Lists_API_PlatformErrorResponse - - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Not enough privileges response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: List item not found response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Internal server error response - summary: Delete a list item - tags: - - Security Lists API - get: - description: Get the details of a list item. - operationId: ReadListItem - parameters: - - description: Required if `list_id` and `value` are not specified - in: query - name: id - required: false - schema: - $ref: '#/components/schemas/Security_Lists_API_ListId' - - description: Required if `id` is not specified - in: query - name: list_id - required: false - schema: - $ref: '#/components/schemas/Security_Lists_API_ListId' - - description: Required if `id` is not specified - in: query - name: value - required: false - schema: - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: '#/components/schemas/Security_Lists_API_ListItem' - - items: - $ref: '#/components/schemas/Security_Lists_API_ListItem' - type: array - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Lists_API_PlatformErrorResponse - - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Not enough privileges response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: List item not found response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Internal server error response - summary: Get a list item - tags: - - Security Lists API - patch: - description: Update specific fields of an existing list item using the list item ID. - operationId: PatchListItem - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - _version: - type: string - id: - $ref: '#/components/schemas/Security_Lists_API_ListItemId' - meta: - $ref: '#/components/schemas/Security_Lists_API_ListItemMetadata' - refresh: - description: >- - Determines when changes made by the request are made visible - to search - enum: - - 'true' - - 'false' - - wait_for - type: string - value: - $ref: '#/components/schemas/Security_Lists_API_ListItemValue' - required: - - id - description: List item's properties - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_ListItem' - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Lists_API_PlatformErrorResponse - - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Not enough privileges response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: List item not found response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Internal server error response - summary: Patch a list item - tags: - - Security Lists API - post: - description: > - Create a list item and associate it with the specified list. - - - All list items in the same list must be the same type. For example, each - list item in an `ip` list must define a specific IP address. - - > info - - > Before creating a list item, you must create a list. - operationId: CreateListItem - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - id: - $ref: '#/components/schemas/Security_Lists_API_ListItemId' - list_id: - $ref: '#/components/schemas/Security_Lists_API_ListId' - meta: - $ref: '#/components/schemas/Security_Lists_API_ListItemMetadata' - refresh: - description: >- - Determines when changes made by the request are made visible - to search - enum: - - 'true' - - 'false' - - wait_for - type: string - value: - $ref: '#/components/schemas/Security_Lists_API_ListItemValue' - required: - - list_id - - value - description: List item's properties - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_ListItem' - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Lists_API_PlatformErrorResponse - - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Not enough privileges response - '409': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: List item already exists response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Internal server error response - summary: Create a list item - tags: - - Security Lists API - put: - description: > - Update a list item using the list item ID. The original list item is - replaced, and all unspecified fields are deleted. - - > info - - > You cannot modify the `id` value. - operationId: UpdateListItem - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - _version: - type: string - id: - $ref: '#/components/schemas/Security_Lists_API_ListItemId' - meta: - $ref: '#/components/schemas/Security_Lists_API_ListItemMetadata' - value: - $ref: '#/components/schemas/Security_Lists_API_ListItemValue' - required: - - id - - value - description: List item's properties - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_ListItem' - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Lists_API_PlatformErrorResponse - - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Not enough privileges response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: List item not found response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Internal server error response - summary: Update a list item - tags: - - Security Lists API - /api/lists/items/_export: - post: - description: Export list item values from the specified list. - operationId: ExportListItems - parameters: - - description: List's id to export - in: query - name: list_id - required: true - schema: - $ref: '#/components/schemas/Security_Lists_API_ListId' - responses: - '200': - content: - application/ndjson; Elastic-Api-Version=2023-10-31: - schema: - description: A `.txt` file containing list items from the specified list - format: binary - type: string - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Lists_API_PlatformErrorResponse - - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Not enough privileges response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: List not found response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Internal server error response - summary: Export list items - tags: - - Security Lists API - /api/lists/items/_find: - get: - description: Get all list items in the specified list. - operationId: FindListItems - parameters: - - description: List's id - in: query - name: list_id - required: true - schema: - $ref: '#/components/schemas/Security_Lists_API_ListId' - - description: The page number to return - in: query - name: page - required: false - schema: - type: integer - - description: The number of list items to return per page - in: query - name: per_page - required: false - schema: - type: integer - - description: Determines which field is used to sort the results - in: query - name: sort_field - required: false - schema: - $ref: '#/components/schemas/Security_Lists_API_NonEmptyString' - - description: Determines the sort order, which can be `desc` or `asc` - in: query - name: sort_order - required: false - schema: - enum: - - desc - - asc - type: string - - description: > - Returns the list that come after the last list returned in the - previous call - - (use the cursor value returned in the previous call). This parameter - uses - - the `tie_breaker_id` field to ensure all lists are sorted and - returned correctly. - in: query - name: cursor - required: false - schema: - $ref: '#/components/schemas/Security_Lists_API_FindListItemsCursor' - - description: > - Filters the returned results according to the value of the specified - field, - - using the : syntax. - in: query - name: filter - required: false - schema: - $ref: '#/components/schemas/Security_Lists_API_FindListItemsFilter' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - cursor: - $ref: >- - #/components/schemas/Security_Lists_API_FindListItemsCursor - data: - items: - $ref: '#/components/schemas/Security_Lists_API_ListItem' - type: array - page: - minimum: 0 - type: integer - per_page: - minimum: 0 - type: integer - total: - minimum: 0 - type: integer - required: - - data - - page - - per_page - - total - - cursor - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Lists_API_PlatformErrorResponse - - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Not enough privileges response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Internal server error response - summary: Get list items - tags: - - Security Lists API - /api/lists/items/_import: - post: - description: > - Import list items from a TXT or CSV file. The maximum file size is 9 - million bytes. - - - You can import items to a new or existing list. - operationId: ImportListItems - parameters: - - description: | - List's id. - - Required when importing to an existing list. - in: query - name: list_id - required: false - schema: - $ref: '#/components/schemas/Security_Lists_API_ListId' - - description: > - Type of the importing list. - - - Required when importing a new list that is `list_id` is not - specified. - in: query - name: type - required: false - schema: - $ref: '#/components/schemas/Security_Lists_API_ListType' - - in: query - name: serializer - required: false - schema: - type: string - - in: query - name: deserializer - required: false - schema: - type: string - - description: >- - Determines when changes made by the request are made visible to - search - in: query - name: refresh - required: false - schema: - enum: - - 'true' - - 'false' - - wait_for - type: string - requestBody: - content: - multipart/form-data; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - file: - description: >- - A `.txt` or `.csv` file containing newline separated list - items - format: binary - type: string - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_List' - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Lists_API_PlatformErrorResponse - - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Not enough privileges response - '409': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: List with specified list_id does not exist response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Internal server error response - summary: Import list items - tags: - - Security Lists API - /api/lists/privileges: - get: - operationId: ReadListPrivileges - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - is_authenticated: - type: boolean - listItems: - $ref: '#/components/schemas/Security_Lists_API_ListItemPrivileges' - lists: - $ref: '#/components/schemas/Security_Lists_API_ListPrivileges' - required: - - lists - - listItems - - is_authenticated - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: >- - #/components/schemas/Security_Lists_API_PlatformErrorResponse - - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Invalid input data response - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Unsuccessful authentication response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_PlatformErrorResponse' - description: Not enough privileges response - '500': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Lists_API_SiemErrorResponse' - description: Internal server error response - summary: Get list privileges - tags: - - Security Lists API - /api/ml/saved_objects/sync: - get: - description: > - Synchronizes Kibana saved objects for machine learning jobs and trained - models in the default space. You must have `all` privileges for the - **Machine Learning** feature in the **Analytics** section of the Kibana - feature privileges. This API runs automatically when you start Kibana - and periodically thereafter. - operationId: mlSync - parameters: - - $ref: '#/components/parameters/Machine_learning_APIs_simulateParam' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - examples: - syncExample: - $ref: '#/components/examples/Machine_learning_APIs_mlSyncExample' - schema: - $ref: '#/components/schemas/Machine_learning_APIs_mlSync200Response' - description: Indicates a successful call - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Machine_learning_APIs_mlSync4xxResponse' - description: Authorization information is missing or invalid. - summary: Sync saved objects in the default space - tags: - - ml - /api/note: - delete: - description: Delete a note from a Timeline using the note ID. - operationId: DeleteNote - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - nullable: true - type: object - properties: - noteId: - type: string - required: - - noteId - - nullable: true - type: object - properties: - noteIds: - items: - type: string - nullable: true - type: array - required: - - noteIds - description: The ID of the note to delete. - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - data: - type: object - description: Indicates the note was successfully deleted. - summary: Delete a note - tags: - - Security Timeline API - - access:securitySolution - get: - description: Get all notes for a given document. - operationId: GetNotes - parameters: - - in: query - name: documentIds - schema: - $ref: '#/components/schemas/Security_Timeline_API_DocumentIds' - - in: query - name: savedObjectIds - schema: - $ref: '#/components/schemas/Security_Timeline_API_SavedObjectIds' - - in: query - name: page - schema: - nullable: true - type: string - - in: query - name: perPage - schema: - nullable: true - type: string - - in: query - name: search - schema: - nullable: true - type: string - - in: query - name: sortField - schema: - nullable: true - type: string - - in: query - name: sortOrder - schema: - nullable: true - type: string - - in: query - name: filter - schema: - nullable: true - type: string - - in: query - name: userFilter - schema: - nullable: true - type: string - - in: query - name: associatedFilter - schema: - $ref: '#/components/schemas/Security_Timeline_API_AssociatedFilterType' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - $ref: '#/components/schemas/Security_Timeline_API_GetNotesResult' - - type: object - description: Indicates the requested notes were returned. - summary: Get notes - tags: - - Security Timeline API - - access:securitySolution - patch: - description: Add a note to a Timeline or update an existing note. - operationId: PersistNoteRoute - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - eventDataView: - nullable: true - type: string - eventIngested: - nullable: true - type: string - eventTimestamp: - nullable: true - type: string - note: - $ref: '#/components/schemas/Security_Timeline_API_BareNote' - noteId: - nullable: true - type: string - overrideOwner: - nullable: true - type: boolean - version: - nullable: true - type: string - required: - - note - description: The note to add or update, along with additional metadata. - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - data: - type: object - properties: - persistNote: - $ref: >- - #/components/schemas/Security_Timeline_API_ResponseNote - required: - - persistNote - required: - - data - description: Indicates the note was successfully created. - summary: Add or update a note - tags: - - Security Timeline API - - access:securitySolution - /api/osquery/live_queries: - get: - description: Get a list of all live queries. - operationId: OsqueryFindLiveQueries - parameters: - - in: query - name: query - required: true - schema: - $ref: >- - #/components/schemas/Security_Osquery_API_FindLiveQueryRequestQuery - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Osquery_API_DefaultSuccessResponse - description: OK - summary: Get live queries - tags: - - Security Osquery API - post: - description: Create and run a live query. - operationId: OsqueryCreateLiveQuery - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Osquery_API_CreateLiveQueryRequestBody - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Osquery_API_DefaultSuccessResponse - description: OK - summary: Create a live query - tags: - - Security Osquery API - /api/osquery/live_queries/{id}: - get: - description: Get the details of a live query using the query ID. - operationId: OsqueryGetLiveQueryDetails - parameters: - - in: path - name: id - required: true - schema: - $ref: '#/components/schemas/Security_Osquery_API_Id' - - in: query - name: query - schema: - additionalProperties: true - type: object - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Osquery_API_DefaultSuccessResponse - description: OK - summary: Get live query details - tags: - - Security Osquery API - /api/osquery/live_queries/{id}/results/{actionId}: - get: - description: Get the results of a live query using the query action ID. - operationId: OsqueryGetLiveQueryResults - parameters: - - in: path - name: id - required: true - schema: - $ref: '#/components/schemas/Security_Osquery_API_Id' - - in: path - name: actionId - required: true - schema: - $ref: '#/components/schemas/Security_Osquery_API_Id' - - in: query - name: query - required: true - schema: - $ref: >- - #/components/schemas/Security_Osquery_API_GetLiveQueryResultsRequestQuery - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Osquery_API_DefaultSuccessResponse - description: OK - summary: Get live query results - tags: - - Security Osquery API - /api/osquery/packs: - get: - description: Get a list of all query packs. - operationId: OsqueryFindPacks - parameters: - - in: query - name: query - required: true - schema: - $ref: '#/components/schemas/Security_Osquery_API_FindPacksRequestQuery' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Osquery_API_DefaultSuccessResponse - description: OK - summary: Get packs - tags: - - Security Osquery API - post: - description: Create a query pack. - operationId: OsqueryCreatePacks - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Osquery_API_CreatePacksRequestBody' - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Osquery_API_DefaultSuccessResponse - description: OK - summary: Create a pack - tags: - - Security Osquery API - /api/osquery/packs/{id}: - delete: - description: Delete a query pack using the pack ID. - operationId: OsqueryDeletePacks - parameters: - - in: path - name: id - required: true - schema: - $ref: '#/components/schemas/Security_Osquery_API_PackId' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Osquery_API_DefaultSuccessResponse - description: OK - summary: Delete a pack - tags: - - Security Osquery API - get: - description: Get the details of a query pack using the pack ID. - operationId: OsqueryGetPacksDetails - parameters: - - in: path - name: id - required: true - schema: - $ref: '#/components/schemas/Security_Osquery_API_PackId' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Osquery_API_DefaultSuccessResponse - description: OK - summary: Get pack details - tags: - - Security Osquery API - put: - description: | - Update a query pack using the pack ID. - > info - > You cannot update a prebuilt pack. - operationId: OsqueryUpdatePacks - parameters: - - in: path - name: id - required: true - schema: - $ref: '#/components/schemas/Security_Osquery_API_PackId' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_Osquery_API_UpdatePacksRequestBody' - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Osquery_API_DefaultSuccessResponse - description: OK - summary: Update a pack - tags: - - Security Osquery API - /api/osquery/saved_queries: - get: - description: Get a list of all saved queries. - operationId: OsqueryFindSavedQueries - parameters: - - in: query - name: query - required: true - schema: - $ref: >- - #/components/schemas/Security_Osquery_API_FindSavedQueryRequestQuery - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Osquery_API_DefaultSuccessResponse - description: OK - summary: Get saved queries - tags: - - Security Osquery API - post: - description: Create and run a saved query. - operationId: OsqueryCreateSavedQuery - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Osquery_API_CreateSavedQueryRequestBody - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Osquery_API_DefaultSuccessResponse - description: OK - summary: Create a saved query - tags: - - Security Osquery API - /api/osquery/saved_queries/{id}: - delete: - description: Delete a saved query using the query ID. - operationId: OsqueryDeleteSavedQuery - parameters: - - in: path - name: id - required: true - schema: - $ref: '#/components/schemas/Security_Osquery_API_SavedQueryId' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Osquery_API_DefaultSuccessResponse - description: OK - summary: Delete a saved query - tags: - - Security Osquery API - get: - description: Get the details of a saved query using the query ID. - operationId: OsqueryGetSavedQueryDetails - parameters: - - in: path - name: id - required: true - schema: - $ref: '#/components/schemas/Security_Osquery_API_SavedQueryId' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Osquery_API_DefaultSuccessResponse - description: OK - summary: Get saved query details - tags: - - Security Osquery API - put: - description: | - Update a saved query using the query ID. - > info - > You cannot update a prebuilt saved query. - operationId: OsqueryUpdateSavedQuery - parameters: - - in: path - name: id - required: true - schema: - $ref: '#/components/schemas/Security_Osquery_API_SavedQueryId' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Osquery_API_UpdateSavedQueryRequestBody - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Osquery_API_DefaultSuccessResponse - description: OK - summary: Update a saved query - tags: - - Security Osquery API - /api/pinned_event: - patch: - description: Pin an event to an existing Timeline. - operationId: PersistPinnedEventRoute - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - eventId: - type: string - pinnedEventId: - nullable: true - type: string - timelineId: - type: string - required: - - eventId - - timelineId - description: The pinned event to add or update, along with additional metadata. - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - data: - type: object - properties: - persistPinnedEventOnTimeline: - $ref: >- - #/components/schemas/Security_Timeline_API_PersistPinnedEventResponse - required: - - persistPinnedEventOnTimeline - required: - - data - description: Indicates the event was successfully pinned to the Timeline. - summary: Pin an event - tags: - - Security Timeline API - - access:securitySolution - /api/risk_score/engine/dangerously_delete_data: - delete: - description: >- - Cleaning up the the Risk Engine by removing the indices, mapping and - transforms - operationId: CleanUpRiskEngine - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - cleanup_successful: - type: boolean - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Entity_Analytics_API_TaskManagerUnavailableResponse - description: Task manager is unavailable - default: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Entity_Analytics_API_CleanUpRiskEngineErrorResponse - description: Unexpected error - summary: Cleanup the Risk Engine - tags: - - Security Entity Analytics API - /api/risk_score/engine/schedule_now: - post: - description: >- - Schedule the risk scoring engine to run as soon as possible. You can use - this to recalculate entity risk scores after updating their asset - criticality. - operationId: ScheduleRiskEngineNow - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: {} - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Entity_Analytics_API_RiskEngineScheduleNowResponse - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Entity_Analytics_API_TaskManagerUnavailableResponse - description: Task manager is unavailable - default: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Entity_Analytics_API_RiskEngineScheduleNowErrorResponse - description: Unexpected error - summary: Run the risk scoring engine - tags: - - Security Entity Analytics API - /api/saved_objects/_bulk_create: - post: - deprecated: true - operationId: bulkCreateSavedObjects - parameters: - - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' - - description: When true, overwrites the document with the same identifier. - in: query - name: overwrite - schema: - type: boolean - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - items: - type: object - type: array - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - description: Indicates a successful call. - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Saved_objects_400_response' - description: Bad request - summary: Create saved objects - tags: - - saved objects - /api/saved_objects/_bulk_delete: - post: - deprecated: true - description: | - WARNING: When you delete a saved object, it cannot be recovered. - operationId: bulkDeleteSavedObjects - parameters: - - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' - - description: > - When true, force delete objects that exist in multiple namespaces. - Note that the option applies to the whole request. Use the delete - object API to specify per-object deletion behavior. TIP: Use this if - you attempted to delete objects and received an HTTP 400 error with - the following message: "Unable to delete saved object that exists in - multiple namespaces, use the force option to delete it anyway". - WARNING: When you bulk delete objects that exist in multiple - namespaces, the API also deletes legacy url aliases that reference - the object. These requests are batched to minimise the impact but - they can place a heavy load on Kibana. Make sure you limit the - number of objects that exist in multiple namespaces in a single bulk - delete operation. - in: query - name: force - schema: - type: boolean - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - items: - type: object - type: array - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - description: > - Indicates a successful call. NOTE: This HTTP response code indicates - that the bulk operation succeeded. Errors pertaining to individual - objects will be returned in the response body. - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Saved_objects_400_response' - description: Bad request - summary: Delete saved objects - tags: - - saved objects - /api/saved_objects/_bulk_get: - post: - deprecated: true - operationId: bulkGetSavedObjects - parameters: - - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - items: - type: object - type: array - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - description: Indicates a successful call. - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Saved_objects_400_response' - description: Bad request - summary: Get saved objects - tags: - - saved objects - /api/saved_objects/_bulk_resolve: - post: - deprecated: true - description: > - Retrieve multiple Kibana saved objects by identifier using any legacy - URL aliases if they exist. Under certain circumstances when Kibana is - upgraded, saved object migrations may necessitate regenerating some - object IDs to enable new features. When an object's ID is regenerated, a - legacy URL alias is created for that object, preserving its old ID. In - such a scenario, that object can be retrieved by the bulk resolve API - using either its new ID or its old ID. - operationId: bulkResolveSavedObjects - parameters: - - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - items: - type: object - type: array - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - description: > - Indicates a successful call. NOTE: This HTTP response code indicates - that the bulk operation succeeded. Errors pertaining to individual - objects will be returned in the response body. - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Saved_objects_400_response' - description: Bad request - summary: Resolve saved objects - tags: - - saved objects - /api/saved_objects/_bulk_update: - post: - deprecated: true - description: Update the attributes for multiple Kibana saved objects. - operationId: bulkUpdateSavedObjects - parameters: - - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - items: - type: object - type: array - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - description: > - Indicates a successful call. NOTE: This HTTP response code indicates - that the bulk operation succeeded. Errors pertaining to individual - objects will be returned in the response body. - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Saved_objects_400_response' - description: Bad request - summary: Update saved objects - tags: - - saved objects - /api/saved_objects/_export: - post: - description: > - Retrieve sets of saved objects that you want to import into Kibana. - - You must include `type` or `objects` in the request body. - - - Exported saved objects are not backwards compatible and cannot be - imported into an older version of Kibana. - - - NOTE: The `savedObjects.maxImportExportSize` configuration setting - limits the number of saved objects which may be exported. - - - This functionality is in technical preview and may be changed or removed - in a future release. Elastic will work to fix any issues, but features - in technical preview are not subject to the support SLA of official GA - features. - operationId: exportSavedObjectsDefault - parameters: - - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - examples: - exportSavedObjectsRequest: - $ref: '#/components/examples/Saved_objects_export_objects_request' - schema: - type: object - properties: - excludeExportDetails: - default: false - description: Do not add export details entry at the end of the stream. - type: boolean - includeReferencesDeep: - description: >- - Includes all of the referenced objects in the exported - objects. - type: boolean - objects: - description: A list of objects to export. - items: - type: object - type: array - type: - description: >- - The saved object types to include in the export. Use `*` to - export all the types. - oneOf: - - type: string - - items: - type: string - type: array - required: true - responses: - '200': - content: - application/x-ndjson; Elastic-Api-Version=2023-10-31: - examples: - exportSavedObjectsResponse: - $ref: '#/components/examples/Saved_objects_export_objects_response' - schema: - additionalProperties: true - type: object - description: Indicates a successful call. - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Saved_objects_400_response' - description: Bad request. - summary: Export saved objects - tags: - - saved objects - /api/saved_objects/_find: - get: - deprecated: true - description: Retrieve a paginated set of Kibana saved objects. - operationId: findSavedObjects - parameters: - - description: > - An aggregation structure, serialized as a string. The field format - is similar to filter, meaning that to use a saved object type - attribute in the aggregation, the `savedObjectType.attributes.title: - "myTitle"` format must be used. For root fields, the syntax is - `savedObjectType.rootField`. NOTE: As objects change in Kibana, the - results on each page of the response also change. Use the find API - for traditional paginated results, but avoid using it to export - large amounts of data. - in: query - name: aggs - schema: - type: string - - description: The default operator to use for the `simple_query_string`. - in: query - name: default_search_operator - schema: - type: string - - description: The fields to return in the attributes key of the response. - in: query - name: fields - schema: - oneOf: - - type: string - - type: array - - description: > - The filter is a KQL string with the caveat that if you filter with - an attribute from your saved object type, it should look like that: - `savedObjectType.attributes.title: "myTitle"`. However, if you use a - root attribute of a saved object such as `updated_at`, you will have - to define your filter like that: `savedObjectType.updated_at > - 2018-12-22`. - in: query - name: filter - schema: - type: string - - description: >- - Filters to objects that do not have a relationship with the type and - identifier combination. - in: query - name: has_no_reference - schema: - type: object - - description: >- - The operator to use for the `has_no_reference` parameter. Either - `OR` or `AND`. Defaults to `OR`. - in: query - name: has_no_reference_operator - schema: - type: string - - description: >- - Filters to objects that have a relationship with the type and ID - combination. - in: query - name: has_reference - schema: - type: object - - description: >- - The operator to use for the `has_reference` parameter. Either `OR` - or `AND`. Defaults to `OR`. - in: query - name: has_reference_operator - schema: - type: string - - description: The page of objects to return. - in: query - name: page - schema: - type: integer - - description: The number of objects to return per page. - in: query - name: per_page - schema: - type: integer - - description: >- - An Elasticsearch `simple_query_string` query that filters the - objects in the response. - in: query - name: search - schema: - type: string - - description: >- - The fields to perform the `simple_query_string` parsed query - against. - in: query - name: search_fields - schema: - oneOf: - - type: string - - type: array - - description: > - Sorts the response. Includes "root" and "type" fields. "root" fields - exist for all saved objects, such as "updated_at". "type" fields are - specific to an object type, such as fields returned in the - attributes key of the response. When a single type is defined in the - type parameter, the "root" and "type" fields are allowed, and - validity checks are made in that order. When multiple types are - defined in the type parameter, only "root" fields are allowed. - in: query - name: sort_field - schema: - type: string - - description: The saved object types to include. - in: query - name: type - required: true - schema: - oneOf: - - type: string - - type: array - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - description: Indicates a successful call. - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Saved_objects_400_response' - description: Bad request - summary: Search for saved objects - tags: - - saved objects - /api/saved_objects/_import: - post: - description: > - Create sets of Kibana saved objects from a file created by the export - API. - - Saved objects can be imported only into the same version, a newer minor - on the same major, or the next major. Exported saved objects are not - backwards compatible and cannot be imported into an older version of - Kibana. - - - This functionality is in technical preview and may be changed or removed - in a future release. Elastic will work to fix any issues, but features - in technical preview are not subject to the support SLA of official GA - features. - operationId: importSavedObjectsDefault - parameters: - - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' - - description: > - Creates copies of saved objects, regenerates each object ID, and - resets the origin. When used, potential conflict errors are avoided. - NOTE: This option cannot be used with the `overwrite` and - `compatibilityMode` options. - in: query - name: createNewCopies - required: false - schema: - type: boolean - - description: > - Overwrites saved objects when they already exist. When used, - potential conflict errors are automatically resolved by overwriting - the destination object. NOTE: This option cannot be used with the - `createNewCopies` option. - in: query - name: overwrite - required: false - schema: - type: boolean - - description: > - Applies various adjustments to the saved objects that are being - imported to maintain compatibility between different Kibana - versions. Use this option only if you encounter issues with imported - saved objects. NOTE: This option cannot be used with the - `createNewCopies` option. - in: query - name: compatibilityMode - required: false - schema: - type: boolean - requestBody: - content: - multipart/form-data; Elastic-Api-Version=2023-10-31: - examples: - importObjectsRequest: - $ref: '#/components/examples/Saved_objects_import_objects_request' - schema: - type: object - properties: - file: - description: > - A file exported using the export API. NOTE: The - `savedObjects.maxImportExportSize` configuration setting - limits the number of saved objects which may be included in - this file. Similarly, the - `savedObjects.maxImportPayloadBytes` setting limits the - overall size of the file that can be imported. - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - examples: - importObjectsResponse: - $ref: '#/components/examples/Saved_objects_import_objects_response' - schema: - type: object - properties: - errors: - description: > - Indicates the import was unsuccessful and specifies the - objects that failed to import. - - - NOTE: One object may result in multiple errors, which - requires separate steps to resolve. For instance, a - `missing_references` error and conflict error. - items: - type: object - type: array - success: - description: > - Indicates when the import was successfully completed. When - set to false, some objects may not have been created. For - additional information, refer to the `errors` and - `successResults` properties. - type: boolean - successCount: - description: Indicates the number of successfully imported records. - type: integer - successResults: - description: > - Indicates the objects that are successfully imported, with - any metadata if applicable. - - - NOTE: Objects are created only when all resolvable errors - are addressed, including conflicts and missing references. - If objects are created as new copies, each entry in the - `successResults` array includes a `destinationId` - attribute. - items: - type: object - type: array - description: Indicates a successful call. - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Saved_objects_400_response' - description: Bad request. - summary: Import saved objects - tags: - - saved objects - x-codeSamples: - - label: Import with createNewCopies - lang: cURL - source: | - curl \ - -X POST api/saved_objects/_import?createNewCopies=true - -H "kbn-xsrf: true" - --form file=@file.ndjson - /api/saved_objects/_resolve_import_errors: - post: - description: > - To resolve errors from the Import objects API, you can: - - - * Retry certain saved objects - - * Overwrite specific saved objects - - * Change references to different saved objects - - - This functionality is in technical preview and may be changed or removed - in a future release. Elastic will work to fix any issues, but features - in technical preview are not subject to the support SLA of official GA - features. - operationId: resolveImportErrors - parameters: - - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' - - description: > - Applies various adjustments to the saved objects that are being - imported to maintain compatibility between different Kibana - versions. When enabled during the initial import, also enable when - resolving import errors. This option cannot be used with the - `createNewCopies` option. - in: query - name: compatibilityMode - required: false - schema: - type: boolean - - description: > - Creates copies of the saved objects, regenerates each object ID, and - resets the origin. When enabled during the initial import, also - enable when resolving import errors. - in: query - name: createNewCopies - required: false - schema: - type: boolean - requestBody: - content: - multipart/form-data; Elastic-Api-Version=2023-10-31: - examples: - resolveImportErrorsRequest: - $ref: >- - #/components/examples/Saved_objects_resolve_missing_reference_request - schema: - type: object - properties: - file: - description: The same file given to the import API. - format: binary - type: string - retries: - description: >- - The retry operations, which can specify how to resolve - different types of errors. - items: - type: object - properties: - destinationId: - description: >- - Specifies the destination ID that the imported object - should have, if different from the current ID. - type: string - id: - description: The saved object ID. - type: string - ignoreMissingReferences: - description: >- - When set to `true`, ignores missing reference errors. - When set to `false`, does nothing. - type: boolean - overwrite: - description: >- - When set to `true`, the source object overwrites the - conflicting destination object. When set to `false`, - does nothing. - type: boolean - replaceReferences: - description: >- - A list of `type`, `from`, and `to` used to change the - object references. - items: - type: object - properties: - from: - type: string - to: - type: string - type: - type: string - type: array - type: - description: The saved object type. - type: string - required: - - type - - id - type: array - required: - - retries - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - examples: - resolveImportErrorsResponse: - $ref: >- - #/components/examples/Saved_objects_resolve_missing_reference_response - schema: - type: object - properties: - errors: - description: > - Specifies the objects that failed to resolve. - - - NOTE: One object can result in multiple errors, which - requires separate steps to resolve. For instance, a - `missing_references` error and a `conflict` error. - items: - type: object - type: array - success: - description: > - Indicates a successful import. When set to `false`, some - objects may not have been created. For additional - information, refer to the `errors` and `successResults` - properties. - type: boolean - successCount: - description: | - Indicates the number of successfully resolved records. - type: number - successResults: - description: > - Indicates the objects that are successfully imported, with - any metadata if applicable. - - - NOTE: Objects are only created when all resolvable errors - are addressed, including conflict and missing references. - items: - type: object - type: array - description: Indicates a successful call. - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Saved_objects_400_response' - description: Bad request. - summary: Resolve import errors - tags: - - saved objects - /api/saved_objects/{type}: - post: - deprecated: true - description: Create a Kibana saved object with a randomly generated identifier. - operationId: createSavedObject - parameters: - - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' - - $ref: '#/components/parameters/Saved_objects_saved_object_type' - - description: If true, overwrites the document with the same identifier. - in: query - name: overwrite - schema: - type: boolean - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - attributes: - $ref: '#/components/schemas/Saved_objects_attributes' - initialNamespaces: - $ref: '#/components/schemas/Saved_objects_initial_namespaces' - references: - $ref: '#/components/schemas/Saved_objects_references' - required: - - attributes - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - description: Indicates a successful call. - '409': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - description: Indicates a conflict error. - summary: Create a saved object - tags: - - saved objects - /api/saved_objects/{type}/{id}: - get: - deprecated: true - description: Retrieve a single Kibana saved object by identifier. - operationId: getSavedObject - parameters: - - $ref: '#/components/parameters/Saved_objects_saved_object_id' - - $ref: '#/components/parameters/Saved_objects_saved_object_type' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - description: Indicates a successful call. - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Saved_objects_400_response' - description: Bad request. - summary: Get a saved object - tags: - - saved objects - post: - deprecated: true - description: >- - Create a Kibana saved object and specify its identifier instead of using - a randomly generated ID. - operationId: createSavedObjectId - parameters: - - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' - - $ref: '#/components/parameters/Saved_objects_saved_object_id' - - $ref: '#/components/parameters/Saved_objects_saved_object_type' - - description: If true, overwrites the document with the same identifier. - in: query - name: overwrite - schema: - type: boolean - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - attributes: - $ref: '#/components/schemas/Saved_objects_attributes' - initialNamespaces: - $ref: '#/components/schemas/Saved_objects_initial_namespaces' - references: - $ref: '#/components/schemas/Saved_objects_initial_namespaces' - required: - - attributes - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - description: Indicates a successful call. - '409': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - description: Indicates a conflict error. - summary: Create a saved object - tags: - - saved objects - put: - deprecated: true - description: Update the attributes for Kibana saved objects. - operationId: updateSavedObject - parameters: - - $ref: '#/components/parameters/Saved_objects_kbn_xsrf' - - $ref: '#/components/parameters/Saved_objects_saved_object_id' - - $ref: '#/components/parameters/Saved_objects_saved_object_type' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - description: Indicates a successful call. - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - description: Indicates the object was not found. - '409': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - description: Indicates a conflict error. - summary: Update a saved object - tags: - - saved objects - /api/saved_objects/resolve/{type}/{id}: - get: - deprecated: true - description: > - Retrieve a single Kibana saved object by identifier using any legacy URL - alias if it exists. Under certain circumstances, when Kibana is - upgraded, saved object migrations may necessitate regenerating some - object IDs to enable new features. When an object's ID is regenerated, a - legacy URL alias is created for that object, preserving its old ID. In - such a scenario, that object can be retrieved using either its new ID or - its old ID. - operationId: resolveSavedObject - parameters: - - $ref: '#/components/parameters/Saved_objects_saved_object_id' - - $ref: '#/components/parameters/Saved_objects_saved_object_type' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - description: Indicates a successful call. - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Saved_objects_400_response' - description: Bad request. - summary: Resolve a saved object - tags: - - saved objects - /api/security_ai_assistant/anonymization_fields/_bulk_action: - post: - description: >- - Apply a bulk action to multiple anonymization fields. The bulk action is - applied to all anonymization fields that match the filter or to the list - of anonymization fields by their IDs. - operationId: PerformAnonymizationFieldsBulkAction - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - create: - items: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldCreateProps - type: array - delete: - type: object - properties: - ids: - description: Array of anonymization fields IDs - items: - type: string - minItems: 1 - type: array - query: - description: Query to filter anonymization fields - type: string - update: - items: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldUpdateProps - type: array - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldsBulkCrudActionResponse - description: Indicates a successful call. - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - description: Generic Error - summary: Apply a bulk action to anonymization fields - tags: - - Security AI Assistant API - - Bulk API - /api/security_ai_assistant/anonymization_fields/_find: - get: - description: Get a list of all anonymization fields. - operationId: FindAnonymizationFields - parameters: - - in: query - name: fields - required: false - schema: - items: - type: string - type: array - - description: Search query - in: query - name: filter - required: false - schema: - type: string - - description: Field to sort by - in: query - name: sort_field - required: false - schema: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_FindAnonymizationFieldsSortField - - description: Sort order - in: query - name: sort_order - required: false - schema: - $ref: '#/components/schemas/Security_AI_Assistant_API_SortOrder' - - description: Page number - in: query - name: page - required: false - schema: - default: 1 - minimum: 1 - type: integer - - description: AnonymizationFields per page - in: query - name: per_page - required: false - schema: - default: 20 - minimum: 0 - type: integer - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - data: - items: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldResponse - type: array - page: - type: integer - perPage: - type: integer - total: - type: integer - required: - - page - - perPage - - total - - data - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - description: Generic Error - summary: Get anonymization fields - tags: - - Security AI Assistant API - - AnonymizationFields API - /api/security_ai_assistant/chat/complete: - post: - description: Create a model response for the given chat conversation. - operationId: ChatComplete - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/Security_AI_Assistant_API_ChatCompleteProps' - required: true - responses: - '200': - content: - application/octet-stream; Elastic-Api-Version=2023-10-31: - schema: - format: binary - type: string - description: Indicates a successful call. - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - description: Generic Error - summary: Create a model response - tags: - - Security AI Assistant API - - Chat Complete API - /api/security_ai_assistant/current_user/conversations: - post: - description: Create a new Security AI Assistant conversation. - operationId: CreateConversation - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_ConversationCreateProps - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_ConversationResponse - description: Indicates a successful call. - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - description: Generic Error - summary: Create a conversation - tags: - - Security AI Assistant API - - Conversation API - /api/security_ai_assistant/current_user/conversations/_find: - get: - description: Get a list of all conversations for the current user. - operationId: FindConversations - parameters: - - in: query - name: fields - required: false - schema: - items: - type: string - type: array - - description: Search query - in: query - name: filter - required: false - schema: - type: string - - description: Field to sort by - in: query - name: sort_field - required: false - schema: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_FindConversationsSortField - - description: Sort order - in: query - name: sort_order - required: false - schema: - $ref: '#/components/schemas/Security_AI_Assistant_API_SortOrder' - - description: Page number - in: query - name: page - required: false - schema: - default: 1 - minimum: 1 - type: integer - - description: Conversations per page - in: query - name: per_page - required: false - schema: - default: 20 - minimum: 0 - type: integer - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - data: - items: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_ConversationResponse - type: array - page: - type: integer - perPage: - type: integer - total: - type: integer - required: - - page - - perPage - - total - - data - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - description: Generic Error - summary: Get conversations - tags: - - Security AI Assistant API - - Conversations API - /api/security_ai_assistant/current_user/conversations/{id}: - delete: - description: Delete an existing conversation using the conversation ID. - operationId: DeleteConversation - parameters: - - description: The conversation's `id` value. - in: path - name: id - required: true - schema: - $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_ConversationResponse - description: Indicates a successful call. - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - description: Generic Error - summary: Delete a conversation - tags: - - Security AI Assistant API - - Conversation API - get: - description: Get the details of an existing conversation using the conversation ID. - operationId: ReadConversation - parameters: - - description: The conversation's `id` value. - in: path - name: id - required: true - schema: - $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_ConversationResponse - description: Indicates a successful call. - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - description: Generic Error - summary: Get a conversation - tags: - - Security AI Assistant API - - Conversations API - put: - description: Update an existing conversation using the conversation ID. - operationId: UpdateConversation - parameters: - - description: The conversation's `id` value. - in: path - name: id - required: true - schema: - $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_ConversationUpdateProps - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_ConversationResponse - description: Indicates a successful call. - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - description: Generic Error - summary: Update a conversation - tags: - - Security AI Assistant API - - Conversation API - /api/security_ai_assistant/prompts/_bulk_action: - post: - description: >- - Apply a bulk action to multiple prompts. The bulk action is applied to - all prompts that match the filter or to the list of prompts by their - IDs. - operationId: PerformPromptsBulkAction - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - create: - items: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_PromptCreateProps - type: array - delete: - type: object - properties: - ids: - description: Array of prompts IDs - items: - type: string - minItems: 1 - type: array - query: - description: Query to filter promps - type: string - update: - items: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_PromptUpdateProps - type: array - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_PromptsBulkCrudActionResponse - description: Indicates a successful call. - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - description: Generic Error - summary: Apply a bulk action to prompts - tags: - - Security AI Assistant API - - Bulk API - /api/security_ai_assistant/prompts/_find: - get: - description: Get a list of all prompts. - operationId: FindPrompts - parameters: - - in: query - name: fields - required: false - schema: - items: - type: string - type: array - - description: Search query - in: query - name: filter - required: false - schema: - type: string - - description: Field to sort by - in: query - name: sort_field - required: false - schema: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_FindPromptsSortField - - description: Sort order - in: query - name: sort_order - required: false - schema: - $ref: '#/components/schemas/Security_AI_Assistant_API_SortOrder' - - description: Page number - in: query - name: page - required: false - schema: - default: 1 - minimum: 1 - type: integer - - description: Prompts per page - in: query - name: per_page - required: false - schema: - default: 20 - minimum: 0 - type: integer - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - data: - items: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_PromptResponse - type: array - page: - type: integer - perPage: - type: integer - total: - type: integer - required: - - page - - perPage - - total - - data - description: Successful response - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: number - description: Generic Error - summary: Get prompts - tags: - - Security AI Assistant API - - Prompts API - /api/security/role: - get: - operationId: '%2Fapi%2Fsecurity%2Frole#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - in: query - name: replaceDeprecatedPrivileges - required: false - schema: - type: boolean - responses: {} - summary: Get all roles - tags: - - roles - /api/security/role/{name}: - delete: - operationId: '%2Fapi%2Fsecurity%2Frole%2F%7Bname%7D#1' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - in: path - name: name - required: true - schema: - minLength: 1 - type: string - responses: {} - summary: Delete a role - tags: - - roles - get: - operationId: '%2Fapi%2Fsecurity%2Frole%2F%7Bname%7D#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - in: path - name: name - required: true - schema: - minLength: 1 - type: string - - in: query - name: replaceDeprecatedPrivileges - required: false - schema: - type: boolean - responses: {} - summary: Get a role - tags: - - roles - put: - operationId: '%2Fapi%2Fsecurity%2Frole%2F%7Bname%7D#2' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - in: path - name: name - required: true - schema: - maxLength: 1024 - minLength: 1 - type: string - - in: query - name: createOnly - required: false - schema: - default: false - type: boolean - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - description: - maxLength: 2048 - type: string - elasticsearch: - additionalProperties: false - type: object - properties: - cluster: - items: - type: string - type: array - indices: - items: - additionalProperties: false - type: object - properties: - allow_restricted_indices: - type: boolean - field_security: - additionalProperties: - items: - type: string - type: array - type: object - names: - items: - type: string - minItems: 1 - type: array - privileges: - items: - type: string - minItems: 1 - type: array - query: - type: string - required: - - names - - privileges - type: array - remote_cluster: - items: - additionalProperties: false - type: object - properties: - clusters: - items: - type: string - minItems: 1 - type: array - privileges: - items: - type: string - minItems: 1 - type: array - required: - - privileges - - clusters - type: array - remote_indices: - items: - additionalProperties: false - type: object - properties: - allow_restricted_indices: - type: boolean - clusters: - items: - type: string - minItems: 1 - type: array - field_security: - additionalProperties: - items: - type: string - type: array - type: object - names: - items: - type: string - minItems: 1 - type: array - privileges: - items: - type: string - minItems: 1 - type: array - query: - type: string - required: - - clusters - - names - - privileges - type: array - run_as: - items: - type: string - type: array - kibana: - items: - additionalProperties: false - type: object - properties: - base: - anyOf: - - items: {} - type: array - - type: boolean - - type: number - - type: object - - type: string - nullable: true - oneOf: - - items: - type: string - type: array - - items: - type: string - type: array - feature: - additionalProperties: - items: - type: string - type: array - type: object - spaces: - anyOf: - - items: - enum: - - '*' - type: string - maxItems: 1 - minItems: 1 - type: array - - items: - type: string - type: array - default: - - '*' - required: - - base - type: array - metadata: - additionalProperties: {} - type: object - required: - - elasticsearch - responses: {} - summary: Create or update a role - tags: - - roles - /api/security/roles: - post: - operationId: '%2Fapi%2Fsecurity%2Froles#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - roles: - additionalProperties: - additionalProperties: false - type: object - properties: - description: - maxLength: 2048 - type: string - elasticsearch: - additionalProperties: false - type: object - properties: - cluster: - items: - type: string - type: array - indices: - items: - additionalProperties: false - type: object - properties: - allow_restricted_indices: - type: boolean - field_security: - additionalProperties: - items: - type: string - type: array - type: object - names: - items: - type: string - minItems: 1 - type: array - privileges: - items: - type: string - minItems: 1 - type: array - query: - type: string - required: - - names - - privileges - type: array - remote_cluster: - items: - additionalProperties: false - type: object - properties: - clusters: - items: - type: string - minItems: 1 - type: array - privileges: - items: - type: string - minItems: 1 - type: array - required: - - privileges - - clusters - type: array - remote_indices: - items: - additionalProperties: false - type: object - properties: - allow_restricted_indices: - type: boolean - clusters: - items: - type: string - minItems: 1 - type: array - field_security: - additionalProperties: - items: - type: string - type: array - type: object - names: - items: - type: string - minItems: 1 - type: array - privileges: - items: - type: string - minItems: 1 - type: array - query: - type: string - required: - - clusters - - names - - privileges - type: array - run_as: - items: - type: string - type: array - kibana: - items: - additionalProperties: false - type: object - properties: - base: - anyOf: - - items: {} - type: array - - type: boolean - - type: number - - type: object - - type: string - nullable: true - oneOf: - - items: - type: string - type: array - - items: - type: string - type: array - feature: - additionalProperties: - items: - type: string - type: array - type: object - spaces: - anyOf: - - items: - enum: - - '*' - type: string - maxItems: 1 - minItems: 1 - type: array - - items: - type: string - type: array - default: - - '*' - required: - - base - type: array - metadata: - additionalProperties: {} - type: object - required: - - elasticsearch - type: object - required: - - roles - responses: {} - summary: Create or update roles - tags: - - roles - /api/spaces/_copy_saved_objects: - post: - description: >- - It also allows you to automatically copy related objects, so when you - copy a dashboard, this can automatically copy over the associated - visualizations, data views, and saved searches, as required. You can - request to overwrite any objects that already exist in the target space - if they share an identifier or you can use the resolve copy saved - objects conflicts API to do this on a per-object basis. - operationId: '%2Fapi%2Fspaces%2F_copy_saved_objects#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - compatibilityMode: - default: false - description: >- - Apply various adjustments to the saved objects that are - being copied to maintain compatibility between different - Kibana versions. Use this option only if you encounter - issues with copied saved objects. This option cannot be used - with the `createNewCopies` option. - type: boolean - createNewCopies: - default: true - description: >- - Create new copies of saved objects, regenerate each object - identifier, and reset the origin. When used, potential - conflict errors are avoided. This option cannot be used - with the `overwrite` and `compatibilityMode` options. - type: boolean - includeReferences: - default: false - description: >- - When set to true, all saved objects related to the specified - saved objects will also be copied into the target spaces. - type: boolean - objects: - items: - additionalProperties: false - type: object - properties: - id: - description: The identifier of the saved object to copy. - type: string - type: - description: The type of the saved object to copy. - type: string - required: - - type - - id - type: array - overwrite: - default: false - description: >- - When set to true, all conflicts are automatically - overridden. When a saved object with a matching type and - identifier exists in the target space, that version is - replaced with the version from the source space. This option - cannot be used with the `createNewCopies` option. - type: boolean - spaces: - items: - description: >- - The identifiers of the spaces where you want to copy the - specified objects. - type: string - type: array - required: - - spaces - - objects - responses: {} - summary: Copy saved objects between spaces - tags: - - spaces - /api/spaces/_disable_legacy_url_aliases: - post: - operationId: '%2Fapi%2Fspaces%2F_disable_legacy_url_aliases#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - aliases: - items: - additionalProperties: false - type: object - properties: - sourceId: - description: >- - The alias source object identifier. This is the legacy - object identifier. - type: string - targetSpace: - description: The space where the alias target object exists. - type: string - targetType: - description: 'The type of alias target object. ' - type: string - required: - - targetSpace - - targetType - - sourceId - type: array - required: - - aliases - responses: {} - summary: Disable legacy URL aliases - tags: - - spaces - /api/spaces/_get_shareable_references: - post: - description: Collect references and space contexts for saved objects. - operationId: '%2Fapi%2Fspaces%2F_get_shareable_references#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - objects: - items: - additionalProperties: false - type: object - properties: - id: - type: string - type: - type: string - required: - - type - - id - type: array - required: - - objects - responses: {} - summary: Get shareable references - tags: - - spaces - /api/spaces/_resolve_copy_saved_objects_errors: - post: - description: >- - Overwrite saved objects that are returned as errors from the copy saved - objects to space API. - operationId: '%2Fapi%2Fspaces%2F_resolve_copy_saved_objects_errors#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - compatibilityMode: - default: false - type: boolean - createNewCopies: - default: true - type: boolean - includeReferences: - default: false - type: boolean - objects: - items: - additionalProperties: false - type: object - properties: - id: - type: string - type: - type: string - required: - - type - - id - type: array - retries: - additionalProperties: - items: - additionalProperties: false - type: object - properties: - createNewCopy: - description: >- - Creates new copies of the saved objects, regenerates - each object ID, and resets the origin. - type: boolean - destinationId: - description: >- - Specifies the destination identifier that the copied - object should have, if different from the current - identifier. - type: string - id: - description: The saved object identifier. - type: string - ignoreMissingReferences: - description: >- - When set to true, any missing references errors are - ignored. - type: boolean - overwrite: - default: false - description: >- - When set to true, the saved object from the source - space overwrites the conflicting object in the - destination space. - type: boolean - type: - description: The saved object type. - type: string - required: - - type - - id - type: array - type: object - required: - - retries - - objects - responses: {} - summary: Resolve conflicts copying saved objects - tags: [] - /api/spaces/_update_objects_spaces: - post: - description: Update one or more saved objects to add or remove them from some spaces. - operationId: '%2Fapi%2Fspaces%2F_update_objects_spaces#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - objects: - items: - additionalProperties: false - type: object - properties: - id: - description: The identifier of the saved object to update. - type: string - type: - description: The type of the saved object to update. - type: string - required: - - type - - id - type: array - spacesToAdd: - items: - description: >- - The identifiers of the spaces the saved objects should be - added to or removed from. - type: string - type: array - spacesToRemove: - items: - description: >- - The identifiers of the spaces the saved objects should be - added to or removed from. - type: string - type: array - required: - - objects - - spacesToAdd - - spacesToRemove - responses: {} - summary: Update saved objects in spaces - tags: - - spaces - /api/spaces/space: - get: - operationId: '%2Fapi%2Fspaces%2Fspace#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: >- - Specifies which authorization checks are applied to the API call. - The default value is `any`. - in: query - name: purpose - required: false - schema: - enum: - - any - - copySavedObjectsIntoSpace - - shareSavedObjectsIntoSpace - type: string - - description: >- - When enabled, the API returns any spaces that the user is authorized - to access in any capacity and each space will contain the purposes - for which the user is authorized. This can be useful to determine - which spaces a user can read but not take a specific action in. If - the security plugin is not enabled, this parameter has no effect, - since no authorization checks take place. This parameter cannot be - used in with the `purpose` parameter. - in: query - name: include_authorized_purposes - required: true - schema: - anyOf: - - items: {} - type: array - - type: boolean - - type: number - - type: object - - type: string - nullable: true - oneOf: - - enum: - - false - type: boolean - x-oas-optional: true - - type: boolean - x-oas-optional: true - responses: - '200': - description: Indicates a successful call. - summary: Get all spaces - tags: - - spaces - post: - operationId: '%2Fapi%2Fspaces%2Fspace#1' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - _reserved: - type: boolean - color: - description: >- - The hexadecimal color code used in the space avatar. By - default, the color is automatically generated from the space - name. - type: string - description: - description: A description for the space. - type: string - disabledFeatures: - default: [] - items: - description: The list of features that are turned off in the space. - type: string - type: array - id: - description: >- - The space ID that is part of the Kibana URL when inside the - space. Space IDs are limited to lowercase alphanumeric, - underscore, and hyphen characters (a-z, 0-9, _, and -). You - are cannot change the ID with the update operation. - type: string - imageUrl: - description: >- - The data-URL encoded image to display in the space avatar. - If specified, initials will not be displayed and the color - will be visible as the background color for transparent - images. For best results, your image should be 64x64. Images - will not be optimized by this API call, so care should be - taken when using custom images. - type: string - initials: - description: >- - One or two characters that are shown in the space avatar. By - default, the initials are automatically generated from the - space name. - maxLength: 2 - type: string - name: - description: 'The display name for the space. ' - minLength: 1 - type: string - solution: - enum: - - security - - oblt - - es - - classic - type: string - required: - - id - - name - responses: - '200': - description: Indicates a successful call. - summary: Create a space - tags: - - spaces - /api/spaces/space/{id}: - delete: - description: >- - When you delete a space, all saved objects that belong to the space are - automatically deleted, which is permanent and cannot be undone. - operationId: '%2Fapi%2Fspaces%2Fspace%2F%7Bid%7D#2' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - description: The space identifier. - in: path - name: id - required: true - schema: - type: string - responses: - '204': - description: Indicates a successful call. - '404': - description: Indicates that the request failed. - summary: Delete a space - tags: - - spaces - get: - operationId: '%2Fapi%2Fspaces%2Fspace%2F%7Bid%7D#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: The space identifier. - in: path - name: id - required: true - schema: - type: string - responses: - '200': - description: Indicates a successful call. - summary: Get a space - tags: - - spaces - put: - operationId: '%2Fapi%2Fspaces%2Fspace%2F%7Bid%7D#1' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: A required header to protect against CSRF attacks - in: header - name: kbn-xsrf - required: true - schema: - example: 'true' - type: string - - description: >- - The space identifier. You are unable to change the ID with the - update operation. - in: path - name: id - required: true - schema: - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - additionalProperties: false - type: object - properties: - _reserved: - type: boolean - color: - description: >- - The hexadecimal color code used in the space avatar. By - default, the color is automatically generated from the space - name. - type: string - description: - description: A description for the space. - type: string - disabledFeatures: - default: [] - items: - description: The list of features that are turned off in the space. - type: string - type: array - id: - description: >- - The space ID that is part of the Kibana URL when inside the - space. Space IDs are limited to lowercase alphanumeric, - underscore, and hyphen characters (a-z, 0-9, _, and -). You - are cannot change the ID with the update operation. - type: string - imageUrl: - description: >- - The data-URL encoded image to display in the space avatar. - If specified, initials will not be displayed and the color - will be visible as the background color for transparent - images. For best results, your image should be 64x64. Images - will not be optimized by this API call, so care should be - taken when using custom images. - type: string - initials: - description: >- - One or two characters that are shown in the space avatar. By - default, the initials are automatically generated from the - space name. - maxLength: 2 - type: string - name: - description: 'The display name for the space. ' - minLength: 1 - type: string - solution: - enum: - - security - - oblt - - es - - classic - type: string - required: - - id - - name - responses: - '200': - description: Indicates a successful call. - summary: Update a space - tags: - - spaces - /api/status: - get: - operationId: '%2Fapi%2Fstatus#0' - parameters: - - description: The version of the API to use - in: header - name: elastic-api-version - schema: - default: '2023-10-31' - enum: - - '2023-10-31' - type: string - - description: Set to "true" to get the response in v7 format. - in: query - name: v7format - required: false - schema: - type: boolean - - description: Set to "true" to get the response in v8 format. - in: query - name: v8format - required: false - schema: - type: boolean - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - anyOf: - - $ref: '#/components/schemas/Kibana_HTTP_APIs_core_status_response' - - $ref: >- - #/components/schemas/Kibana_HTTP_APIs_core_status_redactedResponse - description: >- - Kibana's operational status. A minimal response is sent for - unauthorized users. - description: Overall status is OK and Kibana should be functioning normally. - '503': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - anyOf: - - $ref: '#/components/schemas/Kibana_HTTP_APIs_core_status_response' - - $ref: >- - #/components/schemas/Kibana_HTTP_APIs_core_status_redactedResponse - description: >- - Kibana's operational status. A minimal response is sent for - unauthorized users. - description: >- - Kibana or some of it's essential services are unavailable. Kibana - may be degraded or unavailable. - summary: Get Kibana's current status - tags: - - system - /api/timeline: - delete: - description: Delete one or more Timelines or Timeline templates. - operationId: DeleteTimelines - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - savedObjectIds: - items: - type: string - type: array - searchIds: - description: >- - Saved search ids that should be deleted alongside the - timelines - items: - type: string - type: array - required: - - savedObjectIds - description: The IDs of the Timelines or Timeline templates to delete. - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - data: - type: object - properties: - deleteTimeline: - type: boolean - required: - - deleteTimeline - required: - - data - description: Indicates the Timeline was successfully deleted. - summary: Delete Timelines or Timeline templates - tags: - - Security Timeline API - - access:securitySolution - get: - description: Get the details of an existing saved Timeline or Timeline template. - operationId: GetTimeline - parameters: - - description: The ID of the template timeline to retrieve - in: query - name: template_timeline_id - schema: - type: string - - description: The ID of the Timeline to retrieve. - in: query - name: id - schema: - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - type: object - properties: - data: - type: object - properties: - getOneTimeline: - $ref: >- - #/components/schemas/Security_Timeline_API_TimelineResponse - required: - - getOneTimeline - required: - - data - - additionalProperties: false - type: object - description: Indicates that the (template) Timeline was found and returned. - summary: Get Timeline or Timeline template details - tags: - - Security Timeline API - - access:securitySolution - patch: - description: >- - Update an existing Timeline. You can update the title, description, date - range, pinned events, pinned queries, and/or pinned saved queries of an - existing Timeline. - operationId: PatchTimeline - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - timeline: - $ref: '#/components/schemas/Security_Timeline_API_SavedTimeline' - timelineId: - nullable: true - type: string - version: - nullable: true - type: string - required: - - timelineId - - version - - timeline - description: The Timeline updates, along with the Timeline ID and version. - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Timeline_API_PersistTimelineResponse - description: >- - Indicates that the draft Timeline was successfully created. In the - event the user already has a draft Timeline, the existing draft - Timeline is cleared and returned. - '405': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - body: - type: string - statusCode: - type: number - description: >- - Indicates that the user does not have the required access to create - a draft Timeline. - summary: Update a Timeline - tags: - - Security Timeline API - - access:securitySolution - post: - description: Create a new Timeline or Timeline template. - operationId: CreateTimelines - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - status: - $ref: '#/components/schemas/Security_Timeline_API_TimelineStatus' - nullable: true - templateTimelineId: - nullable: true - type: string - templateTimelineVersion: - nullable: true - type: number - timeline: - $ref: '#/components/schemas/Security_Timeline_API_SavedTimeline' - timelineId: - nullable: true - type: string - timelineType: - $ref: '#/components/schemas/Security_Timeline_API_TimelineType' - nullable: true - version: - nullable: true - type: string - required: - - timeline - description: >- - The required Timeline fields used to create a new Timeline, along with - optional fields that will be created if not provided. - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Timeline_API_PersistTimelineResponse - description: Indicates the Timeline was successfully created. - '405': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - body: - type: string - statusCode: - type: number - description: Indicates that there was an error in the Timeline creation. - summary: Create a Timeline or Timeline template - tags: - - Security Timeline API - - access:securitySolution - /api/timeline/_copy: - get: - description: | - Copies and returns a timeline or timeline template. - operationId: CopyTimeline - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - timeline: - $ref: '#/components/schemas/Security_Timeline_API_SavedTimeline' - timelineIdToCopy: - type: string - required: - - timeline - - timelineIdToCopy - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Timeline_API_PersistTimelineResponse - description: Indicates that the timeline has been successfully copied. - summary: Copies timeline or timeline template - tags: - - Security Timeline API - - access:securitySolution - /api/timeline/_draft: - get: - description: >- - Get the details of the draft Timeline or Timeline template for the - current user. If the user doesn't have a draft Timeline, an empty - Timeline is returned. - operationId: GetDraftTimelines - parameters: - - in: query - name: timelineType - required: true - schema: - $ref: '#/components/schemas/Security_Timeline_API_TimelineType' - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Timeline_API_PersistTimelineResponse - description: Indicates that the draft Timeline was successfully retrieved. - '403': - content: - application:json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - message: - type: string - status_code: - type: number - description: >- - If a draft Timeline was not found and we attempted to create one, it - indicates that the user does not have the required permissions to - create a draft Timeline. - '409': - content: - application:json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - message: - type: string - status_code: - type: number - description: >- - This should never happen, but if a draft Timeline was not found and - we attempted to create one, it indicates that there is already a - draft Timeline with the given `timelineId`. - summary: Get draft Timeline or Timeline template details - tags: - - Security Timeline API - - access:securitySolution - post: - description: > - Create a clean draft Timeline or Timeline template for the current user. - - > info - - > If the user already has a draft Timeline, the existing draft Timeline - is cleared and returned. - operationId: CleanDraftTimelines - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - timelineType: - $ref: '#/components/schemas/Security_Timeline_API_TimelineType' - required: - - timelineType - description: >- - The type of Timeline to create. Valid values are `default` and - `template`. - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Timeline_API_PersistTimelineResponse - description: >- - Indicates that the draft Timeline was successfully created. In the - event the user already has a draft Timeline, the existing draft - Timeline is cleared and returned. - '403': - content: - application:json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - message: - type: string - status_code: - type: number - description: >- - Indicates that the user does not have the required permissions to - create a draft Timeline. - '409': - content: - application:json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - message: - type: string - status_code: - type: number - description: >- - Indicates that there is already a draft Timeline with the given - `timelineId`. - summary: Create a clean draft Timeline or Timeline template - tags: - - Security Timeline API - - access:securitySolution - /api/timeline/_export: - post: - description: Export Timelines as an NDJSON file. - operationId: ExportTimelines - parameters: - - description: The name of the file to export - in: query - name: file_name - required: true - schema: - type: string - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - ids: - items: - type: string - nullable: true - type: array - description: The IDs of the Timelines to export. - required: true - responses: - '200': - content: - application/ndjson; Elastic-Api-Version=2023-10-31: - schema: - description: NDJSON of the exported Timelines - type: string - description: Indicates the Timelines were successfully exported. - '400': - content: - application/ndjson; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - body: - type: string - statusCode: - type: number - description: Indicates that the export size limit was exceeded. - summary: Export Timelines - tags: - - Security Timeline API - - access:securitySolution - /api/timeline/_favorite: - patch: - description: Favorite a Timeline or Timeline template for the current user. - operationId: PersistFavoriteRoute - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - templateTimelineId: - nullable: true - type: string - templateTimelineVersion: - nullable: true - type: number - timelineId: - nullable: true - type: string - timelineType: - $ref: '#/components/schemas/Security_Timeline_API_TimelineType' - nullable: true - required: - - timelineId - - templateTimelineId - - templateTimelineVersion - - timelineType - description: The required fields used to favorite a (template) Timeline. - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - data: - type: object - properties: - persistFavorite: - $ref: >- - #/components/schemas/Security_Timeline_API_FavoriteTimelineResponse - required: - - persistFavorite - required: - - data - description: Indicates the favorite status was successfully updated. - '403': - content: - application:json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - body: - type: string - statusCode: - type: number - description: >- - Indicates the user does not have the required permissions to persist - the favorite status. - summary: Favorite a Timeline or Timeline template - tags: - - Security Timeline API - - access:securitySolution - /api/timeline/_import: - post: - description: Import Timelines. - operationId: ImportTimelines - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - file: {} - isImmutable: - enum: - - 'true' - - 'false' - type: string - required: - - file - description: The Timelines to import as a readable stream. - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Timeline_API_ImportTimelineResult - description: Indicates the import of Timelines was successful. - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - body: - type: string - id: - type: string - statusCode: - type: number - description: >- - Indicates the import of Timelines was unsuccessful because of an - invalid file extension. - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - id: - type: string - statusCode: - type: number - description: >- - Indicates that we were unable to locate the saved object client - necessary to handle the import. - '409': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - body: - type: string - id: - type: string - statusCode: - type: number - description: Indicates the import of Timelines was unsuccessful. - summary: Import Timelines - tags: - - Security Timeline API - - access:securitySolution - /api/timeline/_prepackaged: - post: - description: Install or update prepackaged Timelines. - operationId: InstallPrepackedTimelines - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - prepackagedTimelines: - items: - $ref: >- - #/components/schemas/Security_Timeline_API_TimelineSavedToReturnObject - nullable: true - type: array - timelinesToInstall: - items: - $ref: '#/components/schemas/Security_Timeline_API_ImportTimelines' - nullable: true - type: array - timelinesToUpdate: - items: - $ref: '#/components/schemas/Security_Timeline_API_ImportTimelines' - nullable: true - type: array - required: - - timelinesToInstall - - timelinesToUpdate - - prepackagedTimelines - description: The Timelines to install or update. - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: >- - #/components/schemas/Security_Timeline_API_ImportTimelineResult - description: Indicates the installation of prepackaged Timelines was successful. - '500': - content: - application:json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - body: - type: string - statusCode: - type: number - description: >- - Indicates the installation of prepackaged Timelines was - unsuccessful. - summary: Install prepackaged Timelines - tags: - - Security Timeline API - - access:securitySolution - /api/timeline/resolve: - get: - operationId: ResolveTimeline - parameters: - - description: The ID of the template timeline to resolve - in: query - name: template_timeline_id - schema: - type: string - - description: The ID of the timeline to resolve - in: query - name: id - schema: - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - oneOf: - - type: object - properties: - data: - $ref: >- - #/components/schemas/Security_Timeline_API_ResolvedTimeline - required: - - data - - additionalProperties: false - type: object - description: The (template) Timeline has been found - '400': - description: The request is missing parameters - '404': - description: The (template) Timeline was not found - summary: Get an existing saved Timeline or Timeline template - tags: - - Security Timeline API - - access:securitySolution - /api/timelines: - get: - description: Get a list of all saved Timelines or Timeline templates. - operationId: GetTimelines - parameters: - - description: >- - If true, only timelines that are marked as favorites by the user are - returned. - in: query - name: only_user_favorite - schema: - enum: - - 'true' - - 'false' - nullable: true - type: string - - in: query - name: timeline_type - schema: - $ref: '#/components/schemas/Security_Timeline_API_TimelineType' - nullable: true - - in: query - name: sort_field - schema: - $ref: '#/components/schemas/Security_Timeline_API_SortFieldTimeline' - - in: query - name: sort_order - schema: - enum: - - asc - - desc - type: string - - in: query - name: page_size - schema: - nullable: true - type: string - - in: query - name: page_index - schema: - nullable: true - type: string - - in: query - name: search - schema: - nullable: true - type: string - - in: query - name: status - schema: - $ref: '#/components/schemas/Security_Timeline_API_TimelineStatus' - nullable: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - customTemplateTimelineCount: - type: number - defaultTimelineCount: - type: number - elasticTemplateTimelineCount: - type: number - favoriteCount: - type: number - templateTimelineCount: - type: number - timeline: - items: - $ref: >- - #/components/schemas/Security_Timeline_API_TimelineResponse - type: array - totalCount: - type: number - required: - - timeline - - totalCount - description: Indicates that the (template) Timelines were found and returned. - '400': - content: - application:json; Elastic-Api-Version=2023-10-31: - schema: - type: object - properties: - body: - type: string - statusCode: - type: number - description: Bad request. The user supplied invalid data. - summary: Get Timelines or Timeline templates - tags: - - Security Timeline API - - access:securitySolution - /s/{spaceId}/api/observability/slos: - get: - description: > - You must have the `read` privileges for the **SLOs** feature in the - **Observability** section of the Kibana feature privileges. - operationId: findSlosOp - parameters: - - $ref: '#/components/parameters/SLOs_kbn_xsrf' - - $ref: '#/components/parameters/SLOs_space_id' - - description: A valid kql query to filter the SLO with - example: 'slo.name:latency* and slo.tags : "prod"' - in: query - name: kqlQuery - schema: - type: string - - description: The page to use for pagination, must be greater or equal than 1 - example: 1 - in: query - name: page - schema: - default: 1 - type: integer - - description: Number of SLOs returned by page - example: 25 - in: query - name: perPage - schema: - default: 25 - maximum: 5000 - type: integer - - description: Sort by field - example: status - in: query - name: sortBy - schema: - default: status - enum: - - sli_value - - status - - error_budget_consumed - - error_budget_remaining - type: string - - description: Sort order - example: asc - in: query - name: sortDirection - schema: - default: asc - enum: - - asc - - desc - type: string - - description: >- - Hide stale SLOs from the list as defined by stale SLO threshold in - SLO settings - in: query - name: hideStale - schema: - type: boolean - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_find_slo_response' - description: Successful request - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_400_response' - description: Bad request - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_401_response' - description: Unauthorized response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_403_response' - description: Unauthorized response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_404_response' - description: Not found response - summary: Get a paginated list of SLOs - tags: - - slo - post: - description: > - You must have `all` privileges for the **SLOs** feature in the - **Observability** section of the Kibana feature privileges. - operationId: createSloOp - parameters: - - $ref: '#/components/parameters/SLOs_kbn_xsrf' - - $ref: '#/components/parameters/SLOs_space_id' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_create_slo_request' - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_create_slo_response' - description: Successful request - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_400_response' - description: Bad request - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_401_response' - description: Unauthorized response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_403_response' - description: Unauthorized response - '409': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_409_response' - description: Conflict - The SLO id already exists - summary: Create an SLO - tags: - - slo - /s/{spaceId}/api/observability/slos/_delete_instances: - post: - description: > - The deletion occurs for the specified list of `sloId` and `instanceId`. - You must have `all` privileges for the **SLOs** feature in the - **Observability** section of the Kibana feature privileges. - operationId: deleteSloInstancesOp - parameters: - - $ref: '#/components/parameters/SLOs_kbn_xsrf' - - $ref: '#/components/parameters/SLOs_space_id' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_delete_slo_instances_request' - required: true - responses: - '204': - description: Successful request - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_400_response' - description: Bad request - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_401_response' - description: Unauthorized response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_403_response' - description: Unauthorized response - summary: Batch delete rollup and summary data - tags: - - slo - /s/{spaceId}/api/observability/slos/{sloId}: - delete: - description: > - You must have the `write` privileges for the **SLOs** feature in the - **Observability** section of the Kibana feature privileges. - operationId: deleteSloOp - parameters: - - $ref: '#/components/parameters/SLOs_kbn_xsrf' - - $ref: '#/components/parameters/SLOs_space_id' - - $ref: '#/components/parameters/SLOs_slo_id' - responses: - '204': - description: Successful request - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_400_response' - description: Bad request - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_401_response' - description: Unauthorized response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_403_response' - description: Unauthorized response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_404_response' - description: Not found response - summary: Delete an SLO - tags: - - slo - get: - description: > - You must have the `read` privileges for the **SLOs** feature in the - **Observability** section of the Kibana feature privileges. - operationId: getSloOp - parameters: - - $ref: '#/components/parameters/SLOs_kbn_xsrf' - - $ref: '#/components/parameters/SLOs_space_id' - - $ref: '#/components/parameters/SLOs_slo_id' - - description: the specific instanceId used by the summary calculation - example: host-abcde - in: query - name: instanceId - schema: - type: string - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_slo_with_summary_response' - description: Successful request - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_400_response' - description: Bad request - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_401_response' - description: Unauthorized response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_403_response' - description: Unauthorized response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_404_response' - description: Not found response - summary: Get an SLO - tags: - - slo - put: - description: > - You must have the `write` privileges for the **SLOs** feature in the - **Observability** section of the Kibana feature privileges. - operationId: updateSloOp - parameters: - - $ref: '#/components/parameters/SLOs_kbn_xsrf' - - $ref: '#/components/parameters/SLOs_space_id' - - $ref: '#/components/parameters/SLOs_slo_id' - requestBody: - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_update_slo_request' - required: true - responses: - '200': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_slo_definition_response' - description: Successful request - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_400_response' - description: Bad request - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_401_response' - description: Unauthorized response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_403_response' - description: Unauthorized response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_404_response' - description: Not found response - summary: Update an SLO - tags: - - slo - /s/{spaceId}/api/observability/slos/{sloId}/_reset: - post: - description: > - You must have the `write` privileges for the **SLOs** feature in the - **Observability** section of the Kibana feature privileges. - operationId: resetSloOp - parameters: - - $ref: '#/components/parameters/SLOs_kbn_xsrf' - - $ref: '#/components/parameters/SLOs_space_id' - - $ref: '#/components/parameters/SLOs_slo_id' - responses: - '204': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_slo_definition_response' - description: Successful request - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_400_response' - description: Bad request - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_401_response' - description: Unauthorized response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_403_response' - description: Unauthorized response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_404_response' - description: Not found response - summary: Reset an SLO - tags: - - slo - /s/{spaceId}/api/observability/slos/{sloId}/disable: - post: - description: > - You must have the `write` privileges for the **SLOs** feature in the - **Observability** section of the Kibana feature privileges. - operationId: disableSloOp - parameters: - - $ref: '#/components/parameters/SLOs_kbn_xsrf' - - $ref: '#/components/parameters/SLOs_space_id' - - $ref: '#/components/parameters/SLOs_slo_id' - responses: - '200': - description: Successful request - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_400_response' - description: Bad request - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_401_response' - description: Unauthorized response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_403_response' - description: Unauthorized response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_404_response' - description: Not found response - summary: Disable an SLO - tags: - - slo - /s/{spaceId}/api/observability/slos/{sloId}/enable: - post: - description: > - You must have the `write` privileges for the **SLOs** feature in the - **Observability** section of the Kibana feature privileges. - operationId: enableSloOp - parameters: - - $ref: '#/components/parameters/SLOs_kbn_xsrf' - - $ref: '#/components/parameters/SLOs_space_id' - - $ref: '#/components/parameters/SLOs_slo_id' - responses: - '204': - description: Successful request - '400': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_400_response' - description: Bad request - '401': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_401_response' - description: Unauthorized response - '403': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_403_response' - description: Unauthorized response - '404': - content: - application/json; Elastic-Api-Version=2023-10-31: - schema: - $ref: '#/components/schemas/SLOs_404_response' - description: Not found response - summary: Enable an SLO - tags: - - slo -components: - examples: - Alerting_get_health_response: - summary: Retrieve information about the health of the alerting framework. - value: - alerting_framework_health: - decryption_health: - status: ok - timestamp: '2023-01-13T01:28:00.280Z' - execution_health: - status: ok - timestamp: '2023-01-13T01:28:00.280Z' - read_health: - status: ok - timestamp: '2023-01-13T01:28:00.280Z' - has_permanent_encryption_key: true - is_sufficiently_secure: true - Alerting_get_rule_types_response: - summary: Retrieve rule types associated with Kibana machine learning features - value: - - action_groups: - - id: anomaly_score_match - name: Anomaly score matched the condition - - id: recovered - name: Recovered - action_variables: - context: - - description: The bucket timestamp of the anomaly - name: timestamp - - description: The bucket time of the anomaly in ISO8601 format - name: timestampIso8601 - - description: List of job IDs that triggered the alert - name: jobIds - - description: Alert info message - name: message - - description: Indicate if top hits contain interim results - name: isInterim - - description: Anomaly score at the time of the notification action - name: score - - description: Top records - name: topRecords - - description: Top influencers - name: topInfluencers - - description: URL to open in the Anomaly Explorer - name: anomalyExplorerUrl - useWithTripleBracesInTemplates: true - params: [] - state: [] - alerts: - context: ml.anomaly-detection - mappings: - fieldMap: - kibana.alert.anomaly_score: - array: false - type: double - required: false - kibana.alert.anomaly_timestamp: - array: false - type: date - required: false - kibana.alert.is_interim: - array: false - type: boolean - required: false - kibana.alert.job_id: - array: false - type: keyword - required: true - kibana.alert.top_influencers: - array: true - dynamic: false - type: object - properties: - influencer_field_name: - type: keyword - influencer_field_value: - type: keyword - influencer_score: - type: double - initial_influencer_score: - type: double - is_interim: - type: boolean - job_id: - type: keyword - timestamp: - type: date - required: false - kibana.alert.top_records: - array: true - dynamic: false - type: object - properties: - actual: - type: double - by_field_name: - type: keyword - by_field_value: - type: keyword - detector_index: - type: integer - field_name: - type: keyword - function: - type: keyword - initial_record_score: - type: double - is_interim: - type: boolean - job_id: - type: keyword - over_field_name: - type: keyword - over_field_value: - type: keyword - partition_field_name: - type: keyword - partition_field_value: - type: keyword - record_score: - type: double - timestamp: - type: date - typical: - type: double - required: false - shouldWrite: true - authorized_consumers: - alerts: - all: true - read: true - apm: - all: true - read: true - discover: - all: true - read: true - infrastructure: - all: true - read: true - logs: - all: true - read: true - ml: - all: true - read: true - monitoring: - all: true - read: true - siem: - all: true - read: true - slo: - all: true - read: true - stackAlerts: - all: true - read: true - uptime: - all: true - read: true - category: management - default_action_group_id: anomaly_score_match - does_set_recovery_context: true - enabled_in_license: true - has_alerts_mappings: true - has_fields_for_a_a_d: false - id: xpack.ml.anomaly_detection_alert - is_exportable: true - minimum_license_required: platinum - name: Anomaly detection alert - producer: ml - recovery_action_group: - id: recovered - name: Recovered - rule_task_timeout: 5m - - action_groups: - - id: anomaly_detection_realtime_issue - name: Issue detected - - id: recovered - name: Recovered - action_variables: - context: - - description: Results of the rule execution - name: results - - description: Alert info message - name: message - params: [] - state: [] - authorized_consumers: - alerts: - all: true - read: true - apm: - all: true - read: true - discover: - all: true - read: true - infrastructure: - all: true - read: true - logs: - all: true - read: true - ml: - all: true - read: true - monitoring: - all: true - read: true - siem: - all: true - read: true - slo: - all: true - read: true - stackAlerts: - all: true - read: true - uptime: - all: true - read: true - category: management - default_action_group_id: anomaly_detection_realtime_issue - does_set_recovery_context: true - enabled_in_license: true - has_alerts_mappings: false - has_fields_for_a_a_d: false - id: xpack.ml.anomaly_detection_jobs_health - is_exportable: true - minimum_license_required: platinum - name: Anomaly detection jobs health - producer: ml - recovery_action_group: - id: recovered - name: Recovered - rule_task_timeout: 5m - Cases_add_comment_request: - summary: Adds a comment to a case. - value: - comment: A new comment. - owner: cases - type: user - Cases_add_comment_response: - summary: >- - The add comment to case API returns a JSON object that contains details - about the case and its comments. - value: - assignees: [] - category: null - closed_at: null - closed_by: null - comments: - - comment: A new comment. - created_at: '2022-10-02T00:49:47.716Z' - created_by: - email: null - full_name: null - username: elastic - id: 8af6ac20-74f6-11ea-b83a-553aecdb28b6 - owner: cases - type: user - version: WzIwNDMxLDFd - connector: - fields: null - id: none - name: none - type: .none - created_at: '2022-03-24T00:37:03.906Z' - created_by: - email: null - full_name: null - profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 - username: elastic - customFields: - - key: d312efda-ec2b-42ec-9e2c-84981795c581 - type: text - value: Field value - - key: fcc6840d-eb14-42df-8aaf-232201a705ec - type: toggle - value: true - description: A case description. - duration: null - external_service: null - id: 293f1bc0-74f6-11ea-b83a-553aecdb28b6 - owner: cases - settings: - syncAlerts: false - severity: low - status: open - tags: - - tag 1 - title: Case title 1 - totalAlerts: 0 - totalComment: 1 - updated_at: '2022-06-03T00:49:47.716Z' - updated_by: - email: null - full_name: null - profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 - username: elastic - version: WzIzMzgsMV0= - Cases_create_case_request: - summary: Create a security case that uses a Jira connector. - value: - connector: - fields: - issueType: '10006' - parent: null - priority: High - id: 131d4448-abe0-4789-939d-8ef60680b498 - name: My connector - type: .jira - customFields: - - key: d312efda-ec2b-42ec-9e2c-84981795c581 - type: text - value: My field value - description: A case description. - owner: cases - settings: - syncAlerts: true - tags: - - tag-1 - title: Case title 1 - Cases_create_case_response: - summary: >- - The create case API returns a JSON object that contains details about - the case. - value: - assignees: [] - closed_at: null - closed_by: null - comments: [] - connector: - fields: - issueType: '10006' - parent: null - priority: High - id: 131d4448-abe0-4789-939d-8ef60680b498 - name: My connector - type: .jira - created_at: '2022-10-13T15:33:50.604Z' - created_by: - email: null - full_name: null - profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 - username: elastic - customFields: - - key: d312efda-ec2b-42ec-9e2c-84981795c581 - type: text - value: My field value - - key: fcc6840d-eb14-42df-8aaf-232201a705ec - type: toggle - value: null - description: A case description. - duration: null - external_service: null - id: 66b9aa00-94fa-11ea-9f74-e7e108796192 - owner: cases - settings: - syncAlerts: true - severity: low - status: open - tags: - - tag 1 - title: Case title 1 - totalAlerts: 0 - totalComment: 0 - updated_at: null - updated_by: null - version: WzUzMiwxXQ== - Cases_find_case_activity_response: - summary: Retrieves all activity for a case - value: - page: 1 - perPage: 20 - total: 3 - userActions: - - action: create - comment_id: null - created_at: '2023-10-20T01:17:22.150Z' - created_by: - email: null - full_name: null - profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 - username: elastic - id: b4cd0770-07c9-11ed-a5fd-47154cb8767e - owner: cases - payload: - assignees: [] - category: null - connector: - fields: null - id: none - name: none - type: .none - customFields: - - key: d312efda-ec2b-42ec-9e2c-84981795c581 - type: text - value: My field value - - key: fcc6840d-eb14-42df-8aaf-232201a705ec - type: toggle - value: null - description: A case description. - owner: cases - settings: - syncAlerts: false - severity: low - status: open - tags: - - tag 1 - title: Case title 1 - type: create_case - version: WzM1ODg4LDFd - - action: create - comment_id: 578608d0-03b1-11ed-920c-974bfa104448 - created_at: '2023-10-14T20:12:53.354Z' - created_by: - email: null - full_name: null - profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 - username: elastic - id: 57af14a0-03b1-11ed-920c-974bfa104448 - owner: cases - payload: - comment: A new comment - owner: cases - type: user - type: comment - version: WzM1ODg4LDFa - - action: add - comment_id: null - created_at: '2023-10-20T01:10:28.238Z' - created_by: - email: null - full_name: null - profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 - username: elastic - id: 573c6980-6123-11ed-aa41-81a0a61fe447 - owner: cases - payload: - assignees: - uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 - type: assignees - version: WzM1ODg4LDFb - Cases_find_case_response: - summary: >- - Retrieve the first five cases with the `tag-1` tag, in ascending order - by last update time. - value: - cases: - - assignees: [] - category: null - closed_at: null - closed_by: null - comments: [] - connector: - fields: null - id: none - name: none - type: .none - created_at: '2023-10-12T00:16:36.371Z' - created_by: - email: null - full_name: null - profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 - username: elastic - customFields: - - key: d312efda-ec2b-42ec-9e2c-84981795c581 - type: text - value: My field value - - key: fcc6840d-eb14-42df-8aaf-232201a705ec - type: toggle - value: null - description: Case description - duration: null - external_service: null - id: abed3a70-71bd-11ea-a0b2-c51ea50a58e2 - owner: cases - settings: - syncAlerts: true - severity: low - status: open - tags: - - tag-1 - title: Case title - totalAlerts: 0 - totalComment: 1 - updated_at: '2023-10-12T00:27:58.162Z' - updated_by: - email: null - full_name: null - profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 - username: elastic - version: WzExMCwxXQ== - count_closed_cases: 0 - count_in_progress_cases: 0 - count_open_cases: 1 - page: 1 - per_page: 5 - total: 1 - Cases_find_connector_response: - summary: Retrieve information about the connectors and their settings. - value: - - actionTypeId: .jira - config: - apiUrl: https://elastic.atlassian.net/ - projectKey: ES - id: 61787f53-4eee-4741-8df6-8fe84fa616f7 - isDeprecated: false - isMissingSecrets: false - isPreconfigured: false - name: my-Jira - referencedByCount: 0 - Cases_get_case_alerts_response: - summary: Retrieves all alerts attached to a case - value: - - attached_at: '2022-07-25T20:09:40.963Z' - id: f6a7d0c3-d52d-432c-b2e6-447cd7fce04d - index: .alerts-observability.logs.alerts-default - Cases_get_case_configuration_response: - summary: Get the case configuration. - value: - - closure_type: close-by-user - connector: - fields: null - id: none - name: none - type: .none - created_at: '2024-07-01T17:07:17.767Z' - created_by: - email: null - full_name: null - username: elastic - customFields: - - defaultValue: Custom text field value. - key: d312efda-ec2b-42ec-9e2c-84981795c581 - label: my-text-field - type: text - required: false - error: null - id: 856ee650-6c82-11ee-a20a-6164169afa58 - mappings: [] - owner: cases - templates: - - caseFields: - assignees: - - uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 - category: Default-category - connector: - fields: null - id: none - name: none - type: .none - customFields: - - key: d312efda-ec2b-42ec-9e2c-84981795c581 - type: text - value: Default text field value. - description: A default description for cases. - settings: - syncAlerts: false - tags: - - Default case tag - title: Default case title - description: A description of the template. - key: 505932fe-ee3a-4960-a661-c781b5acdb05 - name: template-1 - tags: - - Template tag 1 - updated_at: null - updated_by: null - version: WzEyLDNd - Cases_get_case_observability_response: - summary: >- - Retrieves information about an Observability case including its alerts - and comments. - value: - assignees: - - uid: u_0wpfV1MqYDaXzLtRVY-gLMrddKDEmfz51Fszhj7hWC8_0 - category: null - closed_at: null - closed_by: null - comments: - - alertId: - - a6e12ac4-7bce-457b-84f6-d7ce8deb8446 - created_at: '2023-11-06T19:29:38.424Z' - created_by: - email: null - full_name: null - profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 - username: elastic - id: 59d438d0-79a9-4864-8d4b-e63adacebf6e - index: - - .internal.alerts-observability.logs.alerts-default-000001 - owner: observability - pushed_at: null - pushed_by: null - rule: - id: 03e4eb87-62ca-4e5d-9570-3d7625e9669d - name: Observability rule - type: alert - updated_at: null - updated_by: null - version: WzY3LDJd - - comment: The first comment. - created_at: '2023-11-06T19:29:57.812Z' - created_by: - email: null - full_name: null - profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 - username: elastic - id: d99342d3-3aa3-4b80-90ec-a702607604f5 - owner: observability - pushed_at: null - pushed_by: null - type: user - updated_at: null - updated_by: null - version: WzcyLDJd - connector: - fields: null - id: none - name: none - type: .none - created_at: '2023-11-06T19:29:04.086Z' - created_by: - email: null - full_name: null - username: elastic - customFields: [] - description: An Observability case description. - duration: null - external_service: null - id: c3ff7550-def1-4e90-b6bc-c9969a4a09b1 - owner: observability - settings: - syncAlerts: false - severity: low - status: in-progress - tags: - - observability - - tag 1 - title: Observability case title 1 - totalAlerts: 1 - totalComment: 1 - updated_at: '2023-11-06T19:47:55.662Z' - updated_by: - email: null - full_name: null - profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 - username: elastic - version: WzI0NywyXQ== - Cases_get_case_response: - summary: Retrieves information about a case including its comments. - value: - assignees: - - uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 - category: null - closed_at: null - closed_by: null - comments: - - comment: A new comment - created_at: '2023-10-13T15:40:32.335Z' - created_by: - email: null - full_name: null - profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 - username: elastic - id: 2134c1d0-02c2-11ed-85f2-4f7c222ca2fa - owner: cases - pushed_at: null - pushed_by: null - type: user - updated_at: null - updated_by: null - version: WzM3LDFd - connector: - fields: null - id: none - name: none - type: .none - created_at: '2023-10-13T15:33:50.604Z' - created_by: - email: null - full_name: null - profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 - username: elastic - customFields: - - key: d312efda-ec2b-42ec-9e2c-84981795c581 - type: text - value: My field value - - key: fcc6840d-eb14-42df-8aaf-232201a705ec - type: toggle - value: null - description: A case description - duration: null - external_service: null - id: 31cdada0-02c1-11ed-85f2-4f7c222ca2fa - owner: cases - settings: - syncAlerts: true - severity: low - status: open - tags: - - tag 1 - title: Case title 1 - totalAlerts: 0 - totalComment: 1 - updated_at: '2023-10-13T15:40:32.335Z' - updated_by: - email: null - full_name: null - profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 - username: elastic - version: WzM2LDFd - Cases_get_comment_response: - summary: A single user comment retrieved from a case - value: - comment: A new comment - created_at: '2023-10-07T19:32:13.104Z' - created_by: - email: null - full_name: null - profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 - username: elastic - id: 8048b460-fe2b-11ec-b15d-779a7c8bbcc3 - owner: cases - pushed_at: null - pushed_by: null - type: user - updated_at: null - updated_by: null - version: WzIzLDFd - Cases_get_reporters_response: - summary: A list of two users that opened cases - value: - - email: null - full_name: null - profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 - username: elastic - - email: jdoe@example.com - full_name: Jane Doe - profile_uid: u_0wpfV1MqYDaXzLtRVY-gLMrddKDEmfz51Fszhj7hWC8_0 - username: jdoe - Cases_get_tags_response: - summary: A list of tags that are used in cases - value: - - observability - - security - - tag 1 - - tag 2 - Cases_push_case_response: - summary: >- - The push case API returns a JSON object with details about the case and - the external service. - value: - closed_at: null - closed_by: null - comments: [] - connector: - fields: - issueType: '10006' - parent: null - priority: Low - id: 09f8c0b0-0eda-11ed-bd18-65557fe66949 - name: My connector - type: .jira - created_at: '2022-07-29T00:59:39.444Z' - created_by: - email: null - full_name: null - username: elastic - description: A case description. - duration: null - external_service: - connector_id: 09f8c0b0-0eda-11ed-bd18-65557fe66949 - connector_name: My connector - external_id: '71926' - external_title: ES-554 - external_url: https://cases.jira.com - pushed_at: '2022-07-29T01:20:58.436Z' - pushed_by: - email: null - full_name: null - username: elastic - id: b917f300-0ed9-11ed-bd18-65557fe66949 - owner: cases - settings: - syncAlerts: true - severity: low - status: open - tags: - - tag 1 - title: Case title 1 - totalAlerts: 0 - totalComment: 0 - updated_at: '2022-07-29T01:20:58.436Z' - updated_by: - email: null - full_name: null - username: elastic - version: WzE3NjgsM10= - Cases_set_case_configuration_request: - summary: >- - Set the closure type, custom fields, and default connector for Stack - Management cases. - value: - closure_type: close-by-user - connector: - fields: null - id: 5e656730-e1ca-11ec-be9b-9b1838238ee6 - name: my-jira-connector - type: .jira - customFields: - - defaultValue: My custom field default value. - key: d312efda-ec2b-42ec-9e2c-84981795c581 - label: my-text-field - type: text - required: false - owner: cases - templates: - - caseFields: - assignees: - - uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 - category: Default-category - customFields: - - key: d312efda-ec2b-42ec-9e2c-84981795c581 - type: text - value: A text field value for the template. - description: A default description for cases. - tags: - - Default case tag - title: Default case title - description: A description of the template. - key: 505932fe-ee3a-4960-a661-c781b5acdb05 - name: template-1 - tags: - - Template tag 1 - Cases_set_case_configuration_response: - summary: This is an example response for case settings. - value: - closure_type: close-by-user - connector: - fields: null - id: 5e656730-e1ca-11ec-be9b-9b1838238ee6 - name: my-jira-connector - type: .jira - created_at: '2024-07-01T17:07:17.767Z' - created_by: - email: null, - full_name: null - profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 - username: elastic - customFields: - - defaultValue: My custom field default value. - key: d312efda-ec2b-42ec-9e2c-84981795c581 - label: my-text-field - type: text - required: false - error: null - id: 4a97a440-e1cd-11ec-be9b-9b1838238ee6 - mappings: - - action_type: overwrite - source: title - target: summary - - action_type: overwrite - source: description - target: description - - action_type: append - source: comments - target: comments - - action_type: overwrite - source: tags - target: labels - owner: cases - templates: - - caseFields: - assignees: - - uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 - category: Default-category - customFields: - - key: d312efda-ec2b-42ec-9e2c-84981795c581 - type: text - value: A text field value for the template. - description: A default description for cases. - tags: - - Default case tag - title: Default case title - description: A description of the template. - key: 505932fe-ee3a-4960-a661-c781b5acdb05 - name: template-1 - tags: - - Template tag 1 - updated_at: null - updated_by: null - version: WzIwNzMsMV0= - Cases_update_case_configuration_request: - summary: Update the case settings. - value: - closure_type: close-by-user - connector: - fields: null - id: 5e656730-e1ca-11ec-be9b-9b1838238ee6 - name: my-jira-connector - type: .jira - customFields: - - defaultValue: A new default value. - key: d312efda-ec2b-42ec-9e2c-84981795c581 - label: my-text-field - type: text - required: true - - key: fcc6840d-eb14-42df-8aaf-232201a705ec - label: my-toggle - type: toggle - required: false - version: WzExOSw0XQ== - Cases_update_case_configuration_response: - summary: This is an example response when the case configuration was updated. - value: - closure_type: close-by-user - connector: - fields: null - id: 5e656730-e1ca-11ec-be9b-9b1838238ee6 - name: my-jira-connector - type: .jira - created_at: '2024-07-01T17:07:17.767Z' - created_by: - email: null - full_name: null - profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 - username: elastic - customFields: - - defaultValue: A new default value. - key: d312efda-ec2b-42ec-9e2c-84981795c581 - label: my-text-field - type: text - required: true - - key: fcc6840d-eb14-42df-8aaf-232201a705ec - label: my-toggle - type: toggle - required: false - error: null - id: 4a97a440-e1cd-11ec-be9b-9b1838238ee6 - mappings: - - action_type: overwrite - source: title - target: summary - - action_type: overwrite - source: description - target: description - - action_type: overwrite - source: tags - target: labels - - action_type: append - source: comments - target: comments - owner: cases - templates: [] - updated_at: '2024-07-19T00:52:42.401Z' - updated_by: - email: null - full_name: null - profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 - username: elastic - version: WzI2LDNd - Cases_update_case_request: - summary: Update the case description, tags, and connector. - value: - cases: - - connector: - fields: - issueType: '10006' - parent: null - priority: null - id: 131d4448-abe0-4789-939d-8ef60680b498 - name: My connector - type: .jira - customFields: - - key: fcc6840d-eb14-42df-8aaf-232201a705ec - type: toggle - value: false - - key: d312efda-ec2b-42ec-9e2c-84981795c581 - type: text - value: My new field value - description: A case description. - id: a18b38a0-71b0-11ea-a0b2-c51ea50a58e2 - settings: - syncAlerts: true - tags: - - tag-1 - version: WzIzLDFd - Cases_update_case_response: - summary: >- - This is an example response when the case description, tags, and - connector were updated. - value: - - assignees: [] - category: null - closed_at: null - closed_by: null - comments: [] - connector: - fields: - issueType: '10006' - parent: null - priority: null - id: 131d4448-abe0-4789-939d-8ef60680b498 - name: My connector - type: .jira - created_at: '2023-10-13T09:16:17.416Z' - created_by: - email: null - full_name: null - profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 - username: elastic - customFields: - - key: d312efda-ec2b-42ec-9e2c-84981795c581 - type: text - value: My new field value - - key: fcc6840d-eb14-42df-8aaf-232201a705ec - type: toggle - value: false - description: A case description. - duration: null - external_service: - connector_id: 05da469f-1fde-4058-99a3-91e4807e2de8 - connector_name: Jira - external_id: '10003' - external_title: IS-4 - external_url: https://hms.atlassian.net/browse/IS-4 - pushed_at: '2023-10-13T09:20:40.672Z' - pushed_by: - email: null - full_name: null - username: elastic - id: 66b9aa00-94fa-11ea-9f74-e7e108796192 - owner: cases - settings: - syncAlerts: true - severity: low - status: open - tags: - - tag-1 - title: Case title 1 - totalAlerts: 0 - totalComment: 0 - updated_at: '2023-10-13T09:48:33.043Z' - updated_by: - email: null - full_name: null - profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 - username: elastic - version: WzU0OCwxXQ== - Cases_update_comment_request: - summary: Updates a comment of a case. - value: - comment: An updated comment. - id: 8af6ac20-74f6-11ea-b83a-553aecdb28b6 - owner: cases - type: user - version: Wzk1LDFd - Cases_update_comment_response: - summary: >- - The add comment to case API returns a JSON object that contains details - about the case and its comments. - value: - assignees: [] - category: null - closed_at: null - closed_by: null - comments: - - comment: An updated comment. - created_at: '2023-10-24T00:37:10.832Z' - created_by: - email: null - full_name: null - profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 - username: elastic - id: 8af6ac20-74f6-11ea-b83a-553aecdb28b6 - owner: cases - pushed_at: null - pushed_by: null - type: user - updated_at: '2023-10-24T01:27:06.210Z' - updated_by: - email: null - full_name: null - profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 - username: elastic - version: WzIwNjM3LDFd - connector: - fields: null - id: none - name: none - type: .none - created_at: '2023-10-24T00:37:03.906Z' - created_by: - email: null - full_name: null - profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 - username: elastic - customFields: - - key: d312efda-ec2b-42ec-9e2c-84981795c581 - type: text - value: My new field value - - key: fcc6840d-eb14-42df-8aaf-232201a705ec - type: toggle - value: false - description: A case description. - duration: null - external_service: null - id: 293f1bc0-74f6-11ea-b83a-553aecdb28b6 - owner: cases - settings: - syncAlerts: false - severity: low - status: open - tags: - - tag 1 - title: Case title 1 - totalAlerts: 0 - totalComment: 1 - updated_at: '2023-10-24T01:27:06.210Z' - updated_by: - email: null - full_name: null - profile_uid: u_mGBROF_q5bmFCATbLXAcCwKa0k8JvONAwSruelyKA5E_0 - username: elastic - version: WzIwNjM2LDFd - Data_views_create_data_view_request: - summary: Create a data view with runtime fields. - value: - data_view: - name: My Logstash data view - runtimeFieldMap: - runtime_shape_name: - script: - source: emit(doc['shape_name'].value) - type: keyword - title: logstash-* - Data_views_create_runtime_field_request: - summary: Create a runtime field. - value: - name: runtimeFoo - runtimeField: - script: - source: emit(doc["foo"].value) - type: long - Data_views_get_data_view_response: - summary: >- - The get data view API returns a JSON object that contains information - about the data view. - value: - data_view: - allowNoIndex: false - fieldAttrs: - products.manufacturer: - count: 1 - products.price: - count: 1 - products.product_name: - count: 1 - total_quantity: - count: 1 - fieldFormats: - products.base_price: - id: number - params: - pattern: $0,0.00 - products.base_unit_price: - id: number - params: - pattern: $0,0.00 - products.min_price: - id: number - params: - pattern: $0,0.00 - products.price: - id: number - params: - pattern: $0,0.00 - products.taxful_price: - id: number - params: - pattern: $0,0.00 - products.taxless_price: - id: number - params: - pattern: $0,0.00 - taxful_total_price: - id: number - params: - pattern: $0,0.[00] - taxless_total_price: - id: number - params: - pattern: $0,0.00 - fields: - _id: - aggregatable: false - count: 0 - esTypes: - - _id - format: - id: string - isMapped: true - name: _id - readFromDocValues: false - scripted: false - searchable: true - shortDotsEnable: false - type: string - _index: - aggregatable: true - count: 0 - esTypes: - - _index - format: - id: string - isMapped: true - name: _index - readFromDocValues: false - scripted: false - searchable: true - shortDotsEnable: false - type: string - _score: - aggregatable: false - count: 0 - format: - id: number - isMapped: true - name: _score - readFromDocValues: false - scripted: false - searchable: false - shortDotsEnable: false - type: number - _source: - aggregatable: false - count: 0 - esTypes: - - _source - format: - id: _source - isMapped: true - name: _source - readFromDocValues: false - scripted: false - searchable: false - shortDotsEnable: false - type: _source - category: - aggregatable: false - count: 0 - esTypes: - - text - format: - id: string - isMapped: true - name: category - readFromDocValues: false - scripted: false - searchable: true - shortDotsEnable: false - type: string - category.keyword: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: category.keyword - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - subType: - multi: - parent: category - type: string - currency: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: currency - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - customer_birth_date: - aggregatable: true - count: 0 - esTypes: - - date - format: - id: date - isMapped: true - name: customer_birth_date - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: date - customer_first_name: - aggregatable: false - count: 0 - esTypes: - - text - format: - id: string - isMapped: true - name: customer_first_name - readFromDocValues: false - scripted: false - searchable: true - shortDotsEnable: false - type: string - customer_first_name.keyword: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: customer_first_name.keyword - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - subType: - multi: - parent: customer_first_name - type: string - customer_full_name: - aggregatable: false - count: 0 - esTypes: - - text - format: - id: string - isMapped: true - name: customer_full_name - readFromDocValues: false - scripted: false - searchable: true - shortDotsEnable: false - type: string - customer_full_name.keyword: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: customer_full_name.keyword - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - subType: - multi: - parent: customer_full_name - type: string - customer_gender: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: customer_gender - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - customer_id: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: customer_id - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - customer_last_name: - aggregatable: false - count: 0 - esTypes: - - text - format: - id: string - isMapped: true - name: customer_last_name - readFromDocValues: false - scripted: false - searchable: true - shortDotsEnable: false - type: string - customer_last_name.keyword: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: customer_last_name.keyword - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - subType: - multi: - parent: customer_last_name - type: string - customer_phone: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: customer_phone - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - day_of_week: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: day_of_week - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - day_of_week_i: - aggregatable: true - count: 0 - esTypes: - - integer - format: - id: number - isMapped: true - name: day_of_week_i - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - email: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: email - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - event.dataset: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: event.dataset - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - geoip.city_name: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: geoip.city_name - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - geoip.continent_name: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: geoip.continent_name - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - geoip.country_iso_code: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: geoip.country_iso_code - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - geoip.location: - aggregatable: true - count: 0 - esTypes: - - geo_point - format: - id: geo_point - params: - transform: wkt - isMapped: true - name: geoip.location - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: geo_point - geoip.region_name: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: geoip.region_name - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - manufacturer: - aggregatable: false - count: 0 - esTypes: - - text - format: - id: string - isMapped: true - name: manufacturer - readFromDocValues: false - scripted: false - searchable: true - shortDotsEnable: false - type: string - manufacturer.keyword: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: manufacturer.keyword - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - subType: - multi: - parent: manufacturer - type: string - order_date: - aggregatable: true - count: 0 - esTypes: - - date - format: - id: date - isMapped: true - name: order_date - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: date - order_id: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: order_id - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - products._id: - aggregatable: false - count: 0 - esTypes: - - text - format: - id: string - isMapped: true - name: products._id - readFromDocValues: false - scripted: false - searchable: true - shortDotsEnable: false - type: string - products._id.keyword: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: products._id.keyword - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - subType: - multi: - parent: products._id - type: string - products.base_price: - aggregatable: true - count: 0 - esTypes: - - half_float - format: - id: number - params: - pattern: $0,0.00 - isMapped: true - name: products.base_price - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - products.base_unit_price: - aggregatable: true - count: 0 - esTypes: - - half_float - format: - id: number - params: - pattern: $0,0.00 - isMapped: true - name: products.base_unit_price - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - products.category: - aggregatable: false - count: 0 - esTypes: - - text - format: - id: string - isMapped: true - name: products.category - readFromDocValues: false - scripted: false - searchable: true - shortDotsEnable: false - type: string - products.category.keyword: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: products.category.keyword - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - subType: - multi: - parent: products.category - type: string - products.created_on: - aggregatable: true - count: 0 - esTypes: - - date - format: - id: date - isMapped: true - name: products.created_on - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: date - products.discount_amount: - aggregatable: true - count: 0 - esTypes: - - half_float - format: - id: number - isMapped: true - name: products.discount_amount - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - products.discount_percentage: - aggregatable: true - count: 0 - esTypes: - - half_float - format: - id: number - isMapped: true - name: products.discount_percentage - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - products.manufacturer: - aggregatable: false - count: 1 - esTypes: - - text - format: - id: string - isMapped: true - name: products.manufacturer - readFromDocValues: false - scripted: false - searchable: true - shortDotsEnable: false - type: string - products.manufacturer.keyword: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: products.manufacturer.keyword - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - subType: - multi: - parent: products.manufacturer - type: string - products.min_price: - aggregatable: true - count: 0 - esTypes: - - half_float - format: - id: number - params: - pattern: $0,0.00 - isMapped: true - name: products.min_price - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - products.price: - aggregatable: true - count: 1 - esTypes: - - half_float - format: - id: number - params: - pattern: $0,0.00 - isMapped: true - name: products.price - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - products.product_id: - aggregatable: true - count: 0 - esTypes: - - long - format: - id: number - isMapped: true - name: products.product_id - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - products.product_name: - aggregatable: false - count: 1 - esTypes: - - text - format: - id: string - isMapped: true - name: products.product_name - readFromDocValues: false - scripted: false - searchable: true - shortDotsEnable: false - type: string - products.product_name.keyword: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: products.product_name.keyword - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - subType: - multi: - parent: products.product_name - type: string - products.quantity: - aggregatable: true - count: 0 - esTypes: - - integer - format: - id: number - isMapped: true - name: products.quantity - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - products.sku: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: products.sku - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - products.tax_amount: - aggregatable: true - count: 0 - esTypes: - - half_float - format: - id: number - isMapped: true - name: products.tax_amount - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - products.taxful_price: - aggregatable: true - count: 0 - esTypes: - - half_float - format: - id: number - params: - pattern: $0,0.00 - isMapped: true - name: products.taxful_price - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - products.taxless_price: - aggregatable: true - count: 0 - esTypes: - - half_float - format: - id: number - params: - pattern: $0,0.00 - isMapped: true - name: products.taxless_price - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - products.unit_discount_amount: - aggregatable: true - count: 0 - esTypes: - - half_float - format: - id: number - isMapped: true - name: products.unit_discount_amount - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - sku: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: sku - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - taxful_total_price: - aggregatable: true - count: 0 - esTypes: - - half_float - format: - id: number - params: - pattern: $0,0.[00] - isMapped: true - name: taxful_total_price - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - taxless_total_price: - aggregatable: true - count: 0 - esTypes: - - half_float - format: - id: number - params: - pattern: $0,0.00 - isMapped: true - name: taxless_total_price - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - total_quantity: - aggregatable: true - count: 1 - esTypes: - - integer - format: - id: number - isMapped: true - name: total_quantity - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - total_unique_products: - aggregatable: true - count: 0 - esTypes: - - integer - format: - id: number - isMapped: true - name: total_unique_products - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - type: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: type - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - user: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: user - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - id: ff959d40-b880-11e8-a6d9-e546fe2bba5f - name: Kibana Sample Data eCommerce - namespaces: - - default - runtimeFieldMap: {} - sourceFilters: [] - timeFieldName: order_date - title: kibana_sample_data_ecommerce - typeMeta: {} - version: WzUsMV0= - Data_views_get_data_views_response: - summary: The get all data views API returns a list of data views. - value: - data_view: - - id: ff959d40-b880-11e8-a6d9-e546fe2bba5f - name: Kibana Sample Data eCommerce - namespaces: - - default - title: kibana_sample_data_ecommerce - typeMeta: {} - - id: d3d7af60-4c81-11e8-b3d7-01146121b73d - name: Kibana Sample Data Flights - namespaces: - - default - title: kibana_sample_data_flights - - id: 90943e30-9a47-11e8-b64d-95841ca0b247 - name: Kibana Sample Data Logs - namespaces: - - default - title: kibana_sample_data_logs - Data_views_get_default_data_view_response: - summary: The get default data view API returns the default data view identifier. - value: - data_view_id: ff959d40-b880-11e8-a6d9-e546fe2bba5f - Data_views_get_runtime_field_response: - summary: >- - The get runtime field API returns a JSON object that contains - information about the runtime field (`hour_of_day`) and the data view - (`d3d7af60-4c81-11e8-b3d7-01146121b73d`). - value: - data_view: - allowNoIndex: false - fieldAttrs: {} - fieldFormats: - AvgTicketPrice: - id: number - params: - pattern: $0,0.[00] - hour_of_day: - id: number - params: - pattern: '00' - fields: - _id: - aggregatable: false - count: 0 - esTypes: - - _id - format: - id: string - isMapped: true - name: _id - readFromDocValues: false - scripted: false - searchable: true - shortDotsEnable: false - type: string - _index: - aggregatable: true - count: 0 - esTypes: - - _index - format: - id: string - isMapped: true - name: _index - readFromDocValues: false - scripted: false - searchable: true - shortDotsEnable: false - type: string - _score: - aggregatable: false - count: 0 - format: - id: number - isMapped: true - name: _score - readFromDocValues: false - scripted: false - searchable: false - shortDotsEnable: false - type: number - _source: - aggregatable: false - count: 0 - esTypes: - - _source - format: - id: _source - isMapped: true - name: _source - readFromDocValues: false - scripted: false - searchable: false - shortDotsEnable: false - type: _source - AvgTicketPrice: - aggregatable: true - count: 0 - esTypes: - - float - format: - id: number - params: - pattern: $0,0.[00] - isMapped: true - name: AvgTicketPrice - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - Cancelled: - aggregatable: true - count: 0 - esTypes: - - boolean - format: - id: boolean - isMapped: true - name: Cancelled - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: boolean - Carrier: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: Carrier - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - dayOfWeek: - aggregatable: true - count: 0 - esTypes: - - integer - format: - id: number - isMapped: true - name: dayOfWeek - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - Dest: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: Dest - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - DestAirportID: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: DestAirportID - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - DestCityName: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: DestCityName - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - DestCountry: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: DestCountry - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - DestLocation: - aggregatable: true - count: 0 - esTypes: - - geo_point - format: - id: geo_point - params: - transform: wkt - isMapped: true - name: DestLocation - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: geo_point - DestRegion: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: DestRegion - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - DestWeather: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: DestWeather - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - DistanceKilometers: - aggregatable: true - count: 0 - esTypes: - - float - format: - id: number - isMapped: true - name: DistanceKilometers - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - DistanceMiles: - aggregatable: true - count: 0 - esTypes: - - float - format: - id: number - isMapped: true - name: DistanceMiles - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - FlightDelay: - aggregatable: true - count: 0 - esTypes: - - boolean - format: - id: boolean - isMapped: true - name: FlightDelay - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: boolean - FlightDelayMin: - aggregatable: true - count: 0 - esTypes: - - integer - format: - id: number - isMapped: true - name: FlightDelayMin - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - FlightDelayType: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: FlightDelayType - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - FlightNum: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: FlightNum - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - FlightTimeHour: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: FlightTimeHour - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - FlightTimeMin: - aggregatable: true - count: 0 - esTypes: - - float - format: - id: number - isMapped: true - name: FlightTimeMin - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: number - hour_of_day: - aggregatable: true - count: 0 - esTypes: - - long - format: - id: number - params: - pattern: '00' - name: hour_of_day - readFromDocValues: false - runtimeField: - script: - source: emit(doc['timestamp'].value.getHour()); - type: long - scripted: false - searchable: true - shortDotsEnable: false - type: number - Origin: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: Origin - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - OriginAirportID: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: OriginAirportID - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - OriginCityName: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: OriginCityName - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - OriginCountry: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: OriginCountry - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - OriginLocation: - aggregatable: true - count: 0 - esTypes: - - geo_point - format: - id: geo_point - params: - transform: wkt - isMapped: true - name: OriginLocation - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: geo_point - OriginRegion: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: OriginRegion - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - OriginWeather: - aggregatable: true - count: 0 - esTypes: - - keyword - format: - id: string - isMapped: true - name: OriginWeather - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: string - timestamp: - aggregatable: true - count: 0 - esTypes: - - date - format: - id: date - isMapped: true - name: timestamp - readFromDocValues: true - scripted: false - searchable: true - shortDotsEnable: false - type: date - id: d3d7af60-4c81-11e8-b3d7-01146121b73d - name: Kibana Sample Data Flights - runtimeFieldMap: - hour_of_day: - script: - source: emit(doc['timestamp'].value.getHour()); - type: long - sourceFilters: [] - timeFieldName: timestamp - title: kibana_sample_data_flights - version: WzM2LDJd - fields: - - aggregatable: true - count: 0 - esTypes: - - long - name: hour_of_day - readFromDocValues: false - runtimeField: - script: - source: emit(doc['timestamp'].value.getHour()); - type: long - scripted: false - searchable: true - shortDotsEnable: false - type: number - Data_views_preview_swap_data_view_request: - summary: Preview swapping references from data view ID "abcd-efg" to "xyz-123". - value: - fromId: abcd-efg - toId: xyz-123 - Data_views_set_default_data_view_request: - summary: Set the default data view identifier. - value: - data_view_id: ff959d40-b880-11e8-a6d9-e546fe2bba5f - force: true - Data_views_swap_data_view_request: - summary: >- - Swap references from data view ID "abcd-efg" to "xyz-123" and remove the - data view that is no longer referenced. - value: - delete: true - fromId: abcd-efg - toId: xyz-123 - Data_views_update_data_view_request: - summary: Update some properties for a data view. - value: - data_view: - allowNoIndex: false - name: Kibana Sample Data eCommerce - timeFieldName: order_date - title: kibana_sample_data_ecommerce - refresh_fields: true - Data_views_update_field_metadata_request: - summary: Update metadata for multiple fields. - value: - fields: - field1: - count: 123 - customLabel: Field 1 label - field2: - customDescription: Field 2 description - customLabel: Field 2 label - Data_views_update_runtime_field_request: - summary: Update an existing runtime field on a data view. - value: - runtimeField: - script: - source: emit(doc["bar"].value) - Machine_learning_APIs_mlSyncExample: - summary: Two anomaly detection jobs required synchronization in this example. - value: - datafeedsAdded: {} - datafeedsRemoved: {} - savedObjectsCreated: - anomaly-detector: - myjob1: - success: true - myjob2: - success: true - savedObjectsDeleted: {} - Saved_objects_export_objects_request: - summary: Export a specific saved object. - value: - excludeExportDetails: true - includeReferencesDeep: false - objects: - - id: de71f4f0-1902-11e9-919b-ffe5949a18d2 - type: map - Saved_objects_export_objects_response: - summary: >- - The export objects API response contains a JSON record for each exported - object. - value: - attributes: - description: '' - layerListJSON: >- - [{"id":"0hmz5","alpha":1,"sourceDescriptor":{"type":"EMS_TMS","isAutoSelect":true,"lightModeDefault":"road_map_desaturated"},"visible":true,"style":{},"type":"EMS_VECTOR_TILE","minZoom":0,"maxZoom":24},{"id":"edh66","label":"Total - Requests by - Destination","minZoom":0,"maxZoom":24,"alpha":0.5,"sourceDescriptor":{"type":"EMS_FILE","id":"world_countries","tooltipProperties":["name","iso2"]},"visible":true,"style":{"type":"VECTOR","properties":{"fillColor":{"type":"DYNAMIC","options":{"field":{"name":"__kbnjoin__count__673ff994-fc75-4c67-909b-69fcb0e1060e","origin":"join"},"color":"Greys","fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"lineColor":{"type":"STATIC","options":{"color":"#FFFFFF"}},"lineWidth":{"type":"STATIC","options":{"size":1}},"iconSize":{"type":"STATIC","options":{"size":10}},"symbolizeAs":{"options":{"value":"circle"}},"icon":{"type":"STATIC","options":{"value":"marker"}}}},"type":"GEOJSON_VECTOR","joins":[{"leftField":"iso2","right":{"type":"ES_TERM_SOURCE","id":"673ff994-fc75-4c67-909b-69fcb0e1060e","indexPatternTitle":"kibana_sample_data_logs","term":"geo.dest","indexPatternRefName":"layer_1_join_0_index_pattern","metrics":[{"type":"count","label":"web - logs - count"}],"applyGlobalQuery":true}}]},{"id":"gaxya","label":"Actual - Requests","minZoom":9,"maxZoom":24,"alpha":1,"sourceDescriptor":{"id":"b7486535-171b-4d3b-bb2e-33c1a0a2854c","type":"ES_SEARCH","geoField":"geo.coordinates","limit":2048,"filterByMapBounds":true,"tooltipProperties":["clientip","timestamp","host","request","response","machine.os","agent","bytes"],"indexPatternRefName":"layer_2_source_index_pattern","applyGlobalQuery":true,"scalingType":"LIMIT"},"visible":true,"style":{"type":"VECTOR","properties":{"fillColor":{"type":"STATIC","options":{"color":"#2200ff"}},"lineColor":{"type":"STATIC","options":{"color":"#FFFFFF"}},"lineWidth":{"type":"STATIC","options":{"size":2}},"iconSize":{"type":"DYNAMIC","options":{"field":{"name":"bytes","origin":"source"},"minSize":1,"maxSize":23,"fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"symbolizeAs":{"options":{"value":"circle"}},"icon":{"type":"STATIC","options":{"value":"marker"}}}},"type":"GEOJSON_VECTOR"},{"id":"tfi3f","label":"Total - Requests and - Bytes","minZoom":0,"maxZoom":9,"alpha":1,"sourceDescriptor":{"type":"ES_GEO_GRID","resolution":"COARSE","id":"8aaa65b5-a4e9-448b-9560-c98cb1c5ac5b","geoField":"geo.coordinates","requestType":"point","metrics":[{"type":"count","label":"web - logs - count"},{"type":"sum","field":"bytes"}],"indexPatternRefName":"layer_3_source_index_pattern","applyGlobalQuery":true},"visible":true,"style":{"type":"VECTOR","properties":{"fillColor":{"type":"DYNAMIC","options":{"field":{"name":"doc_count","origin":"source"},"color":"Blues","fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"lineColor":{"type":"STATIC","options":{"color":"#cccccc"}},"lineWidth":{"type":"STATIC","options":{"size":1}},"iconSize":{"type":"DYNAMIC","options":{"field":{"name":"sum_of_bytes","origin":"source"},"minSize":7,"maxSize":25,"fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"labelText":{"type":"DYNAMIC","options":{"field":{"name":"doc_count","origin":"source"},"fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"labelSize":{"type":"DYNAMIC","options":{"field":{"name":"doc_count","origin":"source"},"minSize":12,"maxSize":24,"fieldMetaOptions":{"isEnabled":false,"sigma":3}}},"symbolizeAs":{"options":{"value":"circle"}},"icon":{"type":"STATIC","options":{"value":"marker"}}}},"type":"GEOJSON_VECTOR"}] - mapStateJSON: >- - {"zoom":3.64,"center":{"lon":-88.92107,"lat":42.16337},"timeFilters":{"from":"now-7d","to":"now"},"refreshConfig":{"isPaused":true,"interval":0},"query":{"language":"kuery","query":""},"settings":{"autoFitToDataBounds":false}} - title: '[Logs] Total Requests and Bytes' - uiStateJSON: '{"isDarkMode":false}' - coreMigrationVersion: 8.8.0 - created_at: '2023-08-23T20:03:32.204Z' - id: de71f4f0-1902-11e9-919b-ffe5949a18d2 - managed: false - references: - - id: 90943e30-9a47-11e8-b64d-95841ca0b247 - name: layer_1_join_0_index_pattern - type: index-pattern - - id: 90943e30-9a47-11e8-b64d-95841ca0b247 - name: layer_2_source_index_pattern - type: index-pattern - - id: 90943e30-9a47-11e8-b64d-95841ca0b247 - name: layer_3_source_index_pattern - type: index-pattern - type: map - typeMigrationVersion: 8.4.0 - updated_at: '2023-08-23T20:03:32.204Z' - version: WzEzLDFd - Saved_objects_import_objects_request: - value: - file: file.ndjson - Saved_objects_import_objects_response: - summary: >- - The import objects API response indicates a successful import and the - objects are created. Since these objects are created as new copies, each - entry in the successResults array includes a destinationId attribute. - value: - success: true - successCount: 1 - successResults: - - destinationId: 82d2760c-468f-49cf-83aa-b9a35b6a8943 - id: 90943e30-9a47-11e8-b64d-95841ca0b247 - managed: false - meta: - icon: indexPatternApp - title: Kibana Sample Data Logs - type: index-pattern - Saved_objects_key_rotation_response: - summary: Encryption key rotation using default parameters. - value: - failed: 0 - successful: 300 - total: 1000 - Saved_objects_resolve_missing_reference_request: - value: - file: file.ndjson - retries: - - id: my-pattern - overwrite: true - type: index-pattern - - destinationId: another-vis - id: my-vis - overwrite: true - type: visualization - - destinationId: yet-another-canvas - id: my-canvas - overwrite: true - type: canvas - - id: my-dashboard - type: dashboard - Saved_objects_resolve_missing_reference_response: - summary: Resolve missing reference errors. - value: - success: true - successCount: 3 - successResults: - - id: my-vis - meta: - icon: visualizeApp - title: Look at my visualization - type: visualization - - id: my-search - meta: - icon: searchApp - title: Look at my search - type: search - - id: my-dashboard - meta: - icon: dashboardApp - title: Look at my dashboard - type: dashboard - parameters: - Alerting_kbn_xsrf: - description: Cross-site request forgery protection - in: header - name: kbn-xsrf - required: true - schema: - type: string - Cases_alert_id: - description: An identifier for the alert. - in: path - name: alertId - required: true - schema: - example: 09f0c261e39e36351d75995b78bb83673774d1bc2cca9df2d15f0e5c0a99a540 - type: string - Cases_assignees_filter: - description: > - Filters the returned cases by assignees. Valid values are `none` or - unique identifiers for the user profiles. These identifiers can be found - by using the suggest user profile API. - in: query - name: assignees - schema: - oneOf: - - $ref: '#/components/schemas/Cases_string' - - $ref: '#/components/schemas/Cases_string_array' - Cases_case_id: - description: >- - The identifier for the case. To retrieve case IDs, use the find cases - API. All non-ASCII characters must be URL encoded. - in: path - name: caseId - required: true - schema: - example: 9c235210-6834-11ea-a78c-6ffb38a34414 - type: string - Cases_category: - description: Filters the returned cases by category. - in: query - name: category - schema: - oneOf: - - $ref: '#/components/schemas/Cases_case_category' - - $ref: '#/components/schemas/Cases_case_categories' - Cases_comment_id: - description: > - The identifier for the comment. To retrieve comment IDs, use the get - case or find cases APIs. - in: path - name: commentId - required: true - schema: - example: 71ec1870-725b-11ea-a0b2-c51ea50a58e2 - type: string - Cases_configuration_id: - description: An identifier for the configuration. - in: path - name: configurationId - required: true - schema: - example: 3297a0f0-b5ec-11ec-b141-0fdb20a7f9a9 - type: string - Cases_connector_id: - description: >- - An identifier for the connector. To retrieve connector IDs, use the find - connectors API. - in: path - name: connectorId - required: true - schema: - example: abed3a70-71bd-11ea-a0b2-c51ea50a58e2 - type: string - Cases_defaultSearchOperator: - description: he default operator to use for the simple_query_string. - example: OR - in: query - name: defaultSearchOperator - schema: - default: OR - type: string - Cases_from: - description: > - Returns only cases that were created after a specific date. The date - must be specified as a KQL data range or date match expression. - in: query - name: from - schema: - example: now-1d - type: string - Cases_ids: - description: > - The cases that you want to removed. All non-ASCII characters must be URL - encoded. - example: d4e7abb0-b462-11ec-9a8d-698504725a43 - in: query - name: ids - required: true - schema: - items: - maxItems: 100 - minItems: 1 - type: string - type: array - Cases_includeComments: - deprecated: true - description: >- - Deprecated in 8.1.0. This parameter is deprecated and will be removed in - a future release. It determines whether case comments are returned. - in: query - name: includeComments - schema: - default: true - type: boolean - Cases_kbn_xsrf: - description: Cross-site request forgery protection - in: header - name: kbn-xsrf - required: true - schema: - type: string - Cases_owner_filter: - description: > - A filter to limit the response to a specific set of applications. If - this parameter is omitted, the response contains information about all - the cases that the user has access to read. - example: cases - in: query - name: owner - schema: - oneOf: - - $ref: '#/components/schemas/Cases_owner' - - $ref: '#/components/schemas/Cases_owners' - Cases_page_index: - description: The page number to return. - in: query - name: page - required: false - schema: - default: 1 - type: integer - Cases_page_size: - description: The number of items to return. Limited to 100 items. - in: query - name: perPage - required: false - schema: - default: 20 - maximum: 100 - type: integer - Cases_reporters: - description: Filters the returned cases by the user name of the reporter. - example: elastic - in: query - name: reporters - schema: - oneOf: - - $ref: '#/components/schemas/Cases_string' - - $ref: '#/components/schemas/Cases_string_array' - Cases_search: - description: >- - An Elasticsearch simple_query_string query that filters the objects in - the response. - in: query - name: search - schema: - type: string - Cases_searchFields: - description: The fields to perform the simple_query_string parsed query against. - in: query - name: searchFields - schema: - oneOf: - - $ref: '#/components/schemas/Cases_searchFieldsType' - - $ref: '#/components/schemas/Cases_searchFieldsTypeArray' - Cases_severity: - description: The severity of the case. - in: query - name: severity - schema: - enum: - - critical - - high - - low - - medium - type: string - Cases_sort_order: - description: Determines the sort order. - in: query - name: sortOrder - required: false - schema: - default: desc - enum: - - asc - - desc - type: string - Cases_sortField: - description: Determines which field is used to sort the results. - example: updatedAt - in: query - name: sortField - schema: - default: createdAt - enum: - - createdAt - - updatedAt - - closedAt - - title - - category - - status - - severity - type: string - Cases_status: - description: Filters the returned cases by state. - example: open - in: query - name: status - schema: - enum: - - closed - - in-progress - - open - type: string - Cases_tags: - description: Filters the returned cases by tags. - example: tag-1 - in: query - name: tags - schema: - oneOf: - - $ref: '#/components/schemas/Cases_string' - - $ref: '#/components/schemas/Cases_string_array' - Cases_to: - description: > - Returns only cases that were created before a specific date. The date - must be specified as a KQL data range or date match expression. - example: now+1d - in: query - name: to - schema: - type: string - Cases_user_action_types: - description: Determines the types of user actions to return. - example: create_case - in: query - name: types - schema: - items: - enum: - - action - - alert - - assignees - - attachment - - comment - - connector - - create_case - - description - - pushed - - settings - - severity - - status - - tags - - title - - user - type: string - type: array - Data_views_field_name: - description: The name of the runtime field. - in: path - name: fieldName - required: true - schema: - example: hour_of_day - type: string - Data_views_kbn_xsrf: - description: Cross-site request forgery protection - in: header - name: kbn-xsrf - required: true - schema: - type: string - Data_views_view_id: - description: An identifier for the data view. - in: path - name: viewId - required: true - schema: - example: ff959d40-b880-11e8-a6d9-e546fe2bba5f - type: string - Machine_learning_APIs_simulateParam: - description: >- - When true, simulates the synchronization by returning only the list of - actions that would be performed. - example: 'true' - in: query - name: simulate - required: false - schema: - type: boolean - Saved_objects_kbn_xsrf: - description: Cross-site request forgery protection - in: header - name: kbn-xsrf - required: true - schema: - type: string - Saved_objects_saved_object_id: - description: An identifier for the saved object. - in: path - name: id - required: true - schema: - type: string - Saved_objects_saved_object_type: - description: >- - Valid options include `visualization`, `dashboard`, `search`, - `index-pattern`, `config`. - in: path - name: type - required: true - schema: - type: string - SLOs_kbn_xsrf: - description: Cross-site request forgery protection - in: header - name: kbn-xsrf - required: true - schema: - type: string - SLOs_slo_id: - description: An identifier for the slo. - in: path - name: sloId - required: true - schema: - example: 9c235211-6834-11ea-a78c-6feb38a34414 - type: string - SLOs_space_id: - description: >- - An identifier for the space. If `/s/` and the identifier are omitted - from the path, the default space is used. - in: path - name: spaceId - required: true - schema: - example: default - type: string - schemas: - Alerting_401_response: - properties: - error: - enum: - - Unauthorized - example: Unauthorized - type: string - message: - type: string - statusCode: - enum: - - 401 - example: 401 - type: integer - title: Unsuccessful rule API response - type: object - Alerting_alert_response_properties: - title: Legacy alert response properties - type: object - properties: - actions: - items: - type: object - type: array - alertTypeId: - example: .index-threshold - type: string - apiKeyOwner: - example: elastic - nullable: true - type: string - createdAt: - description: The date and time that the alert was created. - example: '2022-12-05T23:36:58.284Z' - format: date-time - type: string - createdBy: - description: The identifier for the user that created the alert. - example: elastic - type: string - enabled: - description: Indicates whether the alert is currently enabled. - example: true - type: boolean - executionStatus: - type: object - properties: - lastExecutionDate: - example: '2022-12-06T00:13:43.890Z' - format: date-time - type: string - status: - example: ok - type: string - id: - description: The identifier for the alert. - example: b530fed0-74f5-11ed-9801-35303b735aef - type: string - muteAll: - example: false - type: boolean - mutedInstanceIds: - items: - type: string - nullable: true - type: array - name: - description: The name of the alert. - example: my alert - type: string - notifyWhen: - example: onActionGroupChange - type: string - params: - additionalProperties: true - type: object - schedule: - type: object - properties: - interval: - type: string - scheduledTaskId: - example: b530fed0-74f5-11ed-9801-35303b735aef - type: string - tags: - items: - type: string - type: array - throttle: - nullable: true - type: string - updatedAt: - example: '2022-12-05T23:36:58.284Z' - type: string - updatedBy: - description: The identifier for the user that updated this alert most recently. - example: elastic - nullable: true - type: string - Alerting_fieldmap_properties: - title: Field map objects in the get rule types response - type: object - properties: - array: - description: Indicates whether the field is an array. - type: boolean - dynamic: - description: Indicates whether it is a dynamic field mapping. - type: boolean - format: - description: > - Indicates the format of the field. For example, if the `type` is - `date_range`, the `format` can be - `epoch_millis||strict_date_optional_time`. - type: string - ignore_above: - description: >- - Specifies the maximum length of a string field. Longer strings are - not indexed or stored. - type: integer - index: - description: Indicates whether field values are indexed. - type: boolean - path: - description: TBD - type: string - properties: - additionalProperties: - type: object - properties: - type: - description: The data type for each object property. - type: string - description: > - Details about the object properties. This property is applicable - when `type` is `object`. - type: object - required: - description: Indicates whether the field is required. - type: boolean - scaling_factor: - description: > - The scaling factor to use when encoding values. This property is - applicable when `type` is `scaled_float`. Values will be multiplied - by this factor at index time and rounded to the closest long value. - type: integer - type: - description: Specifies the data type for the field. - example: scaled_float - type: string - Cases_4xx_response: - properties: - error: - example: Unauthorized - type: string - message: - type: string - statusCode: - example: 401 - type: integer - title: Unsuccessful cases API response - type: object - Cases_action_types: - description: The type of action. - enum: - - assignees - - create_case - - comment - - connector - - delete_case - - description - - pushed - - tags - - title - - status - - settings - - severity - example: create_case - type: string - Cases_actions: - enum: - - add - - create - - delete - - push_to_service - - update - example: create - type: string - Cases_add_alert_comment_request_properties: - description: Defines properties for case comment requests when type is alert. - type: object - properties: - alertId: - $ref: '#/components/schemas/Cases_alert_identifiers' - index: - $ref: '#/components/schemas/Cases_alert_indices' - owner: - $ref: '#/components/schemas/Cases_owner' - rule: - $ref: '#/components/schemas/Cases_rule' - type: - description: The type of comment. - enum: - - alert - example: alert - type: string - required: - - alertId - - index - - owner - - rule - - type - title: Add case comment request properties for alerts - Cases_add_case_comment_request: - description: >- - The add comment to case API request body varies depending on whether you - are adding an alert or a comment. - discriminator: - mapping: - alert: '#/components/schemas/Cases_add_alert_comment_request_properties' - user: '#/components/schemas/Cases_add_user_comment_request_properties' - propertyName: type - oneOf: - - $ref: '#/components/schemas/Cases_add_alert_comment_request_properties' - - $ref: '#/components/schemas/Cases_add_user_comment_request_properties' - title: Add case comment request - Cases_add_user_comment_request_properties: - description: Defines properties for case comment requests when type is user. - properties: - comment: - description: The new comment. It is required only when `type` is `user`. - example: A new comment. - maxLength: 30000 - type: string - owner: - $ref: '#/components/schemas/Cases_owner' - type: - description: The type of comment. - enum: - - user - example: user - type: string - required: - - comment - - owner - - type - title: Add case comment request properties for user comments - type: object - Cases_alert_comment_response_properties: - title: Add case comment response properties for alerts - type: object - properties: - alertId: - items: - example: a6e12ac4-7bce-457b-84f6-d7ce8deb8446 - type: string - type: array - created_at: - example: '2023-11-06T19:29:38.424Z' - format: date-time - type: string - created_by: - type: object - properties: - email: - example: null - nullable: true - type: string - full_name: - example: null - nullable: true - type: string - profile_uid: - example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 - type: string - username: - example: elastic - nullable: true - type: string - required: - - email - - full_name - - username - id: - example: 73362370-ab1a-11ec-985f-97e55adae8b9 - type: string - index: - items: - example: .internal.alerts-security.alerts-default-000001 - type: string - type: array - owner: - $ref: '#/components/schemas/Cases_owner' - pushed_at: - example: null - format: date-time - nullable: true - type: string - pushed_by: - nullable: true - type: object - properties: - email: - example: null - nullable: true - type: string - full_name: - example: null - nullable: true - type: string - profile_uid: - example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 - type: string - username: - example: elastic - nullable: true - type: string - required: - - email - - full_name - - username - rule: - type: object - properties: - id: - description: The rule identifier. - example: 94d80550-aaf4-11ec-985f-97e55adae8b9 - type: string - name: - description: The rule name. - example: security_rule - type: string - type: - enum: - - alert - example: alert - type: string - updated_at: - format: date-time - nullable: true - type: string - updated_by: - nullable: true - type: object - properties: - email: - example: null - nullable: true - type: string - full_name: - example: null - nullable: true - type: string - profile_uid: - example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 - type: string - username: - example: elastic - nullable: true - type: string - required: - - email - - full_name - - username - version: - example: WzMwNDgsMV0= - type: string - required: - - type - Cases_alert_identifiers: - description: > - The alert identifiers. It is required only when `type` is `alert`. You - can use an array of strings to add multiple alerts to a case, provided - that they all relate to the same rule; `index` must also be an array - with the same length or number of elements. Adding multiple alerts in - this manner is recommended rather than calling the API multiple times. - This functionality is in technical preview and may be changed or removed - in a future release. Elastic will work to fix any issues, but features - in technical preview are not subject to the support SLA of official GA - features. - example: 6b24c4dc44bc720cfc92797f3d61fff952f2b2627db1fb4f8cc49f4530c4ff42 - oneOf: - - type: string - - items: - type: string - maxItems: 1000 - type: array - title: Alert identifiers - x-state: Technical preview - Cases_alert_indices: - description: > - The alert indices. It is required only when `type` is `alert`. If you - are adding multiple alerts to a case, use an array of strings; the - position of each index name in the array must match the position of the - corresponding alert identifier in the `alertId` array. This - functionality is in technical preview and may be changed or removed in a - future release. Elastic will work to fix any issues, but features in - technical preview are not subject to the support SLA of official GA - features. - oneOf: - - type: string - - items: - type: string - maxItems: 1000 - type: array - title: Alert indices - x-state: Technical preview - Cases_alert_response_properties: - type: object - properties: - attached_at: - format: date-time - type: string - id: - description: The alert identifier. - type: string - index: - description: The alert index. - type: string - Cases_assignees: - description: An array containing users that are assigned to the case. - items: - type: object - properties: - uid: - description: >- - A unique identifier for the user profile. These identifiers can be - found by using the suggest user profile API. - example: u_0wpfV1MqYDaXzLtRVY-gLMrddKDEmfz51Fszhj7hWC8_0 - type: string - required: - - uid - maxItems: 10 - nullable: true - type: array - Cases_case_categories: - items: - $ref: '#/components/schemas/Cases_case_category' - maxItems: 100 - type: array - Cases_case_category: - description: A word or phrase that categorizes the case. - maxLength: 50 - type: string - Cases_case_description: - description: The description for the case. - maxLength: 30000 - type: string - Cases_case_response_closed_by_properties: - nullable: true - properties: - email: - example: null - nullable: true - type: string - full_name: - example: null - nullable: true - type: string - profile_uid: - example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 - type: string - username: - example: elastic - nullable: true - type: string - required: - - email - - full_name - - username - title: Case response properties for closed_by - type: object - Cases_case_response_created_by_properties: - title: Case response properties for created_by - type: object - properties: - email: - example: null - nullable: true - type: string - full_name: - example: null - nullable: true - type: string - profile_uid: - example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 - type: string - username: - example: elastic - nullable: true - type: string - required: - - email - - full_name - - username - Cases_case_response_properties: - title: Case response properties - type: object - properties: - assignees: - $ref: '#/components/schemas/Cases_assignees' - category: - description: The case category. - nullable: true - type: string - closed_at: - format: date-time - nullable: true - type: string - closed_by: - $ref: '#/components/schemas/Cases_case_response_closed_by_properties' - comments: - description: An array of comment objects for the case. - items: - discriminator: - mapping: - alert: '#/components/schemas/Cases_alert_comment_response_properties' - user: '#/components/schemas/Cases_user_comment_response_properties' - propertyName: type - oneOf: - - $ref: '#/components/schemas/Cases_alert_comment_response_properties' - - $ref: '#/components/schemas/Cases_user_comment_response_properties' - maxItems: 10000 - title: Case response properties for comments - type: array - connector: - discriminator: - mapping: - .cases-webhook: '#/components/schemas/Cases_connector_properties_cases_webhook' - .jira: '#/components/schemas/Cases_connector_properties_jira' - .none: '#/components/schemas/Cases_connector_properties_none' - .resilient: '#/components/schemas/Cases_connector_properties_resilient' - .servicenow: '#/components/schemas/Cases_connector_properties_servicenow' - .servicenow-sir: '#/components/schemas/Cases_connector_properties_servicenow_sir' - .swimlane: '#/components/schemas/Cases_connector_properties_swimlane' - propertyName: type - oneOf: - - $ref: '#/components/schemas/Cases_connector_properties_none' - - $ref: '#/components/schemas/Cases_connector_properties_cases_webhook' - - $ref: '#/components/schemas/Cases_connector_properties_jira' - - $ref: '#/components/schemas/Cases_connector_properties_resilient' - - $ref: '#/components/schemas/Cases_connector_properties_servicenow' - - $ref: '#/components/schemas/Cases_connector_properties_servicenow_sir' - - $ref: '#/components/schemas/Cases_connector_properties_swimlane' - title: Case response properties for connectors - created_at: - example: '2022-05-13T09:16:17.416Z' - format: date-time - type: string - created_by: - $ref: '#/components/schemas/Cases_case_response_created_by_properties' - customFields: - description: Custom field values for the case. - items: - type: object - properties: - key: - description: > - The unique identifier for the custom field. The key value must - exist in the case configuration settings. - type: string - type: - description: > - The custom field type. It must match the type specified in the - case configuration settings. - enum: - - text - - toggle - type: string - value: - description: > - The custom field value. If the custom field is required, it - cannot be explicitly set to null. However, for cases that - existed when the required custom field was added, the default - value stored in Elasticsearch is `undefined`. The value - returned in the API and user interface in this case is `null`. - oneOf: - - maxLength: 160 - minLength: 1 - nullable: true - type: string - - type: boolean - type: array - description: - example: A case description. - type: string - duration: - description: > - The elapsed time from the creation of the case to its closure (in - seconds). If the case has not been closed, the duration is set to - null. If the case was closed after less than half a second, the - duration is rounded down to zero. - example: 120 - nullable: true - type: integer - external_service: - $ref: '#/components/schemas/Cases_external_service' - id: - example: 66b9aa00-94fa-11ea-9f74-e7e108796192 - type: string - owner: - $ref: '#/components/schemas/Cases_owner' - settings: - $ref: '#/components/schemas/Cases_settings' - severity: - $ref: '#/components/schemas/Cases_case_severity' - status: - $ref: '#/components/schemas/Cases_case_status' - tags: - example: - - tag-1 - items: - type: string - type: array - title: - example: Case title 1 - type: string - totalAlerts: - example: 0 - type: integer - totalComment: - example: 0 - type: integer - updated_at: - format: date-time - nullable: true - type: string - updated_by: - $ref: '#/components/schemas/Cases_case_response_updated_by_properties' - version: - example: WzUzMiwxXQ== - type: string - required: - - closed_at - - closed_by - - comments - - connector - - created_at - - created_by - - description - - duration - - external_service - - id - - owner - - settings - - severity - - status - - tags - - title - - totalAlerts - - totalComment - - updated_at - - updated_by - - version - Cases_case_response_pushed_by_properties: - nullable: true - properties: - email: - example: null - nullable: true - type: string - full_name: - example: null - nullable: true - type: string - profile_uid: - example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 - type: string - username: - example: elastic - nullable: true - type: string - required: - - email - - full_name - - username - title: Case response properties for pushed_by - type: object - Cases_case_response_updated_by_properties: - nullable: true - properties: - email: - example: null - nullable: true - type: string - full_name: - example: null - nullable: true - type: string - profile_uid: - example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 - type: string - username: - example: elastic - nullable: true - type: string - required: - - email - - full_name - - username - title: Case response properties for updated_by - type: object - Cases_case_severity: - default: low - description: The severity of the case. - enum: - - critical - - high - - low - - medium - type: string - Cases_case_status: - description: The status of the case. - enum: - - closed - - in-progress - - open - type: string - Cases_case_tags: - description: > - The words and phrases that help categorize cases. It can be an empty - array. - items: - maxLength: 256 - type: string - maxItems: 200 - type: array - Cases_case_title: - description: A title for the case. - maxLength: 160 - type: string - Cases_closure_types: - description: >- - Indicates whether a case is automatically closed when it is pushed to - external systems (`close-by-pushing`) or not automatically closed - (`close-by-user`). - enum: - - close-by-pushing - - close-by-user - example: close-by-user - type: string - Cases_connector_properties_cases_webhook: - description: Defines properties for connectors when type is `.cases-webhook`. - type: object - properties: - fields: - example: null - nullable: true - type: string - id: - description: >- - The identifier for the connector. To retrieve connector IDs, use the - find connectors API. - type: string - name: - description: The name of the connector. - type: string - type: - description: The type of connector. - enum: - - .cases-webhook - example: .cases-webhook - type: string - required: - - fields - - id - - name - - type - title: Create or upate case request properties for Cases Webhook connector - Cases_connector_properties_jira: - description: Defines properties for connectors when type is `.jira`. - type: object - properties: - fields: - description: >- - An object containing the connector fields. If you want to omit any - individual field, specify null as its value. - type: object - properties: - issueType: - description: The type of issue. - nullable: true - type: string - parent: - description: The key of the parent issue, when the issue type is sub-task. - nullable: true - type: string - priority: - description: The priority of the issue. - nullable: true - type: string - required: - - issueType - - parent - - priority - id: - description: >- - The identifier for the connector. To retrieve connector IDs, use the - find connectors API. - type: string - name: - description: The name of the connector. - type: string - type: - description: The type of connector. - enum: - - .jira - example: .jira - type: string - required: - - fields - - id - - name - - type - title: Create or update case request properties for a Jira connector - Cases_connector_properties_none: - description: Defines properties for connectors when type is `.none`. - type: object - properties: - fields: - description: >- - An object containing the connector fields. To create a case without - a connector, specify null. To update a case to remove the connector, - specify null. - example: null - nullable: true - type: string - id: - description: >- - The identifier for the connector. To create a case without a - connector, use `none`. To update a case to remove the connector, - specify `none`. - example: none - type: string - name: - description: >- - The name of the connector. To create a case without a connector, use - `none`. To update a case to remove the connector, specify `none`. - example: none - type: string - type: - description: >- - The type of connector. To create a case without a connector, use - `.none`. To update a case to remove the connector, specify `.none`. - enum: - - .none - example: .none - type: string - required: - - fields - - id - - name - - type - title: Create or update case request properties for no connector - Cases_connector_properties_resilient: - description: Defines properties for connectors when type is `.resilient`. - type: object - properties: - fields: - description: >- - An object containing the connector fields. If you want to omit any - individual field, specify null as its value. - nullable: true - type: object - properties: - issueTypes: - description: The type of incident. - items: - type: string - type: array - severityCode: - description: The severity code of the incident. - type: string - required: - - issueTypes - - severityCode - id: - description: The identifier for the connector. - type: string - name: - description: The name of the connector. - type: string - type: - description: The type of connector. - enum: - - .resilient - example: .resilient - type: string - required: - - fields - - id - - name - - type - title: Create case request properties for a IBM Resilient connector - Cases_connector_properties_servicenow: - description: Defines properties for connectors when type is `.servicenow`. - type: object - properties: - fields: - description: >- - An object containing the connector fields. If you want to omit any - individual field, specify null as its value. - type: object - properties: - category: - description: The category of the incident. - nullable: true - type: string - impact: - description: The effect an incident had on business. - nullable: true - type: string - severity: - description: The severity of the incident. - nullable: true - type: string - subcategory: - description: The subcategory of the incident. - nullable: true - type: string - urgency: - description: The extent to which the incident resolution can be delayed. - nullable: true - type: string - required: - - category - - impact - - severity - - subcategory - - urgency - id: - description: >- - The identifier for the connector. To retrieve connector IDs, use the - find connectors API. - type: string - name: - description: The name of the connector. - type: string - type: - description: The type of connector. - enum: - - .servicenow - example: .servicenow - type: string - required: - - fields - - id - - name - - type - title: Create case request properties for a ServiceNow ITSM connector - Cases_connector_properties_servicenow_sir: - description: Defines properties for connectors when type is `.servicenow-sir`. - type: object - properties: - fields: - description: >- - An object containing the connector fields. If you want to omit any - individual field, specify null as its value. - type: object - properties: - category: - description: The category of the incident. - nullable: true - type: string - destIp: - description: >- - Indicates whether cases will send a comma-separated list of - destination IPs. - nullable: true - type: boolean - malwareHash: - description: >- - Indicates whether cases will send a comma-separated list of - malware hashes. - nullable: true - type: boolean - malwareUrl: - description: >- - Indicates whether cases will send a comma-separated list of - malware URLs. - nullable: true - type: boolean - priority: - description: The priority of the issue. - nullable: true - type: string - sourceIp: - description: >- - Indicates whether cases will send a comma-separated list of - source IPs. - nullable: true - type: boolean - subcategory: - description: The subcategory of the incident. - nullable: true - type: string - required: - - category - - destIp - - malwareHash - - malwareUrl - - priority - - sourceIp - - subcategory - id: - description: >- - The identifier for the connector. To retrieve connector IDs, use the - find connectors API. - type: string - name: - description: The name of the connector. - type: string - type: - description: The type of connector. - enum: - - .servicenow-sir - example: .servicenow-sir - type: string - required: - - fields - - id - - name - - type - title: Create case request properties for a ServiceNow SecOps connector - Cases_connector_properties_swimlane: - description: Defines properties for connectors when type is `.swimlane`. - type: object - properties: - fields: - description: >- - An object containing the connector fields. If you want to omit any - individual field, specify null as its value. - type: object - properties: - caseId: - description: The case identifier for Swimlane connectors. - nullable: true - type: string - required: - - caseId - id: - description: >- - The identifier for the connector. To retrieve connector IDs, use the - find connectors API. - type: string - name: - description: The name of the connector. - type: string - type: - description: The type of connector. - enum: - - .swimlane - example: .swimlane - type: string - required: - - fields - - id - - name - - type - title: Create case request properties for a Swimlane connector - Cases_connector_types: - description: The type of connector. - enum: - - .cases-webhook - - .jira - - .none - - .resilient - - .servicenow - - .servicenow-sir - - .swimlane - example: .none - type: string - Cases_create_case_request: - description: >- - The create case API request body varies depending on the type of - connector. - properties: - assignees: - $ref: '#/components/schemas/Cases_assignees' - category: - $ref: '#/components/schemas/Cases_case_category' - connector: - oneOf: - - $ref: '#/components/schemas/Cases_connector_properties_none' - - $ref: '#/components/schemas/Cases_connector_properties_cases_webhook' - - $ref: '#/components/schemas/Cases_connector_properties_jira' - - $ref: '#/components/schemas/Cases_connector_properties_resilient' - - $ref: '#/components/schemas/Cases_connector_properties_servicenow' - - $ref: '#/components/schemas/Cases_connector_properties_servicenow_sir' - - $ref: '#/components/schemas/Cases_connector_properties_swimlane' - customFields: - description: > - Custom field values for a case. Any optional custom fields that are - not specified in the request are set to null. - items: - type: object - properties: - key: - description: > - The unique identifier for the custom field. The key value must - exist in the case configuration settings. - type: string - type: - description: > - The custom field type. It must match the type specified in the - case configuration settings. - enum: - - text - - toggle - type: string - value: - description: > - The custom field value. If the custom field is required, it - cannot be explicitly set to null. However, for cases that - existed when the required custom field was added, the default - value stored in Elasticsearch is `undefined`. The value - returned in the API and user interface in this case is `null`. - oneOf: - - maxLength: 160 - minLength: 1 - nullable: true - type: string - - type: boolean - required: - - key - - type - - value - maxItems: 10 - minItems: 0 - type: array - description: - $ref: '#/components/schemas/Cases_case_description' - owner: - $ref: '#/components/schemas/Cases_owner' - settings: - $ref: '#/components/schemas/Cases_settings' - severity: - $ref: '#/components/schemas/Cases_case_severity' - tags: - $ref: '#/components/schemas/Cases_case_tags' - title: - $ref: '#/components/schemas/Cases_case_title' - required: - - connector - - description - - owner - - settings - - tags - - title - title: Create case request - type: object - Cases_external_service: - nullable: true - type: object - properties: - connector_id: - type: string - connector_name: - type: string - external_id: - type: string - external_title: - type: string - external_url: - type: string - pushed_at: - format: date-time - type: string - pushed_by: - nullable: true - type: object - properties: - email: - example: null - nullable: true - type: string - full_name: - example: null - nullable: true - type: string - profile_uid: - example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 - type: string - username: - example: elastic - nullable: true - type: string - Cases_owner: - description: > - The application that owns the cases: Stack Management, Observability, or - Elastic Security. - enum: - - cases - - observability - - securitySolution - example: cases - type: string - Cases_owners: - items: - $ref: '#/components/schemas/Cases_owner' - type: array - Cases_payload_alert_comment: - type: object - properties: - comment: - type: object - properties: - alertId: - oneOf: - - example: 1c0b056b-cc9f-4b61-b5c9-cb801abd5e1d - type: string - - items: - type: string - type: array - index: - oneOf: - - example: .alerts-observability.logs.alerts-default - type: string - - items: - type: string - type: array - owner: - $ref: '#/components/schemas/Cases_owner' - rule: - type: object - properties: - id: - description: The rule identifier. - example: 94d80550-aaf4-11ec-985f-97e55adae8b9 - type: string - name: - description: The rule name. - example: security_rule - type: string - type: - enum: - - alert - type: string - Cases_payload_assignees: - type: object - properties: - assignees: - $ref: '#/components/schemas/Cases_assignees' - Cases_payload_connector: - type: object - properties: - connector: - type: object - properties: - fields: - description: >- - An object containing the connector fields. To create a case - without a connector, specify null. If you want to omit any - individual field, specify null as its value. - example: null - nullable: true - type: object - properties: - caseId: - description: The case identifier for Swimlane connectors. - type: string - category: - description: >- - The category of the incident for ServiceNow ITSM and - ServiceNow SecOps connectors. - type: string - destIp: - description: >- - Indicates whether cases will send a comma-separated list of - destination IPs for ServiceNow SecOps connectors. - nullable: true - type: boolean - impact: - description: >- - The effect an incident had on business for ServiceNow ITSM - connectors. - type: string - issueType: - description: The type of issue for Jira connectors. - type: string - issueTypes: - description: The type of incident for IBM Resilient connectors. - items: - type: string - type: array - malwareHash: - description: >- - Indicates whether cases will send a comma-separated list of - malware hashes for ServiceNow SecOps connectors. - nullable: true - type: boolean - malwareUrl: - description: >- - Indicates whether cases will send a comma-separated list of - malware URLs for ServiceNow SecOps connectors. - nullable: true - type: boolean - parent: - description: >- - The key of the parent issue, when the issue type is sub-task - for Jira connectors. - type: string - priority: - description: >- - The priority of the issue for Jira and ServiceNow SecOps - connectors. - type: string - severity: - description: The severity of the incident for ServiceNow ITSM connectors. - type: string - severityCode: - description: >- - The severity code of the incident for IBM Resilient - connectors. - type: string - sourceIp: - description: >- - Indicates whether cases will send a comma-separated list of - source IPs for ServiceNow SecOps connectors. - nullable: true - type: boolean - subcategory: - description: >- - The subcategory of the incident for ServiceNow ITSM - connectors. - type: string - urgency: - description: >- - The extent to which the incident resolution can be delayed - for ServiceNow ITSM connectors. - type: string - id: - description: >- - The identifier for the connector. To create a case without a - connector, use `none`. - example: none - type: string - name: - description: >- - The name of the connector. To create a case without a connector, - use `none`. - example: none - type: string - type: - $ref: '#/components/schemas/Cases_connector_types' - Cases_payload_create_case: - type: object - properties: - assignees: - $ref: '#/components/schemas/Cases_assignees' - connector: - type: object - properties: - fields: - description: >- - An object containing the connector fields. To create a case - without a connector, specify null. If you want to omit any - individual field, specify null as its value. - example: null - nullable: true - type: object - properties: - caseId: - description: The case identifier for Swimlane connectors. - type: string - category: - description: >- - The category of the incident for ServiceNow ITSM and - ServiceNow SecOps connectors. - type: string - destIp: - description: >- - Indicates whether cases will send a comma-separated list of - destination IPs for ServiceNow SecOps connectors. - nullable: true - type: boolean - impact: - description: >- - The effect an incident had on business for ServiceNow ITSM - connectors. - type: string - issueType: - description: The type of issue for Jira connectors. - type: string - issueTypes: - description: The type of incident for IBM Resilient connectors. - items: - type: string - type: array - malwareHash: - description: >- - Indicates whether cases will send a comma-separated list of - malware hashes for ServiceNow SecOps connectors. - nullable: true - type: boolean - malwareUrl: - description: >- - Indicates whether cases will send a comma-separated list of - malware URLs for ServiceNow SecOps connectors. - nullable: true - type: boolean - parent: - description: >- - The key of the parent issue, when the issue type is sub-task - for Jira connectors. - type: string - priority: - description: >- - The priority of the issue for Jira and ServiceNow SecOps - connectors. - type: string - severity: - description: The severity of the incident for ServiceNow ITSM connectors. - type: string - severityCode: - description: >- - The severity code of the incident for IBM Resilient - connectors. - type: string - sourceIp: - description: >- - Indicates whether cases will send a comma-separated list of - source IPs for ServiceNow SecOps connectors. - nullable: true - type: boolean - subcategory: - description: >- - The subcategory of the incident for ServiceNow ITSM - connectors. - type: string - urgency: - description: >- - The extent to which the incident resolution can be delayed - for ServiceNow ITSM connectors. - type: string - id: - description: >- - The identifier for the connector. To create a case without a - connector, use `none`. - example: none - type: string - name: - description: >- - The name of the connector. To create a case without a connector, - use `none`. - example: none - type: string - type: - $ref: '#/components/schemas/Cases_connector_types' - description: - type: string - owner: - $ref: '#/components/schemas/Cases_owner' - settings: - $ref: '#/components/schemas/Cases_settings' - severity: - $ref: '#/components/schemas/Cases_case_severity' - status: - $ref: '#/components/schemas/Cases_case_status' - tags: - items: - example: - - tag-1 - type: string - type: array - title: - type: string - Cases_payload_delete: - description: >- - If the `action` is `delete` and the `type` is `delete_case`, the payload - is nullable. - nullable: true - type: object - Cases_payload_description: - type: object - properties: - description: - type: string - Cases_payload_pushed: - type: object - properties: - externalService: - $ref: '#/components/schemas/Cases_external_service' - Cases_payload_settings: - type: object - properties: - settings: - $ref: '#/components/schemas/Cases_settings' - Cases_payload_severity: - type: object - properties: - severity: - $ref: '#/components/schemas/Cases_case_severity' - Cases_payload_status: - type: object - properties: - status: - $ref: '#/components/schemas/Cases_case_status' - Cases_payload_tags: - type: object - properties: - tags: - example: - - tag-1 - items: - type: string - type: array - Cases_payload_title: - type: object - properties: - title: - type: string - Cases_payload_user_comment: - type: object - properties: - comment: - type: object - properties: - comment: - type: string - owner: - $ref: '#/components/schemas/Cases_owner' - type: - enum: - - user - type: string - Cases_rule: - description: > - The rule that is associated with the alerts. It is required only when - `type` is `alert`. This functionality is in technical preview and may be - changed or removed in a future release. Elastic will work to fix any - issues, but features in technical preview are not subject to the support - SLA of official GA features. - title: Alerting rule - type: object - properties: - id: - description: The rule identifier. - example: 94d80550-aaf4-11ec-985f-97e55adae8b9 - type: string - name: - description: The rule name. - example: security_rule - type: string - x-state: Technical preview - Cases_searchFieldsType: - description: The fields to perform the `simple_query_string` parsed query against. - enum: - - description - - title - type: string - Cases_searchFieldsTypeArray: - items: - $ref: '#/components/schemas/Cases_searchFieldsType' - type: array - Cases_set_case_configuration_request: - description: >- - External connection details, such as the closure type and default - connector for cases. - properties: - closure_type: - $ref: '#/components/schemas/Cases_closure_types' - connector: - description: An object that contains the connector configuration. - type: object - properties: - fields: - description: >- - The fields specified in the case configuration are not used and - are not propagated to individual cases, therefore it is - recommended to set it to `null`. - nullable: true - type: object - id: - description: >- - The identifier for the connector. If you do not want a default - connector, use `none`. To retrieve connector IDs, use the find - connectors API. - example: none - type: string - name: - description: >- - The name of the connector. If you do not want a default - connector, use `none`. To retrieve connector names, use the find - connectors API. - example: none - type: string - type: - $ref: '#/components/schemas/Cases_connector_types' - required: - - fields - - id - - name - - type - customFields: - description: Custom fields case configuration. - items: - type: object - properties: - defaultValue: - description: > - A default value for the custom field. If the `type` is `text`, - the default value must be a string. If the `type` is `toggle`, - the default value must be boolean. - oneOf: - - type: string - - type: boolean - key: - description: > - A unique key for the custom field. Must be lower case and - composed only of a-z, 0-9, '_', and '-' characters. It is used - in API calls to refer to a specific custom field. - maxLength: 36 - minLength: 1 - type: string - label: - description: The custom field label that is displayed in the case. - maxLength: 50 - minLength: 1 - type: string - type: - description: The type of the custom field. - enum: - - text - - toggle - type: string - required: - description: > - Indicates whether the field is required. If `false`, the - custom field can be set to null or omitted when a case is - created or updated. - type: boolean - required: - - key - - label - - required - - type - maxItems: 10 - minItems: 0 - type: array - owner: - $ref: '#/components/schemas/Cases_owner' - templates: - $ref: '#/components/schemas/Cases_templates' - required: - - closure_type - - connector - - owner - title: Set case configuration request - type: object - Cases_settings: - description: An object that contains the case settings. - type: object - properties: - syncAlerts: - description: Turns alert syncing on or off. - example: true - type: boolean - required: - - syncAlerts - Cases_string: - type: string - Cases_string_array: - items: - $ref: '#/components/schemas/Cases_string' - maxItems: 100 - type: array - Cases_template_tags: - description: > - The words and phrases that help categorize templates. It can be an empty - array. - items: - maxLength: 256 - type: string - maxItems: 200 - type: array - Cases_templates: - items: - type: object - properties: - caseFields: - type: object - properties: - assignees: - $ref: '#/components/schemas/Cases_assignees' - category: - $ref: '#/components/schemas/Cases_case_category' - connector: - type: object - properties: - fields: - description: >- - The fields specified in the case configuration are not - used and are not propagated to individual cases, therefore - it is recommended to set it to `null`. - nullable: true - type: object - id: - description: >- - The identifier for the connector. If you do not want a - default connector, use `none`. To retrieve connector IDs, - use the find connectors API. - example: none - type: string - name: - description: >- - The name of the connector. If you do not want a default - connector, use `none`. To retrieve connector names, use - the find connectors API. - example: none - type: string - type: - $ref: '#/components/schemas/Cases_connector_types' - customFields: - description: Custom field values in the template. - items: - type: object - properties: - key: - description: The unique key for the custom field. - type: string - type: - description: The type of the custom field. - enum: - - text - - toggle - type: string - value: - description: > - The default value for the custom field when a case uses - the template. If the `type` is `text`, the default value - must be a string. If the `type` is `toggle`, the default - value must be boolean. - oneOf: - - type: string - - type: boolean - type: array - x-state: Technical preview - description: - $ref: '#/components/schemas/Cases_case_description' - settings: - $ref: '#/components/schemas/Cases_settings' - severity: - $ref: '#/components/schemas/Cases_case_severity' - tags: - $ref: '#/components/schemas/Cases_case_tags' - title: - $ref: '#/components/schemas/Cases_case_title' - description: - description: A description for the template. - type: string - key: - description: > - A unique key for the template. Must be lower case and composed - only of a-z, 0-9, '_', and '-' characters. It is used in API calls - to refer to a specific template. - type: string - name: - description: The name of the template. - type: string - tags: - $ref: '#/components/schemas/Cases_template_tags' - type: array - x-state: Technical preview - Cases_update_alert_comment_request_properties: - description: Defines properties for case comment requests when type is alert. - type: object - properties: - alertId: - $ref: '#/components/schemas/Cases_alert_identifiers' - id: - description: > - The identifier for the comment. To retrieve comment IDs, use the get - comments API. - example: 8af6ac20-74f6-11ea-b83a-553aecdb28b6 - type: string - index: - $ref: '#/components/schemas/Cases_alert_indices' - owner: - $ref: '#/components/schemas/Cases_owner' - rule: - $ref: '#/components/schemas/Cases_rule' - type: - description: The type of comment. - enum: - - alert - example: alert - type: string - version: - description: > - The current comment version. To retrieve version values, use the get - comments API. - example: Wzk1LDFd - type: string - required: - - alertId - - id - - index - - owner - - rule - - type - - version - title: Update case comment request properties for alerts - Cases_update_case_comment_request: - description: >- - The update case comment API request body varies depending on whether you - are updating an alert or a comment. - discriminator: - mapping: - alert: '#/components/schemas/Cases_update_alert_comment_request_properties' - user: '#/components/schemas/Cases_update_user_comment_request_properties' - propertyName: type - oneOf: - - $ref: '#/components/schemas/Cases_update_alert_comment_request_properties' - - $ref: '#/components/schemas/Cases_update_user_comment_request_properties' - title: Update case comment request - Cases_update_case_configuration_request: - description: > - You can update settings such as the closure type, custom fields, - templates, and the default connector for cases. - properties: - closure_type: - $ref: '#/components/schemas/Cases_closure_types' - connector: - description: An object that contains the connector configuration. - type: object - properties: - fields: - description: >- - The fields specified in the case configuration are not used and - are not propagated to individual cases, therefore it is - recommended to set it to `null`. - nullable: true - type: object - id: - description: >- - The identifier for the connector. If you do not want a default - connector, use `none`. To retrieve connector IDs, use the find - connectors API. - example: none - type: string - name: - description: >- - The name of the connector. If you do not want a default - connector, use `none`. To retrieve connector names, use the find - connectors API. - example: none - type: string - type: - $ref: '#/components/schemas/Cases_connector_types' - required: - - fields - - id - - name - - type - customFields: - description: Custom fields case configuration. - items: - type: object - properties: - defaultValue: - description: > - A default value for the custom field. If the `type` is `text`, - the default value must be a string. If the `type` is `toggle`, - the default value must be boolean. - oneOf: - - type: string - - type: boolean - key: - description: > - A unique key for the custom field. Must be lower case and - composed only of a-z, 0-9, '_', and '-' characters. It is used - in API calls to refer to a specific custom field. - maxLength: 36 - minLength: 1 - type: string - label: - description: The custom field label that is displayed in the case. - maxLength: 50 - minLength: 1 - type: string - type: - description: The type of the custom field. - enum: - - text - - toggle - type: string - required: - description: > - Indicates whether the field is required. If `false`, the - custom field can be set to null or omitted when a case is - created or updated. - type: boolean - required: - - key - - label - - required - - type - type: array - templates: - $ref: '#/components/schemas/Cases_templates' - version: - description: > - The version of the connector. To retrieve the version value, use the - get configuration API. - example: WzIwMiwxXQ== - type: string - required: - - version - title: Update case configuration request - type: object - Cases_update_case_request: - description: >- - The update case API request body varies depending on the type of - connector. - properties: - cases: - description: An array containing one or more case objects. - items: - type: object - properties: - assignees: - $ref: '#/components/schemas/Cases_assignees' - category: - $ref: '#/components/schemas/Cases_case_category' - connector: - oneOf: - - $ref: '#/components/schemas/Cases_connector_properties_none' - - $ref: >- - #/components/schemas/Cases_connector_properties_cases_webhook - - $ref: '#/components/schemas/Cases_connector_properties_jira' - - $ref: '#/components/schemas/Cases_connector_properties_resilient' - - $ref: '#/components/schemas/Cases_connector_properties_servicenow' - - $ref: >- - #/components/schemas/Cases_connector_properties_servicenow_sir - - $ref: '#/components/schemas/Cases_connector_properties_swimlane' - customFields: - description: > - Custom field values for a case. Any optional custom fields - that are not specified in the request are set to null. - items: - type: object - properties: - key: - description: > - The unique identifier for the custom field. The key - value must exist in the case configuration settings. - type: string - type: - description: > - The custom field type. It must match the type specified - in the case configuration settings. - enum: - - text - - toggle - type: string - value: - description: > - The custom field value. If the custom field is required, - it cannot be explicitly set to null. However, for cases - that existed when the required custom field was added, - the default value stored in Elasticsearch is - `undefined`. The value returned in the API and user - interface in this case is `null`. - oneOf: - - maxLength: 160 - minLength: 1 - nullable: true - type: string - - type: boolean - required: - - key - - type - - value - maxItems: 10 - minItems: 0 - type: array - description: - $ref: '#/components/schemas/Cases_case_description' - id: - description: The identifier for the case. - maxLength: 30000 - type: string - settings: - $ref: '#/components/schemas/Cases_settings' - severity: - $ref: '#/components/schemas/Cases_case_severity' - status: - $ref: '#/components/schemas/Cases_case_status' - tags: - $ref: '#/components/schemas/Cases_case_tags' - title: - $ref: '#/components/schemas/Cases_case_title' - version: - description: >- - The current version of the case. To determine this value, use - the get case or find cases APIs. - type: string - required: - - id - - version - maxItems: 100 - minItems: 1 - type: array - required: - - cases - title: Update case request - type: object - Cases_update_user_comment_request_properties: - description: Defines properties for case comment requests when type is user. - properties: - comment: - description: The new comment. It is required only when `type` is `user`. - example: A new comment. - maxLength: 30000 - type: string - id: - description: > - The identifier for the comment. To retrieve comment IDs, use the get - comments API. - example: 8af6ac20-74f6-11ea-b83a-553aecdb28b6 - type: string - owner: - $ref: '#/components/schemas/Cases_owner' - type: - description: The type of comment. - enum: - - user - example: user - type: string - version: - description: > - The current comment version. To retrieve version values, use the get - comments API. - example: Wzk1LDFd - type: string - required: - - comment - - id - - owner - - type - - version - title: Update case comment request properties for user comments - type: object - Cases_user_actions_find_response_properties: - type: object - properties: - action: - $ref: '#/components/schemas/Cases_actions' - comment_id: - example: 578608d0-03b1-11ed-920c-974bfa104448 - nullable: true - type: string - created_at: - example: '2022-05-13T09:16:17.416Z' - format: date-time - type: string - created_by: - type: object - properties: - email: - example: null - nullable: true - type: string - full_name: - example: null - nullable: true - type: string - profile_uid: - example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 - type: string - username: - example: elastic - nullable: true - type: string - required: - - email - - full_name - - username - id: - example: 22fd3e30-03b1-11ed-920c-974bfa104448 - type: string - owner: - $ref: '#/components/schemas/Cases_owner' - payload: - oneOf: - - $ref: '#/components/schemas/Cases_payload_alert_comment' - - $ref: '#/components/schemas/Cases_payload_assignees' - - $ref: '#/components/schemas/Cases_payload_connector' - - $ref: '#/components/schemas/Cases_payload_create_case' - - $ref: '#/components/schemas/Cases_payload_delete' - - $ref: '#/components/schemas/Cases_payload_description' - - $ref: '#/components/schemas/Cases_payload_pushed' - - $ref: '#/components/schemas/Cases_payload_settings' - - $ref: '#/components/schemas/Cases_payload_severity' - - $ref: '#/components/schemas/Cases_payload_status' - - $ref: '#/components/schemas/Cases_payload_tags' - - $ref: '#/components/schemas/Cases_payload_title' - - $ref: '#/components/schemas/Cases_payload_user_comment' - type: - description: The type of action. - enum: - - assignees - - create_case - - comment - - connector - - description - - pushed - - tags - - title - - status - - settings - - severity - example: create_case - type: string - version: - example: WzM1ODg4LDFd - type: string - required: - - action - - comment_id - - created_at - - created_by - - id - - owner - - payload - - type - - version - Cases_user_actions_response_properties: - type: object - properties: - action: - $ref: '#/components/schemas/Cases_actions' - action_id: - example: 22fd3e30-03b1-11ed-920c-974bfa104448 - type: string - case_id: - example: 22df07d0-03b1-11ed-920c-974bfa104448 - type: string - comment_id: - example: 578608d0-03b1-11ed-920c-974bfa104448 - nullable: true - type: string - created_at: - example: '2022-05-13T09:16:17.416Z' - format: date-time - type: string - created_by: - type: object - properties: - email: - example: null - nullable: true - type: string - full_name: - example: null - nullable: true - type: string - profile_uid: - example: u_J41Oh6L9ki-Vo2tOogS8WRTENzhHurGtRc87NgEAlkc_0 - type: string - username: - example: elastic - nullable: true - type: string - required: - - email - - full_name - - username - owner: - $ref: '#/components/schemas/Cases_owner' - payload: - oneOf: - - $ref: '#/components/schemas/Cases_payload_alert_comment' - - $ref: '#/components/schemas/Cases_payload_assignees' - - $ref: '#/components/schemas/Cases_payload_connector' - - $ref: '#/components/schemas/Cases_payload_create_case' - - $ref: '#/components/schemas/Cases_payload_delete' - - $ref: '#/components/schemas/Cases_payload_description' - - $ref: '#/components/schemas/Cases_payload_pushed' - - $ref: '#/components/schemas/Cases_payload_settings' - - $ref: '#/components/schemas/Cases_payload_severity' - - $ref: '#/components/schemas/Cases_payload_status' - - $ref: '#/components/schemas/Cases_payload_tags' - - $ref: '#/components/schemas/Cases_payload_title' - - $ref: '#/components/schemas/Cases_payload_user_comment' - type: - $ref: '#/components/schemas/Cases_action_types' - required: - - action - - action_id - - case_id - - comment_id - - created_at - - created_by - - owner - - payload - - type - Cases_user_comment_response_properties: - title: Case response properties for user comments - type: object - properties: - comment: - example: A new comment. - type: string - created_at: - example: '2022-05-13T09:16:17.416Z' - format: date-time - type: string - created_by: - $ref: '#/components/schemas/Cases_case_response_created_by_properties' - id: - example: 8af6ac20-74f6-11ea-b83a-553aecdb28b6 - type: string - owner: - $ref: '#/components/schemas/Cases_owner' - pushed_at: - example: null - format: date-time - nullable: true - type: string - pushed_by: - $ref: '#/components/schemas/Cases_case_response_pushed_by_properties' - type: - enum: - - user - example: user - type: string - updated_at: - example: null - format: date-time - nullable: true - type: string - updated_by: - $ref: '#/components/schemas/Cases_case_response_updated_by_properties' - version: - example: WzIwNDMxLDFd - type: string - required: - - type - Data_views_400_response: - title: Bad request - type: object - properties: - error: - example: Bad Request - type: string - message: - type: string - statusCode: - example: 400 - type: number - required: - - statusCode - - error - - message - Data_views_404_response: - type: object - properties: - error: - enum: - - Not Found - example: Not Found - type: string - message: - example: >- - Saved object [index-pattern/caaad6d0-920c-11ed-b36a-874bd1548a00] - not found - type: string - statusCode: - enum: - - 404 - example: 404 - type: integer - Data_views_allownoindex: - description: Allows the data view saved object to exist before the data is available. - type: boolean - Data_views_create_data_view_request_object: - title: Create data view request - type: object - properties: - data_view: - description: The data view object. - type: object - properties: - allowNoIndex: - $ref: '#/components/schemas/Data_views_allownoindex' - fieldAttrs: - additionalProperties: - $ref: '#/components/schemas/Data_views_fieldattrs' - type: object - fieldFormats: - $ref: '#/components/schemas/Data_views_fieldformats' - fields: - type: object - id: - type: string - name: - description: The data view name. - type: string - namespaces: - $ref: '#/components/schemas/Data_views_namespaces' - runtimeFieldMap: - additionalProperties: - $ref: '#/components/schemas/Data_views_runtimefieldmap' - type: object - sourceFilters: - $ref: '#/components/schemas/Data_views_sourcefilters' - timeFieldName: - $ref: '#/components/schemas/Data_views_timefieldname' - title: - $ref: '#/components/schemas/Data_views_title' - type: - $ref: '#/components/schemas/Data_views_type' - typeMeta: - $ref: '#/components/schemas/Data_views_typemeta' - version: - type: string - required: - - title - override: - default: false - description: >- - Override an existing data view if a data view with the provided - title already exists. - type: boolean - required: - - data_view - Data_views_data_view_response_object: - title: Data view response properties - type: object - properties: - data_view: - type: object - properties: - allowNoIndex: - $ref: '#/components/schemas/Data_views_allownoindex' - fieldAttrs: - additionalProperties: - $ref: '#/components/schemas/Data_views_fieldattrs' - type: object - fieldFormats: - $ref: '#/components/schemas/Data_views_fieldformats' - fields: - type: object - id: - example: ff959d40-b880-11e8-a6d9-e546fe2bba5f - type: string - name: - description: The data view name. - type: string - namespaces: - $ref: '#/components/schemas/Data_views_namespaces' - runtimeFieldMap: - additionalProperties: - $ref: '#/components/schemas/Data_views_runtimefieldmap' - type: object - sourceFilters: - $ref: '#/components/schemas/Data_views_sourcefilters' - timeFieldName: - $ref: '#/components/schemas/Data_views_timefieldname' - title: - $ref: '#/components/schemas/Data_views_title' - typeMeta: - $ref: '#/components/schemas/Data_views_typemeta_response' - version: - example: WzQ2LDJd - type: string - Data_views_fieldattrs: - description: A map of field attributes by field name. - type: object - properties: - count: - description: Popularity count for the field. - type: integer - customDescription: - description: Custom description for the field. - maxLength: 300 - type: string - customLabel: - description: Custom label for the field. - type: string - Data_views_fieldformats: - description: A map of field formats by field name. - type: object - Data_views_namespaces: - description: >- - An array of space identifiers for sharing the data view between multiple - spaces. - items: - default: default - type: string - type: array - Data_views_runtimefieldmap: - description: A map of runtime field definitions by field name. - type: object - properties: - script: - type: object - properties: - source: - description: Script for the runtime field. - type: string - type: - description: Mapping type of the runtime field. - type: string - required: - - script - - type - Data_views_sourcefilters: - description: The array of field names you want to filter out in Discover. - items: - type: object - properties: - value: - type: string - required: - - value - type: array - Data_views_swap_data_view_request_object: - title: Data view reference swap request - type: object - properties: - delete: - description: Deletes referenced saved object if all references are removed. - type: boolean - forId: - description: Limit the affected saved objects to one or more by identifier. - oneOf: - - type: string - - items: - type: string - type: array - forType: - description: Limit the affected saved objects by type. - type: string - fromId: - description: The saved object reference to change. - type: string - fromType: - description: > - Specify the type of the saved object reference to alter. The default - value is `index-pattern` for data views. - type: string - toId: - description: New saved object reference value to replace the old value. - type: string - required: - - fromId - - toId - Data_views_timefieldname: - description: The timestamp field name, which you use for time-based data views. - type: string - Data_views_title: - description: >- - Comma-separated list of data streams, indices, and aliases that you want - to search. Supports wildcards (`*`). - type: string - Data_views_type: - description: When set to `rollup`, identifies the rollup data views. - type: string - Data_views_typemeta: - description: >- - When you use rollup indices, contains the field list for the rollup data - view API endpoints. - type: object - properties: - aggs: - description: A map of rollup restrictions by aggregation type and field name. - type: object - params: - description: Properties for retrieving rollup fields. - type: object - required: - - aggs - - params - Data_views_typemeta_response: - description: >- - When you use rollup indices, contains the field list for the rollup data - view API endpoints. - nullable: true - type: object - properties: - aggs: - description: A map of rollup restrictions by aggregation type and field name. - type: object - params: - description: Properties for retrieving rollup fields. - type: object - Data_views_update_data_view_request_object: - title: Update data view request - type: object - properties: - data_view: - description: > - The data view properties you want to update. Only the specified - properties are updated in the data view. Unspecified fields stay as - they are persisted. - type: object - properties: - allowNoIndex: - $ref: '#/components/schemas/Data_views_allownoindex' - fieldFormats: - $ref: '#/components/schemas/Data_views_fieldformats' - fields: - type: object - name: - type: string - runtimeFieldMap: - additionalProperties: - $ref: '#/components/schemas/Data_views_runtimefieldmap' - type: object - sourceFilters: - $ref: '#/components/schemas/Data_views_sourcefilters' - timeFieldName: - $ref: '#/components/schemas/Data_views_timefieldname' - title: - $ref: '#/components/schemas/Data_views_title' - type: - $ref: '#/components/schemas/Data_views_type' - typeMeta: - $ref: '#/components/schemas/Data_views_typemeta' - refresh_fields: - default: false - description: Reloads the data view fields after the data view is updated. - type: boolean - required: - - data_view - Kibana_HTTP_APIs_core_status_redactedResponse: - additionalProperties: false - description: A minimal representation of Kibana's operational status. - type: object - properties: - status: - additionalProperties: false - type: object - properties: - overall: - additionalProperties: false - type: object - properties: - level: - description: Service status levels as human and machine readable values. - enum: - - available - - degraded - - unavailable - - critical - type: string - required: - - level - required: - - overall - required: - - status - Kibana_HTTP_APIs_core_status_response: - additionalProperties: false - description: >- - Kibana's operational status as well as a detailed breakdown of plugin - statuses indication of various loads (like event loop utilization and - network traffic) at time of request. - type: object - properties: - metrics: - additionalProperties: false - description: Metric groups collected by Kibana. - type: object - properties: - collection_interval_in_millis: - description: The interval at which metrics should be collected. - type: number - elasticsearch_client: - additionalProperties: false - description: Current network metrics of Kibana's Elasticsearch client. - type: object - properties: - totalActiveSockets: - description: Count of network sockets currently in use. - type: number - totalIdleSockets: - description: Count of network sockets currently idle. - type: number - totalQueuedRequests: - description: Count of requests not yet assigned to sockets. - type: number - required: - - totalActiveSockets - - totalIdleSockets - - totalQueuedRequests - last_updated: - description: The time metrics were collected. - type: string - required: - - elasticsearch_client - - last_updated - - collection_interval_in_millis - name: - description: Kibana instance name. - type: string - status: - additionalProperties: false - type: object - properties: - core: - additionalProperties: false - description: Statuses of core Kibana services. - type: object - properties: - elasticsearch: - additionalProperties: false - type: object - properties: - detail: - description: Human readable detail of the service status. - type: string - documentationUrl: - description: A URL to further documentation regarding this service. - type: string - level: - description: >- - Service status levels as human and machine readable - values. - enum: - - available - - degraded - - unavailable - - critical - type: string - meta: - additionalProperties: {} - description: >- - An unstructured set of extra metadata about this - service. - type: object - summary: - description: A human readable summary of the service status. - type: string - required: - - level - - summary - - meta - savedObjects: - additionalProperties: false - type: object - properties: - detail: - description: Human readable detail of the service status. - type: string - documentationUrl: - description: A URL to further documentation regarding this service. - type: string - level: - description: >- - Service status levels as human and machine readable - values. - enum: - - available - - degraded - - unavailable - - critical - type: string - meta: - additionalProperties: {} - description: >- - An unstructured set of extra metadata about this - service. - type: object - summary: - description: A human readable summary of the service status. - type: string - required: - - level - - summary - - meta - required: - - elasticsearch - - savedObjects - overall: - additionalProperties: false - type: object - properties: - detail: - description: Human readable detail of the service status. - type: string - documentationUrl: - description: A URL to further documentation regarding this service. - type: string - level: - description: Service status levels as human and machine readable values. - enum: - - available - - degraded - - unavailable - - critical - type: string - meta: - additionalProperties: {} - description: An unstructured set of extra metadata about this service. - type: object - summary: - description: A human readable summary of the service status. - type: string - required: - - level - - summary - - meta - plugins: - additionalProperties: - additionalProperties: false - type: object - properties: - detail: - description: Human readable detail of the service status. - type: string - documentationUrl: - description: A URL to further documentation regarding this service. - type: string - level: - description: >- - Service status levels as human and machine readable - values. - enum: - - available - - degraded - - unavailable - - critical - type: string - meta: - additionalProperties: {} - description: An unstructured set of extra metadata about this service. - type: object - summary: - description: A human readable summary of the service status. - type: string - required: - - level - - summary - - meta - description: A dynamic mapping of plugin ID to plugin status. - type: object - required: - - overall - - core - - plugins - uuid: - description: >- - Unique, generated Kibana instance UUID. This UUID should persist - even if the Kibana process restarts. - type: string - version: - additionalProperties: false - type: object - properties: - build_date: - description: The date and time of this build. - type: string - build_flavor: - description: >- - The build flavour determines configuration and behavior of - Kibana. On premise users will almost always run the - "traditional" flavour, while other flavours are reserved for - Elastic-specific use cases. - enum: - - serverless - - traditional - type: string - build_hash: - description: >- - A unique hash value representing the git commit of this Kibana - build. - type: string - build_number: - description: >- - A monotonically increasing number, each subsequent build will - have a higher number. - type: number - build_snapshot: - description: Whether this build is a snapshot build. - type: boolean - number: - description: A semantic version number. - type: string - required: - - number - - build_hash - - build_number - - build_snapshot - - build_flavor - - build_date - required: - - name - - uuid - - version - - status - - metrics - Machine_learning_APIs_mlSync200Response: - properties: - datafeedsAdded: - additionalProperties: - $ref: '#/components/schemas/Machine_learning_APIs_mlSyncResponseDatafeeds' - description: >- - If a saved object for an anomaly detection job is missing a datafeed - identifier, it is added when you run the sync machine learning saved - objects API. - type: object - datafeedsRemoved: - additionalProperties: - $ref: '#/components/schemas/Machine_learning_APIs_mlSyncResponseDatafeeds' - description: >- - If a saved object for an anomaly detection job references a datafeed - that no longer exists, it is deleted when you run the sync machine - learning saved objects API. - type: object - savedObjectsCreated: - $ref: >- - #/components/schemas/Machine_learning_APIs_mlSyncResponseSavedObjectsCreated - savedObjectsDeleted: - $ref: >- - #/components/schemas/Machine_learning_APIs_mlSyncResponseSavedObjectsDeleted - title: Successful sync API response - type: object - Machine_learning_APIs_mlSync4xxResponse: - properties: - error: - example: Unauthorized - type: string - message: - type: string - statusCode: - example: 401 - type: integer - title: Unsuccessful sync API response - type: object - Machine_learning_APIs_mlSyncResponseAnomalyDetectors: - description: >- - The sync machine learning saved objects API response contains this - object when there are anomaly detection jobs affected by the - synchronization. There is an object for each relevant job, which - contains the synchronization status. - properties: - success: - $ref: '#/components/schemas/Machine_learning_APIs_mlSyncResponseSuccess' - title: Sync API response for anomaly detection jobs - type: object - Machine_learning_APIs_mlSyncResponseDatafeeds: - description: >- - The sync machine learning saved objects API response contains this - object when there are datafeeds affected by the synchronization. There - is an object for each relevant datafeed, which contains the - synchronization status. - properties: - success: - $ref: '#/components/schemas/Machine_learning_APIs_mlSyncResponseSuccess' - title: Sync API response for datafeeds - type: object - Machine_learning_APIs_mlSyncResponseDataFrameAnalytics: - description: >- - The sync machine learning saved objects API response contains this - object when there are data frame analytics jobs affected by the - synchronization. There is an object for each relevant job, which - contains the synchronization status. - properties: - success: - $ref: '#/components/schemas/Machine_learning_APIs_mlSyncResponseSuccess' - title: Sync API response for data frame analytics jobs - type: object - Machine_learning_APIs_mlSyncResponseSavedObjectsCreated: - description: >- - If saved objects are missing for machine learning jobs or trained - models, they are created when you run the sync machine learning saved - objects API. - properties: - anomaly-detector: - additionalProperties: - $ref: >- - #/components/schemas/Machine_learning_APIs_mlSyncResponseAnomalyDetectors - description: >- - If saved objects are missing for anomaly detection jobs, they are - created. - type: object - data-frame-analytics: - additionalProperties: - $ref: >- - #/components/schemas/Machine_learning_APIs_mlSyncResponseDataFrameAnalytics - description: >- - If saved objects are missing for data frame analytics jobs, they are - created. - type: object - trained-model: - additionalProperties: - $ref: >- - #/components/schemas/Machine_learning_APIs_mlSyncResponseTrainedModels - description: If saved objects are missing for trained models, they are created. - type: object - title: Sync API response for created saved objects - type: object - Machine_learning_APIs_mlSyncResponseSavedObjectsDeleted: - description: >- - If saved objects exist for machine learning jobs or trained models that - no longer exist, they are deleted when you run the sync machine learning - saved objects API. - properties: - anomaly-detector: - additionalProperties: - $ref: >- - #/components/schemas/Machine_learning_APIs_mlSyncResponseAnomalyDetectors - description: >- - If there are saved objects exist for nonexistent anomaly detection - jobs, they are deleted. - type: object - data-frame-analytics: - additionalProperties: - $ref: >- - #/components/schemas/Machine_learning_APIs_mlSyncResponseDataFrameAnalytics - description: >- - If there are saved objects exist for nonexistent data frame - analytics jobs, they are deleted. - type: object - trained-model: - additionalProperties: - $ref: >- - #/components/schemas/Machine_learning_APIs_mlSyncResponseTrainedModels - description: >- - If there are saved objects exist for nonexistent trained models, - they are deleted. - type: object - title: Sync API response for deleted saved objects - type: object - Machine_learning_APIs_mlSyncResponseSuccess: - description: The success or failure of the synchronization. - type: boolean - Machine_learning_APIs_mlSyncResponseTrainedModels: - description: >- - The sync machine learning saved objects API response contains this - object when there are trained models affected by the synchronization. - There is an object for each relevant trained model, which contains the - synchronization status. - properties: - success: - $ref: '#/components/schemas/Machine_learning_APIs_mlSyncResponseSuccess' - title: Sync API response for trained models - type: object - Saved_objects_400_response: - title: Bad request - type: object - properties: - error: - enum: - - Bad Request - type: string - message: - type: string - statusCode: - enum: - - 400 - type: integer - required: - - error - - message - - statusCode - Saved_objects_attributes: - description: > - The data that you want to create. WARNING: When you create saved - objects, attributes are not validated, which allows you to pass - arbitrary and ill-formed data into the API that can break Kibana. Make - sure any data that you send to the API is properly formed. - type: object - Saved_objects_initial_namespaces: - description: > - Identifiers for the spaces in which this object is created. If this is - provided, the object is created only in the explicitly defined spaces. - If this is not provided, the object is created in the current space - (default behavior). For shareable object types (registered with - `namespaceType: 'multiple'`), this option can be used to specify one or - more spaces, including the "All spaces" identifier ('*'). For isolated - object types (registered with `namespaceType: 'single'` or - `namespaceType: 'multiple-isolated'`), this option can only be used to - specify a single space, and the "All spaces" identifier ('*') is not - allowed. For global object types (`registered with `namespaceType: - agnostic`), this option cannot be used. - type: array - Saved_objects_references: - description: > - Objects with `name`, `id`, and `type` properties that describe the other - saved objects that this object references. Use `name` in attributes to - refer to the other saved object, but never the `id`, which can update - automatically during migrations or import and export. - type: array - Security_AI_Assistant_API_AnonymizationFieldCreateProps: - type: object - properties: - allowed: - type: boolean - anonymized: - type: boolean - field: - type: string - required: - - field - Security_AI_Assistant_API_AnonymizationFieldDetailsInError: - type: object - properties: - id: - type: string - name: - type: string - required: - - id - Security_AI_Assistant_API_AnonymizationFieldResponse: - type: object - properties: - allowed: - type: boolean - anonymized: - type: boolean - createdAt: - type: string - createdBy: - type: string - field: - type: string - id: - $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' - namespace: - description: Kibana space - type: string - timestamp: - $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' - updatedAt: - type: string - updatedBy: - type: string - required: - - id - - field - Security_AI_Assistant_API_AnonymizationFieldsBulkActionSkipReason: - enum: - - ANONYMIZATION_FIELD_NOT_MODIFIED - type: string - Security_AI_Assistant_API_AnonymizationFieldsBulkActionSkipResult: - type: object - properties: - id: - type: string - name: - type: string - skip_reason: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldsBulkActionSkipReason - required: - - id - - skip_reason - Security_AI_Assistant_API_AnonymizationFieldsBulkCrudActionResponse: - type: object - properties: - anonymization_fields_count: - type: integer - attributes: - type: object - properties: - errors: - items: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_NormalizedAnonymizationFieldError - type: array - results: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldsBulkCrudActionResults - summary: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_BulkCrudActionSummary - required: - - results - - summary - message: - type: string - status_code: - type: integer - success: - type: boolean - required: - - attributes - Security_AI_Assistant_API_AnonymizationFieldsBulkCrudActionResults: - type: object - properties: - created: - items: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldResponse - type: array - deleted: - items: - type: string - type: array - skipped: - items: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldsBulkActionSkipResult - type: array - updated: - items: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldResponse - type: array - required: - - updated - - created - - deleted - - skipped - Security_AI_Assistant_API_AnonymizationFieldUpdateProps: - type: object - properties: - allowed: - type: boolean - anonymized: - type: boolean - id: - type: string - required: - - id - Security_AI_Assistant_API_ApiConfig: - type: object - properties: - actionTypeId: - description: action type id - type: string - connectorId: - description: connector id - type: string - defaultSystemPromptId: - description: defaultSystemPromptId - type: string - model: - description: model - type: string - provider: - $ref: '#/components/schemas/Security_AI_Assistant_API_Provider' - description: Provider - required: - - connectorId - - actionTypeId - Security_AI_Assistant_API_BulkCrudActionSummary: - type: object - properties: - failed: - type: integer - skipped: - type: integer - succeeded: - type: integer - total: - type: integer - required: - - failed - - skipped - - succeeded - - total - Security_AI_Assistant_API_ChatCompleteProps: - type: object - properties: - connectorId: - type: string - conversationId: - type: string - isStream: - type: boolean - langSmithApiKey: - type: string - langSmithProject: - type: string - messages: - items: - $ref: '#/components/schemas/Security_AI_Assistant_API_ChatMessage' - type: array - model: - type: string - persist: - type: boolean - promptId: - type: string - responseLanguage: - type: string - required: - - messages - - persist - - connectorId - Security_AI_Assistant_API_ChatMessage: - description: AI assistant message. - type: object - properties: - content: - description: Message content. - type: string - data: - $ref: '#/components/schemas/Security_AI_Assistant_API_MessageData' - description: ECS object to attach to the context of the message. - fields_to_anonymize: - items: - type: string - type: array - role: - $ref: '#/components/schemas/Security_AI_Assistant_API_ChatMessageRole' - description: Message role. - required: - - role - Security_AI_Assistant_API_ChatMessageRole: - description: Message role. - enum: - - system - - user - - assistant - type: string - Security_AI_Assistant_API_ConversationCategory: - description: The conversation category. - enum: - - assistant - - insights - type: string - Security_AI_Assistant_API_ConversationConfidence: - description: The conversation confidence. - enum: - - low - - medium - - high - type: string - Security_AI_Assistant_API_ConversationCreateProps: - type: object - properties: - apiConfig: - $ref: '#/components/schemas/Security_AI_Assistant_API_ApiConfig' - description: LLM API configuration. - category: - $ref: '#/components/schemas/Security_AI_Assistant_API_ConversationCategory' - description: The conversation category. - excludeFromLastConversationStorage: - description: excludeFromLastConversationStorage. - type: boolean - id: - description: The conversation id. - type: string - isDefault: - description: Is default conversation. - type: boolean - messages: - description: The conversation messages. - items: - $ref: '#/components/schemas/Security_AI_Assistant_API_Message' - type: array - replacements: - $ref: '#/components/schemas/Security_AI_Assistant_API_Replacements' - title: - description: The conversation title. - type: string - required: - - title - Security_AI_Assistant_API_ConversationResponse: - type: object - properties: - apiConfig: - $ref: '#/components/schemas/Security_AI_Assistant_API_ApiConfig' - description: LLM API configuration. - category: - $ref: '#/components/schemas/Security_AI_Assistant_API_ConversationCategory' - description: The conversation category. - createdAt: - description: The last time conversation was updated. - type: string - excludeFromLastConversationStorage: - description: excludeFromLastConversationStorage. - type: boolean - id: - $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' - isDefault: - description: Is default conversation. - type: boolean - messages: - description: The conversation messages. - items: - $ref: '#/components/schemas/Security_AI_Assistant_API_Message' - type: array - namespace: - description: Kibana space - type: string - replacements: - $ref: '#/components/schemas/Security_AI_Assistant_API_Replacements' - summary: - $ref: '#/components/schemas/Security_AI_Assistant_API_ConversationSummary' - timestamp: - $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' - title: - description: The conversation title. - type: string - updatedAt: - description: The last time conversation was updated. - type: string - users: - items: - $ref: '#/components/schemas/Security_AI_Assistant_API_User' - type: array - required: - - id - - title - - createdAt - - users - - namespace - - category - Security_AI_Assistant_API_ConversationSummary: - type: object - properties: - confidence: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_ConversationConfidence - description: >- - How confident you are about this being a correct and useful - learning. - content: - description: Summary text of the conversation over time. - type: string - public: - description: Define if summary is marked as publicly available. - type: boolean - timestamp: - $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' - description: The timestamp summary was updated. - Security_AI_Assistant_API_ConversationUpdateProps: - type: object - properties: - apiConfig: - $ref: '#/components/schemas/Security_AI_Assistant_API_ApiConfig' - description: LLM API configuration. - category: - $ref: '#/components/schemas/Security_AI_Assistant_API_ConversationCategory' - description: The conversation category. - excludeFromLastConversationStorage: - description: excludeFromLastConversationStorage. - type: boolean - id: - $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' - messages: - description: The conversation messages. - items: - $ref: '#/components/schemas/Security_AI_Assistant_API_Message' - type: array - replacements: - $ref: '#/components/schemas/Security_AI_Assistant_API_Replacements' - summary: - $ref: '#/components/schemas/Security_AI_Assistant_API_ConversationSummary' - title: - description: The conversation title. - type: string - required: - - id - Security_AI_Assistant_API_FindAnonymizationFieldsSortField: - enum: - - created_at - - anonymized - - allowed - - field - - updated_at - type: string - Security_AI_Assistant_API_FindConversationsSortField: - enum: - - created_at - - is_default - - title - - updated_at - type: string - Security_AI_Assistant_API_FindPromptsSortField: - enum: - - created_at - - is_default - - name - - updated_at - type: string - Security_AI_Assistant_API_Message: - description: AI assistant conversation message. - type: object - properties: - content: - description: Message content. - type: string - isError: - description: Is error message. - type: boolean - reader: - $ref: '#/components/schemas/Security_AI_Assistant_API_Reader' - description: Message content. - role: - $ref: '#/components/schemas/Security_AI_Assistant_API_MessageRole' - description: Message role. - timestamp: - $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' - description: The timestamp message was sent or received. - traceData: - $ref: '#/components/schemas/Security_AI_Assistant_API_TraceData' - description: trace Data - required: - - timestamp - - content - - role - Security_AI_Assistant_API_MessageData: - additionalProperties: true - type: object - Security_AI_Assistant_API_MessageRole: - description: Message role. - enum: - - system - - user - - assistant - type: string - Security_AI_Assistant_API_NonEmptyString: - description: A string that is not empty and does not contain only whitespace - minLength: 1 - pattern: ^(?! *$).+$ - type: string - Security_AI_Assistant_API_NormalizedAnonymizationFieldError: - type: object - properties: - anonymization_fields: - items: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_AnonymizationFieldDetailsInError - type: array - err_code: - type: string - message: - type: string - status_code: - type: integer - required: - - message - - status_code - - anonymization_fields - Security_AI_Assistant_API_NormalizedPromptError: - type: object - properties: - err_code: - type: string - message: - type: string - prompts: - items: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_PromptDetailsInError - type: array - status_code: - type: integer - required: - - message - - status_code - - prompts - Security_AI_Assistant_API_PromptCreateProps: - type: object - properties: - categories: - items: - type: string - type: array - color: - type: string - consumer: - type: string - content: - type: string - isDefault: - type: boolean - isNewConversationDefault: - type: boolean - name: - type: string - promptType: - $ref: '#/components/schemas/Security_AI_Assistant_API_PromptType' - required: - - name - - content - - promptType - Security_AI_Assistant_API_PromptDetailsInError: - type: object - properties: - id: - type: string - name: - type: string - required: - - id - Security_AI_Assistant_API_PromptResponse: - type: object - properties: - categories: - items: - type: string - type: array - color: - type: string - consumer: - type: string - content: - type: string - createdAt: - type: string - createdBy: - type: string - id: - $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' - isDefault: - type: boolean - isNewConversationDefault: - type: boolean - name: - type: string - namespace: - description: Kibana space - type: string - promptType: - $ref: '#/components/schemas/Security_AI_Assistant_API_PromptType' - timestamp: - $ref: '#/components/schemas/Security_AI_Assistant_API_NonEmptyString' - updatedAt: - type: string - updatedBy: - type: string - users: - items: - $ref: '#/components/schemas/Security_AI_Assistant_API_User' - type: array - required: - - id - - name - - promptType - - content - Security_AI_Assistant_API_PromptsBulkActionSkipReason: - enum: - - PROMPT_FIELD_NOT_MODIFIED - type: string - Security_AI_Assistant_API_PromptsBulkActionSkipResult: - type: object - properties: - id: - type: string - name: - type: string - skip_reason: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_PromptsBulkActionSkipReason - required: - - id - - skip_reason - Security_AI_Assistant_API_PromptsBulkCrudActionResponse: - type: object - properties: - attributes: - type: object - properties: - errors: - items: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_NormalizedPromptError - type: array - results: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_PromptsBulkCrudActionResults - summary: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_BulkCrudActionSummary - required: - - results - - summary - message: - type: string - prompts_count: - type: integer - status_code: - type: integer - success: - type: boolean - required: - - attributes - Security_AI_Assistant_API_PromptsBulkCrudActionResults: - type: object - properties: - created: - items: - $ref: '#/components/schemas/Security_AI_Assistant_API_PromptResponse' - type: array - deleted: - items: - type: string - type: array - skipped: - items: - $ref: >- - #/components/schemas/Security_AI_Assistant_API_PromptsBulkActionSkipResult - type: array - updated: - items: - $ref: '#/components/schemas/Security_AI_Assistant_API_PromptResponse' - type: array - required: - - updated - - created - - deleted - - skipped - Security_AI_Assistant_API_PromptType: - description: Prompt type - enum: - - system - - quick - type: string - Security_AI_Assistant_API_PromptUpdateProps: - type: object - properties: - categories: - items: - type: string - type: array - color: - type: string - consumer: - type: string - content: - type: string - id: - type: string - isDefault: - type: boolean - isNewConversationDefault: - type: boolean - required: - - id - Security_AI_Assistant_API_Provider: - description: Provider - enum: - - OpenAI - - Azure OpenAI - - Other - type: string - Security_AI_Assistant_API_Reader: - additionalProperties: true - type: object - Security_AI_Assistant_API_Replacements: - additionalProperties: - type: string - description: Replacements object used to anonymize/deanomymize messsages - type: object - Security_AI_Assistant_API_SortOrder: - enum: - - asc - - desc - type: string - Security_AI_Assistant_API_TraceData: - description: trace Data - type: object - properties: - traceId: - description: Could be any string, not necessarily a UUID - type: string - transactionId: - description: Could be any string, not necessarily a UUID - type: string - Security_AI_Assistant_API_User: - description: Could be any string, not necessarily a UUID - type: object - properties: - id: - description: User id - type: string - name: - description: User name - type: string - Security_Detections_API_AlertAssignees: - type: object - properties: - add: - description: A list of users ids to assign. - items: - $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' - type: array - remove: - description: A list of users ids to unassign. - items: - $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' - type: array - required: - - add - - remove - Security_Detections_API_AlertIds: - description: A list of alerts ids. - items: - $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' - minItems: 1 - type: array - Security_Detections_API_AlertsIndex: - deprecated: true - description: (deprecated) Has no effect. - type: string - Security_Detections_API_AlertsIndexMigrationError: - type: object - properties: - error: - type: object - properties: - message: - type: string - status_code: - type: string - required: - - message - - status_code - index: - type: string - required: - - index - - error - Security_Detections_API_AlertsIndexMigrationSuccess: - type: object - properties: - index: - type: string - migration_id: - type: string - migration_index: - type: string - required: - - index - - migration_id - - migration_index - Security_Detections_API_AlertsIndexNamespace: - description: Has no effect. - type: string - Security_Detections_API_AlertsReindexOptions: - type: object - properties: - requests_per_second: - minimum: 1 - type: integer - size: - minimum: 1 - type: integer - slices: - minimum: 1 - type: integer - Security_Detections_API_AlertsSort: - oneOf: - - $ref: '#/components/schemas/Security_Detections_API_AlertsSortCombinations' - - items: - $ref: >- - #/components/schemas/Security_Detections_API_AlertsSortCombinations - type: array - Security_Detections_API_AlertsSortCombinations: - anyOf: - - type: string - - additionalProperties: true - type: object - Security_Detections_API_AlertStatus: - enum: - - open - - closed - - acknowledged - - in-progress - type: string - Security_Detections_API_AlertSuppression: - type: object - properties: - duration: - $ref: >- - #/components/schemas/Security_Detections_API_AlertSuppressionDuration - group_by: - $ref: '#/components/schemas/Security_Detections_API_AlertSuppressionGroupBy' - missing_fields_strategy: - $ref: >- - #/components/schemas/Security_Detections_API_AlertSuppressionMissingFieldsStrategy - required: - - group_by - Security_Detections_API_AlertSuppressionDuration: - type: object - properties: - unit: - enum: - - s - - m - - h - type: string - value: - minimum: 1 - type: integer - required: - - value - - unit - Security_Detections_API_AlertSuppressionGroupBy: - items: - type: string - maxItems: 3 - minItems: 1 - type: array - Security_Detections_API_AlertSuppressionMissingFieldsStrategy: - description: >- - Describes how alerts will be generated for documents with missing - suppress by fields: - - doNotSuppress - per each document a separate alert will be created - - suppress - only alert will be created per suppress by bucket - enum: - - doNotSuppress - - suppress - type: string - Security_Detections_API_AlertTag: - $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' - Security_Detections_API_AlertTags: - items: - $ref: '#/components/schemas/Security_Detections_API_AlertTag' - type: array - Security_Detections_API_AlertVersion: - type: object - properties: - count: - type: integer - version: - type: integer - required: - - version - - count - Security_Detections_API_AnomalyThreshold: - description: Anomaly threshold - minimum: 0 - type: integer - Security_Detections_API_BuildingBlockType: - description: >- - Determines if the rule acts as a building block. By default, - building-block alerts are not displayed in the UI. These rules are used - as a foundation for other rules that do generate alerts. Its value must - be default. - type: string - Security_Detections_API_BulkActionEditPayload: - anyOf: - - $ref: >- - #/components/schemas/Security_Detections_API_BulkActionEditPayloadTags - - $ref: >- - #/components/schemas/Security_Detections_API_BulkActionEditPayloadIndexPatterns - - $ref: >- - #/components/schemas/Security_Detections_API_BulkActionEditPayloadInvestigationFields - - $ref: >- - #/components/schemas/Security_Detections_API_BulkActionEditPayloadTimeline - - $ref: >- - #/components/schemas/Security_Detections_API_BulkActionEditPayloadRuleActions - - $ref: >- - #/components/schemas/Security_Detections_API_BulkActionEditPayloadSchedule - Security_Detections_API_BulkActionEditPayloadIndexPatterns: - type: object - properties: - overwrite_data_views: - type: boolean - type: - enum: - - add_index_patterns - - delete_index_patterns - - set_index_patterns - type: string - value: - $ref: '#/components/schemas/Security_Detections_API_IndexPatternArray' - required: - - type - - value - Security_Detections_API_BulkActionEditPayloadInvestigationFields: - type: object - properties: - type: - enum: - - add_investigation_fields - - delete_investigation_fields - - set_investigation_fields - type: string - value: - $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' - required: - - type - - value - Security_Detections_API_BulkActionEditPayloadRuleActions: - type: object - properties: - type: - enum: - - add_rule_actions - - set_rule_actions - type: string - value: - type: object - properties: - actions: - items: - $ref: >- - #/components/schemas/Security_Detections_API_NormalizedRuleAction - type: array - throttle: - $ref: >- - #/components/schemas/Security_Detections_API_ThrottleForBulkActions - required: - - actions - required: - - type - - value - Security_Detections_API_BulkActionEditPayloadSchedule: - type: object - properties: - type: - enum: - - set_schedule - type: string - value: - type: object - properties: - interval: - description: >- - Interval in which the rule runs. For example, `"1h"` means the - rule runs every hour. - example: 1h - pattern: ^[1-9]\d*[smh]$ - type: string - lookback: - description: Lookback time for the rule - example: 1h - pattern: ^[1-9]\d*[smh]$ - type: string - required: - - interval - - lookback - required: - - type - - value - Security_Detections_API_BulkActionEditPayloadTags: - type: object - properties: - type: - enum: - - add_tags - - delete_tags - - set_tags - type: string - value: - $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' - required: - - type - - value - Security_Detections_API_BulkActionEditPayloadTimeline: - type: object - properties: - type: - enum: - - set_timeline - type: string - value: - type: object - properties: - timeline_id: - $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' - timeline_title: - $ref: >- - #/components/schemas/Security_Detections_API_TimelineTemplateTitle - required: - - timeline_id - - timeline_title - required: - - type - - value - Security_Detections_API_BulkActionsDryRunErrCode: - enum: - - IMMUTABLE - - MACHINE_LEARNING_AUTH - - MACHINE_LEARNING_INDEX_PATTERN - - ESQL_INDEX_PATTERN - - MANUAL_RULE_RUN_FEATURE - - MANUAL_RULE_RUN_DISABLED_RULE - type: string - Security_Detections_API_BulkActionSkipResult: - type: object - properties: - id: - type: string - name: - type: string - skip_reason: - $ref: '#/components/schemas/Security_Detections_API_BulkEditSkipReason' - required: - - id - - skip_reason - Security_Detections_API_BulkCrudRulesResponse: - items: - oneOf: - - $ref: '#/components/schemas/Security_Detections_API_RuleResponse' - - $ref: '#/components/schemas/Security_Detections_API_ErrorSchema' - type: array - Security_Detections_API_BulkDeleteRules: - type: object - properties: - action: - enum: - - delete - type: string - ids: - description: Array of rule IDs - items: - type: string - minItems: 1 - type: array - query: - description: Query to filter rules - type: string - required: - - action - Security_Detections_API_BulkDisableRules: - type: object - properties: - action: - enum: - - disable - type: string - ids: - description: Array of rule IDs - items: - type: string - minItems: 1 - type: array - query: - description: Query to filter rules - type: string - required: - - action - Security_Detections_API_BulkDuplicateRules: - type: object - properties: - action: - enum: - - duplicate - type: string - duplicate: - type: object - properties: - include_exceptions: - description: Whether to copy exceptions from the original rule - type: boolean - include_expired_exceptions: - description: Whether to copy expired exceptions from the original rule - type: boolean - required: - - include_exceptions - - include_expired_exceptions - ids: - description: Array of rule IDs - items: - type: string - minItems: 1 - type: array - query: - description: Query to filter rules - type: string - required: - - action - Security_Detections_API_BulkEditActionResponse: - type: object - properties: - attributes: - type: object - properties: - errors: - items: - $ref: >- - #/components/schemas/Security_Detections_API_NormalizedRuleError - type: array - results: - $ref: >- - #/components/schemas/Security_Detections_API_BulkEditActionResults - summary: - $ref: >- - #/components/schemas/Security_Detections_API_BulkEditActionSummary - required: - - results - - summary - message: - type: string - rules_count: - type: integer - status_code: - type: integer - success: - type: boolean - required: - - attributes - Security_Detections_API_BulkEditActionResults: - type: object - properties: - created: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleResponse' - type: array - deleted: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleResponse' - type: array - skipped: - items: - $ref: '#/components/schemas/Security_Detections_API_BulkActionSkipResult' - type: array - updated: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleResponse' - type: array - required: - - updated - - created - - deleted - - skipped - Security_Detections_API_BulkEditActionSummary: - type: object - properties: - failed: - type: integer - skipped: - type: integer - succeeded: - type: integer - total: - type: integer - required: - - failed - - skipped - - succeeded - - total - Security_Detections_API_BulkEditRules: - type: object - properties: - action: - enum: - - edit - type: string - edit: - description: Array of objects containing the edit operations - items: - $ref: '#/components/schemas/Security_Detections_API_BulkActionEditPayload' - minItems: 1 - type: array - ids: - description: Array of rule IDs - items: - type: string - minItems: 1 - type: array - query: - description: Query to filter rules - type: string - required: - - action - - edit - Security_Detections_API_BulkEditSkipReason: - enum: - - RULE_NOT_MODIFIED - type: string - Security_Detections_API_BulkEnableRules: - type: object - properties: - action: - enum: - - enable - type: string - ids: - description: Array of rule IDs - items: - type: string - minItems: 1 - type: array - query: - description: Query to filter rules - type: string - required: - - action - Security_Detections_API_BulkExportActionResponse: - type: string - Security_Detections_API_BulkExportRules: - type: object - properties: - action: - enum: - - export - type: string - ids: - description: Array of rule IDs - items: - type: string - minItems: 1 - type: array - query: - description: Query to filter rules - type: string - required: - - action - Security_Detections_API_BulkManualRuleRun: - type: object - properties: - action: - enum: - - run - type: string - ids: - description: Array of rule IDs - items: - type: string - minItems: 1 - type: array - query: - description: Query to filter rules - type: string - run: - type: object - properties: - end_date: - description: End date of the manual rule run - type: string - start_date: - description: Start date of the manual rule run - type: string - required: - - start_date - required: - - action - - run - Security_Detections_API_ConcurrentSearches: - minimum: 1 - type: integer - Security_Detections_API_DataViewId: - type: string - Security_Detections_API_DefaultParams: - type: object - properties: - command: - enum: - - isolate - type: string - comment: - type: string - required: - - command - Security_Detections_API_EcsMapping: - additionalProperties: - type: object - properties: - field: - type: string - value: - oneOf: - - type: string - - items: - type: string - type: array - type: object - Security_Detections_API_EndpointResponseAction: - type: object - properties: - action_type_id: - enum: - - .endpoint - type: string - params: - oneOf: - - $ref: '#/components/schemas/Security_Detections_API_DefaultParams' - - $ref: '#/components/schemas/Security_Detections_API_ProcessesParams' - required: - - action_type_id - - params - Security_Detections_API_EqlOptionalFields: - type: object - properties: - alert_suppression: - $ref: '#/components/schemas/Security_Detections_API_AlertSuppression' - data_view_id: - $ref: '#/components/schemas/Security_Detections_API_DataViewId' - event_category_override: - $ref: '#/components/schemas/Security_Detections_API_EventCategoryOverride' - filters: - $ref: '#/components/schemas/Security_Detections_API_RuleFilterArray' - index: - $ref: '#/components/schemas/Security_Detections_API_IndexPatternArray' - tiebreaker_field: - $ref: '#/components/schemas/Security_Detections_API_TiebreakerField' - timestamp_field: - $ref: '#/components/schemas/Security_Detections_API_TimestampField' - Security_Detections_API_EqlQueryLanguage: - enum: - - eql - type: string - Security_Detections_API_EqlRequiredFields: - type: object - properties: - language: - $ref: '#/components/schemas/Security_Detections_API_EqlQueryLanguage' - description: Query language to use - query: - $ref: '#/components/schemas/Security_Detections_API_RuleQuery' - description: EQL query to execute - type: - description: Rule type - enum: - - eql - type: string - required: - - type - - query - - language - Security_Detections_API_EqlRule: - allOf: - - type: object - properties: - actions: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleAction' - type: array - alias_purpose: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose - alias_target_id: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId - author: - $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' - building_block_type: - $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' - description: - $ref: '#/components/schemas/Security_Detections_API_RuleDescription' - enabled: - $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' - exceptions_list: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' - type: array - false_positives: - $ref: >- - #/components/schemas/Security_Detections_API_RuleFalsePositiveArray - from: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' - interval: - $ref: '#/components/schemas/Security_Detections_API_RuleInterval' - investigation_fields: - $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' - license: - $ref: '#/components/schemas/Security_Detections_API_RuleLicense' - max_signals: - $ref: '#/components/schemas/Security_Detections_API_MaxSignals' - meta: - $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' - name: - $ref: '#/components/schemas/Security_Detections_API_RuleName' - namespace: - $ref: >- - #/components/schemas/Security_Detections_API_AlertsIndexNamespace - note: - $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' - outcome: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome - output_index: - $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' - references: - $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' - related_integrations: - $ref: >- - #/components/schemas/Security_Detections_API_RelatedIntegrationArray - required_fields: - items: - $ref: >- - #/components/schemas/Security_Detections_API_RequiredFieldInput - type: array - response_actions: - items: - $ref: '#/components/schemas/Security_Detections_API_ResponseAction' - type: array - risk_score: - $ref: '#/components/schemas/Security_Detections_API_RiskScore' - risk_score_mapping: - $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' - rule_name_override: - $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' - setup: - $ref: '#/components/schemas/Security_Detections_API_SetupGuide' - severity: - $ref: '#/components/schemas/Security_Detections_API_Severity' - severity_mapping: - $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' - tags: - $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' - threat: - $ref: '#/components/schemas/Security_Detections_API_ThreatArray' - throttle: - $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' - timeline_id: - $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' - timeline_title: - $ref: >- - #/components/schemas/Security_Detections_API_TimelineTemplateTitle - timestamp_override: - $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' - timestamp_override_fallback_disabled: - $ref: >- - #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled - to: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' - version: - $ref: '#/components/schemas/Security_Detections_API_RuleVersion' - required: - - name - - description - - risk_score - - severity - - version - - tags - - enabled - - risk_score_mapping - - severity_mapping - - interval - - from - - to - - actions - - exceptions_list - - author - - false_positives - - references - - max_signals - - threat - - setup - - related_integrations - - required_fields - - $ref: '#/components/schemas/Security_Detections_API_ResponseFields' - - $ref: '#/components/schemas/Security_Detections_API_EqlRuleResponseFields' - Security_Detections_API_EqlRuleCreateFields: - allOf: - - $ref: '#/components/schemas/Security_Detections_API_EqlRequiredFields' - - $ref: '#/components/schemas/Security_Detections_API_EqlOptionalFields' - Security_Detections_API_EqlRuleCreateProps: - allOf: - - type: object - properties: - actions: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleAction' - type: array - alias_purpose: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose - alias_target_id: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId - author: - $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' - building_block_type: - $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' - description: - $ref: '#/components/schemas/Security_Detections_API_RuleDescription' - enabled: - $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' - exceptions_list: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' - type: array - false_positives: - $ref: >- - #/components/schemas/Security_Detections_API_RuleFalsePositiveArray - from: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' - interval: - $ref: '#/components/schemas/Security_Detections_API_RuleInterval' - investigation_fields: - $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' - license: - $ref: '#/components/schemas/Security_Detections_API_RuleLicense' - max_signals: - $ref: '#/components/schemas/Security_Detections_API_MaxSignals' - meta: - $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' - name: - $ref: '#/components/schemas/Security_Detections_API_RuleName' - namespace: - $ref: >- - #/components/schemas/Security_Detections_API_AlertsIndexNamespace - note: - $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' - outcome: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome - output_index: - $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' - references: - $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' - related_integrations: - $ref: >- - #/components/schemas/Security_Detections_API_RelatedIntegrationArray - required_fields: - items: - $ref: >- - #/components/schemas/Security_Detections_API_RequiredFieldInput - type: array - response_actions: - items: - $ref: '#/components/schemas/Security_Detections_API_ResponseAction' - type: array - risk_score: - $ref: '#/components/schemas/Security_Detections_API_RiskScore' - risk_score_mapping: - $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' - rule_id: - $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' - rule_name_override: - $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' - setup: - $ref: '#/components/schemas/Security_Detections_API_SetupGuide' - severity: - $ref: '#/components/schemas/Security_Detections_API_Severity' - severity_mapping: - $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' - tags: - $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' - threat: - $ref: '#/components/schemas/Security_Detections_API_ThreatArray' - throttle: - $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' - timeline_id: - $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' - timeline_title: - $ref: >- - #/components/schemas/Security_Detections_API_TimelineTemplateTitle - timestamp_override: - $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' - timestamp_override_fallback_disabled: - $ref: >- - #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled - to: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' - version: - $ref: '#/components/schemas/Security_Detections_API_RuleVersion' - required: - - name - - description - - risk_score - - severity - - $ref: '#/components/schemas/Security_Detections_API_EqlRuleCreateFields' - Security_Detections_API_EqlRulePatchFields: - allOf: - - type: object - properties: - language: - $ref: '#/components/schemas/Security_Detections_API_EqlQueryLanguage' - description: Query language to use - query: - $ref: '#/components/schemas/Security_Detections_API_RuleQuery' - description: EQL query to execute - type: - description: Rule type - enum: - - eql - type: string - - $ref: '#/components/schemas/Security_Detections_API_EqlOptionalFields' - Security_Detections_API_EqlRulePatchProps: - allOf: - - type: object - properties: - actions: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleAction' - type: array - alias_purpose: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose - alias_target_id: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId - author: - $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' - building_block_type: - $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' - description: - $ref: '#/components/schemas/Security_Detections_API_RuleDescription' - enabled: - $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' - exceptions_list: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' - type: array - false_positives: - $ref: >- - #/components/schemas/Security_Detections_API_RuleFalsePositiveArray - from: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' - id: - $ref: '#/components/schemas/Security_Detections_API_RuleObjectId' - interval: - $ref: '#/components/schemas/Security_Detections_API_RuleInterval' - investigation_fields: - $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' - license: - $ref: '#/components/schemas/Security_Detections_API_RuleLicense' - max_signals: - $ref: '#/components/schemas/Security_Detections_API_MaxSignals' - meta: - $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' - name: - $ref: '#/components/schemas/Security_Detections_API_RuleName' - namespace: - $ref: >- - #/components/schemas/Security_Detections_API_AlertsIndexNamespace - note: - $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' - outcome: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome - output_index: - $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' - references: - $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' - related_integrations: - $ref: >- - #/components/schemas/Security_Detections_API_RelatedIntegrationArray - required_fields: - items: - $ref: >- - #/components/schemas/Security_Detections_API_RequiredFieldInput - type: array - response_actions: - items: - $ref: '#/components/schemas/Security_Detections_API_ResponseAction' - type: array - risk_score: - $ref: '#/components/schemas/Security_Detections_API_RiskScore' - risk_score_mapping: - $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' - rule_id: - $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' - rule_name_override: - $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' - setup: - $ref: '#/components/schemas/Security_Detections_API_SetupGuide' - severity: - $ref: '#/components/schemas/Security_Detections_API_Severity' - severity_mapping: - $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' - tags: - $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' - threat: - $ref: '#/components/schemas/Security_Detections_API_ThreatArray' - throttle: - $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' - timeline_id: - $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' - timeline_title: - $ref: >- - #/components/schemas/Security_Detections_API_TimelineTemplateTitle - timestamp_override: - $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' - timestamp_override_fallback_disabled: - $ref: >- - #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled - to: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' - version: - $ref: '#/components/schemas/Security_Detections_API_RuleVersion' - - $ref: '#/components/schemas/Security_Detections_API_EqlRulePatchFields' - Security_Detections_API_EqlRuleResponseFields: - allOf: - - $ref: '#/components/schemas/Security_Detections_API_EqlRequiredFields' - - $ref: '#/components/schemas/Security_Detections_API_EqlOptionalFields' - Security_Detections_API_EqlRuleUpdateProps: - allOf: - - type: object - properties: - actions: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleAction' - type: array - alias_purpose: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose - alias_target_id: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId - author: - $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' - building_block_type: - $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' - description: - $ref: '#/components/schemas/Security_Detections_API_RuleDescription' - enabled: - $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' - exceptions_list: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' - type: array - false_positives: - $ref: >- - #/components/schemas/Security_Detections_API_RuleFalsePositiveArray - from: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' - id: - $ref: '#/components/schemas/Security_Detections_API_RuleObjectId' - interval: - $ref: '#/components/schemas/Security_Detections_API_RuleInterval' - investigation_fields: - $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' - license: - $ref: '#/components/schemas/Security_Detections_API_RuleLicense' - max_signals: - $ref: '#/components/schemas/Security_Detections_API_MaxSignals' - meta: - $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' - name: - $ref: '#/components/schemas/Security_Detections_API_RuleName' - namespace: - $ref: >- - #/components/schemas/Security_Detections_API_AlertsIndexNamespace - note: - $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' - outcome: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome - output_index: - $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' - references: - $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' - related_integrations: - $ref: >- - #/components/schemas/Security_Detections_API_RelatedIntegrationArray - required_fields: - items: - $ref: >- - #/components/schemas/Security_Detections_API_RequiredFieldInput - type: array - response_actions: - items: - $ref: '#/components/schemas/Security_Detections_API_ResponseAction' - type: array - risk_score: - $ref: '#/components/schemas/Security_Detections_API_RiskScore' - risk_score_mapping: - $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' - rule_id: - $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' - rule_name_override: - $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' - setup: - $ref: '#/components/schemas/Security_Detections_API_SetupGuide' - severity: - $ref: '#/components/schemas/Security_Detections_API_Severity' - severity_mapping: - $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' - tags: - $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' - threat: - $ref: '#/components/schemas/Security_Detections_API_ThreatArray' - throttle: - $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' - timeline_id: - $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' - timeline_title: - $ref: >- - #/components/schemas/Security_Detections_API_TimelineTemplateTitle - timestamp_override: - $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' - timestamp_override_fallback_disabled: - $ref: >- - #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled - to: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' - version: - $ref: '#/components/schemas/Security_Detections_API_RuleVersion' - required: - - name - - description - - risk_score - - severity - - $ref: '#/components/schemas/Security_Detections_API_EqlRuleCreateFields' - Security_Detections_API_ErrorSchema: - additionalProperties: false - type: object - properties: - error: - type: object - properties: - message: - type: string - status_code: - minimum: 400 - type: integer - required: - - status_code - - message - id: - type: string - item_id: - minLength: 1 - type: string - list_id: - minLength: 1 - type: string - rule_id: - $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' - required: - - error - Security_Detections_API_EsqlQueryLanguage: - enum: - - esql - type: string - Security_Detections_API_EsqlRule: - allOf: - - type: object - properties: - actions: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleAction' - type: array - alias_purpose: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose - alias_target_id: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId - author: - $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' - building_block_type: - $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' - description: - $ref: '#/components/schemas/Security_Detections_API_RuleDescription' - enabled: - $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' - exceptions_list: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' - type: array - false_positives: - $ref: >- - #/components/schemas/Security_Detections_API_RuleFalsePositiveArray - from: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' - interval: - $ref: '#/components/schemas/Security_Detections_API_RuleInterval' - investigation_fields: - $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' - license: - $ref: '#/components/schemas/Security_Detections_API_RuleLicense' - max_signals: - $ref: '#/components/schemas/Security_Detections_API_MaxSignals' - meta: - $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' - name: - $ref: '#/components/schemas/Security_Detections_API_RuleName' - namespace: - $ref: >- - #/components/schemas/Security_Detections_API_AlertsIndexNamespace - note: - $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' - outcome: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome - output_index: - $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' - references: - $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' - related_integrations: - $ref: >- - #/components/schemas/Security_Detections_API_RelatedIntegrationArray - required_fields: - items: - $ref: >- - #/components/schemas/Security_Detections_API_RequiredFieldInput - type: array - response_actions: - items: - $ref: '#/components/schemas/Security_Detections_API_ResponseAction' - type: array - risk_score: - $ref: '#/components/schemas/Security_Detections_API_RiskScore' - risk_score_mapping: - $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' - rule_name_override: - $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' - setup: - $ref: '#/components/schemas/Security_Detections_API_SetupGuide' - severity: - $ref: '#/components/schemas/Security_Detections_API_Severity' - severity_mapping: - $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' - tags: - $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' - threat: - $ref: '#/components/schemas/Security_Detections_API_ThreatArray' - throttle: - $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' - timeline_id: - $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' - timeline_title: - $ref: >- - #/components/schemas/Security_Detections_API_TimelineTemplateTitle - timestamp_override: - $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' - timestamp_override_fallback_disabled: - $ref: >- - #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled - to: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' - version: - $ref: '#/components/schemas/Security_Detections_API_RuleVersion' - required: - - name - - description - - risk_score - - severity - - version - - tags - - enabled - - risk_score_mapping - - severity_mapping - - interval - - from - - to - - actions - - exceptions_list - - author - - false_positives - - references - - max_signals - - threat - - setup - - related_integrations - - required_fields - - $ref: '#/components/schemas/Security_Detections_API_ResponseFields' - - $ref: '#/components/schemas/Security_Detections_API_EsqlRuleResponseFields' - Security_Detections_API_EsqlRuleCreateFields: - allOf: - - $ref: '#/components/schemas/Security_Detections_API_EsqlRuleOptionalFields' - - $ref: '#/components/schemas/Security_Detections_API_EsqlRuleRequiredFields' - Security_Detections_API_EsqlRuleCreateProps: - allOf: - - type: object - properties: - actions: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleAction' - type: array - alias_purpose: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose - alias_target_id: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId - author: - $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' - building_block_type: - $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' - description: - $ref: '#/components/schemas/Security_Detections_API_RuleDescription' - enabled: - $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' - exceptions_list: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' - type: array - false_positives: - $ref: >- - #/components/schemas/Security_Detections_API_RuleFalsePositiveArray - from: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' - interval: - $ref: '#/components/schemas/Security_Detections_API_RuleInterval' - investigation_fields: - $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' - license: - $ref: '#/components/schemas/Security_Detections_API_RuleLicense' - max_signals: - $ref: '#/components/schemas/Security_Detections_API_MaxSignals' - meta: - $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' - name: - $ref: '#/components/schemas/Security_Detections_API_RuleName' - namespace: - $ref: >- - #/components/schemas/Security_Detections_API_AlertsIndexNamespace - note: - $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' - outcome: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome - output_index: - $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' - references: - $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' - related_integrations: - $ref: >- - #/components/schemas/Security_Detections_API_RelatedIntegrationArray - required_fields: - items: - $ref: >- - #/components/schemas/Security_Detections_API_RequiredFieldInput - type: array - response_actions: - items: - $ref: '#/components/schemas/Security_Detections_API_ResponseAction' - type: array - risk_score: - $ref: '#/components/schemas/Security_Detections_API_RiskScore' - risk_score_mapping: - $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' - rule_id: - $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' - rule_name_override: - $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' - setup: - $ref: '#/components/schemas/Security_Detections_API_SetupGuide' - severity: - $ref: '#/components/schemas/Security_Detections_API_Severity' - severity_mapping: - $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' - tags: - $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' - threat: - $ref: '#/components/schemas/Security_Detections_API_ThreatArray' - throttle: - $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' - timeline_id: - $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' - timeline_title: - $ref: >- - #/components/schemas/Security_Detections_API_TimelineTemplateTitle - timestamp_override: - $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' - timestamp_override_fallback_disabled: - $ref: >- - #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled - to: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' - version: - $ref: '#/components/schemas/Security_Detections_API_RuleVersion' - required: - - name - - description - - risk_score - - severity - - $ref: '#/components/schemas/Security_Detections_API_EsqlRuleCreateFields' - Security_Detections_API_EsqlRuleOptionalFields: - type: object - properties: - alert_suppression: - $ref: '#/components/schemas/Security_Detections_API_AlertSuppression' - Security_Detections_API_EsqlRulePatchProps: - allOf: - - type: object - properties: - actions: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleAction' - type: array - alias_purpose: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose - alias_target_id: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId - author: - $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' - building_block_type: - $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' - description: - $ref: '#/components/schemas/Security_Detections_API_RuleDescription' - enabled: - $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' - exceptions_list: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' - type: array - false_positives: - $ref: >- - #/components/schemas/Security_Detections_API_RuleFalsePositiveArray - from: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' - id: - $ref: '#/components/schemas/Security_Detections_API_RuleObjectId' - interval: - $ref: '#/components/schemas/Security_Detections_API_RuleInterval' - investigation_fields: - $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' - language: - $ref: '#/components/schemas/Security_Detections_API_EsqlQueryLanguage' - license: - $ref: '#/components/schemas/Security_Detections_API_RuleLicense' - max_signals: - $ref: '#/components/schemas/Security_Detections_API_MaxSignals' - meta: - $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' - name: - $ref: '#/components/schemas/Security_Detections_API_RuleName' - namespace: - $ref: >- - #/components/schemas/Security_Detections_API_AlertsIndexNamespace - note: - $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' - outcome: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome - output_index: - $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' - query: - $ref: '#/components/schemas/Security_Detections_API_RuleQuery' - description: ESQL query to execute - references: - $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' - related_integrations: - $ref: >- - #/components/schemas/Security_Detections_API_RelatedIntegrationArray - required_fields: - items: - $ref: >- - #/components/schemas/Security_Detections_API_RequiredFieldInput - type: array - response_actions: - items: - $ref: '#/components/schemas/Security_Detections_API_ResponseAction' - type: array - risk_score: - $ref: '#/components/schemas/Security_Detections_API_RiskScore' - risk_score_mapping: - $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' - rule_id: - $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' - rule_name_override: - $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' - setup: - $ref: '#/components/schemas/Security_Detections_API_SetupGuide' - severity: - $ref: '#/components/schemas/Security_Detections_API_Severity' - severity_mapping: - $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' - tags: - $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' - threat: - $ref: '#/components/schemas/Security_Detections_API_ThreatArray' - throttle: - $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' - timeline_id: - $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' - timeline_title: - $ref: >- - #/components/schemas/Security_Detections_API_TimelineTemplateTitle - timestamp_override: - $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' - timestamp_override_fallback_disabled: - $ref: >- - #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled - to: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' - type: - description: Rule type - enum: - - esql - type: string - version: - $ref: '#/components/schemas/Security_Detections_API_RuleVersion' - - $ref: '#/components/schemas/Security_Detections_API_EsqlRuleOptionalFields' - Security_Detections_API_EsqlRuleRequiredFields: - type: object - properties: - language: - $ref: '#/components/schemas/Security_Detections_API_EsqlQueryLanguage' - query: - $ref: '#/components/schemas/Security_Detections_API_RuleQuery' - description: ESQL query to execute - type: - description: Rule type - enum: - - esql - type: string - required: - - type - - language - - query - Security_Detections_API_EsqlRuleResponseFields: - allOf: - - $ref: '#/components/schemas/Security_Detections_API_EsqlRuleOptionalFields' - - $ref: '#/components/schemas/Security_Detections_API_EsqlRuleRequiredFields' - Security_Detections_API_EsqlRuleUpdateProps: - allOf: - - type: object - properties: - actions: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleAction' - type: array - alias_purpose: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose - alias_target_id: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId - author: - $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' - building_block_type: - $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' - description: - $ref: '#/components/schemas/Security_Detections_API_RuleDescription' - enabled: - $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' - exceptions_list: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' - type: array - false_positives: - $ref: >- - #/components/schemas/Security_Detections_API_RuleFalsePositiveArray - from: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' - id: - $ref: '#/components/schemas/Security_Detections_API_RuleObjectId' - interval: - $ref: '#/components/schemas/Security_Detections_API_RuleInterval' - investigation_fields: - $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' - license: - $ref: '#/components/schemas/Security_Detections_API_RuleLicense' - max_signals: - $ref: '#/components/schemas/Security_Detections_API_MaxSignals' - meta: - $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' - name: - $ref: '#/components/schemas/Security_Detections_API_RuleName' - namespace: - $ref: >- - #/components/schemas/Security_Detections_API_AlertsIndexNamespace - note: - $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' - outcome: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome - output_index: - $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' - references: - $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' - related_integrations: - $ref: >- - #/components/schemas/Security_Detections_API_RelatedIntegrationArray - required_fields: - items: - $ref: >- - #/components/schemas/Security_Detections_API_RequiredFieldInput - type: array - response_actions: - items: - $ref: '#/components/schemas/Security_Detections_API_ResponseAction' - type: array - risk_score: - $ref: '#/components/schemas/Security_Detections_API_RiskScore' - risk_score_mapping: - $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' - rule_id: - $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' - rule_name_override: - $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' - setup: - $ref: '#/components/schemas/Security_Detections_API_SetupGuide' - severity: - $ref: '#/components/schemas/Security_Detections_API_Severity' - severity_mapping: - $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' - tags: - $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' - threat: - $ref: '#/components/schemas/Security_Detections_API_ThreatArray' - throttle: - $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' - timeline_id: - $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' - timeline_title: - $ref: >- - #/components/schemas/Security_Detections_API_TimelineTemplateTitle - timestamp_override: - $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' - timestamp_override_fallback_disabled: - $ref: >- - #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled - to: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' - version: - $ref: '#/components/schemas/Security_Detections_API_RuleVersion' - required: - - name - - description - - risk_score - - severity - - $ref: '#/components/schemas/Security_Detections_API_EsqlRuleCreateFields' - Security_Detections_API_EventCategoryOverride: - type: string - Security_Detections_API_ExceptionListType: - description: The exception type - enum: - - detection - - rule_default - - endpoint - - endpoint_trusted_apps - - endpoint_events - - endpoint_host_isolation_exceptions - - endpoint_blocklists - type: string - Security_Detections_API_ExternalRuleSource: - description: >- - Type of rule source for externally sourced rules, i.e. rules that have - an external source, such as the Elastic Prebuilt rules repo. - type: object - properties: - is_customized: - $ref: >- - #/components/schemas/Security_Detections_API_IsExternalRuleCustomized - type: - enum: - - external - type: string - required: - - type - - is_customized - Security_Detections_API_FindRulesSortField: - enum: - - created_at - - createdAt - - enabled - - execution_summary.last_execution.date - - execution_summary.last_execution.metrics.execution_gap_duration_s - - execution_summary.last_execution.metrics.total_indexing_duration_ms - - execution_summary.last_execution.metrics.total_search_duration_ms - - execution_summary.last_execution.status - - name - - risk_score - - riskScore - - severity - - updated_at - - updatedAt - type: string - Security_Detections_API_HistoryWindowStart: - $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' - Security_Detections_API_IndexMigrationStatus: - type: object - properties: - index: - $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' - is_outdated: - type: boolean - migrations: - items: - $ref: '#/components/schemas/Security_Detections_API_MigrationStatus' - type: array - signal_versions: - items: - $ref: '#/components/schemas/Security_Detections_API_AlertVersion' - type: array - version: - type: integer - required: - - index - - version - - signal_versions - - migrations - - is_outdated - Security_Detections_API_IndexPatternArray: - items: - type: string - type: array - Security_Detections_API_InternalRuleSource: - description: >- - Type of rule source for internally sourced rules, i.e. created within - the Kibana apps. - type: object - properties: - type: - enum: - - internal - type: string - required: - - type - Security_Detections_API_InvestigationFields: - description: > - Schema for fields relating to investigation fields. These are user - defined fields we use to highlight - - in various features in the UI such as alert details flyout and - exceptions auto-population from alert. - - Added in PR #163235 - - Right now we only have a single field but anticipate adding more related - fields to store various - - configuration states such as `override` - where a user might say if they - want only these fields to - - display, or if they want these fields + the fields we select. When - expanding this field, it may look - - something like: - - ```typescript - - const investigationFields = z.object({ - field_names: NonEmptyArray(NonEmptyString), - override: z.boolean().optional(), - }); - - ``` - type: object - properties: - field_names: - items: - $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' - minItems: 1 - type: array - required: - - field_names - Security_Detections_API_InvestigationGuide: - description: Notes to help investigate alerts produced by the rule. - type: string - Security_Detections_API_IsExternalRuleCustomized: - description: >- - Determines whether an external/prebuilt rule has been customized by the - user (i.e. any of its fields have been modified and diverged from the - base value). - type: boolean - Security_Detections_API_IsRuleEnabled: - description: Determines whether the rule is enabled. - type: boolean - Security_Detections_API_IsRuleImmutable: - deprecated: true - description: >- - This field determines whether the rule is a prebuilt Elastic rule. It - will be replaced with the `rule_source` field. - type: boolean - Security_Detections_API_ItemsPerSearch: - minimum: 1 - type: integer - Security_Detections_API_KqlQueryLanguage: - enum: - - kuery - - lucene - type: string - Security_Detections_API_MachineLearningJobId: - description: Machine learning job ID - oneOf: - - type: string - - items: - type: string - minItems: 1 - type: array - Security_Detections_API_MachineLearningRule: - allOf: - - type: object - properties: - actions: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleAction' - type: array - alias_purpose: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose - alias_target_id: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId - author: - $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' - building_block_type: - $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' - description: - $ref: '#/components/schemas/Security_Detections_API_RuleDescription' - enabled: - $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' - exceptions_list: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' - type: array - false_positives: - $ref: >- - #/components/schemas/Security_Detections_API_RuleFalsePositiveArray - from: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' - interval: - $ref: '#/components/schemas/Security_Detections_API_RuleInterval' - investigation_fields: - $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' - license: - $ref: '#/components/schemas/Security_Detections_API_RuleLicense' - max_signals: - $ref: '#/components/schemas/Security_Detections_API_MaxSignals' - meta: - $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' - name: - $ref: '#/components/schemas/Security_Detections_API_RuleName' - namespace: - $ref: >- - #/components/schemas/Security_Detections_API_AlertsIndexNamespace - note: - $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' - outcome: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome - output_index: - $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' - references: - $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' - related_integrations: - $ref: >- - #/components/schemas/Security_Detections_API_RelatedIntegrationArray - required_fields: - items: - $ref: >- - #/components/schemas/Security_Detections_API_RequiredFieldInput - type: array - response_actions: - items: - $ref: '#/components/schemas/Security_Detections_API_ResponseAction' - type: array - risk_score: - $ref: '#/components/schemas/Security_Detections_API_RiskScore' - risk_score_mapping: - $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' - rule_name_override: - $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' - setup: - $ref: '#/components/schemas/Security_Detections_API_SetupGuide' - severity: - $ref: '#/components/schemas/Security_Detections_API_Severity' - severity_mapping: - $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' - tags: - $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' - threat: - $ref: '#/components/schemas/Security_Detections_API_ThreatArray' - throttle: - $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' - timeline_id: - $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' - timeline_title: - $ref: >- - #/components/schemas/Security_Detections_API_TimelineTemplateTitle - timestamp_override: - $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' - timestamp_override_fallback_disabled: - $ref: >- - #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled - to: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' - version: - $ref: '#/components/schemas/Security_Detections_API_RuleVersion' - required: - - name - - description - - risk_score - - severity - - version - - tags - - enabled - - risk_score_mapping - - severity_mapping - - interval - - from - - to - - actions - - exceptions_list - - author - - false_positives - - references - - max_signals - - threat - - setup - - related_integrations - - required_fields - - $ref: '#/components/schemas/Security_Detections_API_ResponseFields' - - $ref: >- - #/components/schemas/Security_Detections_API_MachineLearningRuleResponseFields - Security_Detections_API_MachineLearningRuleCreateFields: - allOf: - - $ref: >- - #/components/schemas/Security_Detections_API_MachineLearningRuleRequiredFields - - $ref: >- - #/components/schemas/Security_Detections_API_MachineLearningRuleOptionalFields - Security_Detections_API_MachineLearningRuleCreateProps: - allOf: - - type: object - properties: - actions: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleAction' - type: array - alias_purpose: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose - alias_target_id: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId - author: - $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' - building_block_type: - $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' - description: - $ref: '#/components/schemas/Security_Detections_API_RuleDescription' - enabled: - $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' - exceptions_list: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' - type: array - false_positives: - $ref: >- - #/components/schemas/Security_Detections_API_RuleFalsePositiveArray - from: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' - interval: - $ref: '#/components/schemas/Security_Detections_API_RuleInterval' - investigation_fields: - $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' - license: - $ref: '#/components/schemas/Security_Detections_API_RuleLicense' - max_signals: - $ref: '#/components/schemas/Security_Detections_API_MaxSignals' - meta: - $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' - name: - $ref: '#/components/schemas/Security_Detections_API_RuleName' - namespace: - $ref: >- - #/components/schemas/Security_Detections_API_AlertsIndexNamespace - note: - $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' - outcome: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome - output_index: - $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' - references: - $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' - related_integrations: - $ref: >- - #/components/schemas/Security_Detections_API_RelatedIntegrationArray - required_fields: - items: - $ref: >- - #/components/schemas/Security_Detections_API_RequiredFieldInput - type: array - response_actions: - items: - $ref: '#/components/schemas/Security_Detections_API_ResponseAction' - type: array - risk_score: - $ref: '#/components/schemas/Security_Detections_API_RiskScore' - risk_score_mapping: - $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' - rule_id: - $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' - rule_name_override: - $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' - setup: - $ref: '#/components/schemas/Security_Detections_API_SetupGuide' - severity: - $ref: '#/components/schemas/Security_Detections_API_Severity' - severity_mapping: - $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' - tags: - $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' - threat: - $ref: '#/components/schemas/Security_Detections_API_ThreatArray' - throttle: - $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' - timeline_id: - $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' - timeline_title: - $ref: >- - #/components/schemas/Security_Detections_API_TimelineTemplateTitle - timestamp_override: - $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' - timestamp_override_fallback_disabled: - $ref: >- - #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled - to: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' - version: - $ref: '#/components/schemas/Security_Detections_API_RuleVersion' - required: - - name - - description - - risk_score - - severity - - $ref: >- - #/components/schemas/Security_Detections_API_MachineLearningRuleCreateFields - Security_Detections_API_MachineLearningRuleOptionalFields: - type: object - properties: - alert_suppression: - $ref: '#/components/schemas/Security_Detections_API_AlertSuppression' - Security_Detections_API_MachineLearningRulePatchFields: - allOf: - - type: object - properties: - anomaly_threshold: - $ref: '#/components/schemas/Security_Detections_API_AnomalyThreshold' - machine_learning_job_id: - $ref: >- - #/components/schemas/Security_Detections_API_MachineLearningJobId - type: - description: Rule type - enum: - - machine_learning - type: string - - $ref: >- - #/components/schemas/Security_Detections_API_MachineLearningRuleOptionalFields - Security_Detections_API_MachineLearningRulePatchProps: - allOf: - - type: object - properties: - actions: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleAction' - type: array - alias_purpose: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose - alias_target_id: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId - author: - $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' - building_block_type: - $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' - description: - $ref: '#/components/schemas/Security_Detections_API_RuleDescription' - enabled: - $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' - exceptions_list: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' - type: array - false_positives: - $ref: >- - #/components/schemas/Security_Detections_API_RuleFalsePositiveArray - from: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' - id: - $ref: '#/components/schemas/Security_Detections_API_RuleObjectId' - interval: - $ref: '#/components/schemas/Security_Detections_API_RuleInterval' - investigation_fields: - $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' - license: - $ref: '#/components/schemas/Security_Detections_API_RuleLicense' - max_signals: - $ref: '#/components/schemas/Security_Detections_API_MaxSignals' - meta: - $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' - name: - $ref: '#/components/schemas/Security_Detections_API_RuleName' - namespace: - $ref: >- - #/components/schemas/Security_Detections_API_AlertsIndexNamespace - note: - $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' - outcome: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome - output_index: - $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' - references: - $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' - related_integrations: - $ref: >- - #/components/schemas/Security_Detections_API_RelatedIntegrationArray - required_fields: - items: - $ref: >- - #/components/schemas/Security_Detections_API_RequiredFieldInput - type: array - response_actions: - items: - $ref: '#/components/schemas/Security_Detections_API_ResponseAction' - type: array - risk_score: - $ref: '#/components/schemas/Security_Detections_API_RiskScore' - risk_score_mapping: - $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' - rule_id: - $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' - rule_name_override: - $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' - setup: - $ref: '#/components/schemas/Security_Detections_API_SetupGuide' - severity: - $ref: '#/components/schemas/Security_Detections_API_Severity' - severity_mapping: - $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' - tags: - $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' - threat: - $ref: '#/components/schemas/Security_Detections_API_ThreatArray' - throttle: - $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' - timeline_id: - $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' - timeline_title: - $ref: >- - #/components/schemas/Security_Detections_API_TimelineTemplateTitle - timestamp_override: - $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' - timestamp_override_fallback_disabled: - $ref: >- - #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled - to: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' - version: - $ref: '#/components/schemas/Security_Detections_API_RuleVersion' - - $ref: >- - #/components/schemas/Security_Detections_API_MachineLearningRulePatchFields - Security_Detections_API_MachineLearningRuleRequiredFields: - type: object - properties: - anomaly_threshold: - $ref: '#/components/schemas/Security_Detections_API_AnomalyThreshold' - machine_learning_job_id: - $ref: '#/components/schemas/Security_Detections_API_MachineLearningJobId' - type: - description: Rule type - enum: - - machine_learning - type: string - required: - - type - - machine_learning_job_id - - anomaly_threshold - Security_Detections_API_MachineLearningRuleResponseFields: - allOf: - - $ref: >- - #/components/schemas/Security_Detections_API_MachineLearningRuleRequiredFields - - $ref: >- - #/components/schemas/Security_Detections_API_MachineLearningRuleOptionalFields - Security_Detections_API_MachineLearningRuleUpdateProps: - allOf: - - type: object - properties: - actions: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleAction' - type: array - alias_purpose: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose - alias_target_id: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId - author: - $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' - building_block_type: - $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' - description: - $ref: '#/components/schemas/Security_Detections_API_RuleDescription' - enabled: - $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' - exceptions_list: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' - type: array - false_positives: - $ref: >- - #/components/schemas/Security_Detections_API_RuleFalsePositiveArray - from: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' - id: - $ref: '#/components/schemas/Security_Detections_API_RuleObjectId' - interval: - $ref: '#/components/schemas/Security_Detections_API_RuleInterval' - investigation_fields: - $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' - license: - $ref: '#/components/schemas/Security_Detections_API_RuleLicense' - max_signals: - $ref: '#/components/schemas/Security_Detections_API_MaxSignals' - meta: - $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' - name: - $ref: '#/components/schemas/Security_Detections_API_RuleName' - namespace: - $ref: >- - #/components/schemas/Security_Detections_API_AlertsIndexNamespace - note: - $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' - outcome: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome - output_index: - $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' - references: - $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' - related_integrations: - $ref: >- - #/components/schemas/Security_Detections_API_RelatedIntegrationArray - required_fields: - items: - $ref: >- - #/components/schemas/Security_Detections_API_RequiredFieldInput - type: array - response_actions: - items: - $ref: '#/components/schemas/Security_Detections_API_ResponseAction' - type: array - risk_score: - $ref: '#/components/schemas/Security_Detections_API_RiskScore' - risk_score_mapping: - $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' - rule_id: - $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' - rule_name_override: - $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' - setup: - $ref: '#/components/schemas/Security_Detections_API_SetupGuide' - severity: - $ref: '#/components/schemas/Security_Detections_API_Severity' - severity_mapping: - $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' - tags: - $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' - threat: - $ref: '#/components/schemas/Security_Detections_API_ThreatArray' - throttle: - $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' - timeline_id: - $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' - timeline_title: - $ref: >- - #/components/schemas/Security_Detections_API_TimelineTemplateTitle - timestamp_override: - $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' - timestamp_override_fallback_disabled: - $ref: >- - #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled - to: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' - version: - $ref: '#/components/schemas/Security_Detections_API_RuleVersion' - required: - - name - - description - - risk_score - - severity - - $ref: >- - #/components/schemas/Security_Detections_API_MachineLearningRuleCreateFields - Security_Detections_API_MaxSignals: - minimum: 1 - type: integer - Security_Detections_API_MigrationCleanupResult: - type: object - properties: - destinationIndex: - type: string - error: - type: object - properties: - message: - type: string - status_code: - type: integer - required: - - message - - status_code - id: - type: string - sourceIndex: - type: string - status: - enum: - - success - - failure - - pending - type: string - updated: - format: date-time - type: string - version: - type: string - required: - - id - - destinationIndex - - status - - sourceIndex - - version - - updated - Security_Detections_API_MigrationFinalizationResult: - type: object - properties: - completed: - type: boolean - destinationIndex: - type: string - error: - type: object - properties: - message: - type: string - status_code: - type: integer - required: - - message - - status_code - id: - type: string - sourceIndex: - type: string - status: - enum: - - success - - failure - - pending - type: string - updated: - format: date-time - type: string - version: - type: string - required: - - id - - completed - - destinationIndex - - status - - sourceIndex - - version - - updated - Security_Detections_API_MigrationStatus: - type: object - properties: - id: - $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' - status: - enum: - - success - - failure - - pending - type: string - updated: - format: date-time - type: string - version: - type: integer - required: - - id - - status - - version - - updated - Security_Detections_API_NewTermsFields: - items: - type: string - maxItems: 3 - minItems: 1 - type: array - Security_Detections_API_NewTermsRule: - allOf: - - type: object - properties: - actions: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleAction' - type: array - alias_purpose: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose - alias_target_id: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId - author: - $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' - building_block_type: - $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' - description: - $ref: '#/components/schemas/Security_Detections_API_RuleDescription' - enabled: - $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' - exceptions_list: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' - type: array - false_positives: - $ref: >- - #/components/schemas/Security_Detections_API_RuleFalsePositiveArray - from: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' - interval: - $ref: '#/components/schemas/Security_Detections_API_RuleInterval' - investigation_fields: - $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' - license: - $ref: '#/components/schemas/Security_Detections_API_RuleLicense' - max_signals: - $ref: '#/components/schemas/Security_Detections_API_MaxSignals' - meta: - $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' - name: - $ref: '#/components/schemas/Security_Detections_API_RuleName' - namespace: - $ref: >- - #/components/schemas/Security_Detections_API_AlertsIndexNamespace - note: - $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' - outcome: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome - output_index: - $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' - references: - $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' - related_integrations: - $ref: >- - #/components/schemas/Security_Detections_API_RelatedIntegrationArray - required_fields: - items: - $ref: >- - #/components/schemas/Security_Detections_API_RequiredFieldInput - type: array - response_actions: - items: - $ref: '#/components/schemas/Security_Detections_API_ResponseAction' - type: array - risk_score: - $ref: '#/components/schemas/Security_Detections_API_RiskScore' - risk_score_mapping: - $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' - rule_name_override: - $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' - setup: - $ref: '#/components/schemas/Security_Detections_API_SetupGuide' - severity: - $ref: '#/components/schemas/Security_Detections_API_Severity' - severity_mapping: - $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' - tags: - $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' - threat: - $ref: '#/components/schemas/Security_Detections_API_ThreatArray' - throttle: - $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' - timeline_id: - $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' - timeline_title: - $ref: >- - #/components/schemas/Security_Detections_API_TimelineTemplateTitle - timestamp_override: - $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' - timestamp_override_fallback_disabled: - $ref: >- - #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled - to: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' - version: - $ref: '#/components/schemas/Security_Detections_API_RuleVersion' - required: - - name - - description - - risk_score - - severity - - version - - tags - - enabled - - risk_score_mapping - - severity_mapping - - interval - - from - - to - - actions - - exceptions_list - - author - - false_positives - - references - - max_signals - - threat - - setup - - related_integrations - - required_fields - - $ref: '#/components/schemas/Security_Detections_API_ResponseFields' - - $ref: >- - #/components/schemas/Security_Detections_API_NewTermsRuleResponseFields - Security_Detections_API_NewTermsRuleCreateFields: - allOf: - - $ref: >- - #/components/schemas/Security_Detections_API_NewTermsRuleRequiredFields - - $ref: >- - #/components/schemas/Security_Detections_API_NewTermsRuleOptionalFields - - $ref: >- - #/components/schemas/Security_Detections_API_NewTermsRuleDefaultableFields - Security_Detections_API_NewTermsRuleCreateProps: - allOf: - - type: object - properties: - actions: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleAction' - type: array - alias_purpose: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose - alias_target_id: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId - author: - $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' - building_block_type: - $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' - description: - $ref: '#/components/schemas/Security_Detections_API_RuleDescription' - enabled: - $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' - exceptions_list: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' - type: array - false_positives: - $ref: >- - #/components/schemas/Security_Detections_API_RuleFalsePositiveArray - from: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' - interval: - $ref: '#/components/schemas/Security_Detections_API_RuleInterval' - investigation_fields: - $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' - license: - $ref: '#/components/schemas/Security_Detections_API_RuleLicense' - max_signals: - $ref: '#/components/schemas/Security_Detections_API_MaxSignals' - meta: - $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' - name: - $ref: '#/components/schemas/Security_Detections_API_RuleName' - namespace: - $ref: >- - #/components/schemas/Security_Detections_API_AlertsIndexNamespace - note: - $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' - outcome: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome - output_index: - $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' - references: - $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' - related_integrations: - $ref: >- - #/components/schemas/Security_Detections_API_RelatedIntegrationArray - required_fields: - items: - $ref: >- - #/components/schemas/Security_Detections_API_RequiredFieldInput - type: array - response_actions: - items: - $ref: '#/components/schemas/Security_Detections_API_ResponseAction' - type: array - risk_score: - $ref: '#/components/schemas/Security_Detections_API_RiskScore' - risk_score_mapping: - $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' - rule_id: - $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' - rule_name_override: - $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' - setup: - $ref: '#/components/schemas/Security_Detections_API_SetupGuide' - severity: - $ref: '#/components/schemas/Security_Detections_API_Severity' - severity_mapping: - $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' - tags: - $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' - threat: - $ref: '#/components/schemas/Security_Detections_API_ThreatArray' - throttle: - $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' - timeline_id: - $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' - timeline_title: - $ref: >- - #/components/schemas/Security_Detections_API_TimelineTemplateTitle - timestamp_override: - $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' - timestamp_override_fallback_disabled: - $ref: >- - #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled - to: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' - version: - $ref: '#/components/schemas/Security_Detections_API_RuleVersion' - required: - - name - - description - - risk_score - - severity - - $ref: >- - #/components/schemas/Security_Detections_API_NewTermsRuleCreateFields - Security_Detections_API_NewTermsRuleDefaultableFields: - type: object - properties: - language: - $ref: '#/components/schemas/Security_Detections_API_KqlQueryLanguage' - Security_Detections_API_NewTermsRuleOptionalFields: - type: object - properties: - alert_suppression: - $ref: '#/components/schemas/Security_Detections_API_AlertSuppression' - data_view_id: - $ref: '#/components/schemas/Security_Detections_API_DataViewId' - filters: - $ref: '#/components/schemas/Security_Detections_API_RuleFilterArray' - index: - $ref: '#/components/schemas/Security_Detections_API_IndexPatternArray' - Security_Detections_API_NewTermsRulePatchFields: - allOf: - - type: object - properties: - history_window_start: - $ref: '#/components/schemas/Security_Detections_API_HistoryWindowStart' - new_terms_fields: - $ref: '#/components/schemas/Security_Detections_API_NewTermsFields' - query: - $ref: '#/components/schemas/Security_Detections_API_RuleQuery' - type: - description: Rule type - enum: - - new_terms - type: string - - $ref: >- - #/components/schemas/Security_Detections_API_NewTermsRuleOptionalFields - - $ref: >- - #/components/schemas/Security_Detections_API_NewTermsRuleDefaultableFields - Security_Detections_API_NewTermsRulePatchProps: - allOf: - - type: object - properties: - actions: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleAction' - type: array - alias_purpose: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose - alias_target_id: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId - author: - $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' - building_block_type: - $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' - description: - $ref: '#/components/schemas/Security_Detections_API_RuleDescription' - enabled: - $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' - exceptions_list: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' - type: array - false_positives: - $ref: >- - #/components/schemas/Security_Detections_API_RuleFalsePositiveArray - from: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' - id: - $ref: '#/components/schemas/Security_Detections_API_RuleObjectId' - interval: - $ref: '#/components/schemas/Security_Detections_API_RuleInterval' - investigation_fields: - $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' - license: - $ref: '#/components/schemas/Security_Detections_API_RuleLicense' - max_signals: - $ref: '#/components/schemas/Security_Detections_API_MaxSignals' - meta: - $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' - name: - $ref: '#/components/schemas/Security_Detections_API_RuleName' - namespace: - $ref: >- - #/components/schemas/Security_Detections_API_AlertsIndexNamespace - note: - $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' - outcome: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome - output_index: - $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' - references: - $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' - related_integrations: - $ref: >- - #/components/schemas/Security_Detections_API_RelatedIntegrationArray - required_fields: - items: - $ref: >- - #/components/schemas/Security_Detections_API_RequiredFieldInput - type: array - response_actions: - items: - $ref: '#/components/schemas/Security_Detections_API_ResponseAction' - type: array - risk_score: - $ref: '#/components/schemas/Security_Detections_API_RiskScore' - risk_score_mapping: - $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' - rule_id: - $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' - rule_name_override: - $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' - setup: - $ref: '#/components/schemas/Security_Detections_API_SetupGuide' - severity: - $ref: '#/components/schemas/Security_Detections_API_Severity' - severity_mapping: - $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' - tags: - $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' - threat: - $ref: '#/components/schemas/Security_Detections_API_ThreatArray' - throttle: - $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' - timeline_id: - $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' - timeline_title: - $ref: >- - #/components/schemas/Security_Detections_API_TimelineTemplateTitle - timestamp_override: - $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' - timestamp_override_fallback_disabled: - $ref: >- - #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled - to: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' - version: - $ref: '#/components/schemas/Security_Detections_API_RuleVersion' - - $ref: '#/components/schemas/Security_Detections_API_NewTermsRulePatchFields' - Security_Detections_API_NewTermsRuleRequiredFields: - type: object - properties: - history_window_start: - $ref: '#/components/schemas/Security_Detections_API_HistoryWindowStart' - new_terms_fields: - $ref: '#/components/schemas/Security_Detections_API_NewTermsFields' - query: - $ref: '#/components/schemas/Security_Detections_API_RuleQuery' - type: - description: Rule type - enum: - - new_terms - type: string - required: - - type - - query - - new_terms_fields - - history_window_start - Security_Detections_API_NewTermsRuleResponseFields: - allOf: - - $ref: >- - #/components/schemas/Security_Detections_API_NewTermsRuleRequiredFields - - $ref: >- - #/components/schemas/Security_Detections_API_NewTermsRuleOptionalFields - - type: object - properties: - language: - $ref: '#/components/schemas/Security_Detections_API_KqlQueryLanguage' - required: - - language - Security_Detections_API_NewTermsRuleUpdateProps: - allOf: - - type: object - properties: - actions: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleAction' - type: array - alias_purpose: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose - alias_target_id: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId - author: - $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' - building_block_type: - $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' - description: - $ref: '#/components/schemas/Security_Detections_API_RuleDescription' - enabled: - $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' - exceptions_list: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' - type: array - false_positives: - $ref: >- - #/components/schemas/Security_Detections_API_RuleFalsePositiveArray - from: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' - id: - $ref: '#/components/schemas/Security_Detections_API_RuleObjectId' - interval: - $ref: '#/components/schemas/Security_Detections_API_RuleInterval' - investigation_fields: - $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' - license: - $ref: '#/components/schemas/Security_Detections_API_RuleLicense' - max_signals: - $ref: '#/components/schemas/Security_Detections_API_MaxSignals' - meta: - $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' - name: - $ref: '#/components/schemas/Security_Detections_API_RuleName' - namespace: - $ref: >- - #/components/schemas/Security_Detections_API_AlertsIndexNamespace - note: - $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' - outcome: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome - output_index: - $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' - references: - $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' - related_integrations: - $ref: >- - #/components/schemas/Security_Detections_API_RelatedIntegrationArray - required_fields: - items: - $ref: >- - #/components/schemas/Security_Detections_API_RequiredFieldInput - type: array - response_actions: - items: - $ref: '#/components/schemas/Security_Detections_API_ResponseAction' - type: array - risk_score: - $ref: '#/components/schemas/Security_Detections_API_RiskScore' - risk_score_mapping: - $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' - rule_id: - $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' - rule_name_override: - $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' - setup: - $ref: '#/components/schemas/Security_Detections_API_SetupGuide' - severity: - $ref: '#/components/schemas/Security_Detections_API_Severity' - severity_mapping: - $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' - tags: - $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' - threat: - $ref: '#/components/schemas/Security_Detections_API_ThreatArray' - throttle: - $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' - timeline_id: - $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' - timeline_title: - $ref: >- - #/components/schemas/Security_Detections_API_TimelineTemplateTitle - timestamp_override: - $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' - timestamp_override_fallback_disabled: - $ref: >- - #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled - to: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' - version: - $ref: '#/components/schemas/Security_Detections_API_RuleVersion' - required: - - name - - description - - risk_score - - severity - - $ref: >- - #/components/schemas/Security_Detections_API_NewTermsRuleCreateFields - Security_Detections_API_NonEmptyString: - description: A string that is not empty and does not contain only whitespace - minLength: 1 - pattern: ^(?! *$).+$ - type: string - Security_Detections_API_NormalizedRuleAction: - additionalProperties: false - type: object - properties: - alerts_filter: - $ref: '#/components/schemas/Security_Detections_API_RuleActionAlertsFilter' - frequency: - $ref: '#/components/schemas/Security_Detections_API_RuleActionFrequency' - group: - $ref: '#/components/schemas/Security_Detections_API_RuleActionGroup' - id: - $ref: '#/components/schemas/Security_Detections_API_RuleActionId' - params: - $ref: '#/components/schemas/Security_Detections_API_RuleActionParams' - required: - - id - - params - Security_Detections_API_NormalizedRuleError: - type: object - properties: - err_code: - $ref: >- - #/components/schemas/Security_Detections_API_BulkActionsDryRunErrCode - message: - type: string - rules: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleDetailsInError' - type: array - status_code: - type: integer - required: - - message - - status_code - - rules - Security_Detections_API_OsqueryParams: - type: object - properties: - ecs_mapping: - $ref: '#/components/schemas/Security_Detections_API_EcsMapping' - pack_id: - type: string - queries: - items: - $ref: '#/components/schemas/Security_Detections_API_OsqueryQuery' - type: array - query: - type: string - saved_query_id: - type: string - timeout: - type: number - Security_Detections_API_OsqueryQuery: - type: object - properties: - ecs_mapping: - $ref: '#/components/schemas/Security_Detections_API_EcsMapping' - id: - description: Query ID - type: string - platform: - type: string - query: - description: Query to run - type: string - removed: - type: boolean - snapshot: - type: boolean - version: - description: Query version - type: string - required: - - id - - query - Security_Detections_API_OsqueryResponseAction: - type: object - properties: - action_type_id: - enum: - - .osquery - type: string - params: - $ref: '#/components/schemas/Security_Detections_API_OsqueryParams' - required: - - action_type_id - - params - Security_Detections_API_PlatformErrorResponse: - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: integer - required: - - statusCode - - error - - message - Security_Detections_API_ProcessesParams: - type: object - properties: - command: - enum: - - kill-process - - suspend-process - type: string - comment: - type: string - config: - type: object - properties: - field: - description: Field to use instead of process.pid - type: string - overwrite: - default: true - description: Whether to overwrite field with process.pid - type: boolean - required: - - field - required: - - command - - config - Security_Detections_API_QueryRule: - allOf: - - type: object - properties: - actions: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleAction' - type: array - alias_purpose: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose - alias_target_id: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId - author: - $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' - building_block_type: - $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' - description: - $ref: '#/components/schemas/Security_Detections_API_RuleDescription' - enabled: - $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' - exceptions_list: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' - type: array - false_positives: - $ref: >- - #/components/schemas/Security_Detections_API_RuleFalsePositiveArray - from: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' - interval: - $ref: '#/components/schemas/Security_Detections_API_RuleInterval' - investigation_fields: - $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' - license: - $ref: '#/components/schemas/Security_Detections_API_RuleLicense' - max_signals: - $ref: '#/components/schemas/Security_Detections_API_MaxSignals' - meta: - $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' - name: - $ref: '#/components/schemas/Security_Detections_API_RuleName' - namespace: - $ref: >- - #/components/schemas/Security_Detections_API_AlertsIndexNamespace - note: - $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' - outcome: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome - output_index: - $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' - references: - $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' - related_integrations: - $ref: >- - #/components/schemas/Security_Detections_API_RelatedIntegrationArray - required_fields: - items: - $ref: >- - #/components/schemas/Security_Detections_API_RequiredFieldInput - type: array - response_actions: - items: - $ref: '#/components/schemas/Security_Detections_API_ResponseAction' - type: array - risk_score: - $ref: '#/components/schemas/Security_Detections_API_RiskScore' - risk_score_mapping: - $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' - rule_name_override: - $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' - setup: - $ref: '#/components/schemas/Security_Detections_API_SetupGuide' - severity: - $ref: '#/components/schemas/Security_Detections_API_Severity' - severity_mapping: - $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' - tags: - $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' - threat: - $ref: '#/components/schemas/Security_Detections_API_ThreatArray' - throttle: - $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' - timeline_id: - $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' - timeline_title: - $ref: >- - #/components/schemas/Security_Detections_API_TimelineTemplateTitle - timestamp_override: - $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' - timestamp_override_fallback_disabled: - $ref: >- - #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled - to: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' - version: - $ref: '#/components/schemas/Security_Detections_API_RuleVersion' - required: - - name - - description - - risk_score - - severity - - version - - tags - - enabled - - risk_score_mapping - - severity_mapping - - interval - - from - - to - - actions - - exceptions_list - - author - - false_positives - - references - - max_signals - - threat - - setup - - related_integrations - - required_fields - - $ref: '#/components/schemas/Security_Detections_API_ResponseFields' - - $ref: '#/components/schemas/Security_Detections_API_QueryRuleResponseFields' - Security_Detections_API_QueryRuleCreateFields: - allOf: - - $ref: '#/components/schemas/Security_Detections_API_QueryRuleRequiredFields' - - $ref: '#/components/schemas/Security_Detections_API_QueryRuleOptionalFields' - - $ref: >- - #/components/schemas/Security_Detections_API_QueryRuleDefaultableFields - Security_Detections_API_QueryRuleCreateProps: - allOf: - - type: object - properties: - actions: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleAction' - type: array - alias_purpose: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose - alias_target_id: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId - author: - $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' - building_block_type: - $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' - description: - $ref: '#/components/schemas/Security_Detections_API_RuleDescription' - enabled: - $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' - exceptions_list: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' - type: array - false_positives: - $ref: >- - #/components/schemas/Security_Detections_API_RuleFalsePositiveArray - from: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' - interval: - $ref: '#/components/schemas/Security_Detections_API_RuleInterval' - investigation_fields: - $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' - license: - $ref: '#/components/schemas/Security_Detections_API_RuleLicense' - max_signals: - $ref: '#/components/schemas/Security_Detections_API_MaxSignals' - meta: - $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' - name: - $ref: '#/components/schemas/Security_Detections_API_RuleName' - namespace: - $ref: >- - #/components/schemas/Security_Detections_API_AlertsIndexNamespace - note: - $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' - outcome: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome - output_index: - $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' - references: - $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' - related_integrations: - $ref: >- - #/components/schemas/Security_Detections_API_RelatedIntegrationArray - required_fields: - items: - $ref: >- - #/components/schemas/Security_Detections_API_RequiredFieldInput - type: array - response_actions: - items: - $ref: '#/components/schemas/Security_Detections_API_ResponseAction' - type: array - risk_score: - $ref: '#/components/schemas/Security_Detections_API_RiskScore' - risk_score_mapping: - $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' - rule_id: - $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' - rule_name_override: - $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' - setup: - $ref: '#/components/schemas/Security_Detections_API_SetupGuide' - severity: - $ref: '#/components/schemas/Security_Detections_API_Severity' - severity_mapping: - $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' - tags: - $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' - threat: - $ref: '#/components/schemas/Security_Detections_API_ThreatArray' - throttle: - $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' - timeline_id: - $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' - timeline_title: - $ref: >- - #/components/schemas/Security_Detections_API_TimelineTemplateTitle - timestamp_override: - $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' - timestamp_override_fallback_disabled: - $ref: >- - #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled - to: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' - version: - $ref: '#/components/schemas/Security_Detections_API_RuleVersion' - required: - - name - - description - - risk_score - - severity - - $ref: '#/components/schemas/Security_Detections_API_QueryRuleCreateFields' - Security_Detections_API_QueryRuleDefaultableFields: - type: object - properties: - language: - $ref: '#/components/schemas/Security_Detections_API_KqlQueryLanguage' - query: - $ref: '#/components/schemas/Security_Detections_API_RuleQuery' - Security_Detections_API_QueryRuleOptionalFields: - type: object - properties: - alert_suppression: - $ref: '#/components/schemas/Security_Detections_API_AlertSuppression' - data_view_id: - $ref: '#/components/schemas/Security_Detections_API_DataViewId' - filters: - $ref: '#/components/schemas/Security_Detections_API_RuleFilterArray' - index: - $ref: '#/components/schemas/Security_Detections_API_IndexPatternArray' - saved_id: - $ref: '#/components/schemas/Security_Detections_API_SavedQueryId' - Security_Detections_API_QueryRulePatchFields: - allOf: - - type: object - properties: - type: - description: Rule type - enum: - - query - type: string - - $ref: '#/components/schemas/Security_Detections_API_QueryRuleOptionalFields' - - $ref: >- - #/components/schemas/Security_Detections_API_QueryRuleDefaultableFields - Security_Detections_API_QueryRulePatchProps: - allOf: - - type: object - properties: - actions: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleAction' - type: array - alias_purpose: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose - alias_target_id: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId - author: - $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' - building_block_type: - $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' - description: - $ref: '#/components/schemas/Security_Detections_API_RuleDescription' - enabled: - $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' - exceptions_list: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' - type: array - false_positives: - $ref: >- - #/components/schemas/Security_Detections_API_RuleFalsePositiveArray - from: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' - id: - $ref: '#/components/schemas/Security_Detections_API_RuleObjectId' - interval: - $ref: '#/components/schemas/Security_Detections_API_RuleInterval' - investigation_fields: - $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' - license: - $ref: '#/components/schemas/Security_Detections_API_RuleLicense' - max_signals: - $ref: '#/components/schemas/Security_Detections_API_MaxSignals' - meta: - $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' - name: - $ref: '#/components/schemas/Security_Detections_API_RuleName' - namespace: - $ref: >- - #/components/schemas/Security_Detections_API_AlertsIndexNamespace - note: - $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' - outcome: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome - output_index: - $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' - references: - $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' - related_integrations: - $ref: >- - #/components/schemas/Security_Detections_API_RelatedIntegrationArray - required_fields: - items: - $ref: >- - #/components/schemas/Security_Detections_API_RequiredFieldInput - type: array - response_actions: - items: - $ref: '#/components/schemas/Security_Detections_API_ResponseAction' - type: array - risk_score: - $ref: '#/components/schemas/Security_Detections_API_RiskScore' - risk_score_mapping: - $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' - rule_id: - $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' - rule_name_override: - $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' - setup: - $ref: '#/components/schemas/Security_Detections_API_SetupGuide' - severity: - $ref: '#/components/schemas/Security_Detections_API_Severity' - severity_mapping: - $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' - tags: - $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' - threat: - $ref: '#/components/schemas/Security_Detections_API_ThreatArray' - throttle: - $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' - timeline_id: - $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' - timeline_title: - $ref: >- - #/components/schemas/Security_Detections_API_TimelineTemplateTitle - timestamp_override: - $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' - timestamp_override_fallback_disabled: - $ref: >- - #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled - to: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' - version: - $ref: '#/components/schemas/Security_Detections_API_RuleVersion' - - $ref: '#/components/schemas/Security_Detections_API_QueryRulePatchFields' - Security_Detections_API_QueryRuleRequiredFields: - type: object - properties: - type: - description: Rule type - enum: - - query - type: string - required: - - type - Security_Detections_API_QueryRuleResponseFields: - allOf: - - $ref: '#/components/schemas/Security_Detections_API_QueryRuleRequiredFields' - - $ref: '#/components/schemas/Security_Detections_API_QueryRuleOptionalFields' - - type: object - properties: - language: - $ref: '#/components/schemas/Security_Detections_API_KqlQueryLanguage' - query: - $ref: '#/components/schemas/Security_Detections_API_RuleQuery' - required: - - query - - language - Security_Detections_API_QueryRuleUpdateProps: - allOf: - - type: object - properties: - actions: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleAction' - type: array - alias_purpose: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose - alias_target_id: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId - author: - $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' - building_block_type: - $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' - description: - $ref: '#/components/schemas/Security_Detections_API_RuleDescription' - enabled: - $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' - exceptions_list: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' - type: array - false_positives: - $ref: >- - #/components/schemas/Security_Detections_API_RuleFalsePositiveArray - from: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' - id: - $ref: '#/components/schemas/Security_Detections_API_RuleObjectId' - interval: - $ref: '#/components/schemas/Security_Detections_API_RuleInterval' - investigation_fields: - $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' - license: - $ref: '#/components/schemas/Security_Detections_API_RuleLicense' - max_signals: - $ref: '#/components/schemas/Security_Detections_API_MaxSignals' - meta: - $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' - name: - $ref: '#/components/schemas/Security_Detections_API_RuleName' - namespace: - $ref: >- - #/components/schemas/Security_Detections_API_AlertsIndexNamespace - note: - $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' - outcome: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome - output_index: - $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' - references: - $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' - related_integrations: - $ref: >- - #/components/schemas/Security_Detections_API_RelatedIntegrationArray - required_fields: - items: - $ref: >- - #/components/schemas/Security_Detections_API_RequiredFieldInput - type: array - response_actions: - items: - $ref: '#/components/schemas/Security_Detections_API_ResponseAction' - type: array - risk_score: - $ref: '#/components/schemas/Security_Detections_API_RiskScore' - risk_score_mapping: - $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' - rule_id: - $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' - rule_name_override: - $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' - setup: - $ref: '#/components/schemas/Security_Detections_API_SetupGuide' - severity: - $ref: '#/components/schemas/Security_Detections_API_Severity' - severity_mapping: - $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' - tags: - $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' - threat: - $ref: '#/components/schemas/Security_Detections_API_ThreatArray' - throttle: - $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' - timeline_id: - $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' - timeline_title: - $ref: >- - #/components/schemas/Security_Detections_API_TimelineTemplateTitle - timestamp_override: - $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' - timestamp_override_fallback_disabled: - $ref: >- - #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled - to: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' - version: - $ref: '#/components/schemas/Security_Detections_API_RuleVersion' - required: - - name - - description - - risk_score - - severity - - $ref: '#/components/schemas/Security_Detections_API_QueryRuleCreateFields' - Security_Detections_API_RelatedIntegration: - description: > - Related integration is a potential dependency of a rule. It's assumed - that if the user installs - - one of the related integrations of a rule, the rule might start to work - properly because it will - - have source events (generated by this integration) potentially matching - the rule's query. - - - NOTE: Proper work is not guaranteed, because a related integration, if - installed, can be - - configured differently or generate data that is not necessarily relevant - for this rule. - - - Related integration is a combination of a Fleet package and (optionally) - one of the - - package's "integrations" that this package contains. It is represented - by 3 properties: - - - - `package`: name of the package (required, unique id) - - - `version`: version of the package (required, semver-compatible) - - - `integration`: name of the integration of this package (optional, id - within the package) - - - There are Fleet packages like `windows` that contain only one - integration; in this case, - - `integration` should be unspecified. There are also packages like `aws` - and `azure` that contain - - several integrations; in this case, `integration` should be specified. - - - @example - - const x: RelatedIntegration = { - package: 'windows', - version: '1.5.x', - }; - - - @example - - const x: RelatedIntegration = { - package: 'azure', - version: '~1.1.6', - integration: 'activitylogs', - }; - type: object - properties: - integration: - $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' - package: - $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' - version: - $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' - required: - - package - - version - Security_Detections_API_RelatedIntegrationArray: - items: - $ref: '#/components/schemas/Security_Detections_API_RelatedIntegration' - type: array - Security_Detections_API_RequiredField: - description: > - Describes an Elasticsearch field that is needed for the rule to - function. - - - Almost all types of Security rules check source event documents for a - match to some kind of - - query or filter. If a document has certain field with certain values, - then it's a match and - - the rule will generate an alert. - - - Required field is an event field that must be present in the source - indices of a given rule. - - - @example - - const standardEcsField: RequiredField = { - name: 'event.action', - type: 'keyword', - ecs: true, - }; - - - @example - - const nonEcsField: RequiredField = { - name: 'winlog.event_data.AttributeLDAPDisplayName', - type: 'keyword', - ecs: false, - }; - type: object - properties: - ecs: - description: Whether the field is an ECS field - type: boolean - name: - $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' - description: Name of an Elasticsearch field - type: - $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' - description: Type of the Elasticsearch field - required: - - name - - type - - ecs - Security_Detections_API_RequiredFieldArray: - items: - $ref: '#/components/schemas/Security_Detections_API_RequiredField' - type: array - Security_Detections_API_RequiredFieldInput: - description: >- - Input parameters to create a RequiredField. Does not include the `ecs` - field, because `ecs` is calculated on the backend based on the field - name and type. - type: object - properties: - name: - $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' - description: Name of an Elasticsearch field - type: - $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' - description: Type of an Elasticsearch field - required: - - name - - type - Security_Detections_API_ResponseAction: - oneOf: - - $ref: '#/components/schemas/Security_Detections_API_OsqueryResponseAction' - - $ref: '#/components/schemas/Security_Detections_API_EndpointResponseAction' - Security_Detections_API_ResponseFields: - type: object - properties: - created_at: - format: date-time - type: string - created_by: - type: string - execution_summary: - $ref: '#/components/schemas/Security_Detections_API_RuleExecutionSummary' - id: - $ref: '#/components/schemas/Security_Detections_API_RuleObjectId' - immutable: - $ref: '#/components/schemas/Security_Detections_API_IsRuleImmutable' - required_fields: - $ref: '#/components/schemas/Security_Detections_API_RequiredFieldArray' - revision: - minimum: 0 - type: integer - rule_id: - $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' - rule_source: - $ref: '#/components/schemas/Security_Detections_API_RuleSource' - updated_at: - format: date-time - type: string - updated_by: - type: string - required: - - id - - rule_id - - immutable - - rule_source - - updated_at - - updated_by - - created_at - - created_by - - revision - - related_integrations - - required_fields - Security_Detections_API_RiskScore: - description: Risk score (0 to 100) - maximum: 100 - minimum: 0 - type: integer - Security_Detections_API_RiskScoreMapping: - description: >- - Overrides generated alerts' risk_score with a value from the source - event - items: - type: object - properties: - field: - type: string - operator: - enum: - - equals - type: string - risk_score: - $ref: '#/components/schemas/Security_Detections_API_RiskScore' - value: - type: string - required: - - field - - operator - - value - type: array - Security_Detections_API_RuleAction: - type: object - properties: - action_type_id: - description: The action type used for sending notifications. - type: string - alerts_filter: - $ref: '#/components/schemas/Security_Detections_API_RuleActionAlertsFilter' - frequency: - $ref: '#/components/schemas/Security_Detections_API_RuleActionFrequency' - group: - $ref: '#/components/schemas/Security_Detections_API_RuleActionGroup' - id: - $ref: '#/components/schemas/Security_Detections_API_RuleActionId' - params: - $ref: '#/components/schemas/Security_Detections_API_RuleActionParams' - uuid: - $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' - required: - - action_type_id - - id - - params - Security_Detections_API_RuleActionAlertsFilter: - additionalProperties: true - type: object - Security_Detections_API_RuleActionFrequency: - description: >- - The action frequency defines when the action runs (for example, only on - rule execution or at specific time intervals). - type: object - properties: - notifyWhen: - $ref: '#/components/schemas/Security_Detections_API_RuleActionNotifyWhen' - summary: - description: >- - Action summary indicates whether we will send a summary notification - about all the generate alerts or notification per individual alert - type: boolean - throttle: - $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' - nullable: true - required: - - summary - - notifyWhen - - throttle - Security_Detections_API_RuleActionGroup: - description: >- - Optionally groups actions by use cases. Use `default` for alert - notifications. - type: string - Security_Detections_API_RuleActionId: - description: The connector ID. - type: string - Security_Detections_API_RuleActionNotifyWhen: - description: >- - The condition for throttling the notification: `onActionGroupChange`, - `onActiveAlert`, or `onThrottleInterval` - enum: - - onActiveAlert - - onThrottleInterval - - onActionGroupChange - type: string - Security_Detections_API_RuleActionParams: - additionalProperties: true - description: >- - Object containing the allowed connector fields, which varies according - to the connector type. - type: object - Security_Detections_API_RuleActionThrottle: - description: Defines how often rule actions are taken. - oneOf: - - enum: - - no_actions - - rule - type: string - - description: Time interval in seconds, minutes, hours, or days. - example: 1h - pattern: ^[1-9]\d*[smhd]$ - type: string - Security_Detections_API_RuleAuthorArray: - items: - type: string - type: array - Security_Detections_API_RuleCreateProps: - anyOf: - - $ref: '#/components/schemas/Security_Detections_API_EqlRuleCreateProps' - - $ref: '#/components/schemas/Security_Detections_API_QueryRuleCreateProps' - - $ref: >- - #/components/schemas/Security_Detections_API_SavedQueryRuleCreateProps - - $ref: >- - #/components/schemas/Security_Detections_API_ThresholdRuleCreateProps - - $ref: >- - #/components/schemas/Security_Detections_API_ThreatMatchRuleCreateProps - - $ref: >- - #/components/schemas/Security_Detections_API_MachineLearningRuleCreateProps - - $ref: '#/components/schemas/Security_Detections_API_NewTermsRuleCreateProps' - - $ref: '#/components/schemas/Security_Detections_API_EsqlRuleCreateProps' - discriminator: - propertyName: type - Security_Detections_API_RuleDescription: - minLength: 1 - type: string - Security_Detections_API_RuleDetailsInError: - type: object - properties: - id: - type: string - name: - type: string - required: - - id - Security_Detections_API_RuleExceptionList: - type: object - properties: - id: - $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' - description: ID of the exception container - list_id: - $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' - description: List ID of the exception container - namespace_type: - description: Determines the exceptions validity in rule's Kibana space - enum: - - agnostic - - single - type: string - type: - $ref: '#/components/schemas/Security_Detections_API_ExceptionListType' - required: - - id - - list_id - - type - - namespace_type - Security_Detections_API_RuleExecutionMetrics: - type: object - properties: - execution_gap_duration_s: - description: Duration in seconds of execution gap - minimum: 0 - type: integer - total_enrichment_duration_ms: - description: >- - Total time spent enriching documents during current rule execution - cycle - minimum: 0 - type: integer - total_indexing_duration_ms: - description: >- - Total time spent indexing documents during current rule execution - cycle - minimum: 0 - type: integer - total_search_duration_ms: - description: >- - Total time spent performing ES searches as measured by Kibana; - includes network latency and time spent serializing/deserializing - request/response - minimum: 0 - type: integer - Security_Detections_API_RuleExecutionStatus: - description: >- - Custom execution status of Security rules that is different from the - status used in the Alerting Framework. We merge our custom status with - the Framework's status to determine the resulting status of a rule. - - - going to run - @deprecated Replaced by the 'running' status but left - for backwards compatibility with rule execution events already written - to Event Log in the prior versions of Kibana. Don't use when writing - rule status changes. - - - running - Rule execution started but not reached any intermediate or - final status. - - - partial failure - Rule can partially fail for various reasons either - in the middle of an execution (in this case we update its status right - away) or in the end of it. So currently this status can be both - intermediate and final at the same time. A typical reason for a partial - failure: not all the indices that the rule searches over actually exist. - - - failed - Rule failed to execute due to unhandled exception or a reason - defined in the business logic of its executor function. - - - succeeded - Rule executed successfully without any issues. Note: this - status is just an indication of a rule's "health". The rule might or - might not generate any alerts despite of it. - enum: - - going to run - - running - - partial failure - - failed - - succeeded - type: string - Security_Detections_API_RuleExecutionStatusOrder: - type: integer - Security_Detections_API_RuleExecutionSummary: - type: object - properties: - last_execution: - type: object - properties: - date: - description: Date of the last execution - format: date-time - type: string - message: - type: string - metrics: - $ref: >- - #/components/schemas/Security_Detections_API_RuleExecutionMetrics - status: - $ref: '#/components/schemas/Security_Detections_API_RuleExecutionStatus' - description: Status of the last execution - status_order: - $ref: >- - #/components/schemas/Security_Detections_API_RuleExecutionStatusOrder - required: - - date - - status - - status_order - - message - - metrics - required: - - last_execution - Security_Detections_API_RuleFalsePositiveArray: - items: - type: string - type: array - Security_Detections_API_RuleFilterArray: - items: {} - type: array - Security_Detections_API_RuleInterval: - description: >- - Frequency of rule execution, using a date math range. For example, "1h" - means the rule runs every hour. Defaults to 5m (5 minutes). - type: string - Security_Detections_API_RuleIntervalFrom: - description: >- - Time from which data is analyzed each time the rule runs, using a date - math range. For example, now-4200s means the rule analyzes data from 70 - minutes before its start time. Defaults to now-6m (analyzes data from 6 - minutes before the start time). - format: date-math - type: string - Security_Detections_API_RuleIntervalTo: - type: string - Security_Detections_API_RuleLicense: - description: The rule's license. - type: string - Security_Detections_API_RuleMetadata: - additionalProperties: true - type: object - Security_Detections_API_RuleName: - minLength: 1 - type: string - Security_Detections_API_RuleNameOverride: - description: Sets the source field for the alert's signal.rule.name value - type: string - Security_Detections_API_RuleObjectId: - $ref: '#/components/schemas/Security_Detections_API_UUID' - Security_Detections_API_RulePatchProps: - anyOf: - - $ref: '#/components/schemas/Security_Detections_API_EqlRulePatchProps' - - $ref: '#/components/schemas/Security_Detections_API_QueryRulePatchProps' - - $ref: >- - #/components/schemas/Security_Detections_API_SavedQueryRulePatchProps - - $ref: '#/components/schemas/Security_Detections_API_ThresholdRulePatchProps' - - $ref: >- - #/components/schemas/Security_Detections_API_ThreatMatchRulePatchProps - - $ref: >- - #/components/schemas/Security_Detections_API_MachineLearningRulePatchProps - - $ref: '#/components/schemas/Security_Detections_API_NewTermsRulePatchProps' - - $ref: '#/components/schemas/Security_Detections_API_EsqlRulePatchProps' - Security_Detections_API_RulePreviewLoggedRequest: - type: object - properties: - description: - $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' - duration: - type: integer - request: - $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' - required: - - request - Security_Detections_API_RulePreviewLogs: - type: object - properties: - duration: - description: Execution duration in milliseconds - type: integer - errors: - items: - $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' - type: array - requests: - items: - $ref: >- - #/components/schemas/Security_Detections_API_RulePreviewLoggedRequest - type: array - startedAt: - $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' - warnings: - items: - $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' - type: array - required: - - errors - - warnings - - duration - Security_Detections_API_RulePreviewParams: - type: object - properties: - invocationCount: - type: integer - timeframeEnd: - format: date-time - type: string - required: - - invocationCount - - timeframeEnd - Security_Detections_API_RuleQuery: - type: string - Security_Detections_API_RuleReferenceArray: - items: - type: string - type: array - Security_Detections_API_RuleResponse: - anyOf: - - $ref: '#/components/schemas/Security_Detections_API_EqlRule' - - $ref: '#/components/schemas/Security_Detections_API_QueryRule' - - $ref: '#/components/schemas/Security_Detections_API_SavedQueryRule' - - $ref: '#/components/schemas/Security_Detections_API_ThresholdRule' - - $ref: '#/components/schemas/Security_Detections_API_ThreatMatchRule' - - $ref: '#/components/schemas/Security_Detections_API_MachineLearningRule' - - $ref: '#/components/schemas/Security_Detections_API_NewTermsRule' - - $ref: '#/components/schemas/Security_Detections_API_EsqlRule' - discriminator: - propertyName: type - Security_Detections_API_RuleSignatureId: - description: Could be any string, not necessarily a UUID - type: string - Security_Detections_API_RuleSource: - description: >- - Discriminated union that determines whether the rule is internally - sourced (created within the Kibana app) or has an external source, such - as the Elastic Prebuilt rules repo. - discriminator: - propertyName: type - oneOf: - - $ref: '#/components/schemas/Security_Detections_API_ExternalRuleSource' - - $ref: '#/components/schemas/Security_Detections_API_InternalRuleSource' - Security_Detections_API_RuleTagArray: - description: >- - String array containing words and phrases to help categorize, filter, - and search rules. Defaults to an empty array. - items: - type: string - type: array - Security_Detections_API_RuleUpdateProps: - anyOf: - - $ref: '#/components/schemas/Security_Detections_API_EqlRuleUpdateProps' - - $ref: '#/components/schemas/Security_Detections_API_QueryRuleUpdateProps' - - $ref: >- - #/components/schemas/Security_Detections_API_SavedQueryRuleUpdateProps - - $ref: >- - #/components/schemas/Security_Detections_API_ThresholdRuleUpdateProps - - $ref: >- - #/components/schemas/Security_Detections_API_ThreatMatchRuleUpdateProps - - $ref: >- - #/components/schemas/Security_Detections_API_MachineLearningRuleUpdateProps - - $ref: '#/components/schemas/Security_Detections_API_NewTermsRuleUpdateProps' - - $ref: '#/components/schemas/Security_Detections_API_EsqlRuleUpdateProps' - discriminator: - propertyName: type - Security_Detections_API_RuleVersion: - description: The rule's version number. - minimum: 1 - type: integer - Security_Detections_API_SavedObjectResolveAliasPurpose: - enum: - - savedObjectConversion - - savedObjectImport - type: string - Security_Detections_API_SavedObjectResolveAliasTargetId: - type: string - Security_Detections_API_SavedObjectResolveOutcome: - enum: - - exactMatch - - aliasMatch - - conflict - type: string - Security_Detections_API_SavedQueryId: - type: string - Security_Detections_API_SavedQueryRule: - allOf: - - type: object - properties: - actions: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleAction' - type: array - alias_purpose: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose - alias_target_id: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId - author: - $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' - building_block_type: - $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' - description: - $ref: '#/components/schemas/Security_Detections_API_RuleDescription' - enabled: - $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' - exceptions_list: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' - type: array - false_positives: - $ref: >- - #/components/schemas/Security_Detections_API_RuleFalsePositiveArray - from: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' - interval: - $ref: '#/components/schemas/Security_Detections_API_RuleInterval' - investigation_fields: - $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' - license: - $ref: '#/components/schemas/Security_Detections_API_RuleLicense' - max_signals: - $ref: '#/components/schemas/Security_Detections_API_MaxSignals' - meta: - $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' - name: - $ref: '#/components/schemas/Security_Detections_API_RuleName' - namespace: - $ref: >- - #/components/schemas/Security_Detections_API_AlertsIndexNamespace - note: - $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' - outcome: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome - output_index: - $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' - references: - $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' - related_integrations: - $ref: >- - #/components/schemas/Security_Detections_API_RelatedIntegrationArray - required_fields: - items: - $ref: >- - #/components/schemas/Security_Detections_API_RequiredFieldInput - type: array - response_actions: - items: - $ref: '#/components/schemas/Security_Detections_API_ResponseAction' - type: array - risk_score: - $ref: '#/components/schemas/Security_Detections_API_RiskScore' - risk_score_mapping: - $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' - rule_name_override: - $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' - setup: - $ref: '#/components/schemas/Security_Detections_API_SetupGuide' - severity: - $ref: '#/components/schemas/Security_Detections_API_Severity' - severity_mapping: - $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' - tags: - $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' - threat: - $ref: '#/components/schemas/Security_Detections_API_ThreatArray' - throttle: - $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' - timeline_id: - $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' - timeline_title: - $ref: >- - #/components/schemas/Security_Detections_API_TimelineTemplateTitle - timestamp_override: - $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' - timestamp_override_fallback_disabled: - $ref: >- - #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled - to: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' - version: - $ref: '#/components/schemas/Security_Detections_API_RuleVersion' - required: - - name - - description - - risk_score - - severity - - version - - tags - - enabled - - risk_score_mapping - - severity_mapping - - interval - - from - - to - - actions - - exceptions_list - - author - - false_positives - - references - - max_signals - - threat - - setup - - related_integrations - - required_fields - - $ref: '#/components/schemas/Security_Detections_API_ResponseFields' - - $ref: >- - #/components/schemas/Security_Detections_API_SavedQueryRuleResponseFields - Security_Detections_API_SavedQueryRuleCreateFields: - allOf: - - $ref: >- - #/components/schemas/Security_Detections_API_SavedQueryRuleRequiredFields - - $ref: >- - #/components/schemas/Security_Detections_API_SavedQueryRuleOptionalFields - - $ref: >- - #/components/schemas/Security_Detections_API_SavedQueryRuleDefaultableFields - Security_Detections_API_SavedQueryRuleCreateProps: - allOf: - - type: object - properties: - actions: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleAction' - type: array - alias_purpose: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose - alias_target_id: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId - author: - $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' - building_block_type: - $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' - description: - $ref: '#/components/schemas/Security_Detections_API_RuleDescription' - enabled: - $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' - exceptions_list: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' - type: array - false_positives: - $ref: >- - #/components/schemas/Security_Detections_API_RuleFalsePositiveArray - from: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' - interval: - $ref: '#/components/schemas/Security_Detections_API_RuleInterval' - investigation_fields: - $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' - license: - $ref: '#/components/schemas/Security_Detections_API_RuleLicense' - max_signals: - $ref: '#/components/schemas/Security_Detections_API_MaxSignals' - meta: - $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' - name: - $ref: '#/components/schemas/Security_Detections_API_RuleName' - namespace: - $ref: >- - #/components/schemas/Security_Detections_API_AlertsIndexNamespace - note: - $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' - outcome: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome - output_index: - $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' - references: - $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' - related_integrations: - $ref: >- - #/components/schemas/Security_Detections_API_RelatedIntegrationArray - required_fields: - items: - $ref: >- - #/components/schemas/Security_Detections_API_RequiredFieldInput - type: array - response_actions: - items: - $ref: '#/components/schemas/Security_Detections_API_ResponseAction' - type: array - risk_score: - $ref: '#/components/schemas/Security_Detections_API_RiskScore' - risk_score_mapping: - $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' - rule_id: - $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' - rule_name_override: - $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' - setup: - $ref: '#/components/schemas/Security_Detections_API_SetupGuide' - severity: - $ref: '#/components/schemas/Security_Detections_API_Severity' - severity_mapping: - $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' - tags: - $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' - threat: - $ref: '#/components/schemas/Security_Detections_API_ThreatArray' - throttle: - $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' - timeline_id: - $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' - timeline_title: - $ref: >- - #/components/schemas/Security_Detections_API_TimelineTemplateTitle - timestamp_override: - $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' - timestamp_override_fallback_disabled: - $ref: >- - #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled - to: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' - version: - $ref: '#/components/schemas/Security_Detections_API_RuleVersion' - required: - - name - - description - - risk_score - - severity - - $ref: >- - #/components/schemas/Security_Detections_API_SavedQueryRuleCreateFields - Security_Detections_API_SavedQueryRuleDefaultableFields: - type: object - properties: - language: - $ref: '#/components/schemas/Security_Detections_API_KqlQueryLanguage' - Security_Detections_API_SavedQueryRuleOptionalFields: - type: object - properties: - alert_suppression: - $ref: '#/components/schemas/Security_Detections_API_AlertSuppression' - data_view_id: - $ref: '#/components/schemas/Security_Detections_API_DataViewId' - filters: - $ref: '#/components/schemas/Security_Detections_API_RuleFilterArray' - index: - $ref: '#/components/schemas/Security_Detections_API_IndexPatternArray' - query: - $ref: '#/components/schemas/Security_Detections_API_RuleQuery' - Security_Detections_API_SavedQueryRulePatchFields: - allOf: - - type: object - properties: - saved_id: - $ref: '#/components/schemas/Security_Detections_API_SavedQueryId' - type: - description: Rule type - enum: - - saved_query - type: string - - $ref: >- - #/components/schemas/Security_Detections_API_SavedQueryRuleOptionalFields - - $ref: >- - #/components/schemas/Security_Detections_API_SavedQueryRuleDefaultableFields - Security_Detections_API_SavedQueryRulePatchProps: - allOf: - - type: object - properties: - actions: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleAction' - type: array - alias_purpose: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose - alias_target_id: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId - author: - $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' - building_block_type: - $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' - description: - $ref: '#/components/schemas/Security_Detections_API_RuleDescription' - enabled: - $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' - exceptions_list: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' - type: array - false_positives: - $ref: >- - #/components/schemas/Security_Detections_API_RuleFalsePositiveArray - from: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' - id: - $ref: '#/components/schemas/Security_Detections_API_RuleObjectId' - interval: - $ref: '#/components/schemas/Security_Detections_API_RuleInterval' - investigation_fields: - $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' - license: - $ref: '#/components/schemas/Security_Detections_API_RuleLicense' - max_signals: - $ref: '#/components/schemas/Security_Detections_API_MaxSignals' - meta: - $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' - name: - $ref: '#/components/schemas/Security_Detections_API_RuleName' - namespace: - $ref: >- - #/components/schemas/Security_Detections_API_AlertsIndexNamespace - note: - $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' - outcome: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome - output_index: - $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' - references: - $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' - related_integrations: - $ref: >- - #/components/schemas/Security_Detections_API_RelatedIntegrationArray - required_fields: - items: - $ref: >- - #/components/schemas/Security_Detections_API_RequiredFieldInput - type: array - response_actions: - items: - $ref: '#/components/schemas/Security_Detections_API_ResponseAction' - type: array - risk_score: - $ref: '#/components/schemas/Security_Detections_API_RiskScore' - risk_score_mapping: - $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' - rule_id: - $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' - rule_name_override: - $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' - setup: - $ref: '#/components/schemas/Security_Detections_API_SetupGuide' - severity: - $ref: '#/components/schemas/Security_Detections_API_Severity' - severity_mapping: - $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' - tags: - $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' - threat: - $ref: '#/components/schemas/Security_Detections_API_ThreatArray' - throttle: - $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' - timeline_id: - $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' - timeline_title: - $ref: >- - #/components/schemas/Security_Detections_API_TimelineTemplateTitle - timestamp_override: - $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' - timestamp_override_fallback_disabled: - $ref: >- - #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled - to: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' - version: - $ref: '#/components/schemas/Security_Detections_API_RuleVersion' - - $ref: >- - #/components/schemas/Security_Detections_API_SavedQueryRulePatchFields - Security_Detections_API_SavedQueryRuleRequiredFields: - type: object - properties: - saved_id: - $ref: '#/components/schemas/Security_Detections_API_SavedQueryId' - type: - description: Rule type - enum: - - saved_query - type: string - required: - - type - - saved_id - Security_Detections_API_SavedQueryRuleResponseFields: - allOf: - - $ref: >- - #/components/schemas/Security_Detections_API_SavedQueryRuleRequiredFields - - $ref: >- - #/components/schemas/Security_Detections_API_SavedQueryRuleOptionalFields - - type: object - properties: - language: - $ref: '#/components/schemas/Security_Detections_API_KqlQueryLanguage' - required: - - language - Security_Detections_API_SavedQueryRuleUpdateProps: - allOf: - - type: object - properties: - actions: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleAction' - type: array - alias_purpose: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose - alias_target_id: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId - author: - $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' - building_block_type: - $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' - description: - $ref: '#/components/schemas/Security_Detections_API_RuleDescription' - enabled: - $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' - exceptions_list: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' - type: array - false_positives: - $ref: >- - #/components/schemas/Security_Detections_API_RuleFalsePositiveArray - from: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' - id: - $ref: '#/components/schemas/Security_Detections_API_RuleObjectId' - interval: - $ref: '#/components/schemas/Security_Detections_API_RuleInterval' - investigation_fields: - $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' - license: - $ref: '#/components/schemas/Security_Detections_API_RuleLicense' - max_signals: - $ref: '#/components/schemas/Security_Detections_API_MaxSignals' - meta: - $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' - name: - $ref: '#/components/schemas/Security_Detections_API_RuleName' - namespace: - $ref: >- - #/components/schemas/Security_Detections_API_AlertsIndexNamespace - note: - $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' - outcome: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome - output_index: - $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' - references: - $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' - related_integrations: - $ref: >- - #/components/schemas/Security_Detections_API_RelatedIntegrationArray - required_fields: - items: - $ref: >- - #/components/schemas/Security_Detections_API_RequiredFieldInput - type: array - response_actions: - items: - $ref: '#/components/schemas/Security_Detections_API_ResponseAction' - type: array - risk_score: - $ref: '#/components/schemas/Security_Detections_API_RiskScore' - risk_score_mapping: - $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' - rule_id: - $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' - rule_name_override: - $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' - setup: - $ref: '#/components/schemas/Security_Detections_API_SetupGuide' - severity: - $ref: '#/components/schemas/Security_Detections_API_Severity' - severity_mapping: - $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' - tags: - $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' - threat: - $ref: '#/components/schemas/Security_Detections_API_ThreatArray' - throttle: - $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' - timeline_id: - $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' - timeline_title: - $ref: >- - #/components/schemas/Security_Detections_API_TimelineTemplateTitle - timestamp_override: - $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' - timestamp_override_fallback_disabled: - $ref: >- - #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled - to: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' - version: - $ref: '#/components/schemas/Security_Detections_API_RuleVersion' - required: - - name - - description - - risk_score - - severity - - $ref: >- - #/components/schemas/Security_Detections_API_SavedQueryRuleCreateFields - Security_Detections_API_SetAlertsStatusByIds: - type: object - properties: - signal_ids: - items: - $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' - minItems: 1 - type: array - status: - $ref: '#/components/schemas/Security_Detections_API_AlertStatus' - required: - - signal_ids - - status - Security_Detections_API_SetAlertsStatusByQuery: - type: object - properties: - conflicts: - default: abort - enum: - - abort - - proceed - type: string - query: - additionalProperties: true - type: object - status: - $ref: '#/components/schemas/Security_Detections_API_AlertStatus' - required: - - query - - status - Security_Detections_API_SetAlertTags: - type: object - properties: - tags_to_add: - $ref: '#/components/schemas/Security_Detections_API_AlertTags' - tags_to_remove: - $ref: '#/components/schemas/Security_Detections_API_AlertTags' - required: - - tags_to_add - - tags_to_remove - Security_Detections_API_SetupGuide: - type: string - Security_Detections_API_Severity: - description: Severity of the rule - enum: - - low - - medium - - high - - critical - type: string - Security_Detections_API_SeverityMapping: - description: Overrides generated alerts' severity with values from the source event - items: - type: object - properties: - field: - type: string - operator: - enum: - - equals - type: string - severity: - $ref: '#/components/schemas/Security_Detections_API_Severity' - value: - type: string - required: - - field - - operator - - severity - - value - type: array - Security_Detections_API_SiemErrorResponse: - type: object - properties: - message: - type: string - status_code: - type: integer - required: - - status_code - - message - Security_Detections_API_SkippedAlertsIndexMigration: - type: object - properties: - index: - type: string - required: - - index - Security_Detections_API_SortOrder: - enum: - - asc - - desc - type: string - Security_Detections_API_Threat: - type: object - properties: - framework: - description: Relevant attack framework - type: string - tactic: - $ref: '#/components/schemas/Security_Detections_API_ThreatTactic' - technique: - description: Array containing information on the attack techniques (optional) - items: - $ref: '#/components/schemas/Security_Detections_API_ThreatTechnique' - type: array - required: - - framework - - tactic - Security_Detections_API_ThreatArray: - items: - $ref: '#/components/schemas/Security_Detections_API_Threat' - type: array - Security_Detections_API_ThreatFilters: - items: - description: >- - Query and filter context array used to filter documents from the - Elasticsearch index containing the threat values - type: array - Security_Detections_API_ThreatIndex: - items: - type: string - type: array - Security_Detections_API_ThreatIndicatorPath: - description: >- - Defines the path to the threat indicator in the indicator documents - (optional) - type: string - Security_Detections_API_ThreatMapping: - items: - type: object - properties: - entries: - items: - type: object - properties: - field: - $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' - type: - enum: - - mapping - type: string - value: - $ref: '#/components/schemas/Security_Detections_API_NonEmptyString' - required: - - field - - type - - value - type: array - required: - - entries - minItems: 1 - type: array - Security_Detections_API_ThreatMatchRule: - allOf: - - type: object - properties: - actions: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleAction' - type: array - alias_purpose: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose - alias_target_id: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId - author: - $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' - building_block_type: - $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' - description: - $ref: '#/components/schemas/Security_Detections_API_RuleDescription' - enabled: - $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' - exceptions_list: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' - type: array - false_positives: - $ref: >- - #/components/schemas/Security_Detections_API_RuleFalsePositiveArray - from: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' - interval: - $ref: '#/components/schemas/Security_Detections_API_RuleInterval' - investigation_fields: - $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' - license: - $ref: '#/components/schemas/Security_Detections_API_RuleLicense' - max_signals: - $ref: '#/components/schemas/Security_Detections_API_MaxSignals' - meta: - $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' - name: - $ref: '#/components/schemas/Security_Detections_API_RuleName' - namespace: - $ref: >- - #/components/schemas/Security_Detections_API_AlertsIndexNamespace - note: - $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' - outcome: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome - output_index: - $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' - references: - $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' - related_integrations: - $ref: >- - #/components/schemas/Security_Detections_API_RelatedIntegrationArray - required_fields: - items: - $ref: >- - #/components/schemas/Security_Detections_API_RequiredFieldInput - type: array - response_actions: - items: - $ref: '#/components/schemas/Security_Detections_API_ResponseAction' - type: array - risk_score: - $ref: '#/components/schemas/Security_Detections_API_RiskScore' - risk_score_mapping: - $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' - rule_name_override: - $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' - setup: - $ref: '#/components/schemas/Security_Detections_API_SetupGuide' - severity: - $ref: '#/components/schemas/Security_Detections_API_Severity' - severity_mapping: - $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' - tags: - $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' - threat: - $ref: '#/components/schemas/Security_Detections_API_ThreatArray' - throttle: - $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' - timeline_id: - $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' - timeline_title: - $ref: >- - #/components/schemas/Security_Detections_API_TimelineTemplateTitle - timestamp_override: - $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' - timestamp_override_fallback_disabled: - $ref: >- - #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled - to: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' - version: - $ref: '#/components/schemas/Security_Detections_API_RuleVersion' - required: - - name - - description - - risk_score - - severity - - version - - tags - - enabled - - risk_score_mapping - - severity_mapping - - interval - - from - - to - - actions - - exceptions_list - - author - - false_positives - - references - - max_signals - - threat - - setup - - related_integrations - - required_fields - - $ref: '#/components/schemas/Security_Detections_API_ResponseFields' - - $ref: >- - #/components/schemas/Security_Detections_API_ThreatMatchRuleResponseFields - Security_Detections_API_ThreatMatchRuleCreateFields: - allOf: - - $ref: >- - #/components/schemas/Security_Detections_API_ThreatMatchRuleRequiredFields - - $ref: >- - #/components/schemas/Security_Detections_API_ThreatMatchRuleOptionalFields - - $ref: >- - #/components/schemas/Security_Detections_API_ThreatMatchRuleDefaultableFields - Security_Detections_API_ThreatMatchRuleCreateProps: - allOf: - - type: object - properties: - actions: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleAction' - type: array - alias_purpose: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose - alias_target_id: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId - author: - $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' - building_block_type: - $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' - description: - $ref: '#/components/schemas/Security_Detections_API_RuleDescription' - enabled: - $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' - exceptions_list: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' - type: array - false_positives: - $ref: >- - #/components/schemas/Security_Detections_API_RuleFalsePositiveArray - from: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' - interval: - $ref: '#/components/schemas/Security_Detections_API_RuleInterval' - investigation_fields: - $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' - license: - $ref: '#/components/schemas/Security_Detections_API_RuleLicense' - max_signals: - $ref: '#/components/schemas/Security_Detections_API_MaxSignals' - meta: - $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' - name: - $ref: '#/components/schemas/Security_Detections_API_RuleName' - namespace: - $ref: >- - #/components/schemas/Security_Detections_API_AlertsIndexNamespace - note: - $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' - outcome: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome - output_index: - $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' - references: - $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' - related_integrations: - $ref: >- - #/components/schemas/Security_Detections_API_RelatedIntegrationArray - required_fields: - items: - $ref: >- - #/components/schemas/Security_Detections_API_RequiredFieldInput - type: array - response_actions: - items: - $ref: '#/components/schemas/Security_Detections_API_ResponseAction' - type: array - risk_score: - $ref: '#/components/schemas/Security_Detections_API_RiskScore' - risk_score_mapping: - $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' - rule_id: - $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' - rule_name_override: - $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' - setup: - $ref: '#/components/schemas/Security_Detections_API_SetupGuide' - severity: - $ref: '#/components/schemas/Security_Detections_API_Severity' - severity_mapping: - $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' - tags: - $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' - threat: - $ref: '#/components/schemas/Security_Detections_API_ThreatArray' - throttle: - $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' - timeline_id: - $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' - timeline_title: - $ref: >- - #/components/schemas/Security_Detections_API_TimelineTemplateTitle - timestamp_override: - $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' - timestamp_override_fallback_disabled: - $ref: >- - #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled - to: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' - version: - $ref: '#/components/schemas/Security_Detections_API_RuleVersion' - required: - - name - - description - - risk_score - - severity - - $ref: >- - #/components/schemas/Security_Detections_API_ThreatMatchRuleCreateFields - Security_Detections_API_ThreatMatchRuleDefaultableFields: - type: object - properties: - language: - $ref: '#/components/schemas/Security_Detections_API_KqlQueryLanguage' - Security_Detections_API_ThreatMatchRuleOptionalFields: - type: object - properties: - alert_suppression: - $ref: '#/components/schemas/Security_Detections_API_AlertSuppression' - concurrent_searches: - $ref: '#/components/schemas/Security_Detections_API_ConcurrentSearches' - data_view_id: - $ref: '#/components/schemas/Security_Detections_API_DataViewId' - filters: - $ref: '#/components/schemas/Security_Detections_API_RuleFilterArray' - index: - $ref: '#/components/schemas/Security_Detections_API_IndexPatternArray' - items_per_search: - $ref: '#/components/schemas/Security_Detections_API_ItemsPerSearch' - saved_id: - $ref: '#/components/schemas/Security_Detections_API_SavedQueryId' - threat_filters: - $ref: '#/components/schemas/Security_Detections_API_ThreatFilters' - threat_indicator_path: - $ref: '#/components/schemas/Security_Detections_API_ThreatIndicatorPath' - threat_language: - $ref: '#/components/schemas/Security_Detections_API_KqlQueryLanguage' - Security_Detections_API_ThreatMatchRulePatchFields: - allOf: - - type: object - properties: - query: - $ref: '#/components/schemas/Security_Detections_API_RuleQuery' - threat_index: - $ref: '#/components/schemas/Security_Detections_API_ThreatIndex' - threat_mapping: - $ref: '#/components/schemas/Security_Detections_API_ThreatMapping' - threat_query: - $ref: '#/components/schemas/Security_Detections_API_ThreatQuery' - type: - description: Rule type - enum: - - threat_match - type: string - - $ref: >- - #/components/schemas/Security_Detections_API_ThreatMatchRuleOptionalFields - - $ref: >- - #/components/schemas/Security_Detections_API_ThreatMatchRuleDefaultableFields - Security_Detections_API_ThreatMatchRulePatchProps: - allOf: - - type: object - properties: - actions: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleAction' - type: array - alias_purpose: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose - alias_target_id: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId - author: - $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' - building_block_type: - $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' - description: - $ref: '#/components/schemas/Security_Detections_API_RuleDescription' - enabled: - $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' - exceptions_list: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' - type: array - false_positives: - $ref: >- - #/components/schemas/Security_Detections_API_RuleFalsePositiveArray - from: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' - id: - $ref: '#/components/schemas/Security_Detections_API_RuleObjectId' - interval: - $ref: '#/components/schemas/Security_Detections_API_RuleInterval' - investigation_fields: - $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' - license: - $ref: '#/components/schemas/Security_Detections_API_RuleLicense' - max_signals: - $ref: '#/components/schemas/Security_Detections_API_MaxSignals' - meta: - $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' - name: - $ref: '#/components/schemas/Security_Detections_API_RuleName' - namespace: - $ref: >- - #/components/schemas/Security_Detections_API_AlertsIndexNamespace - note: - $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' - outcome: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome - output_index: - $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' - references: - $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' - related_integrations: - $ref: >- - #/components/schemas/Security_Detections_API_RelatedIntegrationArray - required_fields: - items: - $ref: >- - #/components/schemas/Security_Detections_API_RequiredFieldInput - type: array - response_actions: - items: - $ref: '#/components/schemas/Security_Detections_API_ResponseAction' - type: array - risk_score: - $ref: '#/components/schemas/Security_Detections_API_RiskScore' - risk_score_mapping: - $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' - rule_id: - $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' - rule_name_override: - $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' - setup: - $ref: '#/components/schemas/Security_Detections_API_SetupGuide' - severity: - $ref: '#/components/schemas/Security_Detections_API_Severity' - severity_mapping: - $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' - tags: - $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' - threat: - $ref: '#/components/schemas/Security_Detections_API_ThreatArray' - throttle: - $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' - timeline_id: - $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' - timeline_title: - $ref: >- - #/components/schemas/Security_Detections_API_TimelineTemplateTitle - timestamp_override: - $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' - timestamp_override_fallback_disabled: - $ref: >- - #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled - to: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' - version: - $ref: '#/components/schemas/Security_Detections_API_RuleVersion' - - $ref: >- - #/components/schemas/Security_Detections_API_ThreatMatchRulePatchFields - Security_Detections_API_ThreatMatchRuleRequiredFields: - type: object - properties: - query: - $ref: '#/components/schemas/Security_Detections_API_RuleQuery' - threat_index: - $ref: '#/components/schemas/Security_Detections_API_ThreatIndex' - threat_mapping: - $ref: '#/components/schemas/Security_Detections_API_ThreatMapping' - threat_query: - $ref: '#/components/schemas/Security_Detections_API_ThreatQuery' - type: - description: Rule type - enum: - - threat_match - type: string - required: - - type - - query - - threat_query - - threat_mapping - - threat_index - Security_Detections_API_ThreatMatchRuleResponseFields: - allOf: - - $ref: >- - #/components/schemas/Security_Detections_API_ThreatMatchRuleRequiredFields - - $ref: >- - #/components/schemas/Security_Detections_API_ThreatMatchRuleOptionalFields - - type: object - properties: - language: - $ref: '#/components/schemas/Security_Detections_API_KqlQueryLanguage' - required: - - language - Security_Detections_API_ThreatMatchRuleUpdateProps: - allOf: - - type: object - properties: - actions: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleAction' - type: array - alias_purpose: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose - alias_target_id: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId - author: - $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' - building_block_type: - $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' - description: - $ref: '#/components/schemas/Security_Detections_API_RuleDescription' - enabled: - $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' - exceptions_list: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' - type: array - false_positives: - $ref: >- - #/components/schemas/Security_Detections_API_RuleFalsePositiveArray - from: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' - id: - $ref: '#/components/schemas/Security_Detections_API_RuleObjectId' - interval: - $ref: '#/components/schemas/Security_Detections_API_RuleInterval' - investigation_fields: - $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' - license: - $ref: '#/components/schemas/Security_Detections_API_RuleLicense' - max_signals: - $ref: '#/components/schemas/Security_Detections_API_MaxSignals' - meta: - $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' - name: - $ref: '#/components/schemas/Security_Detections_API_RuleName' - namespace: - $ref: >- - #/components/schemas/Security_Detections_API_AlertsIndexNamespace - note: - $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' - outcome: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome - output_index: - $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' - references: - $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' - related_integrations: - $ref: >- - #/components/schemas/Security_Detections_API_RelatedIntegrationArray - required_fields: - items: - $ref: >- - #/components/schemas/Security_Detections_API_RequiredFieldInput - type: array - response_actions: - items: - $ref: '#/components/schemas/Security_Detections_API_ResponseAction' - type: array - risk_score: - $ref: '#/components/schemas/Security_Detections_API_RiskScore' - risk_score_mapping: - $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' - rule_id: - $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' - rule_name_override: - $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' - setup: - $ref: '#/components/schemas/Security_Detections_API_SetupGuide' - severity: - $ref: '#/components/schemas/Security_Detections_API_Severity' - severity_mapping: - $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' - tags: - $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' - threat: - $ref: '#/components/schemas/Security_Detections_API_ThreatArray' - throttle: - $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' - timeline_id: - $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' - timeline_title: - $ref: >- - #/components/schemas/Security_Detections_API_TimelineTemplateTitle - timestamp_override: - $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' - timestamp_override_fallback_disabled: - $ref: >- - #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled - to: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' - version: - $ref: '#/components/schemas/Security_Detections_API_RuleVersion' - required: - - name - - description - - risk_score - - severity - - $ref: >- - #/components/schemas/Security_Detections_API_ThreatMatchRuleCreateFields - Security_Detections_API_ThreatQuery: - description: Query to run - type: string - Security_Detections_API_ThreatSubtechnique: - type: object - properties: - id: - description: Subtechnique ID - type: string - name: - description: Subtechnique name - type: string - reference: - description: Subtechnique reference - type: string - required: - - id - - name - - reference - Security_Detections_API_ThreatTactic: - type: object - properties: - id: - description: Tactic ID - type: string - name: - description: Tactic name - type: string - reference: - description: Tactic reference - type: string - required: - - id - - name - - reference - Security_Detections_API_ThreatTechnique: - type: object - properties: - id: - description: Technique ID - type: string - name: - description: Technique name - type: string - reference: - description: Technique reference - type: string - subtechnique: - description: Array containing more specific information on the attack technique - items: - $ref: '#/components/schemas/Security_Detections_API_ThreatSubtechnique' - type: array - required: - - id - - name - - reference - Security_Detections_API_Threshold: - type: object - properties: - cardinality: - $ref: '#/components/schemas/Security_Detections_API_ThresholdCardinality' - field: - $ref: '#/components/schemas/Security_Detections_API_ThresholdField' - value: - $ref: '#/components/schemas/Security_Detections_API_ThresholdValue' - required: - - field - - value - Security_Detections_API_ThresholdAlertSuppression: - type: object - properties: - duration: - $ref: >- - #/components/schemas/Security_Detections_API_AlertSuppressionDuration - required: - - duration - Security_Detections_API_ThresholdCardinality: - items: - type: object - properties: - field: - type: string - value: - minimum: 0 - type: integer - required: - - field - - value - type: array - Security_Detections_API_ThresholdField: - description: Field to aggregate on - oneOf: - - type: string - - items: - type: string - type: array - Security_Detections_API_ThresholdRule: - allOf: - - type: object - properties: - actions: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleAction' - type: array - alias_purpose: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose - alias_target_id: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId - author: - $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' - building_block_type: - $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' - description: - $ref: '#/components/schemas/Security_Detections_API_RuleDescription' - enabled: - $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' - exceptions_list: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' - type: array - false_positives: - $ref: >- - #/components/schemas/Security_Detections_API_RuleFalsePositiveArray - from: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' - interval: - $ref: '#/components/schemas/Security_Detections_API_RuleInterval' - investigation_fields: - $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' - license: - $ref: '#/components/schemas/Security_Detections_API_RuleLicense' - max_signals: - $ref: '#/components/schemas/Security_Detections_API_MaxSignals' - meta: - $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' - name: - $ref: '#/components/schemas/Security_Detections_API_RuleName' - namespace: - $ref: >- - #/components/schemas/Security_Detections_API_AlertsIndexNamespace - note: - $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' - outcome: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome - output_index: - $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' - references: - $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' - related_integrations: - $ref: >- - #/components/schemas/Security_Detections_API_RelatedIntegrationArray - required_fields: - items: - $ref: >- - #/components/schemas/Security_Detections_API_RequiredFieldInput - type: array - response_actions: - items: - $ref: '#/components/schemas/Security_Detections_API_ResponseAction' - type: array - risk_score: - $ref: '#/components/schemas/Security_Detections_API_RiskScore' - risk_score_mapping: - $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' - rule_name_override: - $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' - setup: - $ref: '#/components/schemas/Security_Detections_API_SetupGuide' - severity: - $ref: '#/components/schemas/Security_Detections_API_Severity' - severity_mapping: - $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' - tags: - $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' - threat: - $ref: '#/components/schemas/Security_Detections_API_ThreatArray' - throttle: - $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' - timeline_id: - $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' - timeline_title: - $ref: >- - #/components/schemas/Security_Detections_API_TimelineTemplateTitle - timestamp_override: - $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' - timestamp_override_fallback_disabled: - $ref: >- - #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled - to: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' - version: - $ref: '#/components/schemas/Security_Detections_API_RuleVersion' - required: - - name - - description - - risk_score - - severity - - version - - tags - - enabled - - risk_score_mapping - - severity_mapping - - interval - - from - - to - - actions - - exceptions_list - - author - - false_positives - - references - - max_signals - - threat - - setup - - related_integrations - - required_fields - - $ref: '#/components/schemas/Security_Detections_API_ResponseFields' - - $ref: >- - #/components/schemas/Security_Detections_API_ThresholdRuleResponseFields - Security_Detections_API_ThresholdRuleCreateFields: - allOf: - - $ref: >- - #/components/schemas/Security_Detections_API_ThresholdRuleRequiredFields - - $ref: >- - #/components/schemas/Security_Detections_API_ThresholdRuleOptionalFields - - $ref: >- - #/components/schemas/Security_Detections_API_ThresholdRuleDefaultableFields - Security_Detections_API_ThresholdRuleCreateProps: - allOf: - - type: object - properties: - actions: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleAction' - type: array - alias_purpose: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose - alias_target_id: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId - author: - $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' - building_block_type: - $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' - description: - $ref: '#/components/schemas/Security_Detections_API_RuleDescription' - enabled: - $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' - exceptions_list: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' - type: array - false_positives: - $ref: >- - #/components/schemas/Security_Detections_API_RuleFalsePositiveArray - from: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' - interval: - $ref: '#/components/schemas/Security_Detections_API_RuleInterval' - investigation_fields: - $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' - license: - $ref: '#/components/schemas/Security_Detections_API_RuleLicense' - max_signals: - $ref: '#/components/schemas/Security_Detections_API_MaxSignals' - meta: - $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' - name: - $ref: '#/components/schemas/Security_Detections_API_RuleName' - namespace: - $ref: >- - #/components/schemas/Security_Detections_API_AlertsIndexNamespace - note: - $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' - outcome: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome - output_index: - $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' - references: - $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' - related_integrations: - $ref: >- - #/components/schemas/Security_Detections_API_RelatedIntegrationArray - required_fields: - items: - $ref: >- - #/components/schemas/Security_Detections_API_RequiredFieldInput - type: array - response_actions: - items: - $ref: '#/components/schemas/Security_Detections_API_ResponseAction' - type: array - risk_score: - $ref: '#/components/schemas/Security_Detections_API_RiskScore' - risk_score_mapping: - $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' - rule_id: - $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' - rule_name_override: - $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' - setup: - $ref: '#/components/schemas/Security_Detections_API_SetupGuide' - severity: - $ref: '#/components/schemas/Security_Detections_API_Severity' - severity_mapping: - $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' - tags: - $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' - threat: - $ref: '#/components/schemas/Security_Detections_API_ThreatArray' - throttle: - $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' - timeline_id: - $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' - timeline_title: - $ref: >- - #/components/schemas/Security_Detections_API_TimelineTemplateTitle - timestamp_override: - $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' - timestamp_override_fallback_disabled: - $ref: >- - #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled - to: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' - version: - $ref: '#/components/schemas/Security_Detections_API_RuleVersion' - required: - - name - - description - - risk_score - - severity - - $ref: >- - #/components/schemas/Security_Detections_API_ThresholdRuleCreateFields - Security_Detections_API_ThresholdRuleDefaultableFields: - type: object - properties: - language: - $ref: '#/components/schemas/Security_Detections_API_KqlQueryLanguage' - Security_Detections_API_ThresholdRuleOptionalFields: - type: object - properties: - alert_suppression: - $ref: >- - #/components/schemas/Security_Detections_API_ThresholdAlertSuppression - data_view_id: - $ref: '#/components/schemas/Security_Detections_API_DataViewId' - filters: - $ref: '#/components/schemas/Security_Detections_API_RuleFilterArray' - index: - $ref: '#/components/schemas/Security_Detections_API_IndexPatternArray' - saved_id: - $ref: '#/components/schemas/Security_Detections_API_SavedQueryId' - Security_Detections_API_ThresholdRulePatchFields: - allOf: - - type: object - properties: - query: - $ref: '#/components/schemas/Security_Detections_API_RuleQuery' - threshold: - $ref: '#/components/schemas/Security_Detections_API_Threshold' - type: - description: Rule type - enum: - - threshold - type: string - - $ref: >- - #/components/schemas/Security_Detections_API_ThresholdRuleOptionalFields - - $ref: >- - #/components/schemas/Security_Detections_API_ThresholdRuleDefaultableFields - Security_Detections_API_ThresholdRulePatchProps: - allOf: - - type: object - properties: - actions: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleAction' - type: array - alias_purpose: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose - alias_target_id: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId - author: - $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' - building_block_type: - $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' - description: - $ref: '#/components/schemas/Security_Detections_API_RuleDescription' - enabled: - $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' - exceptions_list: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' - type: array - false_positives: - $ref: >- - #/components/schemas/Security_Detections_API_RuleFalsePositiveArray - from: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' - id: - $ref: '#/components/schemas/Security_Detections_API_RuleObjectId' - interval: - $ref: '#/components/schemas/Security_Detections_API_RuleInterval' - investigation_fields: - $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' - license: - $ref: '#/components/schemas/Security_Detections_API_RuleLicense' - max_signals: - $ref: '#/components/schemas/Security_Detections_API_MaxSignals' - meta: - $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' - name: - $ref: '#/components/schemas/Security_Detections_API_RuleName' - namespace: - $ref: >- - #/components/schemas/Security_Detections_API_AlertsIndexNamespace - note: - $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' - outcome: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome - output_index: - $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' - references: - $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' - related_integrations: - $ref: >- - #/components/schemas/Security_Detections_API_RelatedIntegrationArray - required_fields: - items: - $ref: >- - #/components/schemas/Security_Detections_API_RequiredFieldInput - type: array - response_actions: - items: - $ref: '#/components/schemas/Security_Detections_API_ResponseAction' - type: array - risk_score: - $ref: '#/components/schemas/Security_Detections_API_RiskScore' - risk_score_mapping: - $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' - rule_id: - $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' - rule_name_override: - $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' - setup: - $ref: '#/components/schemas/Security_Detections_API_SetupGuide' - severity: - $ref: '#/components/schemas/Security_Detections_API_Severity' - severity_mapping: - $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' - tags: - $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' - threat: - $ref: '#/components/schemas/Security_Detections_API_ThreatArray' - throttle: - $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' - timeline_id: - $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' - timeline_title: - $ref: >- - #/components/schemas/Security_Detections_API_TimelineTemplateTitle - timestamp_override: - $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' - timestamp_override_fallback_disabled: - $ref: >- - #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled - to: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' - version: - $ref: '#/components/schemas/Security_Detections_API_RuleVersion' - - $ref: >- - #/components/schemas/Security_Detections_API_ThresholdRulePatchFields - Security_Detections_API_ThresholdRuleRequiredFields: - type: object - properties: - query: - $ref: '#/components/schemas/Security_Detections_API_RuleQuery' - threshold: - $ref: '#/components/schemas/Security_Detections_API_Threshold' - type: - description: Rule type - enum: - - threshold - type: string - required: - - type - - query - - threshold - Security_Detections_API_ThresholdRuleResponseFields: - allOf: - - $ref: >- - #/components/schemas/Security_Detections_API_ThresholdRuleRequiredFields - - $ref: >- - #/components/schemas/Security_Detections_API_ThresholdRuleOptionalFields - - type: object - properties: - language: - $ref: '#/components/schemas/Security_Detections_API_KqlQueryLanguage' - required: - - language - Security_Detections_API_ThresholdRuleUpdateProps: - allOf: - - type: object - properties: - actions: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleAction' - type: array - alias_purpose: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasPurpose - alias_target_id: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveAliasTargetId - author: - $ref: '#/components/schemas/Security_Detections_API_RuleAuthorArray' - building_block_type: - $ref: '#/components/schemas/Security_Detections_API_BuildingBlockType' - description: - $ref: '#/components/schemas/Security_Detections_API_RuleDescription' - enabled: - $ref: '#/components/schemas/Security_Detections_API_IsRuleEnabled' - exceptions_list: - items: - $ref: '#/components/schemas/Security_Detections_API_RuleExceptionList' - type: array - false_positives: - $ref: >- - #/components/schemas/Security_Detections_API_RuleFalsePositiveArray - from: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalFrom' - id: - $ref: '#/components/schemas/Security_Detections_API_RuleObjectId' - interval: - $ref: '#/components/schemas/Security_Detections_API_RuleInterval' - investigation_fields: - $ref: '#/components/schemas/Security_Detections_API_InvestigationFields' - license: - $ref: '#/components/schemas/Security_Detections_API_RuleLicense' - max_signals: - $ref: '#/components/schemas/Security_Detections_API_MaxSignals' - meta: - $ref: '#/components/schemas/Security_Detections_API_RuleMetadata' - name: - $ref: '#/components/schemas/Security_Detections_API_RuleName' - namespace: - $ref: >- - #/components/schemas/Security_Detections_API_AlertsIndexNamespace - note: - $ref: '#/components/schemas/Security_Detections_API_InvestigationGuide' - outcome: - $ref: >- - #/components/schemas/Security_Detections_API_SavedObjectResolveOutcome - output_index: - $ref: '#/components/schemas/Security_Detections_API_AlertsIndex' - references: - $ref: '#/components/schemas/Security_Detections_API_RuleReferenceArray' - related_integrations: - $ref: >- - #/components/schemas/Security_Detections_API_RelatedIntegrationArray - required_fields: - items: - $ref: >- - #/components/schemas/Security_Detections_API_RequiredFieldInput - type: array - response_actions: - items: - $ref: '#/components/schemas/Security_Detections_API_ResponseAction' - type: array - risk_score: - $ref: '#/components/schemas/Security_Detections_API_RiskScore' - risk_score_mapping: - $ref: '#/components/schemas/Security_Detections_API_RiskScoreMapping' - rule_id: - $ref: '#/components/schemas/Security_Detections_API_RuleSignatureId' - rule_name_override: - $ref: '#/components/schemas/Security_Detections_API_RuleNameOverride' - setup: - $ref: '#/components/schemas/Security_Detections_API_SetupGuide' - severity: - $ref: '#/components/schemas/Security_Detections_API_Severity' - severity_mapping: - $ref: '#/components/schemas/Security_Detections_API_SeverityMapping' - tags: - $ref: '#/components/schemas/Security_Detections_API_RuleTagArray' - threat: - $ref: '#/components/schemas/Security_Detections_API_ThreatArray' - throttle: - $ref: '#/components/schemas/Security_Detections_API_RuleActionThrottle' - timeline_id: - $ref: '#/components/schemas/Security_Detections_API_TimelineTemplateId' - timeline_title: - $ref: >- - #/components/schemas/Security_Detections_API_TimelineTemplateTitle - timestamp_override: - $ref: '#/components/schemas/Security_Detections_API_TimestampOverride' - timestamp_override_fallback_disabled: - $ref: >- - #/components/schemas/Security_Detections_API_TimestampOverrideFallbackDisabled - to: - $ref: '#/components/schemas/Security_Detections_API_RuleIntervalTo' - version: - $ref: '#/components/schemas/Security_Detections_API_RuleVersion' - required: - - name - - description - - risk_score - - severity - - $ref: >- - #/components/schemas/Security_Detections_API_ThresholdRuleCreateFields - Security_Detections_API_ThresholdValue: - description: Threshold value - minimum: 1 - type: integer - Security_Detections_API_ThrottleForBulkActions: - description: >- - The condition for throttling the notification: 'rule', 'no_actions', or - time duration - enum: - - rule - - 1h - - 1d - - 7d - type: string - Security_Detections_API_TiebreakerField: - description: Sets a secondary field for sorting events - type: string - Security_Detections_API_TimelineTemplateId: - description: Timeline template ID - type: string - Security_Detections_API_TimelineTemplateTitle: - description: Timeline template title - type: string - Security_Detections_API_TimestampField: - description: Contains the event timestamp used for sorting a sequence of events - type: string - Security_Detections_API_TimestampOverride: - description: Sets the time field used to query indices - type: string - Security_Detections_API_TimestampOverrideFallbackDisabled: - description: Disables the fallback to the event's @timestamp field - type: boolean - Security_Detections_API_UUID: - description: A universally unique identifier - format: uuid - type: string - Security_Detections_API_WarningSchema: - type: object - properties: - actionPath: - type: string - buttonLabel: - type: string - message: - type: string - type: - type: string - required: - - type - - message - - actionPath - Security_Endpoint_Exceptions_API_EndpointList: - oneOf: - - $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_ExceptionList' - - additionalProperties: false - type: object - Security_Endpoint_Exceptions_API_EndpointListItem: - $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItem' - Security_Endpoint_Exceptions_API_ExceptionList: - type: object - properties: - _version: - type: string - created_at: - format: date-time - type: string - created_by: - type: string - description: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListDescription - id: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListId - immutable: - type: boolean - list_id: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListHumanId - meta: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListMeta - name: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListName - namespace_type: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionNamespaceType - os_types: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListOsTypeArray - tags: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListTags - tie_breaker_id: - type: string - type: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListType - updated_at: - format: date-time - type: string - updated_by: - type: string - version: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListVersion - required: - - id - - list_id - - type - - name - - description - - immutable - - namespace_type - - version - - tie_breaker_id - - created_at - - created_by - - updated_at - - updated_by - Security_Endpoint_Exceptions_API_ExceptionListDescription: - type: string - Security_Endpoint_Exceptions_API_ExceptionListHumanId: - $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_NonEmptyString' - description: Human readable string identifier, e.g. `trusted-linux-processes` - Security_Endpoint_Exceptions_API_ExceptionListId: - $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_NonEmptyString' - Security_Endpoint_Exceptions_API_ExceptionListItem: - type: object - properties: - _version: - type: string - comments: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemCommentArray - created_at: - format: date-time - type: string - created_by: - type: string - description: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemDescription - entries: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemEntryArray - expire_time: - format: date-time - type: string - id: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemId - item_id: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemHumanId - list_id: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListHumanId - meta: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemMeta - name: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemName - namespace_type: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionNamespaceType - os_types: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemOsTypeArray - tags: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemTags - tie_breaker_id: - type: string - type: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemType - updated_at: - format: date-time - type: string - updated_by: - type: string - required: - - id - - item_id - - list_id - - type - - name - - description - - entries - - namespace_type - - comments - - tie_breaker_id - - created_at - - created_by - - updated_at - - updated_by - Security_Endpoint_Exceptions_API_ExceptionListItemComment: - type: object - properties: - comment: - $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_NonEmptyString' - created_at: - format: date-time - type: string - created_by: - $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_NonEmptyString' - id: - $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_NonEmptyString' - updated_at: - format: date-time - type: string - updated_by: - $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_NonEmptyString' - required: - - id - - comment - - created_at - - created_by - Security_Endpoint_Exceptions_API_ExceptionListItemCommentArray: - items: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemComment - type: array - Security_Endpoint_Exceptions_API_ExceptionListItemDescription: - type: string - Security_Endpoint_Exceptions_API_ExceptionListItemEntry: - anyOf: - - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemEntryMatch - - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemEntryMatchAny - - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemEntryList - - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemEntryExists - - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemEntryNested - - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemEntryMatchWildcard - discriminator: - propertyName: type - Security_Endpoint_Exceptions_API_ExceptionListItemEntryArray: - items: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemEntry - type: array - Security_Endpoint_Exceptions_API_ExceptionListItemEntryExists: - type: object - properties: - field: - $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_NonEmptyString' - operator: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemEntryOperator - type: - enum: - - exists - type: string - required: - - type - - field - - operator - Security_Endpoint_Exceptions_API_ExceptionListItemEntryList: - type: object - properties: - field: - $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_NonEmptyString' - list: - type: object - properties: - id: - $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_ListId' - type: - $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_ListType' - required: - - id - - type - operator: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemEntryOperator - type: - enum: - - list - type: string - required: - - type - - field - - list - - operator - Security_Endpoint_Exceptions_API_ExceptionListItemEntryMatch: - type: object - properties: - field: - $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_NonEmptyString' - operator: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemEntryOperator - type: - enum: - - match - type: string - value: - $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_NonEmptyString' - required: - - type - - field - - value - - operator - Security_Endpoint_Exceptions_API_ExceptionListItemEntryMatchAny: - type: object - properties: - field: - $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_NonEmptyString' - operator: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemEntryOperator - type: - enum: - - match_any - type: string - value: - items: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_NonEmptyString - minItems: 1 - type: array - required: - - type - - field - - value - - operator - Security_Endpoint_Exceptions_API_ExceptionListItemEntryMatchWildcard: - type: object - properties: - field: - $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_NonEmptyString' - operator: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemEntryOperator - type: - enum: - - wildcard - type: string - value: - $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_NonEmptyString' - required: - - type - - field - - value - - operator - Security_Endpoint_Exceptions_API_ExceptionListItemEntryNested: - type: object - properties: - entries: - items: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemEntryNestedEntryItem - minItems: 1 - type: array - field: - $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_NonEmptyString' - type: - enum: - - nested - type: string - required: - - type - - field - - entries - Security_Endpoint_Exceptions_API_ExceptionListItemEntryNestedEntryItem: - oneOf: - - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemEntryMatch - - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemEntryMatchAny - - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListItemEntryExists - Security_Endpoint_Exceptions_API_ExceptionListItemEntryOperator: - enum: - - excluded - - included - type: string - Security_Endpoint_Exceptions_API_ExceptionListItemHumanId: - $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_NonEmptyString' - Security_Endpoint_Exceptions_API_ExceptionListItemId: - $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_NonEmptyString' - Security_Endpoint_Exceptions_API_ExceptionListItemMeta: - additionalProperties: true - type: object - Security_Endpoint_Exceptions_API_ExceptionListItemName: - $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_NonEmptyString' - Security_Endpoint_Exceptions_API_ExceptionListItemOsTypeArray: - items: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListOsType - type: array - Security_Endpoint_Exceptions_API_ExceptionListItemTags: - items: - $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_NonEmptyString' - type: array - Security_Endpoint_Exceptions_API_ExceptionListItemType: - enum: - - simple - type: string - Security_Endpoint_Exceptions_API_ExceptionListMeta: - additionalProperties: true - type: object - Security_Endpoint_Exceptions_API_ExceptionListName: - type: string - Security_Endpoint_Exceptions_API_ExceptionListOsType: - enum: - - linux - - macos - - windows - type: string - Security_Endpoint_Exceptions_API_ExceptionListOsTypeArray: - items: - $ref: >- - #/components/schemas/Security_Endpoint_Exceptions_API_ExceptionListOsType - type: array - Security_Endpoint_Exceptions_API_ExceptionListTags: - items: - type: string - type: array - Security_Endpoint_Exceptions_API_ExceptionListType: - enum: - - detection - - rule_default - - endpoint - - endpoint_trusted_apps - - endpoint_events - - endpoint_host_isolation_exceptions - - endpoint_blocklists - type: string - Security_Endpoint_Exceptions_API_ExceptionListVersion: - minimum: 1 - type: integer - Security_Endpoint_Exceptions_API_ExceptionNamespaceType: - description: > - Determines whether the exception container is available in all Kibana - spaces or just the space - - in which it is created, where: - - - - `single`: Only available in the Kibana space in which it is created. - - - `agnostic`: Available in all Kibana spaces. - enum: - - agnostic - - single - type: string - Security_Endpoint_Exceptions_API_FindEndpointListItemsFilter: - $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_NonEmptyString' - Security_Endpoint_Exceptions_API_ListId: - $ref: '#/components/schemas/Security_Endpoint_Exceptions_API_NonEmptyString' - Security_Endpoint_Exceptions_API_ListType: - enum: - - binary - - boolean - - byte - - date - - date_nanos - - date_range - - double - - double_range - - float - - float_range - - geo_point - - geo_shape - - half_float - - integer - - integer_range - - ip - - ip_range - - keyword - - long - - long_range - - shape - - short - - text - type: string - Security_Endpoint_Exceptions_API_NonEmptyString: - description: A string that is not empty and does not contain only whitespace - minLength: 1 - pattern: ^(?! *$).+$ - type: string - Security_Endpoint_Exceptions_API_PlatformErrorResponse: - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: integer - required: - - statusCode - - error - - message - Security_Endpoint_Exceptions_API_SiemErrorResponse: - type: object - properties: - message: - type: string - status_code: - type: integer - required: - - status_code - - message - Security_Endpoint_Management_API_ActionLogRequestQuery: - type: object - properties: - end_date: - $ref: '#/components/schemas/Security_Endpoint_Management_API_EndDate' - page: - $ref: '#/components/schemas/Security_Endpoint_Management_API_Page' - page_size: - $ref: '#/components/schemas/Security_Endpoint_Management_API_PageSize' - start_date: - $ref: '#/components/schemas/Security_Endpoint_Management_API_StartDate' - Security_Endpoint_Management_API_ActionStateSuccessResponse: - type: object - properties: - body: - type: object - properties: - data: - type: object - properties: - canEncrypt: - type: boolean - required: - - data - required: - - body - Security_Endpoint_Management_API_ActionStatusSuccessResponse: - type: object - properties: - body: - type: object - properties: - data: - type: object - properties: - agent_id: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_AgentId - pending_actions: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_PendingActionsSchema - required: - - agent_id - - pending_actions - required: - - data - required: - - body - Security_Endpoint_Management_API_AgentId: - description: Agent ID - type: string - Security_Endpoint_Management_API_AgentIds: - minLength: 1 - oneOf: - - items: - minLength: 1 - type: string - maxItems: 50 - minItems: 1 - type: array - - minLength: 1 - type: string - Security_Endpoint_Management_API_AgentTypes: - enum: - - endpoint - - sentinel_one - - crowdstrike - type: string - Security_Endpoint_Management_API_AlertIds: - description: A list of alerts ids. - items: - $ref: '#/components/schemas/Security_Endpoint_Management_API_NonEmptyString' - minItems: 1 - type: array - Security_Endpoint_Management_API_CaseIds: - description: Case IDs to be updated (cannot contain empty strings) - items: - minLength: 1 - type: string - minItems: 1 - type: array - Security_Endpoint_Management_API_Command: - description: The command to be executed (cannot be an empty string) - enum: - - isolate - - unisolate - - kill-process - - suspend-process - - running-processes - - get-file - - execute - - upload - - scan - minLength: 1 - type: string - Security_Endpoint_Management_API_Commands: - items: - $ref: '#/components/schemas/Security_Endpoint_Management_API_Command' - type: array - Security_Endpoint_Management_API_Comment: - description: Optional comment - type: string - Security_Endpoint_Management_API_EndDate: - description: End date - type: string - Security_Endpoint_Management_API_EndpointIds: - description: List of endpoint IDs (cannot contain empty strings) - items: - minLength: 1 - type: string - minItems: 1 - type: array - Security_Endpoint_Management_API_EntityId: - type: object - properties: - entity_id: - minLength: 1 - type: string - Security_Endpoint_Management_API_ExecuteRouteRequestBody: - allOf: - - type: object - properties: - agent_type: - $ref: '#/components/schemas/Security_Endpoint_Management_API_AgentTypes' - alert_ids: - $ref: '#/components/schemas/Security_Endpoint_Management_API_AlertIds' - case_ids: - $ref: '#/components/schemas/Security_Endpoint_Management_API_CaseIds' - comment: - $ref: '#/components/schemas/Security_Endpoint_Management_API_Comment' - endpoint_ids: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_EndpointIds - parameters: - $ref: '#/components/schemas/Security_Endpoint_Management_API_Parameters' - required: - - endpoint_ids - - type: object - properties: - parameters: - type: object - properties: - command: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_Command - timeout: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_Timeout - required: - - command - required: - - parameters - Security_Endpoint_Management_API_GetEndpointActionListRouteQuery: - type: object - properties: - agentIds: - $ref: '#/components/schemas/Security_Endpoint_Management_API_AgentIds' - agentTypes: - $ref: '#/components/schemas/Security_Endpoint_Management_API_AgentTypes' - commands: - $ref: '#/components/schemas/Security_Endpoint_Management_API_Commands' - endDate: - $ref: '#/components/schemas/Security_Endpoint_Management_API_EndDate' - page: - $ref: '#/components/schemas/Security_Endpoint_Management_API_Page' - pageSize: - default: 10 - description: Number of items per page - maximum: 10000 - minimum: 1 - type: integer - startDate: - $ref: '#/components/schemas/Security_Endpoint_Management_API_StartDate' - types: - $ref: '#/components/schemas/Security_Endpoint_Management_API_Types' - userIds: - $ref: '#/components/schemas/Security_Endpoint_Management_API_UserIds' - withOutputs: - $ref: '#/components/schemas/Security_Endpoint_Management_API_WithOutputs' - Security_Endpoint_Management_API_GetFileRouteRequestBody: - allOf: - - type: object - properties: - agent_type: - $ref: '#/components/schemas/Security_Endpoint_Management_API_AgentTypes' - alert_ids: - $ref: '#/components/schemas/Security_Endpoint_Management_API_AlertIds' - case_ids: - $ref: '#/components/schemas/Security_Endpoint_Management_API_CaseIds' - comment: - $ref: '#/components/schemas/Security_Endpoint_Management_API_Comment' - endpoint_ids: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_EndpointIds - parameters: - $ref: '#/components/schemas/Security_Endpoint_Management_API_Parameters' - required: - - endpoint_ids - - type: object - properties: - parameters: - type: object - properties: - path: - type: string - required: - - path - required: - - parameters - Security_Endpoint_Management_API_GetProcessesRouteRequestBody: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_NoParametersRequestSchema - Security_Endpoint_Management_API_IsolateRouteRequestBody: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_NoParametersRequestSchema - Security_Endpoint_Management_API_KillProcessRouteRequestBody: - allOf: - - type: object - properties: - agent_type: - $ref: '#/components/schemas/Security_Endpoint_Management_API_AgentTypes' - alert_ids: - $ref: '#/components/schemas/Security_Endpoint_Management_API_AlertIds' - case_ids: - $ref: '#/components/schemas/Security_Endpoint_Management_API_CaseIds' - comment: - $ref: '#/components/schemas/Security_Endpoint_Management_API_Comment' - endpoint_ids: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_EndpointIds - parameters: - $ref: '#/components/schemas/Security_Endpoint_Management_API_Parameters' - required: - - endpoint_ids - - type: object - properties: - parameters: - oneOf: - - $ref: '#/components/schemas/Security_Endpoint_Management_API_Pid' - - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_EntityId - - type: object - properties: - process_name: - description: Valid for SentinelOne agent type only - minLength: 1 - type: string - required: - - parameters - Security_Endpoint_Management_API_ListRequestQuery: - type: object - properties: - hostStatuses: - items: - enum: - - healthy - - offline - - updating - - inactive - - unenrolled - type: string - type: array - kuery: - nullable: true - type: string - page: - default: 0 - description: Page number - minimum: 0 - type: integer - pageSize: - default: 10 - description: Number of items per page - maximum: 10000 - minimum: 1 - type: integer - sortDirection: - enum: - - asc - - desc - nullable: true - type: string - sortField: - enum: - - enrolled_at - - metadata.host.hostname - - host_status - - metadata.Endpoint.policy.applied.name - - metadata.Endpoint.policy.applied.status - - metadata.host.os.name - - metadata.host.ip - - metadata.agent.version - - last_checkin - type: string - required: - - hostStatuses - Security_Endpoint_Management_API_NonEmptyString: - description: A string that is not empty and does not contain only whitespace - minLength: 1 - pattern: ^(?! *$).+$ - type: string - Security_Endpoint_Management_API_NoParametersRequestSchema: - type: object - properties: - body: - type: object - properties: - agent_type: - $ref: '#/components/schemas/Security_Endpoint_Management_API_AgentTypes' - alert_ids: - $ref: '#/components/schemas/Security_Endpoint_Management_API_AlertIds' - case_ids: - $ref: '#/components/schemas/Security_Endpoint_Management_API_CaseIds' - comment: - $ref: '#/components/schemas/Security_Endpoint_Management_API_Comment' - endpoint_ids: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_EndpointIds - parameters: - $ref: '#/components/schemas/Security_Endpoint_Management_API_Parameters' - required: - - endpoint_ids - required: - - body - Security_Endpoint_Management_API_Page: - default: 1 - description: Page number - minimum: 1 - type: integer - Security_Endpoint_Management_API_PageSize: - default: 10 - description: Number of items per page - maximum: 100 - minimum: 1 - type: integer - Security_Endpoint_Management_API_Parameters: - description: Optional parameters object - type: object - Security_Endpoint_Management_API_PendingActionDataType: - type: integer - Security_Endpoint_Management_API_PendingActionsSchema: - oneOf: - - type: object - properties: - execute: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_PendingActionDataType - get-file: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_PendingActionDataType - isolate: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_PendingActionDataType - kill-process: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_PendingActionDataType - running-processes: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_PendingActionDataType - scan: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_PendingActionDataType - suspend-process: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_PendingActionDataType - unisolate: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_PendingActionDataType - upload: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_PendingActionDataType - - additionalProperties: true - type: object - Security_Endpoint_Management_API_Pid: - type: object - properties: - pid: - minimum: 1 - type: integer - Security_Endpoint_Management_API_ProtectionUpdatesNoteResponse: - type: object - properties: - note: - type: string - Security_Endpoint_Management_API_ScanRouteRequestBody: - allOf: - - type: object - properties: - agent_type: - $ref: '#/components/schemas/Security_Endpoint_Management_API_AgentTypes' - alert_ids: - $ref: '#/components/schemas/Security_Endpoint_Management_API_AlertIds' - case_ids: - $ref: '#/components/schemas/Security_Endpoint_Management_API_CaseIds' - comment: - $ref: '#/components/schemas/Security_Endpoint_Management_API_Comment' - endpoint_ids: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_EndpointIds - parameters: - $ref: '#/components/schemas/Security_Endpoint_Management_API_Parameters' - required: - - endpoint_ids - - type: object - properties: - parameters: - type: object - properties: - path: - type: string - required: - - path - required: - - parameters - Security_Endpoint_Management_API_StartDate: - description: Start date - type: string - Security_Endpoint_Management_API_SuccessResponse: - type: object - properties: {} - Security_Endpoint_Management_API_SuspendProcessRouteRequestBody: - allOf: - - type: object - properties: - agent_type: - $ref: '#/components/schemas/Security_Endpoint_Management_API_AgentTypes' - alert_ids: - $ref: '#/components/schemas/Security_Endpoint_Management_API_AlertIds' - case_ids: - $ref: '#/components/schemas/Security_Endpoint_Management_API_CaseIds' - comment: - $ref: '#/components/schemas/Security_Endpoint_Management_API_Comment' - endpoint_ids: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_EndpointIds - parameters: - $ref: '#/components/schemas/Security_Endpoint_Management_API_Parameters' - required: - - endpoint_ids - - type: object - properties: - parameters: - oneOf: - - $ref: '#/components/schemas/Security_Endpoint_Management_API_Pid' - - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_EntityId - required: - - parameters - Security_Endpoint_Management_API_Timeout: - description: The maximum timeout value in milliseconds (optional) - minimum: 1 - type: integer - Security_Endpoint_Management_API_Type: - description: Type of response action - enum: - - automated - - manual - type: string - Security_Endpoint_Management_API_Types: - description: List of types of response actions - items: - $ref: '#/components/schemas/Security_Endpoint_Management_API_Type' - maxLength: 2 - minLength: 1 - type: array - Security_Endpoint_Management_API_UnisolateRouteRequestBody: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_NoParametersRequestSchema - Security_Endpoint_Management_API_UploadRouteRequestBody: - allOf: - - type: object - properties: - agent_type: - $ref: '#/components/schemas/Security_Endpoint_Management_API_AgentTypes' - alert_ids: - $ref: '#/components/schemas/Security_Endpoint_Management_API_AlertIds' - case_ids: - $ref: '#/components/schemas/Security_Endpoint_Management_API_CaseIds' - comment: - $ref: '#/components/schemas/Security_Endpoint_Management_API_Comment' - endpoint_ids: - $ref: >- - #/components/schemas/Security_Endpoint_Management_API_EndpointIds - parameters: - $ref: '#/components/schemas/Security_Endpoint_Management_API_Parameters' - required: - - endpoint_ids - - type: object - properties: - file: - format: binary - type: string - parameters: - type: object - properties: - overwrite: - default: false - type: boolean - required: - - parameters - - file - Security_Endpoint_Management_API_UserIds: - description: User IDs - oneOf: - - items: - minLength: 1 - type: string - minItems: 1 - type: array - - minLength: 1 - type: string - Security_Endpoint_Management_API_WithOutputs: - description: Shows detailed outputs for an action response - oneOf: - - items: - minLength: 1 - type: string - minItems: 1 - type: array - - minLength: 1 - type: string - Security_Entity_Analytics_API_AssetCriticalityBulkUploadErrorItem: - type: object - properties: - index: - type: integer - message: - type: string - required: - - message - - index - Security_Entity_Analytics_API_AssetCriticalityBulkUploadStats: - type: object - properties: - failed: - type: integer - successful: - type: integer - total: - type: integer - required: - - successful - - failed - - total - Security_Entity_Analytics_API_AssetCriticalityLevel: - description: The criticality level of the asset. - enum: - - low_impact - - medium_impact - - high_impact - - extreme_impact - type: string - Security_Entity_Analytics_API_AssetCriticalityRecord: - allOf: - - $ref: >- - #/components/schemas/Security_Entity_Analytics_API_CreateAssetCriticalityRecord - - $ref: >- - #/components/schemas/Security_Entity_Analytics_API_AssetCriticalityRecordEcsParts - - type: object - properties: - '@timestamp': - description: The time the record was created or updated. - example: '2017-07-21T17:32:28Z' - format: date-time - type: string - required: - - '@timestamp' - Security_Entity_Analytics_API_AssetCriticalityRecordEcsParts: - type: object - properties: - asset: - type: object - properties: - criticality: - $ref: >- - #/components/schemas/Security_Entity_Analytics_API_AssetCriticalityLevel - required: - - asset - host: - type: object - properties: - asset: - type: object - properties: - criticality: - $ref: >- - #/components/schemas/Security_Entity_Analytics_API_AssetCriticalityLevel - required: - - criticality - name: - type: string - required: - - name - user: - type: object - properties: - asset: - type: object - properties: - criticality: - $ref: >- - #/components/schemas/Security_Entity_Analytics_API_AssetCriticalityLevel - required: - - criticality - name: - type: string - required: - - name - required: - - asset - Security_Entity_Analytics_API_AssetCriticalityRecordIdParts: - type: object - properties: - id_field: - $ref: '#/components/schemas/Security_Entity_Analytics_API_IdField' - description: The field representing the ID. - example: host.name - id_value: - description: The ID value of the asset. - type: string - required: - - id_value - - id_field - Security_Entity_Analytics_API_CleanUpRiskEngineErrorResponse: - type: object - properties: - cleanup_successful: - example: false - type: boolean - errors: - items: - type: object - properties: - error: - type: string - seq: - type: integer - required: - - seq - - error - type: array - required: - - cleanup_successful - - errors - Security_Entity_Analytics_API_CreateAssetCriticalityRecord: - allOf: - - $ref: >- - #/components/schemas/Security_Entity_Analytics_API_AssetCriticalityRecordIdParts - - type: object - properties: - criticality_level: - $ref: >- - #/components/schemas/Security_Entity_Analytics_API_AssetCriticalityLevel - required: - - criticality_level - Security_Entity_Analytics_API_EngineDataviewUpdateResult: - type: object - properties: - changes: - type: object - properties: - indexPatterns: - items: - type: string - type: array - type: - type: string - required: - - type - Security_Entity_Analytics_API_EngineDescriptor: - type: object - properties: - fieldHistoryLength: - type: integer - filter: - type: string - indexPattern: - $ref: '#/components/schemas/Security_Entity_Analytics_API_IndexPattern' - status: - $ref: '#/components/schemas/Security_Entity_Analytics_API_EngineStatus' - type: - $ref: '#/components/schemas/Security_Entity_Analytics_API_EntityType' - required: - - type - - indexPattern - - status - - fieldHistoryLength - Security_Entity_Analytics_API_EngineStatus: - enum: - - installing - - started - - stopped - - updating - - error - type: string - Security_Entity_Analytics_API_Entity: - oneOf: - - $ref: '#/components/schemas/Security_Entity_Analytics_API_UserEntity' - - $ref: '#/components/schemas/Security_Entity_Analytics_API_HostEntity' - Security_Entity_Analytics_API_EntityRiskLevels: - enum: - - Unknown - - Low - - Moderate - - High - - Critical - type: string - Security_Entity_Analytics_API_EntityRiskScoreRecord: - type: object - properties: - '@timestamp': - description: The time at which the risk score was calculated. - example: '2017-07-21T17:32:28Z' - format: date-time - type: string - calculated_level: - $ref: '#/components/schemas/Security_Entity_Analytics_API_EntityRiskLevels' - description: Lexical description of the entity's risk. - example: Critical - calculated_score: - description: The raw numeric value of the given entity's risk score. - format: double - type: number - calculated_score_norm: - description: >- - The normalized numeric value of the given entity's risk score. - Useful for comparing with other entities. - format: double - maximum: 100 - minimum: 0 - type: number - category_1_count: - description: >- - The number of risk input documents that contributed to the Category - 1 score (`category_1_score`). - format: integer - type: number - category_1_score: - description: >- - The contribution of Category 1 to the overall risk score - (`calculated_score`). Category 1 contains Detection Engine Alerts. - format: double - type: number - category_2_count: - format: integer - type: number - category_2_score: - format: double - type: number - criticality_level: - $ref: >- - #/components/schemas/Security_Entity_Analytics_API_AssetCriticalityLevel - criticality_modifier: - format: double - type: number - id_field: - description: >- - The identifier field defining this risk score. Coupled with - `id_value`, uniquely identifies the entity being scored. - example: host.name - type: string - id_value: - description: >- - The identifier value defining this risk score. Coupled with - `id_field`, uniquely identifies the entity being scored. - example: example.host - type: string - inputs: - description: >- - A list of the highest-risk documents contributing to this risk - score. Useful for investigative purposes. - items: - $ref: '#/components/schemas/Security_Entity_Analytics_API_RiskScoreInput' - type: array - notes: - items: - type: string - type: array - required: - - '@timestamp' - - id_field - - id_value - - calculated_level - - calculated_score - - calculated_score_norm - - category_1_score - - category_1_count - - inputs - - notes - Security_Entity_Analytics_API_EntityType: - enum: - - user - - host - type: string - Security_Entity_Analytics_API_HostEntity: - type: object - properties: - '@timestamp': - format: date-time - type: string - asset: - type: object - properties: - criticality: - $ref: >- - #/components/schemas/Security_Entity_Analytics_API_AssetCriticalityLevel - required: - - criticality - entity: - type: object - properties: - name: - type: string - source: - items: - type: string - type: array - required: - - name - - source - host: - type: object - properties: - architecture: - items: - type: string - type: array - domain: - items: - type: string - type: array - hostname: - items: - type: string - type: array - id: - items: - type: string - type: array - ip: - items: - type: string - type: array - mac: - items: - type: string - type: array - name: - type: string - risk: - $ref: >- - #/components/schemas/Security_Entity_Analytics_API_EntityRiskScoreRecord - type: - items: - type: string - type: array - required: - - name - required: - - '@timestamp' - - host - - entity - Security_Entity_Analytics_API_IdField: - enum: - - host.name - - user.name - type: string - Security_Entity_Analytics_API_IndexPattern: - type: string - Security_Entity_Analytics_API_InspectQuery: - type: object - properties: - dsl: - items: - type: string - type: array - response: - items: - type: string - type: array - required: - - dsl - - response - Security_Entity_Analytics_API_RiskEngineScheduleNowErrorResponse: - type: object - properties: - full_error: - type: string - message: - type: string - required: - - message - - full_error - Security_Entity_Analytics_API_RiskEngineScheduleNowResponse: - type: object - properties: - success: - type: boolean - Security_Entity_Analytics_API_RiskScoreInput: - description: A generic representation of a document contributing to a Risk Score. - type: object - properties: - category: - description: The risk category of the risk input document. - example: category_1 - type: string - contribution_score: - format: double - type: number - description: - description: A human-readable description of the risk input document. - example: 'Generated from Detection Engine Rule: Malware Prevention Alert' - type: string - id: - description: The unique identifier (`_id`) of the original source document - example: 91a93376a507e86cfbf282166275b89f9dbdb1f0be6c8103c6ff2909ca8e1a1c - type: string - index: - description: The unique index (`_index`) of the original source document - example: .internal.alerts-security.alerts-default-000001 - type: string - risk_score: - description: The weighted risk score of the risk input document. - format: double - maximum: 100 - minimum: 0 - type: number - timestamp: - description: The @timestamp of the risk input document. - example: '2017-07-21T17:32:28Z' - type: string - required: - - id - - index - - description - - category - Security_Entity_Analytics_API_TaskManagerUnavailableResponse: - description: Task manager is unavailable - type: object - properties: - message: - type: string - status_code: - minimum: 400 - type: integer - required: - - status_code - - message - Security_Entity_Analytics_API_UserEntity: - type: object - properties: - '@timestamp': - format: date-time - type: string - asset: - type: object - properties: - criticality: - $ref: >- - #/components/schemas/Security_Entity_Analytics_API_AssetCriticalityLevel - required: - - criticality - entity: - type: object - properties: - name: - type: string - source: - items: - type: string - type: array - required: - - name - - source - user: - type: object - properties: - domain: - items: - type: string - type: array - email: - items: - type: string - type: array - full_name: - items: - type: string - type: array - hash: - items: - type: string - type: array - id: - items: - type: string - type: array - name: - type: string - risk: - $ref: >- - #/components/schemas/Security_Entity_Analytics_API_EntityRiskScoreRecord - roles: - items: - type: string - type: array - required: - - name - required: - - '@timestamp' - - user - - entity - Security_Exceptions_API_CreateExceptionListItemComment: - type: object - properties: - comment: - $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' - required: - - comment - Security_Exceptions_API_CreateExceptionListItemCommentArray: - items: - $ref: >- - #/components/schemas/Security_Exceptions_API_CreateExceptionListItemComment - type: array - Security_Exceptions_API_CreateRuleExceptionListItemComment: - type: object - properties: - comment: - $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' - required: - - comment - Security_Exceptions_API_CreateRuleExceptionListItemCommentArray: - items: - $ref: >- - #/components/schemas/Security_Exceptions_API_CreateRuleExceptionListItemComment - type: array - Security_Exceptions_API_CreateRuleExceptionListItemProps: - type: object - properties: - comments: - $ref: >- - #/components/schemas/Security_Exceptions_API_CreateRuleExceptionListItemCommentArray - default: [] - description: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListItemDescription - entries: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListItemEntryArray - expire_time: - format: date-time - type: string - item_id: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListItemHumanId - meta: - $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListItemMeta' - name: - $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListItemName' - namespace_type: - $ref: '#/components/schemas/Security_Exceptions_API_ExceptionNamespaceType' - default: single - os_types: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListItemOsTypeArray - default: [] - tags: - $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListItemTags' - default: [] - type: - $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListItemType' - required: - - type - - name - - description - - entries - Security_Exceptions_API_ExceptionList: - type: object - properties: - _version: - type: string - created_at: - format: date-time - type: string - created_by: - type: string - description: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListDescription - id: - $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListId' - immutable: - type: boolean - list_id: - $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListHumanId' - meta: - $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListMeta' - name: - $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListName' - namespace_type: - $ref: '#/components/schemas/Security_Exceptions_API_ExceptionNamespaceType' - os_types: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListOsTypeArray - tags: - $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListTags' - tie_breaker_id: - type: string - type: - $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListType' - updated_at: - format: date-time - type: string - updated_by: - type: string - version: - $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListVersion' - required: - - id - - list_id - - type - - name - - description - - immutable - - namespace_type - - version - - tie_breaker_id - - created_at - - created_by - - updated_at - - updated_by - Security_Exceptions_API_ExceptionListDescription: - type: string - Security_Exceptions_API_ExceptionListHumanId: - $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' - description: Human readable string identifier, e.g. `trusted-linux-processes` - Security_Exceptions_API_ExceptionListId: - $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' - Security_Exceptions_API_ExceptionListItem: - type: object - properties: - _version: - type: string - comments: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListItemCommentArray - created_at: - format: date-time - type: string - created_by: - type: string - description: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListItemDescription - entries: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListItemEntryArray - expire_time: - format: date-time - type: string - id: - $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListItemId' - item_id: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListItemHumanId - list_id: - $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListHumanId' - meta: - $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListItemMeta' - name: - $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListItemName' - namespace_type: - $ref: '#/components/schemas/Security_Exceptions_API_ExceptionNamespaceType' - os_types: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListItemOsTypeArray - tags: - $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListItemTags' - tie_breaker_id: - type: string - type: - $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListItemType' - updated_at: - format: date-time - type: string - updated_by: - type: string - required: - - id - - item_id - - list_id - - type - - name - - description - - entries - - namespace_type - - comments - - tie_breaker_id - - created_at - - created_by - - updated_at - - updated_by - Security_Exceptions_API_ExceptionListItemComment: - type: object - properties: - comment: - $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' - created_at: - format: date-time - type: string - created_by: - $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' - id: - $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' - updated_at: - format: date-time - type: string - updated_by: - $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' - required: - - id - - comment - - created_at - - created_by - Security_Exceptions_API_ExceptionListItemCommentArray: - items: - $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListItemComment' - type: array - Security_Exceptions_API_ExceptionListItemDescription: - type: string - Security_Exceptions_API_ExceptionListItemEntry: - anyOf: - - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListItemEntryMatch - - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListItemEntryMatchAny - - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListItemEntryList - - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListItemEntryExists - - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListItemEntryNested - - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListItemEntryMatchWildcard - discriminator: - propertyName: type - Security_Exceptions_API_ExceptionListItemEntryArray: - items: - $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListItemEntry' - type: array - Security_Exceptions_API_ExceptionListItemEntryExists: - type: object - properties: - field: - $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' - operator: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListItemEntryOperator - type: - enum: - - exists - type: string - required: - - type - - field - - operator - Security_Exceptions_API_ExceptionListItemEntryList: - type: object - properties: - field: - $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' - list: - type: object - properties: - id: - $ref: '#/components/schemas/Security_Exceptions_API_ListId' - type: - $ref: '#/components/schemas/Security_Exceptions_API_ListType' - required: - - id - - type - operator: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListItemEntryOperator - type: - enum: - - list - type: string - required: - - type - - field - - list - - operator - Security_Exceptions_API_ExceptionListItemEntryMatch: - type: object - properties: - field: - $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' - operator: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListItemEntryOperator - type: - enum: - - match - type: string - value: - $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' - required: - - type - - field - - value - - operator - Security_Exceptions_API_ExceptionListItemEntryMatchAny: - type: object - properties: - field: - $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' - operator: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListItemEntryOperator - type: - enum: - - match_any - type: string - value: - items: - $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' - minItems: 1 - type: array - required: - - type - - field - - value - - operator - Security_Exceptions_API_ExceptionListItemEntryMatchWildcard: - type: object - properties: - field: - $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' - operator: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListItemEntryOperator - type: - enum: - - wildcard - type: string - value: - $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' - required: - - type - - field - - value - - operator - Security_Exceptions_API_ExceptionListItemEntryNested: - type: object - properties: - entries: - items: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListItemEntryNestedEntryItem - minItems: 1 - type: array - field: - $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' - type: - enum: - - nested - type: string - required: - - type - - field - - entries - Security_Exceptions_API_ExceptionListItemEntryNestedEntryItem: - oneOf: - - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListItemEntryMatch - - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListItemEntryMatchAny - - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListItemEntryExists - Security_Exceptions_API_ExceptionListItemEntryOperator: - enum: - - excluded - - included - type: string - Security_Exceptions_API_ExceptionListItemHumanId: - $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' - Security_Exceptions_API_ExceptionListItemId: - $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' - Security_Exceptions_API_ExceptionListItemMeta: - additionalProperties: true - type: object - Security_Exceptions_API_ExceptionListItemName: - $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' - Security_Exceptions_API_ExceptionListItemOsTypeArray: - items: - $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListOsType' - type: array - Security_Exceptions_API_ExceptionListItemTags: - items: - $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' - type: array - Security_Exceptions_API_ExceptionListItemType: - enum: - - simple - type: string - Security_Exceptions_API_ExceptionListMeta: - additionalProperties: true - type: object - Security_Exceptions_API_ExceptionListName: - type: string - Security_Exceptions_API_ExceptionListOsType: - enum: - - linux - - macos - - windows - type: string - Security_Exceptions_API_ExceptionListOsTypeArray: - items: - $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListOsType' - type: array - Security_Exceptions_API_ExceptionListsImportBulkError: - type: object - properties: - error: - type: object - properties: - message: - type: string - status_code: - type: integer - required: - - status_code - - message - id: - $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListId' - item_id: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListItemHumanId - list_id: - $ref: '#/components/schemas/Security_Exceptions_API_ExceptionListHumanId' - required: - - error - Security_Exceptions_API_ExceptionListsImportBulkErrorArray: - items: - $ref: >- - #/components/schemas/Security_Exceptions_API_ExceptionListsImportBulkError - type: array - Security_Exceptions_API_ExceptionListTags: - items: - type: string - type: array - Security_Exceptions_API_ExceptionListType: - enum: - - detection - - rule_default - - endpoint - - endpoint_trusted_apps - - endpoint_events - - endpoint_host_isolation_exceptions - - endpoint_blocklists - type: string - Security_Exceptions_API_ExceptionListVersion: - minimum: 1 - type: integer - Security_Exceptions_API_ExceptionNamespaceType: - description: > - Determines whether the exception container is available in all Kibana - spaces or just the space - - in which it is created, where: - - - - `single`: Only available in the Kibana space in which it is created. - - - `agnostic`: Available in all Kibana spaces. - enum: - - agnostic - - single - type: string - Security_Exceptions_API_FindExceptionListItemsFilter: - $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' - Security_Exceptions_API_FindExceptionListsFilter: - type: string - Security_Exceptions_API_ListId: - $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' - Security_Exceptions_API_ListType: - enum: - - binary - - boolean - - byte - - date - - date_nanos - - date_range - - double - - double_range - - float - - float_range - - geo_point - - geo_shape - - half_float - - integer - - integer_range - - ip - - ip_range - - keyword - - long - - long_range - - shape - - short - - text - type: string - Security_Exceptions_API_NonEmptyString: - description: A string that is not empty and does not contain only whitespace - minLength: 1 - pattern: ^(?! *$).+$ - type: string - Security_Exceptions_API_PlatformErrorResponse: - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: integer - required: - - statusCode - - error - - message - Security_Exceptions_API_RuleId: - $ref: '#/components/schemas/Security_Exceptions_API_UUID' - Security_Exceptions_API_SiemErrorResponse: - type: object - properties: - message: - type: string - status_code: - type: integer - required: - - status_code - - message - Security_Exceptions_API_UpdateExceptionListItemComment: - type: object - properties: - comment: - $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' - id: - $ref: '#/components/schemas/Security_Exceptions_API_NonEmptyString' - required: - - comment - Security_Exceptions_API_UpdateExceptionListItemCommentArray: - items: - $ref: >- - #/components/schemas/Security_Exceptions_API_UpdateExceptionListItemComment - type: array - Security_Exceptions_API_UUID: - description: A universally unique identifier - format: uuid - type: string - Security_Lists_API_FindListItemsCursor: - $ref: '#/components/schemas/Security_Lists_API_NonEmptyString' - Security_Lists_API_FindListItemsFilter: - type: string - Security_Lists_API_FindListsCursor: - $ref: '#/components/schemas/Security_Lists_API_NonEmptyString' - Security_Lists_API_FindListsFilter: - type: string - Security_Lists_API_List: - type: object - properties: - _version: - type: string - '@timestamp': - format: date-time - type: string - created_at: - format: date-time - type: string - created_by: - type: string - description: - $ref: '#/components/schemas/Security_Lists_API_ListDescription' - deserializer: - type: string - id: - $ref: '#/components/schemas/Security_Lists_API_ListId' - immutable: - type: boolean - meta: - $ref: '#/components/schemas/Security_Lists_API_ListMetadata' - name: - $ref: '#/components/schemas/Security_Lists_API_ListName' - serializer: - type: string - tie_breaker_id: - type: string - type: - $ref: '#/components/schemas/Security_Lists_API_ListType' - updated_at: - format: date-time - type: string - updated_by: - type: string - version: - minimum: 1 - type: integer - required: - - id - - type - - name - - description - - immutable - - version - - tie_breaker_id - - created_at - - created_by - - updated_at - - updated_by - Security_Lists_API_ListDescription: - $ref: '#/components/schemas/Security_Lists_API_NonEmptyString' - Security_Lists_API_ListId: - $ref: '#/components/schemas/Security_Lists_API_NonEmptyString' - Security_Lists_API_ListItem: - type: object - properties: - _version: - type: string - '@timestamp': - format: date-time - type: string - created_at: - format: date-time - type: string - created_by: - type: string - deserializer: - type: string - id: - $ref: '#/components/schemas/Security_Lists_API_ListItemId' - list_id: - $ref: '#/components/schemas/Security_Lists_API_ListId' - meta: - $ref: '#/components/schemas/Security_Lists_API_ListItemMetadata' - serializer: - type: string - tie_breaker_id: - type: string - type: - $ref: '#/components/schemas/Security_Lists_API_ListType' - updated_at: - format: date-time - type: string - updated_by: - type: string - value: - $ref: '#/components/schemas/Security_Lists_API_ListItemValue' - required: - - id - - type - - list_id - - value - - tie_breaker_id - - created_at - - created_by - - updated_at - - updated_by - Security_Lists_API_ListItemId: - $ref: '#/components/schemas/Security_Lists_API_NonEmptyString' - Security_Lists_API_ListItemMetadata: - additionalProperties: true - type: object - Security_Lists_API_ListItemPrivileges: - type: object - properties: - application: - additionalProperties: - type: boolean - type: object - cluster: - additionalProperties: - type: boolean - type: object - has_all_requested: - type: boolean - index: - additionalProperties: - additionalProperties: - type: boolean - type: object - type: object - username: - type: string - required: - - username - - has_all_requested - - cluster - - index - - application - Security_Lists_API_ListItemValue: - $ref: '#/components/schemas/Security_Lists_API_NonEmptyString' - Security_Lists_API_ListMetadata: - additionalProperties: true - type: object - Security_Lists_API_ListName: - $ref: '#/components/schemas/Security_Lists_API_NonEmptyString' - Security_Lists_API_ListPrivileges: - type: object - properties: - application: - additionalProperties: - type: boolean - type: object - cluster: - additionalProperties: - type: boolean - type: object - has_all_requested: - type: boolean - index: - additionalProperties: - additionalProperties: - type: boolean - type: object - type: object - username: - type: string - required: - - username - - has_all_requested - - cluster - - index - - application - Security_Lists_API_ListType: - enum: - - binary - - boolean - - byte - - date - - date_nanos - - date_range - - double - - double_range - - float - - float_range - - geo_point - - geo_shape - - half_float - - integer - - integer_range - - ip - - ip_range - - keyword - - long - - long_range - - shape - - short - - text - type: string - Security_Lists_API_NonEmptyString: - description: A string that is not empty and does not contain only whitespace - minLength: 1 - pattern: ^(?! *$).+$ - type: string - Security_Lists_API_PlatformErrorResponse: - type: object - properties: - error: - type: string - message: - type: string - statusCode: - type: integer - required: - - statusCode - - error - - message - Security_Lists_API_SiemErrorResponse: - type: object - properties: - message: - type: string - status_code: - type: integer - required: - - status_code - - message - Security_Osquery_API_ArrayQueries: - items: - $ref: '#/components/schemas/Security_Osquery_API_ArrayQueriesItem' - type: array - Security_Osquery_API_ArrayQueriesItem: - type: object - properties: - ecs_mapping: - $ref: '#/components/schemas/Security_Osquery_API_ECSMappingOrUndefined' - id: - $ref: '#/components/schemas/Security_Osquery_API_Id' - platform: - $ref: '#/components/schemas/Security_Osquery_API_PlatformOrUndefined' - query: - $ref: '#/components/schemas/Security_Osquery_API_Query' - removed: - $ref: '#/components/schemas/Security_Osquery_API_RemovedOrUndefined' - snapshot: - $ref: '#/components/schemas/Security_Osquery_API_SnapshotOrUndefined' - version: - $ref: '#/components/schemas/Security_Osquery_API_VersionOrUndefined' - Security_Osquery_API_CreateLiveQueryRequestBody: - type: object - properties: - agent_all: - type: boolean - agent_ids: - items: - type: string - type: array - agent_platforms: - items: - type: string - type: array - agent_policy_ids: - items: - type: string - type: array - alert_ids: - items: - type: string - type: array - case_ids: - items: - type: string - type: array - ecs_mapping: - $ref: '#/components/schemas/Security_Osquery_API_ECSMappingOrUndefined' - event_ids: - items: - type: string - type: array - metadata: - nullable: true - type: object - pack_id: - $ref: '#/components/schemas/Security_Osquery_API_PackIdOrUndefined' - queries: - $ref: '#/components/schemas/Security_Osquery_API_ArrayQueries' - query: - $ref: '#/components/schemas/Security_Osquery_API_QueryOrUndefined' - saved_query_id: - $ref: '#/components/schemas/Security_Osquery_API_SavedQueryIdOrUndefined' - Security_Osquery_API_CreatePacksRequestBody: - type: object - properties: - description: - $ref: '#/components/schemas/Security_Osquery_API_DescriptionOrUndefined' - enabled: - $ref: '#/components/schemas/Security_Osquery_API_EnabledOrUndefined' - name: - $ref: '#/components/schemas/Security_Osquery_API_PackName' - policy_ids: - $ref: '#/components/schemas/Security_Osquery_API_PolicyIdsOrUndefined' - queries: - $ref: '#/components/schemas/Security_Osquery_API_ObjectQueries' - shards: - $ref: '#/components/schemas/Security_Osquery_API_Shards' - Security_Osquery_API_CreateSavedQueryRequestBody: - type: object - properties: - description: - $ref: '#/components/schemas/Security_Osquery_API_DescriptionOrUndefined' - ecs_mapping: - $ref: '#/components/schemas/Security_Osquery_API_ECSMappingOrUndefined' - id: - $ref: '#/components/schemas/Security_Osquery_API_SavedQueryId' - interval: - $ref: '#/components/schemas/Security_Osquery_API_Interval' - platform: - $ref: '#/components/schemas/Security_Osquery_API_DescriptionOrUndefined' - query: - $ref: '#/components/schemas/Security_Osquery_API_QueryOrUndefined' - removed: - $ref: '#/components/schemas/Security_Osquery_API_RemovedOrUndefined' - snapshot: - $ref: '#/components/schemas/Security_Osquery_API_SnapshotOrUndefined' - version: - $ref: '#/components/schemas/Security_Osquery_API_VersionOrUndefined' - Security_Osquery_API_DefaultSuccessResponse: - type: object - properties: {} - Security_Osquery_API_Description: - type: string - Security_Osquery_API_DescriptionOrUndefined: - $ref: '#/components/schemas/Security_Osquery_API_Description' - nullable: true - Security_Osquery_API_ECSMapping: - additionalProperties: - $ref: '#/components/schemas/Security_Osquery_API_ECSMappingItem' - type: object - Security_Osquery_API_ECSMappingItem: - type: object - properties: - field: - type: string - value: - oneOf: - - type: string - - items: - type: string - type: array - Security_Osquery_API_ECSMappingOrUndefined: - $ref: '#/components/schemas/Security_Osquery_API_ECSMapping' - nullable: true - Security_Osquery_API_Enabled: - type: boolean - Security_Osquery_API_EnabledOrUndefined: - $ref: '#/components/schemas/Security_Osquery_API_Enabled' - nullable: true - Security_Osquery_API_FindLiveQueryRequestQuery: - type: object - properties: - kuery: - $ref: '#/components/schemas/Security_Osquery_API_KueryOrUndefined' - page: - $ref: '#/components/schemas/Security_Osquery_API_PageOrUndefined' - pageSize: - $ref: '#/components/schemas/Security_Osquery_API_PageSizeOrUndefined' - sort: - $ref: '#/components/schemas/Security_Osquery_API_SortOrUndefined' - sortOrder: - $ref: '#/components/schemas/Security_Osquery_API_SortOrderOrUndefined' - Security_Osquery_API_FindPacksRequestQuery: - type: object - properties: - page: - $ref: '#/components/schemas/Security_Osquery_API_PageOrUndefined' - pageSize: - $ref: '#/components/schemas/Security_Osquery_API_PageSizeOrUndefined' - sort: - $ref: '#/components/schemas/Security_Osquery_API_SortOrUndefined' - sortOrder: - $ref: '#/components/schemas/Security_Osquery_API_SortOrderOrUndefined' - Security_Osquery_API_FindSavedQueryRequestQuery: - type: object - properties: - page: - $ref: '#/components/schemas/Security_Osquery_API_PageOrUndefined' - pageSize: - $ref: '#/components/schemas/Security_Osquery_API_PageSizeOrUndefined' - sort: - $ref: '#/components/schemas/Security_Osquery_API_SortOrUndefined' - sortOrder: - $ref: '#/components/schemas/Security_Osquery_API_SortOrderOrUndefined' - Security_Osquery_API_GetLiveQueryResultsRequestQuery: - type: object - properties: - kuery: - $ref: '#/components/schemas/Security_Osquery_API_KueryOrUndefined' - page: - $ref: '#/components/schemas/Security_Osquery_API_PageOrUndefined' - pageSize: - $ref: '#/components/schemas/Security_Osquery_API_PageSizeOrUndefined' - sort: - $ref: '#/components/schemas/Security_Osquery_API_SortOrUndefined' - sortOrder: - $ref: '#/components/schemas/Security_Osquery_API_SortOrderOrUndefined' - Security_Osquery_API_Id: - type: string - Security_Osquery_API_Interval: - type: string - Security_Osquery_API_IntervalOrUndefined: - $ref: '#/components/schemas/Security_Osquery_API_Interval' - nullable: true - Security_Osquery_API_KueryOrUndefined: - nullable: true - type: string - Security_Osquery_API_ObjectQueries: - additionalProperties: - $ref: '#/components/schemas/Security_Osquery_API_ObjectQueriesItem' - type: object - Security_Osquery_API_ObjectQueriesItem: - type: object - properties: - ecs_mapping: - $ref: '#/components/schemas/Security_Osquery_API_ECSMappingOrUndefined' - id: - $ref: '#/components/schemas/Security_Osquery_API_Id' - platform: - $ref: '#/components/schemas/Security_Osquery_API_PlatformOrUndefined' - query: - $ref: '#/components/schemas/Security_Osquery_API_Query' - removed: - $ref: '#/components/schemas/Security_Osquery_API_RemovedOrUndefined' - saved_query_id: - $ref: '#/components/schemas/Security_Osquery_API_SavedQueryIdOrUndefined' - snapshot: - $ref: '#/components/schemas/Security_Osquery_API_SnapshotOrUndefined' - version: - $ref: '#/components/schemas/Security_Osquery_API_VersionOrUndefined' - Security_Osquery_API_PackId: - type: string - Security_Osquery_API_PackIdOrUndefined: - $ref: '#/components/schemas/Security_Osquery_API_PackId' - nullable: true - Security_Osquery_API_PackName: - type: string - Security_Osquery_API_PageOrUndefined: - nullable: true - type: integer - Security_Osquery_API_PageSizeOrUndefined: - nullable: true - type: integer - Security_Osquery_API_Platform: - type: string - Security_Osquery_API_PlatformOrUndefined: - $ref: '#/components/schemas/Security_Osquery_API_Platform' - nullable: true - Security_Osquery_API_PolicyIds: - items: - type: string - type: array - Security_Osquery_API_PolicyIdsOrUndefined: - $ref: '#/components/schemas/Security_Osquery_API_PolicyIds' - nullable: true - Security_Osquery_API_Query: - type: string - Security_Osquery_API_QueryOrUndefined: - $ref: '#/components/schemas/Security_Osquery_API_Query' - nullable: true - Security_Osquery_API_Removed: - type: boolean - Security_Osquery_API_RemovedOrUndefined: - $ref: '#/components/schemas/Security_Osquery_API_Removed' - nullable: true - Security_Osquery_API_SavedQueryId: - type: string - Security_Osquery_API_SavedQueryIdOrUndefined: - $ref: '#/components/schemas/Security_Osquery_API_SavedQueryId' - nullable: true - Security_Osquery_API_Shards: - additionalProperties: - type: number - type: object - Security_Osquery_API_Snapshot: - type: boolean - Security_Osquery_API_SnapshotOrUndefined: - $ref: '#/components/schemas/Security_Osquery_API_Snapshot' - nullable: true - Security_Osquery_API_SortOrderOrUndefined: - oneOf: - - nullable: true - type: string - - enum: - - asc - - desc - Security_Osquery_API_SortOrUndefined: - nullable: true - type: string - Security_Osquery_API_UpdatePacksRequestBody: - type: object - properties: - description: - $ref: '#/components/schemas/Security_Osquery_API_DescriptionOrUndefined' - enabled: - $ref: '#/components/schemas/Security_Osquery_API_EnabledOrUndefined' - id: - $ref: '#/components/schemas/Security_Osquery_API_PackId' - policy_ids: - $ref: '#/components/schemas/Security_Osquery_API_PolicyIdsOrUndefined' - queries: - $ref: '#/components/schemas/Security_Osquery_API_ObjectQueries' - shards: - $ref: '#/components/schemas/Security_Osquery_API_Shards' - Security_Osquery_API_UpdateSavedQueryRequestBody: - type: object - properties: - description: - $ref: '#/components/schemas/Security_Osquery_API_DescriptionOrUndefined' - ecs_mapping: - $ref: '#/components/schemas/Security_Osquery_API_ECSMappingOrUndefined' - id: - $ref: '#/components/schemas/Security_Osquery_API_SavedQueryId' - interval: - $ref: '#/components/schemas/Security_Osquery_API_IntervalOrUndefined' - platform: - $ref: '#/components/schemas/Security_Osquery_API_DescriptionOrUndefined' - query: - $ref: '#/components/schemas/Security_Osquery_API_QueryOrUndefined' - removed: - $ref: '#/components/schemas/Security_Osquery_API_RemovedOrUndefined' - snapshot: - $ref: '#/components/schemas/Security_Osquery_API_SnapshotOrUndefined' - version: - $ref: '#/components/schemas/Security_Osquery_API_VersionOrUndefined' - Security_Osquery_API_Version: - type: string - Security_Osquery_API_VersionOrUndefined: - $ref: '#/components/schemas/Security_Osquery_API_Version' - nullable: true - Security_Timeline_API_AssociatedFilterType: - description: Filter notes based on their association with a document or saved object. - enum: - - all - - document_only - - saved_object_only - - document_and_saved_object - - orphan - type: string - Security_Timeline_API_BareNote: - type: object - properties: - created: - nullable: true - type: number - createdBy: - nullable: true - type: string - eventId: - nullable: true - type: string - note: - nullable: true - type: string - timelineId: - type: string - updated: - nullable: true - type: number - updatedBy: - nullable: true - type: string - required: - - timelineId - Security_Timeline_API_BarePinnedEvent: - type: object - properties: - created: - nullable: true - type: number - createdBy: - nullable: true - type: string - eventId: - type: string - timelineId: - type: string - updated: - nullable: true - type: number - updatedBy: - nullable: true - type: string - required: - - eventId - - timelineId - Security_Timeline_API_ColumnHeaderResult: - type: object - properties: - aggregatable: - nullable: true - type: boolean - category: - nullable: true - type: string - columnHeaderType: - nullable: true - type: string - description: - nullable: true - type: string - example: - nullable: true - type: string - id: - nullable: true - type: string - indexes: - items: - type: string - nullable: true - type: array - name: - nullable: true - type: string - placeholder: - nullable: true - type: string - searchable: - nullable: true - type: boolean - type: - nullable: true - type: string - Security_Timeline_API_DataProviderQueryMatch: - type: object - properties: - enabled: - nullable: true - type: boolean - excluded: - nullable: true - type: boolean - id: - nullable: true - type: string - kqlQuery: - nullable: true - type: string - name: - nullable: true - type: string - queryMatch: - $ref: '#/components/schemas/Security_Timeline_API_QueryMatchResult' - nullable: true - type: - $ref: '#/components/schemas/Security_Timeline_API_DataProviderType' - nullable: true - Security_Timeline_API_DataProviderResult: - type: object - properties: - and: - items: - $ref: '#/components/schemas/Security_Timeline_API_DataProviderQueryMatch' - nullable: true - type: array - enabled: - nullable: true - type: boolean - excluded: - nullable: true - type: boolean - id: - nullable: true - type: string - kqlQuery: - nullable: true - type: string - name: - nullable: true - type: string - queryMatch: - $ref: '#/components/schemas/Security_Timeline_API_QueryMatchResult' - nullable: true - type: - $ref: '#/components/schemas/Security_Timeline_API_DataProviderType' - nullable: true - Security_Timeline_API_DataProviderType: - description: >- - The type of data provider to create. Valid values are `default` and - `template`. - enum: - - default - - template - type: string - Security_Timeline_API_DocumentIds: - oneOf: - - items: - type: string - type: array - - type: string - Security_Timeline_API_FavoriteTimelineResponse: - type: object - properties: - code: - nullable: true - type: number - favorite: - items: - $ref: '#/components/schemas/Security_Timeline_API_FavoriteTimelineResult' - type: array - message: - nullable: true - type: string - savedObjectId: - type: string - templateTimelineId: - nullable: true - type: string - templateTimelineVersion: - nullable: true - type: number - timelineType: - $ref: '#/components/schemas/Security_Timeline_API_TimelineType' - version: - type: string - required: - - savedObjectId - - version - Security_Timeline_API_FavoriteTimelineResult: - type: object - properties: - favoriteDate: - nullable: true - type: number - fullName: - nullable: true - type: string - userName: - nullable: true - type: string - Security_Timeline_API_FilterTimelineResult: - type: object - properties: - exists: - nullable: true - type: string - match_all: - nullable: true - type: string - meta: - nullable: true - type: object - properties: - alias: - nullable: true - type: string - controlledBy: - nullable: true - type: string - disabled: - nullable: true - type: boolean - field: - nullable: true - type: string - formattedValue: - nullable: true - type: string - index: - nullable: true - type: string - key: - nullable: true - type: string - negate: - nullable: true - type: boolean - params: - nullable: true - type: string - type: - nullable: true - type: string - value: - nullable: true - type: string - missing: - nullable: true - type: string - query: - nullable: true - type: string - range: - nullable: true - type: string - script: - nullable: true - type: string - Security_Timeline_API_GetNotesResult: - type: object - properties: - notes: - items: - $ref: '#/components/schemas/Security_Timeline_API_Note' - type: array - totalCount: - type: number - required: - - totalCount - - notes - Security_Timeline_API_ImportTimelineResult: - type: object - properties: - errors: - items: - type: object - properties: - error: - type: object - properties: - message: - type: string - status_code: - type: number - id: - type: string - type: array - success: - type: boolean - success_count: - type: number - timelines_installed: - type: number - timelines_updated: - type: number - Security_Timeline_API_ImportTimelines: - allOf: - - $ref: '#/components/schemas/Security_Timeline_API_SavedTimeline' - - type: object - properties: - eventNotes: - items: - $ref: '#/components/schemas/Security_Timeline_API_BareNote' - nullable: true - type: array - globalNotes: - items: - $ref: '#/components/schemas/Security_Timeline_API_BareNote' - nullable: true - type: array - pinnedEventIds: - items: - type: string - nullable: true - type: array - savedObjectId: - nullable: true - type: string - version: - nullable: true - type: string - required: - - savedObjectId - - version - - pinnedEventIds - - eventNotes - - globalNotes - Security_Timeline_API_Note: - allOf: - - $ref: '#/components/schemas/Security_Timeline_API_BareNote' - - type: object - properties: - noteId: - type: string - version: - type: string - required: - - noteId - - version - Security_Timeline_API_PersistPinnedEventResponse: - oneOf: - - allOf: - - $ref: '#/components/schemas/Security_Timeline_API_PinnedEvent' - - $ref: >- - #/components/schemas/Security_Timeline_API_PinnedEventBaseResponseBody - - nullable: true - type: object - Security_Timeline_API_PersistTimelineResponse: - type: object - properties: - data: - type: object - properties: - persistTimeline: - type: object - properties: - timeline: - $ref: '#/components/schemas/Security_Timeline_API_TimelineResponse' - required: - - timeline - required: - - persistTimeline - required: - - data - Security_Timeline_API_PinnedEvent: - allOf: - - $ref: '#/components/schemas/Security_Timeline_API_BarePinnedEvent' - - type: object - properties: - pinnedEventId: - type: string - version: - type: string - required: - - pinnedEventId - - version - Security_Timeline_API_PinnedEventBaseResponseBody: - type: object - properties: - code: - type: number - message: - type: string - required: - - code - Security_Timeline_API_QueryMatchResult: - type: object - properties: - displayField: - nullable: true - type: string - displayValue: - nullable: true - type: string - field: - nullable: true - type: string - operator: - nullable: true - type: string - value: - oneOf: - - nullable: true - type: string - - items: - type: string - nullable: true - type: array - Security_Timeline_API_ResolvedTimeline: - type: object - properties: - alias_purpose: - $ref: >- - #/components/schemas/Security_Timeline_API_SavedObjectResolveAliasPurpose - alias_target_id: - type: string - outcome: - $ref: '#/components/schemas/Security_Timeline_API_SavedObjectResolveOutcome' - timeline: - $ref: >- - #/components/schemas/Security_Timeline_API_TimelineSavedToReturnObject - required: - - timeline - - outcome - Security_Timeline_API_ResponseNote: - type: object - properties: - code: - type: number - message: - type: string - note: - $ref: '#/components/schemas/Security_Timeline_API_Note' - required: - - code - - message - - note - Security_Timeline_API_RowRendererId: - enum: - - alert - - alerts - - auditd - - auditd_file - - library - - netflow - - plain - - registry - - suricata - - system - - system_dns - - system_endgame_process - - system_file - - system_fim - - system_security_event - - system_socket - - threat_match - - zeek - type: string - Security_Timeline_API_SavedObjectIds: - oneOf: - - items: - type: string - type: array - - type: string - Security_Timeline_API_SavedObjectResolveAliasPurpose: - enum: - - savedObjectConversion - - savedObjectImport - type: string - Security_Timeline_API_SavedObjectResolveOutcome: - enum: - - exactMatch - - aliasMatch - - conflict - type: string - Security_Timeline_API_SavedTimeline: - type: object - properties: - columns: - items: - $ref: '#/components/schemas/Security_Timeline_API_ColumnHeaderResult' - nullable: true - type: array - created: - nullable: true - type: number - createdBy: - nullable: true - type: string - dataProviders: - items: - $ref: '#/components/schemas/Security_Timeline_API_DataProviderResult' - nullable: true - type: array - dataViewId: - nullable: true - type: string - dateRange: - nullable: true - type: object - properties: - end: - oneOf: - - nullable: true - type: string - - nullable: true - type: number - start: - oneOf: - - nullable: true - type: string - - nullable: true - type: number - description: - nullable: true - type: string - eqlOptions: - nullable: true - type: object - properties: - eventCategoryField: - nullable: true - type: string - query: - nullable: true - type: string - size: - oneOf: - - nullable: true - type: string - - nullable: true - type: number - tiebreakerField: - nullable: true - type: string - timestampField: - nullable: true - type: string - eventType: - nullable: true - type: string - excludedRowRendererIds: - items: - $ref: '#/components/schemas/Security_Timeline_API_RowRendererId' - nullable: true - type: array - favorite: - items: - $ref: '#/components/schemas/Security_Timeline_API_FavoriteTimelineResult' - nullable: true - type: array - filters: - items: - $ref: '#/components/schemas/Security_Timeline_API_FilterTimelineResult' - nullable: true - type: array - indexNames: - items: - type: string - nullable: true - type: array - kqlMode: - nullable: true - type: string - kqlQuery: - $ref: >- - #/components/schemas/Security_Timeline_API_SerializedFilterQueryResult - nullable: true - savedQueryId: - nullable: true - type: string - savedSearchId: - nullable: true - type: string - sort: - $ref: '#/components/schemas/Security_Timeline_API_Sort' - nullable: true - status: - enum: - - active - - draft - - immutable - nullable: true - type: string - templateTimelineId: - nullable: true - type: string - templateTimelineVersion: - nullable: true - type: number - timelineType: - $ref: '#/components/schemas/Security_Timeline_API_TimelineType' - nullable: true - title: - nullable: true - type: string - updated: - nullable: true - type: number - updatedBy: - nullable: true - type: string - Security_Timeline_API_SavedTimelineWithSavedObjectId: - allOf: - - $ref: '#/components/schemas/Security_Timeline_API_SavedTimeline' - - type: object - properties: - savedObjectId: - type: string - version: - type: string - required: - - savedObjectId - - version - Security_Timeline_API_SerializedFilterQueryResult: - type: object - properties: - filterQuery: - nullable: true - type: object - properties: - kuery: - nullable: true - type: object - properties: - expression: - nullable: true - type: string - kind: - nullable: true - type: string - serializedQuery: - nullable: true - type: string - Security_Timeline_API_Sort: - oneOf: - - $ref: '#/components/schemas/Security_Timeline_API_SortObject' - - items: - $ref: '#/components/schemas/Security_Timeline_API_SortObject' - type: array - Security_Timeline_API_SortFieldTimeline: - description: The field to sort the timelines by. - enum: - - title - - description - - updated - - created - type: string - Security_Timeline_API_SortObject: - type: object - properties: - columnId: - nullable: true - type: string - columnType: - nullable: true - type: string - sortDirection: - nullable: true - type: string - Security_Timeline_API_TimelineResponse: - allOf: - - $ref: '#/components/schemas/Security_Timeline_API_SavedTimeline' - - $ref: >- - #/components/schemas/Security_Timeline_API_SavedTimelineWithSavedObjectId - - type: object - properties: - eventIdToNoteIds: - items: - $ref: '#/components/schemas/Security_Timeline_API_Note' - nullable: true - type: array - noteIds: - items: - type: string - nullable: true - type: array - notes: - items: - $ref: '#/components/schemas/Security_Timeline_API_Note' - nullable: true - type: array - pinnedEventIds: - items: - type: string - nullable: true - type: array - pinnedEventsSaveObject: - items: - $ref: '#/components/schemas/Security_Timeline_API_PinnedEvent' - nullable: true - type: array - Security_Timeline_API_TimelineSavedToReturnObject: - allOf: - - $ref: '#/components/schemas/Security_Timeline_API_SavedTimeline' - - type: object - properties: - eventIdToNoteIds: - items: - $ref: '#/components/schemas/Security_Timeline_API_Note' - nullable: true - type: array - noteIds: - items: - type: string - nullable: true - type: array - notes: - items: - $ref: '#/components/schemas/Security_Timeline_API_Note' - nullable: true - type: array - pinnedEventIds: - items: - type: string - nullable: true - type: array - pinnedEventsSaveObject: - items: - $ref: '#/components/schemas/Security_Timeline_API_PinnedEvent' - nullable: true - type: array - savedObjectId: - type: string - version: - type: string - required: - - savedObjectId - - version - Security_Timeline_API_TimelineStatus: - description: >- - The status of the timeline. Valid values are `active`, `draft`, and - `immutable`. - enum: - - active - - draft - - immutable - type: string - Security_Timeline_API_TimelineType: - description: >- - The type of timeline to create. Valid values are `default` and - `template`. - enum: - - default - - template - type: string - SLOs_400_response: - title: Bad request - type: object - properties: - error: - example: Bad Request - type: string - message: - example: 'Invalid value ''foo'' supplied to: [...]' - type: string - statusCode: - example: 400 - type: number - required: - - statusCode - - error - - message - SLOs_401_response: - title: Unauthorized - type: object - properties: - error: - example: Unauthorized - type: string - message: - example: "[security_exception\n\tRoot causes:\n\t\tsecurity_exception: unable to authenticate user [elastics] for REST request [/_security/_authenticate]]: unable to authenticate user [elastics] for REST request [/_security/_authenticate]" - type: string - statusCode: - example: 401 - type: number - required: - - statusCode - - error - - message - SLOs_403_response: - title: Unauthorized - type: object - properties: - error: - example: Unauthorized - type: string - message: - example: "[security_exception\n\tRoot causes:\n\t\tsecurity_exception: unable to authenticate user [elastics] for REST request [/_security/_authenticate]]: unable to authenticate user [elastics] for REST request [/_security/_authenticate]" - type: string - statusCode: - example: 403 - type: number - required: - - statusCode - - error - - message - SLOs_404_response: - title: Not found - type: object - properties: - error: - example: Not Found - type: string - message: - example: SLO [3749f390-03a3-11ee-8139-c7ff60a1692d] not found - type: string - statusCode: - example: 404 - type: number - required: - - statusCode - - error - - message - SLOs_409_response: - title: Conflict - type: object - properties: - error: - example: Conflict - type: string - message: - example: SLO [d077e940-1515-11ee-9c50-9d096392f520] already exists - type: string - statusCode: - example: 409 - type: number - required: - - statusCode - - error - - message - SLOs_budgeting_method: - description: The budgeting method to use when computing the rollup data. - enum: - - occurrences - - timeslices - example: occurrences - title: Budgeting method - type: string - SLOs_create_slo_request: - description: > - The create SLO API request body varies depending on the type of - indicator, time window and budgeting method. - properties: - budgetingMethod: - $ref: '#/components/schemas/SLOs_budgeting_method' - description: - description: A description for the SLO. - type: string - groupBy: - $ref: '#/components/schemas/SLOs_group_by' - id: - description: >- - A optional and unique identifier for the SLO. Must be between 8 and - 36 chars - example: my-super-slo-id - type: string - indicator: - oneOf: - - $ref: '#/components/schemas/SLOs_indicator_properties_custom_kql' - - $ref: '#/components/schemas/SLOs_indicator_properties_apm_availability' - - $ref: '#/components/schemas/SLOs_indicator_properties_apm_latency' - - $ref: '#/components/schemas/SLOs_indicator_properties_custom_metric' - - $ref: '#/components/schemas/SLOs_indicator_properties_histogram' - - $ref: '#/components/schemas/SLOs_indicator_properties_timeslice_metric' - name: - description: A name for the SLO. - type: string - objective: - $ref: '#/components/schemas/SLOs_objective' - settings: - $ref: '#/components/schemas/SLOs_settings' - tags: - description: List of tags - items: - type: string - type: array - timeWindow: - $ref: '#/components/schemas/SLOs_time_window' - required: - - name - - description - - indicator - - timeWindow - - budgetingMethod - - objective - title: Create SLO request - type: object - SLOs_create_slo_response: - title: Create SLO response - type: object - properties: - id: - example: 8853df00-ae2e-11ed-90af-09bb6422b258 - type: string - required: - - id - SLOs_delete_slo_instances_request: - description: > - The delete SLO instances request takes a list of SLO id and instance id, - then delete the rollup and summary data. This API can be used to remove - the staled data of an instance SLO that no longer get updated. - properties: - list: - description: An array of slo id and instance id - items: - type: object - properties: - instanceId: - description: The SLO instance identifier - example: 8853df00-ae2e-11ed-90af-09bb6422b258 - type: string - sloId: - description: The SLO unique identifier - example: 8853df00-ae2e-11ed-90af-09bb6422b258 - type: string - required: - - sloId - - instanceId - type: array - required: - - list - title: Delete SLO instances request - type: object - SLOs_error_budget: - title: Error budget - type: object - properties: - consumed: - description: The error budget consummed, as a percentage of the initial value. - example: 0.8 - type: number - initial: - description: The initial error budget, as 1 - objective - example: 0.02 - type: number - isEstimated: - description: >- - Only for SLO defined with occurrences budgeting method and calendar - aligned time window. - example: true - type: boolean - remaining: - description: The error budget remaining, as a percentage of the initial value. - example: 0.2 - type: number - required: - - initial - - consumed - - remaining - - isEstimated - SLOs_filter: - description: Defines properties for a filter - properties: - meta: - $ref: '#/components/schemas/SLOs_filter_meta' - query: - type: object - title: Filter - type: object - SLOs_filter_meta: - description: Defines properties for a filter - properties: - alias: - nullable: true - type: string - controlledBy: - type: string - disabled: - type: boolean - field: - type: string - group: - type: string - index: - type: string - isMultiIndex: - type: boolean - key: - type: string - negate: - type: boolean - params: - type: object - type: - type: string - value: - type: string - title: FilterMeta - type: object - SLOs_find_slo_response: - description: | - A paginated response of SLOs matching the query. - properties: - page: - example: 1 - type: number - perPage: - example: 25 - type: number - results: - items: - $ref: '#/components/schemas/SLOs_slo_with_summary_response' - type: array - total: - example: 34 - type: number - title: Find SLO response - type: object - SLOs_group_by: - description: >- - optional group by field or fields to use to generate an SLO per distinct - value - example: - - - service.name - - service.name - - - service.name - - service.environment - oneOf: - - type: string - - items: - type: string - type: array - title: Group by - SLOs_indicator_properties_apm_availability: - description: Defines properties for the APM availability indicator type - type: object - properties: - params: - description: An object containing the indicator parameters. - nullable: false - type: object - properties: - environment: - description: The APM service environment or "*" - example: production - type: string - filter: - description: KQL query used for filtering the data - example: 'service.foo : "bar"' - type: string - index: - description: The index used by APM metrics - example: metrics-apm*,apm* - type: string - service: - description: The APM service name - example: o11y-app - type: string - transactionName: - description: The APM transaction name or "*" - example: GET /my/api - type: string - transactionType: - description: The APM transaction type or "*" - example: request - type: string - required: - - service - - environment - - transactionType - - transactionName - - index - type: - description: The type of indicator. - example: sli.apm.transactionDuration - type: string - required: - - type - - params - title: APM availability - SLOs_indicator_properties_apm_latency: - description: Defines properties for the APM latency indicator type - type: object - properties: - params: - description: An object containing the indicator parameters. - nullable: false - type: object - properties: - environment: - description: The APM service environment or "*" - example: production - type: string - filter: - description: KQL query used for filtering the data - example: 'service.foo : "bar"' - type: string - index: - description: The index used by APM metrics - example: metrics-apm*,apm* - type: string - service: - description: The APM service name - example: o11y-app - type: string - threshold: - description: The latency threshold in milliseconds - example: 250 - type: number - transactionName: - description: The APM transaction name or "*" - example: GET /my/api - type: string - transactionType: - description: The APM transaction type or "*" - example: request - type: string - required: - - service - - environment - - transactionType - - transactionName - - index - - threshold - type: - description: The type of indicator. - example: sli.apm.transactionDuration - type: string - required: - - type - - params - title: APM latency - SLOs_indicator_properties_custom_kql: - description: Defines properties for a custom query indicator type - type: object - properties: - params: - description: An object containing the indicator parameters. - nullable: false - type: object - properties: - dataViewId: - description: >- - The kibana data view id to use, primarily used to include data - view runtime mappings. Make sure to save SLO again if you - add/update run time fields to the data view and if those fields - are being used in slo queries. - example: 03b80ab3-003d-498b-881c-3beedbaf1162 - type: string - filter: - $ref: '#/components/schemas/SLOs_kql_with_filters' - good: - $ref: '#/components/schemas/SLOs_kql_with_filters_good' - index: - description: The index or index pattern to use - example: my-service-* - type: string - timestampField: - description: | - The timestamp field used in the source indice. - example: timestamp - type: string - total: - $ref: '#/components/schemas/SLOs_kql_with_filters_total' - required: - - index - - timestampField - - good - - total - type: - description: The type of indicator. - example: sli.kql.custom - type: string - required: - - type - - params - title: Custom Query - SLOs_indicator_properties_custom_metric: - description: Defines properties for a custom metric indicator type - type: object - properties: - params: - description: An object containing the indicator parameters. - nullable: false - type: object - properties: - dataViewId: - description: >- - The kibana data view id to use, primarily used to include data - view runtime mappings. Make sure to save SLO again if you - add/update run time fields to the data view and if those fields - are being used in slo queries. - example: 03b80ab3-003d-498b-881c-3beedbaf1162 - type: string - filter: - description: the KQL query to filter the documents with. - example: 'field.environment : "production" and service.name : "my-service"' - type: string - good: - description: | - An object defining the "good" metrics and equation - type: object - properties: - equation: - description: The equation to calculate the "good" metric. - example: A - type: string - metrics: - description: >- - List of metrics with their name, aggregation type, and - field. - items: - type: object - properties: - aggregation: - description: >- - The aggregation type of the metric. Only valid option - is "sum" - enum: - - sum - example: sum - type: string - field: - description: The field of the metric. - example: processor.processed - type: string - filter: - description: The filter to apply to the metric. - example: 'processor.outcome: "success"' - type: string - name: - description: The name of the metric. Only valid options are A-Z - example: A - pattern: ^[A-Z]$ - type: string - required: - - name - - aggregation - - field - type: array - required: - - metrics - - equation - index: - description: The index or index pattern to use - example: my-service-* - type: string - timestampField: - description: | - The timestamp field used in the source indice. - example: timestamp - type: string - total: - description: | - An object defining the "total" metrics and equation - type: object - properties: - equation: - description: The equation to calculate the "total" metric. - example: A - type: string - metrics: - description: >- - List of metrics with their name, aggregation type, and - field. - items: - type: object - properties: - aggregation: - description: >- - The aggregation type of the metric. Only valid option - is "sum" - enum: - - sum - example: sum - type: string - field: - description: The field of the metric. - example: processor.processed - type: string - filter: - description: The filter to apply to the metric. - example: 'processor.outcome: *' - type: string - name: - description: The name of the metric. Only valid options are A-Z - example: A - pattern: ^[A-Z]$ - type: string - required: - - name - - aggregation - - field - type: array - required: - - metrics - - equation - required: - - index - - timestampField - - good - - total - type: - description: The type of indicator. - example: sli.metric.custom - type: string - required: - - type - - params - title: Custom metric - SLOs_indicator_properties_histogram: - description: Defines properties for a histogram indicator type - type: object - properties: - params: - description: An object containing the indicator parameters. - nullable: false - type: object - properties: - dataViewId: - description: >- - The kibana data view id to use, primarily used to include data - view runtime mappings. Make sure to save SLO again if you - add/update run time fields to the data view and if those fields - are being used in slo queries. - example: 03b80ab3-003d-498b-881c-3beedbaf1162 - type: string - filter: - description: the KQL query to filter the documents with. - example: 'field.environment : "production" and service.name : "my-service"' - type: string - good: - description: | - An object defining the "good" events - type: object - properties: - aggregation: - description: The type of aggregation to use. - enum: - - value_count - - range - example: value_count - type: string - field: - description: The field use to aggregate the good events. - example: processor.latency - type: string - filter: - description: The filter for good events. - example: 'processor.outcome: "success"' - type: string - from: - description: >- - The starting value of the range. Only required for "range" - aggregations. - example: 0 - type: number - to: - description: >- - The ending value of the range. Only required for "range" - aggregations. - example: 100 - type: number - required: - - aggregation - - field - index: - description: The index or index pattern to use - example: my-service-* - type: string - timestampField: - description: | - The timestamp field used in the source indice. - example: timestamp - type: string - total: - description: | - An object defining the "total" events - type: object - properties: - aggregation: - description: The type of aggregation to use. - enum: - - value_count - - range - example: value_count - type: string - field: - description: The field use to aggregate the good events. - example: processor.latency - type: string - filter: - description: The filter for total events. - example: 'processor.outcome : *' - type: string - from: - description: >- - The starting value of the range. Only required for "range" - aggregations. - example: 0 - type: number - to: - description: >- - The ending value of the range. Only required for "range" - aggregations. - example: 100 - type: number - required: - - aggregation - - field - required: - - index - - timestampField - - good - - total - type: - description: The type of indicator. - example: sli.histogram.custom - type: string - required: - - type - - params - title: Histogram indicator - SLOs_indicator_properties_timeslice_metric: - description: Defines properties for a timeslice metric indicator type - type: object - properties: - params: - description: An object containing the indicator parameters. - nullable: false - type: object - properties: - dataViewId: - description: >- - The kibana data view id to use, primarily used to include data - view runtime mappings. Make sure to save SLO again if you - add/update run time fields to the data view and if those fields - are being used in slo queries. - example: 03b80ab3-003d-498b-881c-3beedbaf1162 - type: string - filter: - description: the KQL query to filter the documents with. - example: 'field.environment : "production" and service.name : "my-service"' - type: string - index: - description: The index or index pattern to use - example: my-service-* - type: string - metric: - description: > - An object defining the metrics, equation, and threshold to - determine if it's a good slice or not - type: object - properties: - comparator: - description: >- - The comparator to use to compare the equation to the - threshold. - enum: - - GT - - GTE - - LT - - LTE - example: GT - type: string - equation: - description: The equation to calculate the metric. - example: A - type: string - metrics: - description: >- - List of metrics with their name, aggregation type, and - field. - items: - anyOf: - - $ref: >- - #/components/schemas/SLOs_timeslice_metric_basic_metric_with_field - - $ref: >- - #/components/schemas/SLOs_timeslice_metric_percentile_metric - - $ref: >- - #/components/schemas/SLOs_timeslice_metric_doc_count_metric - type: array - threshold: - description: >- - The threshold used to determine if the metric is a good - slice or not. - example: 100 - type: number - required: - - metrics - - equation - - comparator - - threshold - timestampField: - description: | - The timestamp field used in the source indice. - example: timestamp - type: string - required: - - index - - timestampField - - metric - type: - description: The type of indicator. - example: sli.metric.timeslice - type: string - required: - - type - - params - title: Timeslice metric - SLOs_kql_with_filters: - description: Defines properties for a filter - oneOf: - - description: the KQL query to filter the documents with. - example: 'field.environment : "production" and service.name : "my-service"' - type: string - - type: object - properties: - filters: - items: - $ref: '#/components/schemas/SLOs_filter' - type: array - kqlQuery: - type: string - title: KQL with filters - SLOs_kql_with_filters_good: - description: The KQL query used to define the good events. - oneOf: - - description: the KQL query to filter the documents with. - example: 'request.latency <= 150 and request.status_code : "2xx"' - type: string - - type: object - properties: - filters: - items: - $ref: '#/components/schemas/SLOs_filter' - type: array - kqlQuery: - type: string - title: KQL query for good events - SLOs_kql_with_filters_total: - description: The KQL query used to define all events. - oneOf: - - description: the KQL query to filter the documents with. - example: 'field.environment : "production" and service.name : "my-service"' - type: string - - type: object - properties: - filters: - items: - $ref: '#/components/schemas/SLOs_filter' - type: array - kqlQuery: - type: string - title: KQL query for all events - SLOs_objective: - description: Defines properties for the SLO objective - type: object - properties: - target: - description: the target objective between 0 and 1 excluded - example: 0.99 - exclusiveMaximum: true - exclusiveMinimum: true - maximum: 100 - minimum: 0 - type: number - timesliceTarget: - description: >- - the target objective for each slice when using a timeslices - budgeting method - example: 0.995 - maximum: 100 - minimum: 0 - type: number - timesliceWindow: - description: >- - the duration of each slice when using a timeslices budgeting method, - as {duraton}{unit} - example: 5m - type: string - required: - - target - title: Objective - SLOs_settings: - description: Defines properties for SLO settings. - properties: - frequency: - default: 1m - description: Configure how often the transform runs, default 1m - example: 5m - type: string - preventInitialBackfill: - default: false - description: Prevents the transform from backfilling data when it starts. - example: true - type: boolean - syncDelay: - default: 1m - description: The synch delay to apply to the transform. Default 1m - example: 5m - type: string - title: Settings - type: object - SLOs_slo_definition_response: - title: SLO definition response - type: object - properties: - budgetingMethod: - $ref: '#/components/schemas/SLOs_budgeting_method' - createdAt: - description: The creation date - example: '2023-01-12T10:03:19.000Z' - type: string - description: - description: The description of the SLO. - example: My SLO description - type: string - enabled: - description: Indicate if the SLO is enabled - example: true - type: boolean - groupBy: - $ref: '#/components/schemas/SLOs_group_by' - id: - description: The identifier of the SLO. - example: 8853df00-ae2e-11ed-90af-09bb6422b258 - type: string - indicator: - discriminator: - mapping: - sli.apm.transactionDuration: '#/components/schemas/SLOs_indicator_properties_apm_latency' - sli.apm.transactionErrorRate: '#/components/schemas/SLOs_indicator_properties_apm_availability' - sli.histogram.custom: '#/components/schemas/SLOs_indicator_properties_histogram' - sli.kql.custom: '#/components/schemas/SLOs_indicator_properties_custom_kql' - sli.metric.custom: '#/components/schemas/SLOs_indicator_properties_custom_metric' - sli.metric.timeslice: '#/components/schemas/SLOs_indicator_properties_timeslice_metric' - propertyName: type - oneOf: - - $ref: '#/components/schemas/SLOs_indicator_properties_custom_kql' - - $ref: '#/components/schemas/SLOs_indicator_properties_apm_availability' - - $ref: '#/components/schemas/SLOs_indicator_properties_apm_latency' - - $ref: '#/components/schemas/SLOs_indicator_properties_custom_metric' - - $ref: '#/components/schemas/SLOs_indicator_properties_histogram' - - $ref: '#/components/schemas/SLOs_indicator_properties_timeslice_metric' - name: - description: The name of the SLO. - example: My Service SLO - type: string - objective: - $ref: '#/components/schemas/SLOs_objective' - revision: - description: The SLO revision - example: 2 - type: number - settings: - $ref: '#/components/schemas/SLOs_settings' - tags: - description: List of tags - items: - type: string - type: array - timeWindow: - $ref: '#/components/schemas/SLOs_time_window' - updatedAt: - description: The last update date - example: '2023-01-12T10:03:19.000Z' - type: string - version: - description: The internal SLO version - example: 2 - type: number - required: - - id - - name - - description - - indicator - - timeWindow - - budgetingMethod - - objective - - settings - - revision - - enabled - - groupBy - - tags - - createdAt - - updatedAt - - version - SLOs_slo_with_summary_response: - title: SLO response - type: object - properties: - budgetingMethod: - $ref: '#/components/schemas/SLOs_budgeting_method' - createdAt: - description: The creation date - example: '2023-01-12T10:03:19.000Z' - type: string - description: - description: The description of the SLO. - example: My SLO description - type: string - enabled: - description: Indicate if the SLO is enabled - example: true - type: boolean - groupBy: - $ref: '#/components/schemas/SLOs_group_by' - id: - description: The identifier of the SLO. - example: 8853df00-ae2e-11ed-90af-09bb6422b258 - type: string - indicator: - discriminator: - mapping: - sli.apm.transactionDuration: '#/components/schemas/SLOs_indicator_properties_apm_latency' - sli.apm.transactionErrorRate: '#/components/schemas/SLOs_indicator_properties_apm_availability' - sli.histogram.custom: '#/components/schemas/SLOs_indicator_properties_histogram' - sli.kql.custom: '#/components/schemas/SLOs_indicator_properties_custom_kql' - sli.metric.custom: '#/components/schemas/SLOs_indicator_properties_custom_metric' - sli.metric.timeslice: '#/components/schemas/SLOs_indicator_properties_timeslice_metric' - propertyName: type - oneOf: - - $ref: '#/components/schemas/SLOs_indicator_properties_custom_kql' - - $ref: '#/components/schemas/SLOs_indicator_properties_apm_availability' - - $ref: '#/components/schemas/SLOs_indicator_properties_apm_latency' - - $ref: '#/components/schemas/SLOs_indicator_properties_custom_metric' - - $ref: '#/components/schemas/SLOs_indicator_properties_histogram' - - $ref: '#/components/schemas/SLOs_indicator_properties_timeslice_metric' - instanceId: - description: the value derived from the groupBy field, if present, otherwise '*' - example: host-abcde - type: string - name: - description: The name of the SLO. - example: My Service SLO - type: string - objective: - $ref: '#/components/schemas/SLOs_objective' - revision: - description: The SLO revision - example: 2 - type: number - settings: - $ref: '#/components/schemas/SLOs_settings' - summary: - $ref: '#/components/schemas/SLOs_summary' - tags: - description: List of tags - items: - type: string - type: array - timeWindow: - $ref: '#/components/schemas/SLOs_time_window' - updatedAt: - description: The last update date - example: '2023-01-12T10:03:19.000Z' - type: string - version: - description: The internal SLO version - example: 2 - type: number - required: - - id - - name - - description - - indicator - - timeWindow - - budgetingMethod - - objective - - settings - - revision - - summary - - enabled - - groupBy - - instanceId - - tags - - createdAt - - updatedAt - - version - SLOs_summary: - description: The SLO computed data - properties: - errorBudget: - $ref: '#/components/schemas/SLOs_error_budget' - sliValue: - example: 0.9836 - type: number - status: - $ref: '#/components/schemas/SLOs_summary_status' - required: - - status - - sliValue - - errorBudget - title: Summary - type: object - SLOs_summary_status: - enum: - - NO_DATA - - HEALTHY - - DEGRADING - - VIOLATED - example: HEALTHY - title: summary status - type: string - SLOs_time_window: - description: Defines properties for the SLO time window - type: object - properties: - duration: - description: >- - the duration formatted as {duration}{unit}. Accepted values for - rolling: 7d, 30d, 90d. Accepted values for calendar aligned: 1w - (weekly) or 1M (monthly) - example: 30d - type: string - type: - description: >- - Indicates weither the time window is a rolling or a calendar aligned - time window. - enum: - - rolling - - calendarAligned - example: rolling - type: string - required: - - duration - - type - title: Time window - SLOs_timeslice_metric_basic_metric_with_field: - type: object - properties: - aggregation: - description: The aggregation type of the metric. - enum: - - sum - - avg - - min - - max - - std_deviation - - last_value - - cardinality - example: sum - type: string - field: - description: The field of the metric. - example: processor.processed - type: string - filter: - description: The filter to apply to the metric. - example: 'processor.outcome: "success"' - type: string - name: - description: The name of the metric. Only valid options are A-Z - example: A - pattern: ^[A-Z]$ - type: string - required: - - name - - aggregation - - field - title: Timeslice Metric Basic Metric with Field - SLOs_timeslice_metric_doc_count_metric: - type: object - properties: - aggregation: - description: The aggregation type of the metric. Only valid option is "doc_count" - enum: - - doc_count - example: doc_count - type: string - filter: - description: The filter to apply to the metric. - example: 'processor.outcome: "success"' - type: string - name: - description: The name of the metric. Only valid options are A-Z - example: A - pattern: ^[A-Z]$ - type: string - required: - - name - - aggregation - title: Timeslice Metric Doc Count Metric - SLOs_timeslice_metric_percentile_metric: - type: object - properties: - aggregation: - description: >- - The aggregation type of the metric. Only valid option is - "percentile" - enum: - - percentile - example: percentile - type: string - field: - description: The field of the metric. - example: processor.processed - type: string - filter: - description: The filter to apply to the metric. - example: 'processor.outcome: "success"' - type: string - name: - description: The name of the metric. Only valid options are A-Z - example: A - pattern: ^[A-Z]$ - type: string - percentile: - description: The percentile value. - example: 95 - type: number - required: - - name - - aggregation - - field - - percentile - title: Timeslice Metric Percentile Metric - SLOs_update_slo_request: - description: > - The update SLO API request body varies depending on the type of - indicator, time window and budgeting method. Partial update is handled. - properties: - budgetingMethod: - $ref: '#/components/schemas/SLOs_budgeting_method' - description: - description: A description for the SLO. - type: string - groupBy: - $ref: '#/components/schemas/SLOs_group_by' - indicator: - oneOf: - - $ref: '#/components/schemas/SLOs_indicator_properties_custom_kql' - - $ref: '#/components/schemas/SLOs_indicator_properties_apm_availability' - - $ref: '#/components/schemas/SLOs_indicator_properties_apm_latency' - - $ref: '#/components/schemas/SLOs_indicator_properties_custom_metric' - - $ref: '#/components/schemas/SLOs_indicator_properties_histogram' - - $ref: '#/components/schemas/SLOs_indicator_properties_timeslice_metric' - name: - description: A name for the SLO. - type: string - objective: - $ref: '#/components/schemas/SLOs_objective' - settings: - $ref: '#/components/schemas/SLOs_settings' - tags: - description: List of tags - items: - type: string - type: array - timeWindow: - $ref: '#/components/schemas/SLOs_time_window' - title: Update SLO request - type: object - securitySchemes: - apiKeyAuth: - description: > - These APIs use key-based authentication. You must create an API key and - use the encoded value in the request header. For example: - `Authorization: ApiKey base64AccessApiKey` - in: header - name: Authorization - type: apiKey - basicAuth: - scheme: basic - type: http -security: - - apiKeyAuth: [] - - basicAuth: [] -tags: - - name: alerting - - description: > - Configure APM agent keys to authorize requests from APM agents to the APM - Server. - name: APM agent keys - - description: > - Annotate visualizations in the APM app with significant events. - Annotations enable you to easily see how events are impacting the - performance of your applications. - name: APM annotations - - description: Case APIs enable you to open and track issues. - name: cases - - name: connectors - - name: Data streams - - description: >- - Data view APIs enable you to manage data views, formerly known as Kibana - index patterns. - name: data views - - name: Elastic Agent actions - - name: Elastic Agent binary download sources - - name: Elastic Agent policies - - name: Elastic Agent status - - name: Elastic Agents - - name: Elastic Package Manager (EPM) - - name: Fleet enrollment API keys - - name: Fleet internals - - name: Fleet outputs - - name: Fleet package policies - - name: Fleet proxies - - name: Fleet Server hosts - - name: Fleet service tokens - - name: Fleet uninstall tokens - - name: Message Signing Service - - description: Machine learning - name: ml - - name: roles - - description: > - Export sets of saved objects that you want to import into {kib}, resolve - import errors, and rotate an encryption key for encrypted saved objects - with the saved objects APIs. - - - To manage a specific type of saved object, use the corresponding APIs. - - For example, use: - - - * [Data views](../group/endpoint-data-views) - - * [Spaces](https://www.elastic.co/guide/en/kibana/current/spaces-api.html) - - * [Short - URLs](https://www.elastic.co/guide/en/kibana/current/short-urls-api.html) - - - Warning: Do not write documents directly to the `.kibana` index. When you - write directly to the `.kibana` index, the data becomes corrupted and - permanently breaks future Kibana versions. - name: saved objects - x-displayName: Saved objects - - description: Manage and interact with Security Assistant resources. - name: Security AI Assistant API - x-displayName: Security AI assistant - - description: >- - You can create rules that automatically turn events and external alerts - sent to Elastic Security into detection alerts. These alerts are displayed - on the Detections page. - name: Security Detections API - x-displayName: Security detections - - description: >- - Endpoint Exceptions API allows you to manage detection rule endpoint - exceptions to prevent a rule from generating an alert from incoming events - even when the rule's other criteria are met. - name: Security Endpoint Exceptions API - x-displayName: Security endpoint exceptions - - description: Interact with and manage endpoints running the Elastic Defend integration. - name: Security Endpoint Management API - x-displayName: Security endpoint management - - description: '' - name: Security Entity Analytics API - x-displayName: Security entity analytics - - description: >- - Exceptions API allows you to manage detection rule exceptions to prevent a - rule from generating an alert from incoming events even when the rule's - other criteria are met. - name: Security Exceptions API - x-displayName: Security exceptions - - description: Lists API allows you to manage lists of keywords, IPs or IP ranges items. - name: Security Lists API - x-displayName: Security lists - - description: Run live queries, manage packs and saved queries. - name: Security Osquery API - x-displayName: Security Osquery - - description: >- - You can create Timelines and Timeline templates via the API, as well as - import new Timelines from an ndjson file. - name: Security Timeline API - x-displayName: Security timeline - - description: SLO APIs enable you to define, manage and track service-level objectives - name: slo - - name: spaces - - name: system diff --git a/oas_docs/output/kibana.yaml b/oas_docs/output/kibana.yaml index ac76216c78801b..da06e3748c05b9 100644 --- a/oas_docs/output/kibana.yaml +++ b/oas_docs/output/kibana.yaml @@ -18495,7 +18495,6 @@ paths: - Elastic Agents /api/fleet/agent-status: get: - deprecated: true operationId: '%2Fapi%2Ffleet%2Fagent-status#0' parameters: - description: The version of the API to use @@ -20198,7 +20197,6 @@ paths: tags: - Elastic Agent actions put: - deprecated: true operationId: '%2Fapi%2Ffleet%2Fagents%2F%7BagentId%7D%2Freassign#0' parameters: - description: The version of the API to use @@ -22051,7 +22049,6 @@ paths: - Fleet enrollment API keys /api/fleet/enrollment-api-keys: get: - deprecated: true operationId: '%2Fapi%2Ffleet%2Fenrollment-api-keys#0' parameters: - description: The version of the API to use @@ -22083,7 +22080,6 @@ paths: summary: '' tags: [] post: - deprecated: true operationId: '%2Fapi%2Ffleet%2Fenrollment-api-keys#1' parameters: - description: The version of the API to use @@ -22121,7 +22117,6 @@ paths: tags: [] /api/fleet/enrollment-api-keys/{keyId}: delete: - deprecated: true operationId: '%2Fapi%2Ffleet%2Fenrollment-api-keys%2F%7BkeyId%7D#1' parameters: - description: The version of the API to use @@ -22148,7 +22143,6 @@ paths: summary: '' tags: [] get: - deprecated: true operationId: '%2Fapi%2Ffleet%2Fenrollment-api-keys%2F%7BkeyId%7D#0' parameters: - description: The version of the API to use @@ -23863,7 +23857,6 @@ paths: - Elastic Package Manager (EPM) /api/fleet/epm/packages/{pkgkey}: delete: - deprecated: true operationId: '%2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7Bpkgkey%7D#3' parameters: - description: The version of the API to use @@ -23902,7 +23895,6 @@ paths: summary: '' tags: [] get: - deprecated: true operationId: '%2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7Bpkgkey%7D#0' parameters: - description: The version of the API to use @@ -23943,7 +23935,6 @@ paths: summary: '' tags: [] post: - deprecated: true operationId: '%2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7Bpkgkey%7D#2' parameters: - description: The version of the API to use @@ -23999,7 +23990,6 @@ paths: summary: '' tags: [] put: - deprecated: true operationId: '%2Fapi%2Ffleet%2Fepm%2Fpackages%2F%7Bpkgkey%7D#1' parameters: - description: The version of the API to use @@ -36962,7 +36952,6 @@ paths: - Fleet service tokens /api/fleet/service-tokens: post: - deprecated: true description: Create a service token operationId: '%2Fapi%2Ffleet%2Fservice-tokens#0' parameters: @@ -57277,9 +57266,7 @@ components: name: type: string source: - items: - type: string - type: array + type: string required: - name - source @@ -57431,9 +57418,7 @@ components: name: type: string source: - items: - type: string - type: array + type: string required: - name - source diff --git a/oas_docs/scripts/merge_ess_oas_staging.js b/oas_docs/scripts/merge_ess_oas_staging.js deleted file mode 100644 index e7c5eb719c9f63..00000000000000 --- a/oas_docs/scripts/merge_ess_oas_staging.js +++ /dev/null @@ -1,41 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the "Elastic License - * 2.0", the "GNU Affero General Public License v3.0 only", and the "Server Side - * Public License v 1"; you may not use this file except in compliance with, at - * your election, the "Elastic License 2.0", the "GNU Affero General Public - * License v3.0 only", or the "Server Side Public License, v 1". - */ - -require('../../src/setup_node_env'); -const { merge } = require('@kbn/openapi-bundler'); -const { REPO_ROOT } = require('@kbn/repo-info'); - -(async () => { - await merge({ - sourceGlobs: [ - `${REPO_ROOT}/oas_docs/bundle.json`, - `${REPO_ROOT}/x-pack/plugins/alerting/docs/openapi/bundled.yaml`, - `${REPO_ROOT}/x-pack/plugins/cases/docs/openapi/bundled.yaml`, - `${REPO_ROOT}/src/plugins/data_views/docs/openapi/bundled.yaml`, - `${REPO_ROOT}/x-pack/plugins/ml/common/openapi/ml_apis.yaml`, - `${REPO_ROOT}/packages/core/saved-objects/docs/openapi/bundled.yaml`, - - // Observability Solution - `${REPO_ROOT}/x-pack/plugins/observability_solution/apm/docs/openapi/apm.yaml`, - `${REPO_ROOT}/x-pack/plugins/observability_solution/slo/docs/openapi/slo/bundled.yaml`, - - // Security solution - `${REPO_ROOT}/x-pack/plugins/security_solution/docs/openapi/ess/*.schema.yaml`, - `${REPO_ROOT}/packages/kbn-securitysolution-lists-common/docs/openapi/ess/*.schema.yaml`, - `${REPO_ROOT}/packages/kbn-securitysolution-exceptions-common/docs/openapi/ess/*.schema.yaml`, - `${REPO_ROOT}/packages/kbn-securitysolution-endpoint-exceptions-common/docs/openapi/ess/*.schema.yaml`, - `${REPO_ROOT}/x-pack/packages/kbn-elastic-assistant-common/docs/openapi/ess/*.schema.yaml`, - `${REPO_ROOT}/x-pack/plugins/osquery/docs/openapi/ess/*.schema.yaml`, - ], - outputFilePath: `${REPO_ROOT}/oas_docs/output/kibana.staging.yaml`, - options: { - prototypeDocument: `${REPO_ROOT}/oas_docs/kibana.info.yaml`, - }, - }); -})(); diff --git a/oas_docs/scripts/merge_serverless_oas_staging.js b/oas_docs/scripts/merge_serverless_oas_staging.js deleted file mode 100644 index b918c7900196ec..00000000000000 --- a/oas_docs/scripts/merge_serverless_oas_staging.js +++ /dev/null @@ -1,39 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the "Elastic License - * 2.0", the "GNU Affero General Public License v3.0 only", and the "Server Side - * Public License v 1"; you may not use this file except in compliance with, at - * your election, the "Elastic License 2.0", the "GNU Affero General Public - * License v3.0 only", or the "Server Side Public License, v 1". - */ - -require('../../src/setup_node_env'); -const { merge } = require('@kbn/openapi-bundler'); -const { REPO_ROOT } = require('@kbn/repo-info'); - -(async () => { - await merge({ - sourceGlobs: [ - `${REPO_ROOT}/oas_docs/bundle.serverless.json`, - `${REPO_ROOT}/src/plugins/data_views/docs/openapi/bundled.yaml`, - `${REPO_ROOT}/x-pack/plugins/ml/common/openapi/ml_apis_serverless.yaml`, - `${REPO_ROOT}/packages/core/saved-objects/docs/openapi/bundled_serverless.yaml`, - - // Observability Solution - `${REPO_ROOT}/x-pack/plugins/observability_solution/apm/docs/openapi/apm.yaml`, - `${REPO_ROOT}/x-pack/plugins/observability_solution/slo/docs/openapi/slo/bundled.yaml`, - - // Security solution - `${REPO_ROOT}/x-pack/plugins/security_solution/docs/openapi/serverless/*.schema.yaml`, - `${REPO_ROOT}/packages/kbn-securitysolution-lists-common/docs/openapi/serverless/*.schema.yaml`, - `${REPO_ROOT}/packages/kbn-securitysolution-exceptions-common/docs/openapi/serverless/*.schema.yaml`, - `${REPO_ROOT}/packages/kbn-securitysolution-endpoint-exceptions-common/docs/openapi/serverless/*.schema.yaml`, - `${REPO_ROOT}/x-pack/packages/kbn-elastic-assistant-common/docs/openapi/serverless/*.schema.yaml`, - `${REPO_ROOT}/x-pack/plugins/osquery/docs/openapi/serverless/*.schema.yaml`, - ], - outputFilePath: `${REPO_ROOT}/oas_docs/output/kibana.serverless.staging.yaml`, - options: { - prototypeDocument: `${REPO_ROOT}/oas_docs/kibana.info.serverless.yaml`, - }, - }); -})(); diff --git a/package.json b/package.json index 51d1b7472c6dc9..9109461115299d 100644 --- a/package.json +++ b/package.json @@ -105,7 +105,6 @@ "@aws-crypto/sha256-js": "^5.2.0", "@aws-crypto/util": "^5.2.0", "@babel/runtime": "^7.24.7", - "@cfworker/json-schema": "^1.12.7", "@dagrejs/dagre": "^1.1.4", "@dnd-kit/core": "^6.1.0", "@dnd-kit/sortable": "^8.0.0", @@ -113,7 +112,7 @@ "@elastic/apm-rum": "^5.16.1", "@elastic/apm-rum-core": "^5.21.1", "@elastic/apm-rum-react": "^2.0.3", - "@elastic/charts": "68.0.0", + "@elastic/charts": "68.0.1", "@elastic/datemath": "5.0.3", "@elastic/ebt": "^1.1.1", "@elastic/ecs": "^8.11.1", @@ -452,6 +451,7 @@ "@kbn/default-nav-ml": "link:packages/default-nav/ml", "@kbn/dev-tools-plugin": "link:src/plugins/dev_tools", "@kbn/developer-examples-plugin": "link:examples/developer_examples", + "@kbn/discover-contextual-components": "link:packages/kbn-discover-contextual-components", "@kbn/discover-customization-examples-plugin": "link:examples/discover_customization_examples", "@kbn/discover-enhanced-plugin": "link:x-pack/plugins/discover_enhanced", "@kbn/discover-plugin": "link:src/plugins/discover", @@ -748,6 +748,7 @@ "@kbn/resizable-layout-examples-plugin": "link:examples/resizable_layout_examples", "@kbn/resolver-test-plugin": "link:x-pack/test/plugin_functional/plugins/resolver_test", "@kbn/response-ops-feature-flag-service": "link:packages/response-ops/feature_flag_service", + "@kbn/response-ops-rule-params": "link:packages/response-ops/rule_params", "@kbn/response-stream-plugin": "link:examples/response_stream", "@kbn/rison": "link:packages/kbn-rison", "@kbn/rollup": "link:x-pack/packages/rollup", @@ -1121,9 +1122,7 @@ "fastest-levenshtein": "^1.0.12", "fflate": "^0.6.9", "file-saver": "^1.3.8", - "flat": "5", "fnv-plus": "^1.3.1", - "font-awesome": "4.7.0", "formik": "^2.4.6", "fp-ts": "^2.3.1", "get-port": "^5.0.0", @@ -1136,7 +1135,6 @@ "he": "^1.2.0", "history": "^4.9.0", "hjson": "3.2.1", - "html2canvas": "^1.4.1", "http-proxy-agent": "^5.0.0", "https-proxy-agent": "^5.0.1", "i18n-iso-countries": "^4.3.1", @@ -1334,8 +1332,6 @@ "@elastic/synthetics": "^1.12.1", "@emotion/babel-preset-css-prop": "^11.11.0", "@emotion/jest": "^11.11.0", - "@formatjs/cli": "^6.2.8", - "@formatjs/cli-lib": "^6.3.8", "@frsource/cypress-plugin-visual-regression-diff": "^3.3.10", "@istanbuljs/nyc-config-typescript": "^1.0.2", "@istanbuljs/schema": "^0.1.2", @@ -1502,7 +1498,7 @@ "@octokit/rest": "^17.11.2", "@parcel/watcher": "^2.1.0", "@playwright/test": "=1.46.0", - "@redocly/cli": "^1.25.5", + "@redocly/cli": "^1.25.7", "@statoscope/webpack-plugin": "^5.28.2", "@storybook/addon-a11y": "^6.5.16", "@storybook/addon-actions": "^6.5.16", @@ -1531,9 +1527,6 @@ "@types/archiver": "^5.3.1", "@types/async": "^3.2.3", "@types/aws4": "^1.5.0", - "@types/babel__core": "^7.20.5", - "@types/babel__generator": "^7.6.4", - "@types/babel__helper-plugin-utils": "^7.10.0", "@types/base64-js": "^1.2.5", "@types/byte-size": "^8.1.0", "@types/chance": "^1.0.0", @@ -1559,13 +1552,11 @@ "@types/ejs": "^3.0.6", "@types/enzyme": "^3.10.12", "@types/eslint": "^8.44.2", - "@types/event-stream": "^4.0.5", "@types/express": "^4.17.21", "@types/extract-zip": "^1.6.2", "@types/faker": "^5.1.5", "@types/fetch-mock": "^7.3.1", "@types/file-saver": "^2.0.0", - "@types/flat": "^5.0.5", "@types/flot": "^0.0.31", "@types/fnv-plus": "^1.3.0", "@types/geojson": "^7946.0.10", @@ -1594,7 +1585,6 @@ "@types/lz-string": "^1.3.34", "@types/mapbox__vector-tile": "1.3.0", "@types/markdown-it": "^12.2.3", - "@types/md5": "^2.2.0", "@types/micromatch": "^4.0.2", "@types/mime": "^2.0.1", "@types/mime-types": "^2.1.0", @@ -1617,7 +1607,6 @@ "@types/papaparse": "^5.0.3", "@types/pbf": "3.0.2", "@types/pdfmake": "^0.2.2", - "@types/pegjs": "^0.10.1", "@types/picomatch": "^2.3.0", "@types/pidusage": "^2.0.2", "@types/pixelmatch": "^5.2.4", @@ -1649,7 +1638,6 @@ "@types/stats-lite": "^2.2.0", "@types/styled-components": "^5.1.0", "@types/supertest": "^6.0.2", - "@types/tapable": "^1.0.6", "@types/textarea-caret": "^3.0.1", "@types/tinycolor2": "^1.4.1", "@types/tough-cookie": "^4.0.5", @@ -1667,7 +1655,6 @@ "@types/yargs": "^15.0.0", "@types/yauzl": "^2.9.1", "@types/yazl": "^2.4.2", - "@types/zen-observable": "^0.8.0", "@typescript-eslint/eslint-plugin": "^5.62.0", "@typescript-eslint/parser": "^5.62.0", "@typescript-eslint/typescript-estree": "^5.62.0", @@ -1708,7 +1695,6 @@ "cypress-real-events": "^1.11.0", "cypress-recurse": "^1.35.2", "date-fns": "^2.29.3", - "debug": "^2.6.9", "dependency-check": "^4.1.0", "ejs": "^3.1.10", "enzyme": "^3.11.0", @@ -1745,7 +1731,6 @@ "gulp-postcss": "^9.0.1", "gulp-terser": "^2.1.0", "has-ansi": "^3.0.0", - "html": "1.0.0", "html-loader": "^1.3.2", "http-proxy": "^1.18.1", "http2-proxy": "^5.0.53", @@ -1792,7 +1777,6 @@ "oboe": "^2.1.4", "openapi-types": "^10.0.0", "p-reflect": "2.1.0", - "pbf": "3.2.1", "peggy": "^1.2.0", "picomatch": "^2.3.1", "pidusage": "^3.0.2", @@ -1836,7 +1820,7 @@ "terser": "^5.34.0", "terser-webpack-plugin": "^4.2.3", "tough-cookie": "^5.0.0", - "trace": "^3.1.1", + "trace": "^3.2.0", "tree-kill": "^1.2.2", "ts-morph": "^15.1.0", "tsd": "^0.31.1", diff --git a/packages/content-management/content_insights/content_insights_public/src/components/activity_view.tsx b/packages/content-management/content_insights/content_insights_public/src/components/activity_view.tsx index 60eadc9e50db93..360ccc1757581d 100644 --- a/packages/content-management/content_insights/content_insights_public/src/components/activity_view.tsx +++ b/packages/content-management/content_insights/content_insights_public/src/components/activity_view.tsx @@ -9,6 +9,7 @@ import { EuiFlexGroup, EuiFlexItem, EuiPanel, EuiSpacer, EuiText } from '@elastic/eui'; import { i18n } from '@kbn/i18n'; +import moment from 'moment-timezone'; import { FormattedMessage } from '@kbn/i18n-react'; import React from 'react'; import { @@ -97,10 +98,16 @@ export const ActivityView = ({ item }: ActivityViewProps) => { ); }; -const dateFormatter = new Intl.DateTimeFormat(i18n.getLocale(), { - dateStyle: 'long', - timeStyle: 'short', -}); +const formatDate = (time: string) => { + const locale = i18n.getLocale(); + const timeZone = moment().tz(); + + return new Intl.DateTimeFormat(locale, { + dateStyle: 'long', + timeStyle: 'short', + timeZone, + }).format(new Date(time)); +}; const ActivityCard = ({ what, @@ -130,7 +137,7 @@ const ActivityCard = ({ id="contentManagement.contentEditor.activity.lastUpdatedByDateTime" defaultMessage="on {dateTime}" values={{ - dateTime: dateFormatter.format(new Date(when)), + dateTime: formatDate(when), }} /> diff --git a/packages/content-management/table_list_view_table/src/actions.ts b/packages/content-management/table_list_view_table/src/actions.ts index ee2e96aadeb078..17f932f0e7b6d2 100644 --- a/packages/content-management/table_list_view_table/src/actions.ts +++ b/packages/content-management/table_list_view_table/src/actions.ts @@ -11,6 +11,7 @@ import type { IHttpFetchError } from '@kbn/core-http-browser'; import type { Query } from '@elastic/eui'; import type { UserContentCommonSchema } from '@kbn/content-management-table-list-view-common'; import type { State } from './table_list_view_table'; +import type { SearchQueryError } from './types'; /** Action to trigger a fetch of the table items */ export interface OnFetchItemsAction { @@ -72,8 +73,9 @@ export interface ShowConfirmDeleteItemsModalAction { export interface OnSearchQueryChangeAction { type: 'onSearchQueryChange'; data: { - query: Query; - text: string; + query?: Query; + text?: string; + error: SearchQueryError | null; }; } diff --git a/packages/content-management/table_list_view_table/src/components/index.ts b/packages/content-management/table_list_view_table/src/components/index.ts index f3024081cd58ea..beca60ccd16681 100644 --- a/packages/content-management/table_list_view_table/src/components/index.ts +++ b/packages/content-management/table_list_view_table/src/components/index.ts @@ -7,7 +7,7 @@ * License v3.0 only", or the "Server Side Public License, v 1". */ -export { Table } from './table'; +export { Table, FORBIDDEN_SEARCH_CHARS } from './table'; export { UpdatedAtField } from './updated_at_field'; export { ConfirmDeleteModal } from './confirm_delete_modal'; export { ListingLimitWarning } from './listing_limit_warning'; diff --git a/packages/content-management/table_list_view_table/src/components/table.tsx b/packages/content-management/table_list_view_table/src/components/table.tsx index 4a23f22ebf3520..66c0eaec4d1f8b 100644 --- a/packages/content-management/table_list_view_table/src/components/table.tsx +++ b/packages/content-management/table_list_view_table/src/components/table.tsx @@ -20,6 +20,8 @@ import { Search, type EuiTableSelectionType, useEuiTheme, + EuiCode, + EuiText, } from '@elastic/eui'; import { i18n } from '@kbn/i18n'; import type { UserContentCommonSchema } from '@kbn/content-management-table-list-view-common'; @@ -58,6 +60,8 @@ type TagManagementProps = Pick< 'addOrRemoveIncludeTagFilter' | 'addOrRemoveExcludeTagFilter' | 'tagsToTableItemMap' >; +export const FORBIDDEN_SEARCH_CHARS = '()[]{}<>+=\\"$#!¿?,;`\'/|&'; + interface Props extends State, TagManagementProps { dispatch: Dispatch>; entityName: string; @@ -219,6 +223,7 @@ export function Table({ }, [tableSortSelectFilter, tagFilterPanel, userFilterPanel]); const search = useMemo((): Search => { + const showHint = !!searchQuery.error && searchQuery.error.containsForbiddenChars; return { onChange: onTableSearchChange, toolsLeft: renderToolsLeft(), @@ -229,8 +234,31 @@ export function Table({ 'data-test-subj': 'tableListSearchBox', }, filters: searchFilters, + hint: { + content: ( + + {FORBIDDEN_SEARCH_CHARS}, + }} + /> + + ), + popoverProps: { + isOpen: showHint, + }, + }, }; - }, [onTableSearchChange, renderCreateButton, renderToolsLeft, searchFilters, searchQuery.query]); + }, [ + onTableSearchChange, + renderCreateButton, + renderToolsLeft, + searchFilters, + searchQuery.query, + searchQuery.error, + ]); const hasQueryOrFilters = Boolean(searchQuery.text || tableFilter.createdBy.length > 0); diff --git a/packages/content-management/table_list_view_table/src/reducer.tsx b/packages/content-management/table_list_view_table/src/reducer.tsx index 931b5225e71dbd..0ca05b97163a4a 100644 --- a/packages/content-management/table_list_view_table/src/reducer.tsx +++ b/packages/content-management/table_list_view_table/src/reducer.tsx @@ -84,14 +84,21 @@ export function getReducer() { }; } case 'onSearchQueryChange': { - if (action.data.text === state.searchQuery.text) { + if ( + action.data.text === state.searchQuery.text && + action.data.error === state.searchQuery.error + ) { return state; } return { ...state, - searchQuery: action.data, - isFetchingItems: true, + searchQuery: { + ...state.searchQuery, + ...action.data, + }, + isFetchingItems: + action.data.error === null && action.data.text !== state.searchQuery.text, }; } case 'onTableChange': { diff --git a/packages/content-management/table_list_view_table/src/table_list_view.test.tsx b/packages/content-management/table_list_view_table/src/table_list_view.test.tsx index a4e06fbb1e4a4b..38e05299184e41 100644 --- a/packages/content-management/table_list_view_table/src/table_list_view.test.tsx +++ b/packages/content-management/table_list_view_table/src/table_list_view.test.tsx @@ -1078,25 +1078,29 @@ describe('TableListView', () => { const findItems = jest.fn(); - const setupSearch = (...args: Parameters>) => { - const testBed = registerTestBed( - WithServices(TableListViewTable), - { - defaultProps: { - ...requiredProps, - findItems, - urlStateEnabled: false, - entityName: 'Foo', - entityNamePlural: 'Foos', - }, - memoryRouter: { wrapComponent: true }, - } - )(...args); + const setupSearch = async (...args: Parameters>) => { + let testBed: TestBed; - const { updateSearchText, getSearchBoxValue } = getActions(testBed); + await act(async () => { + testBed = registerTestBed( + WithServices(TableListViewTable), + { + defaultProps: { + ...requiredProps, + findItems, + urlStateEnabled: false, + entityName: 'Foo', + entityNamePlural: 'Foos', + }, + memoryRouter: { wrapComponent: true }, + } + )(...args); + }); + + const { updateSearchText, getSearchBoxValue } = getActions(testBed!); return { - testBed, + testBed: testBed!, updateSearchText, getSearchBoxValue, getLastCallArgsFromFindItems: () => findItems.mock.calls[findItems.mock.calls.length - 1], @@ -1108,15 +1112,8 @@ describe('TableListView', () => { }); test('should search the table items', async () => { - let testBed: TestBed; - let updateSearchText: (value: string) => Promise; - let getLastCallArgsFromFindItems: () => Parameters; - let getSearchBoxValue: () => string; - - await act(async () => { - ({ testBed, getLastCallArgsFromFindItems, getSearchBoxValue, updateSearchText } = - await setupSearch()); - }); + const { testBed, getLastCallArgsFromFindItems, getSearchBoxValue, updateSearchText } = + await setupSearch(); const { component, table } = testBed!; component.update(); @@ -1173,12 +1170,7 @@ describe('TableListView', () => { }); test('should search and render empty list if no result', async () => { - let testBed: TestBed; - let updateSearchText: (value: string) => Promise; - - await act(async () => { - ({ testBed, updateSearchText } = await setupSearch()); - }); + const { testBed, updateSearchText } = await setupSearch(); const { component, table, find } = testBed!; component.update(); @@ -1217,6 +1209,25 @@ describe('TableListView', () => { ] `); }); + + test('should show error hint when inserting invalid chars', async () => { + const { testBed, getLastCallArgsFromFindItems, getSearchBoxValue, updateSearchText } = + await setupSearch(); + + const { component, exists } = testBed; + component.update(); + + expect(exists('forbiddenCharErrorMessage')).toBe(false); + + const expected = '[foo'; + await updateSearchText!(expected); + expect(getSearchBoxValue!()).toBe(expected); + + expect(exists('forbiddenCharErrorMessage')).toBe(true); // hint is shown + + const [searchTerm] = getLastCallArgsFromFindItems!(); + expect(searchTerm).toBe(''); // no search has been made + }); }); describe('url state', () => { diff --git a/packages/content-management/table_list_view_table/src/table_list_view_table.tsx b/packages/content-management/table_list_view_table/src/table_list_view_table.tsx index 0f6df7c81533b0..1fe5123d541511 100644 --- a/packages/content-management/table_list_view_table/src/table_list_view_table.tsx +++ b/packages/content-management/table_list_view_table/src/table_list_view_table.tsx @@ -50,6 +50,7 @@ import { ListingLimitWarning, ItemDetails, UpdatedAtField, + FORBIDDEN_SEARCH_CHARS, } from './components'; import { useServices } from './services'; import type { SavedObjectsFindOptionsReference } from './services'; @@ -57,7 +58,7 @@ import { getReducer } from './reducer'; import { type SortColumnField, getInitialSorting, saveSorting } from './components'; import { useTags } from './use_tags'; import { useInRouterContext, useUrlState } from './use_url_state'; -import { RowActions, TableItemsRowActions } from './types'; +import type { RowActions, SearchQueryError, TableItemsRowActions } from './types'; import { sortByRecentlyAccessed } from './components/table_sort_select'; import { ContentEditorActivityRow } from './components/content_editor_activity_row'; @@ -146,6 +147,7 @@ export interface State({ hasCreatedByMetadata: false, hasRecentlyAccessedMetadata: recentlyAccessed ? recentlyAccessed.get().length > 0 : false, selectedIds: [], - searchQuery: { text: '', query: new Query(Ast.create([]), undefined, '') }, + searchQuery: { text: '', query: new Query(Ast.create([]), undefined, ''), error: null }, pagination: { pageIndex: 0, totalItemCount: 0, @@ -492,14 +496,14 @@ function TableListViewTableComp({ }, [searchQueryParser, searchQuery.text, findItems, onFetchSuccess, recentlyAccessed]); const updateQuery = useCallback( - (query: Query) => { - if (urlStateEnabled) { + (query: Query | null, error: SearchQueryError | null) => { + if (urlStateEnabled && query) { setUrlState({ s: query.text }); } dispatch({ type: 'onSearchQueryChange', - data: { query, text: query.text }, + data: query ? { query, text: query.text, error } : { error }, }); }, [urlStateEnabled, setUrlState] @@ -809,14 +813,32 @@ function TableListViewTableComp({ ); const onTableSearchChange = useCallback( - (arg: { query: Query | null; queryText: string }) => { - if (arg.query) { - updateQuery(arg.query); + (arg: { + query: Query | null; + queryText: string; + error?: { message: string; name: string }; + }) => { + const { query, queryText, error: _error } = arg; + + let error: SearchQueryError | null = null; + if (_error) { + const containsForbiddenChars = FORBIDDEN_SEARCH_CHARS_ARRAY.some((char) => + queryText.includes(char) + ); + error = { + ..._error, + queryText, + containsForbiddenChars, + }; + } + + if (query || error) { + updateQuery(query, error); } else { const idx = tableSearchChangeIdx.current + 1; - buildQueryFromText(arg.queryText).then((query) => { + buildQueryFromText(queryText).then((q) => { if (idx === tableSearchChangeIdx.current) { - updateQuery(query); + updateQuery(q, null); } }); } @@ -1036,6 +1058,7 @@ function TableListViewTableComp({ data: { query: updatedQuery, text, + error: null, }, }); }; @@ -1089,7 +1112,7 @@ function TableListViewTableComp({ useEffect(() => { if (initialQuery && !initialQueryInitialized.current) { initialQueryInitialized.current = true; - buildQueryFromText(initialQuery).then(updateQuery); + buildQueryFromText(initialQuery).then((q) => updateQuery(q, null)); } }, [initialQuery, buildQueryFromText, updateQuery]); diff --git a/packages/content-management/table_list_view_table/src/types.ts b/packages/content-management/table_list_view_table/src/types.ts index 0815aea627d386..a2c260454dfea1 100644 --- a/packages/content-management/table_list_view_table/src/types.ts +++ b/packages/content-management/table_list_view_table/src/types.ts @@ -27,3 +27,10 @@ export type RowActions = { export interface TableItemsRowActions { [id: string]: RowActions | undefined; } + +export interface SearchQueryError { + message: string; + name: string; + queryText: string; + containsForbiddenChars: boolean; +} diff --git a/packages/content-management/table_list_view_table/src/use_tags.ts b/packages/content-management/table_list_view_table/src/use_tags.ts index 36f6a7ce54421f..7e460ba5405fd5 100644 --- a/packages/content-management/table_list_view_table/src/use_tags.ts +++ b/packages/content-management/table_list_view_table/src/use_tags.ts @@ -10,7 +10,7 @@ import { useCallback, useMemo } from 'react'; import { Query } from '@elastic/eui'; import type { UserContentCommonSchema } from '@kbn/content-management-table-list-view-common'; -import type { Tag } from './types'; +import type { SearchQueryError, Tag } from './types'; type QueryUpdater = (query: Query, tag: Tag) => Query; @@ -20,7 +20,7 @@ export function useTags({ items, }: { query: Query; - updateQuery: (query: Query) => void; + updateQuery: (query: Query, error: SearchQueryError | null) => void; items: UserContentCommonSchema[]; }) { // Return a map of tag.id to an array of saved object ids having that tag @@ -47,7 +47,7 @@ export function useTags({ (tag: Tag, q: Query = query, doUpdate: boolean = true) => { const updatedQuery = queryUpdater(q, tag); if (doUpdate) { - updateQuery(updatedQuery); + updateQuery(updatedQuery, null); } return updatedQuery; }, @@ -147,7 +147,7 @@ export function useTags({ const clearTagSelection = useCallback(() => { const updatedQuery = query.removeOrFieldClauses('tag'); - updateQuery(updatedQuery); + updateQuery(updatedQuery, null); return updateQuery; }, [query, updateQuery]); diff --git a/packages/core/deprecations/core-deprecations-browser-internal/src/deprecations_client.test.ts b/packages/core/deprecations/core-deprecations-browser-internal/src/deprecations_client.test.ts index bfb4f35fa93f1a..38777474f136b3 100644 --- a/packages/core/deprecations/core-deprecations-browser-internal/src/deprecations_client.test.ts +++ b/packages/core/deprecations/core-deprecations-browser-internal/src/deprecations_client.test.ts @@ -135,7 +135,7 @@ describe('DeprecationsClient', () => { expect(result).toMatchInlineSnapshot(` Object { - "reason": "This deprecation cannot be resolved automatically.", + "reason": "This deprecation cannot be resolved automatically or marked as resolved.", "status": "fail", } `); diff --git a/packages/core/deprecations/core-deprecations-browser-internal/src/deprecations_client.ts b/packages/core/deprecations/core-deprecations-browser-internal/src/deprecations_client.ts index f1f473d726b7e9..bdcad406995a93 100644 --- a/packages/core/deprecations/core-deprecations-browser-internal/src/deprecations_client.ts +++ b/packages/core/deprecations/core-deprecations-browser-internal/src/deprecations_client.ts @@ -8,7 +8,7 @@ */ import { i18n } from '@kbn/i18n'; -import type { HttpStart } from '@kbn/core-http-browser'; +import type { HttpFetchOptionsWithPath, HttpStart } from '@kbn/core-http-browser'; import type { DomainDeprecationDetails, DeprecationsGetResponse, @@ -47,23 +47,15 @@ export class DeprecationsClient { return typeof details.correctiveActions.api === 'object'; }; - public resolveDeprecation = async ( + private getResolveFetchDetails = ( details: DomainDeprecationDetails - ): Promise => { + ): HttpFetchOptionsWithPath | undefined => { const { domainId, correctiveActions } = details; - // explicit check required for TS type guard - if (typeof correctiveActions.api !== 'object') { - return { - status: 'fail', - reason: i18n.translate('core.deprecations.noCorrectiveAction', { - defaultMessage: 'This deprecation cannot be resolved automatically.', - }), - }; - } - const { body, method, path, omitContextFromBody = false } = correctiveActions.api; - try { - await this.http.fetch({ + if (correctiveActions.api) { + const { body, method, path, omitContextFromBody = false } = correctiveActions.api; + + return { path, method, asSystemRequest: true, @@ -71,7 +63,54 @@ export class DeprecationsClient { ...body, ...(omitContextFromBody ? {} : { deprecationDetails: { domainId } }), }), - }); + }; + } + + if (correctiveActions.mark_as_resolved_api) { + const { routeMethod, routePath, routeVersion, apiTotalCalls, totalMarkedAsResolved } = + correctiveActions.mark_as_resolved_api; + const incrementBy = apiTotalCalls - totalMarkedAsResolved; + + return { + path: '/api/deprecations/mark_as_resolved', + method: 'POST', + asSystemRequest: true, + body: JSON.stringify({ + domainId, + routeMethod, + routePath, + routeVersion, + incrementBy, + }), + }; + } + }; + + public resolveDeprecation = async ( + details: DomainDeprecationDetails + ): Promise => { + const { correctiveActions } = details; + const noCorrectiveActionFail = { + status: 'fail' as const, + reason: i18n.translate('core.deprecations.noCorrectiveAction', { + defaultMessage: 'This deprecation cannot be resolved automatically or marked as resolved.', + }), + }; + + if ( + typeof correctiveActions.api !== 'object' && + typeof correctiveActions.mark_as_resolved_api !== 'object' + ) { + return noCorrectiveActionFail; + } + + try { + const fetchParams = this.getResolveFetchDetails(details); + if (!fetchParams) { + return noCorrectiveActionFail; + } + + await this.http.fetch(fetchParams); return { status: 'ok' }; } catch (err) { return { diff --git a/packages/core/deprecations/core-deprecations-common/src/types.ts b/packages/core/deprecations/core-deprecations-common/src/types.ts index bf9a4a673d7211..85da30b2c12876 100644 --- a/packages/core/deprecations/core-deprecations-common/src/types.ts +++ b/packages/core/deprecations/core-deprecations-common/src/types.ts @@ -22,7 +22,7 @@ export interface BaseDeprecationDetails { * The description message to be displayed for the deprecation. * Check the README for writing deprecations in `src/core/server/deprecations/README.mdx` */ - message: string; + message: string | string[]; /** * levels: * - warning: will not break deployment upon upgrade @@ -39,7 +39,7 @@ export interface BaseDeprecationDetails { * Predefined types are necessary to reduce having similar definitions with different keywords * across kibana deprecations. */ - deprecationType?: 'config' | 'feature'; + deprecationType?: 'config' | 'api' | 'feature'; /** (optional) link to the documentation for more details on the deprecation. */ documentationUrl?: string; /** (optional) specify the fix for this deprecation requires a full kibana restart. */ @@ -70,9 +70,31 @@ export interface BaseDeprecationDetails { * Check the README for writing deprecations in `src/core/server/deprecations/README.mdx` */ manualSteps: string[]; + /** + * (optional) The api to be called to mark the deprecation as resolved + * This corrective action when called should not resolve the deprecation + * instead it helps users track manually deprecated apis + * If the API used does resolve the deprecation use `correctiveActions.api` + */ + mark_as_resolved_api?: { + apiTotalCalls: number; + totalMarkedAsResolved: number; + timestamp: Date | number | string; + routePath: string; + routeMethod: string; + routeVersion?: string; + }; }; } +/** + * @public + */ +export interface ApiDeprecationDetails extends BaseDeprecationDetails { + apiId: string; + deprecationType: 'api'; +} + /** * @public */ @@ -91,7 +113,10 @@ export interface FeatureDeprecationDetails extends BaseDeprecationDetails { /** * @public */ -export type DeprecationsDetails = ConfigDeprecationDetails | FeatureDeprecationDetails; +export type DeprecationsDetails = + | ConfigDeprecationDetails + | ApiDeprecationDetails + | FeatureDeprecationDetails; /** * @public diff --git a/packages/core/deprecations/core-deprecations-server-internal/src/deprecations/api_deprecations.test.ts b/packages/core/deprecations/core-deprecations-server-internal/src/deprecations/api_deprecations.test.ts new file mode 100644 index 00000000000000..b431088152f3e3 --- /dev/null +++ b/packages/core/deprecations/core-deprecations-server-internal/src/deprecations/api_deprecations.test.ts @@ -0,0 +1,353 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the "Elastic License + * 2.0", the "GNU Affero General Public License v3.0 only", and the "Server Side + * Public License v 1"; you may not use this file except in compliance with, at + * your election, the "Elastic License 2.0", the "GNU Affero General Public + * License v3.0 only", or the "Server Side Public License, v 1". + */ + +import type { DeepPartial } from '@kbn/utility-types'; +import { mockDeprecationsRegistry, mockDeprecationsFactory } from '../mocks'; +import { + registerApiDeprecationsInfo, + buildApiDeprecationId, + createGetApiDeprecations, +} from './api_deprecations'; +import { RouterDeprecatedRouteDetails } from '@kbn/core-http-server'; +import { httpServiceMock } from '@kbn/core-http-server-mocks'; +import { + coreUsageDataServiceMock, + coreUsageStatsClientMock, +} from '@kbn/core-usage-data-server-mocks'; +import _ from 'lodash'; +import { CoreDeprecatedApiUsageStats } from '@kbn/core-usage-data-server'; + +describe('#registerApiDeprecationsInfo', () => { + const deprecationsFactory = mockDeprecationsFactory.create(); + const deprecationsRegistry = mockDeprecationsRegistry.create(); + let usageClientMock: ReturnType; + let http: ReturnType; + let coreUsageData: ReturnType; + + beforeEach(() => { + jest.clearAllMocks(); + usageClientMock = coreUsageStatsClientMock.create(); + http = httpServiceMock.createInternalSetupContract(); + coreUsageData = coreUsageDataServiceMock.createSetupContract(usageClientMock); + }); + + beforeAll(() => { + jest.useFakeTimers().setSystemTime(new Date('2024-10-17T12:06:41.224Z')); + }); + + afterAll(() => { + jest.useRealTimers(); + }); + + it('registers api deprecations', async () => { + deprecationsFactory.getRegistry.mockReturnValue(deprecationsRegistry); + registerApiDeprecationsInfo({ deprecationsFactory, coreUsageData, http }); + + expect(deprecationsFactory.getRegistry).toBeCalledWith('core.api_deprecations'); + expect(deprecationsRegistry.registerDeprecations).toBeCalledTimes(1); + expect(deprecationsRegistry.registerDeprecations).toBeCalledWith({ + getDeprecations: expect.any(Function), + }); + }); + + describe('#createGetApiDeprecations', () => { + const createDeprecatedRouteDetails = ( + overrides?: DeepPartial + ): RouterDeprecatedRouteDetails => + _.merge( + { + routeDeprecationOptions: { + documentationUrl: 'https://fake-url', + severity: 'critical', + reason: { + type: 'remove', + }, + }, + routeMethod: 'get', + routePath: '/api/test/', + routeVersion: '123', + } as RouterDeprecatedRouteDetails, + overrides + ); + + const createApiUsageStat = ( + apiId: string, + overrides?: DeepPartial + ): CoreDeprecatedApiUsageStats => + _.merge( + { + apiId, + totalMarkedAsResolved: 1, + markedAsResolvedLastCalledAt: '2024-10-17T12:06:41.224Z', + apiTotalCalls: 13, + apiLastCalledAt: '2024-09-01T10:06:41.224Z', + }, + overrides + ); + + it('returns removed type deprecated route', async () => { + const getDeprecations = createGetApiDeprecations({ coreUsageData, http }); + const deprecatedRoute = createDeprecatedRouteDetails({ + routePath: '/api/test_removed/', + routeDeprecationOptions: { reason: { type: 'remove' } }, + }); + http.getRegisteredDeprecatedApis.mockReturnValue([deprecatedRoute]); + usageClientMock.getDeprecatedApiUsageStats.mockResolvedValue([ + createApiUsageStat(buildApiDeprecationId(deprecatedRoute)), + ]); + + const deprecations = await getDeprecations(); + expect(deprecations).toMatchInlineSnapshot(` + Array [ + Object { + "apiId": "123|get|/api/test_removed", + "correctiveActions": Object { + "manualSteps": Array [ + "Identify the origin of these API calls.", + "This API no longer exists and no replacement is available. Delete any requests you have that use this API.", + "Check that you are no longer using the old API in any requests, and mark this issue as resolved. It will no longer appear in the Upgrade Assistant unless another call using this API is detected.", + ], + "mark_as_resolved_api": Object { + "apiTotalCalls": 13, + "routeMethod": "get", + "routePath": "/api/test_removed/", + "routeVersion": "123", + "timestamp": 2024-10-17T12:06:41.224Z, + "totalMarkedAsResolved": 1, + }, + }, + "deprecationType": "api", + "documentationUrl": "https://fake-url", + "domainId": "core.routes-deprecations", + "level": "critical", + "message": Array [ + "The API \\"GET /api/test_removed/\\" has been called 13 times. The last call was on Sunday, September 1, 2024 6:06 AM -04:00.", + "This issue has been marked as resolved on Thursday, October 17, 2024 8:06 AM -04:00 but the API has been called 12 times since.", + ], + "title": "The \\"GET /api/test_removed/\\" route is removed", + }, + ] + `); + }); + + it('returns migrated type deprecated route', async () => { + const getDeprecations = createGetApiDeprecations({ coreUsageData, http }); + const deprecatedRoute = createDeprecatedRouteDetails({ + routePath: '/api/test_migrated/', + routeDeprecationOptions: { + reason: { type: 'migrate', newApiMethod: 'post', newApiPath: '/api/new_path' }, + }, + }); + http.getRegisteredDeprecatedApis.mockReturnValue([deprecatedRoute]); + usageClientMock.getDeprecatedApiUsageStats.mockResolvedValue([ + createApiUsageStat(buildApiDeprecationId(deprecatedRoute)), + ]); + + const deprecations = await getDeprecations(); + expect(deprecations).toMatchInlineSnapshot(` + Array [ + Object { + "apiId": "123|get|/api/test_migrated", + "correctiveActions": Object { + "manualSteps": Array [ + "Identify the origin of these API calls.", + "Update the requests to use the following new API instead: \\"POST /api/new_path\\".", + "Check that you are no longer using the old API in any requests, and mark this issue as resolved. It will no longer appear in the Upgrade Assistant unless another call using this API is detected.", + ], + "mark_as_resolved_api": Object { + "apiTotalCalls": 13, + "routeMethod": "get", + "routePath": "/api/test_migrated/", + "routeVersion": "123", + "timestamp": 2024-10-17T12:06:41.224Z, + "totalMarkedAsResolved": 1, + }, + }, + "deprecationType": "api", + "documentationUrl": "https://fake-url", + "domainId": "core.routes-deprecations", + "level": "critical", + "message": Array [ + "The API \\"GET /api/test_migrated/\\" has been called 13 times. The last call was on Sunday, September 1, 2024 6:06 AM -04:00.", + "This issue has been marked as resolved on Thursday, October 17, 2024 8:06 AM -04:00 but the API has been called 12 times since.", + ], + "title": "The \\"GET /api/test_migrated/\\" route is migrated to a different API", + }, + ] + `); + }); + + it('returns bumped type deprecated route', async () => { + const getDeprecations = createGetApiDeprecations({ coreUsageData, http }); + const deprecatedRoute = createDeprecatedRouteDetails({ + routePath: '/api/test_bumped/', + routeDeprecationOptions: { reason: { type: 'bump', newApiVersion: '444' } }, + }); + http.getRegisteredDeprecatedApis.mockReturnValue([deprecatedRoute]); + usageClientMock.getDeprecatedApiUsageStats.mockResolvedValue([ + createApiUsageStat(buildApiDeprecationId(deprecatedRoute)), + ]); + + const deprecations = await getDeprecations(); + expect(deprecations).toMatchInlineSnapshot(` + Array [ + Object { + "apiId": "123|get|/api/test_bumped", + "correctiveActions": Object { + "manualSteps": Array [ + "Identify the origin of these API calls.", + "Update the requests to use the following new version of the API instead: \\"444\\".", + "Check that you are no longer using the old API in any requests, and mark this issue as resolved. It will no longer appear in the Upgrade Assistant unless another call using this API is detected.", + ], + "mark_as_resolved_api": Object { + "apiTotalCalls": 13, + "routeMethod": "get", + "routePath": "/api/test_bumped/", + "routeVersion": "123", + "timestamp": 2024-10-17T12:06:41.224Z, + "totalMarkedAsResolved": 1, + }, + }, + "deprecationType": "api", + "documentationUrl": "https://fake-url", + "domainId": "core.routes-deprecations", + "level": "critical", + "message": Array [ + "The API \\"GET /api/test_bumped/\\" has been called 13 times. The last call was on Sunday, September 1, 2024 6:06 AM -04:00.", + "This issue has been marked as resolved on Thursday, October 17, 2024 8:06 AM -04:00 but the API has been called 12 times since.", + ], + "title": "The \\"GET /api/test_bumped/\\" route has a newer version available", + }, + ] + `); + }); + + it('does not return resolved deprecated route', async () => { + const getDeprecations = createGetApiDeprecations({ coreUsageData, http }); + const deprecatedRoute = createDeprecatedRouteDetails({ routePath: '/api/test_resolved/' }); + http.getRegisteredDeprecatedApis.mockReturnValue([deprecatedRoute]); + usageClientMock.getDeprecatedApiUsageStats.mockResolvedValue([ + createApiUsageStat(buildApiDeprecationId(deprecatedRoute), { + apiTotalCalls: 5, + totalMarkedAsResolved: 5, + }), + ]); + + const deprecations = await getDeprecations(); + expect(deprecations).toEqual([]); + }); + + it('returns never resolved deprecated route', async () => { + const getDeprecations = createGetApiDeprecations({ coreUsageData, http }); + const deprecatedRoute = createDeprecatedRouteDetails({ + routePath: '/api/test_never_resolved/', + }); + http.getRegisteredDeprecatedApis.mockReturnValue([deprecatedRoute]); + usageClientMock.getDeprecatedApiUsageStats.mockResolvedValue([ + createApiUsageStat(buildApiDeprecationId(deprecatedRoute), { + totalMarkedAsResolved: 0, + markedAsResolvedLastCalledAt: undefined, + }), + ]); + + const deprecations = await getDeprecations(); + expect(deprecations).toMatchInlineSnapshot(` + Array [ + Object { + "apiId": "123|get|/api/test_never_resolved", + "correctiveActions": Object { + "manualSteps": Array [ + "Identify the origin of these API calls.", + "This API no longer exists and no replacement is available. Delete any requests you have that use this API.", + "Check that you are no longer using the old API in any requests, and mark this issue as resolved. It will no longer appear in the Upgrade Assistant unless another call using this API is detected.", + ], + "mark_as_resolved_api": Object { + "apiTotalCalls": 13, + "routeMethod": "get", + "routePath": "/api/test_never_resolved/", + "routeVersion": "123", + "timestamp": 2024-10-17T12:06:41.224Z, + "totalMarkedAsResolved": 0, + }, + }, + "deprecationType": "api", + "documentationUrl": "https://fake-url", + "domainId": "core.routes-deprecations", + "level": "critical", + "message": Array [ + "The API \\"GET /api/test_never_resolved/\\" has been called 13 times. The last call was on Sunday, September 1, 2024 6:06 AM -04:00.", + ], + "title": "The \\"GET /api/test_never_resolved/\\" route is removed", + }, + ] + `); + }); + + it('does not return deprecated routes that have never been called', async () => { + const getDeprecations = createGetApiDeprecations({ coreUsageData, http }); + const deprecatedRoute = createDeprecatedRouteDetails({ + routePath: '/api/test_never_resolved/', + }); + http.getRegisteredDeprecatedApis.mockReturnValue([deprecatedRoute]); + usageClientMock.getDeprecatedApiUsageStats.mockResolvedValue([]); + expect(await getDeprecations()).toEqual([]); + + usageClientMock.getDeprecatedApiUsageStats.mockResolvedValue([ + createApiUsageStat(buildApiDeprecationId(deprecatedRoute), { + apiTotalCalls: 0, + apiLastCalledAt: undefined, + totalMarkedAsResolved: 0, + markedAsResolvedLastCalledAt: undefined, + }), + ]); + expect(await getDeprecations()).toEqual([]); + }); + }); +}); + +describe('#buildApiDeprecationId', () => { + it('returns apiDeprecationId string for versioned routes', () => { + const apiDeprecationId = buildApiDeprecationId({ + routeMethod: 'get', + routePath: '/api/test', + routeVersion: '10-10-2023', + }); + expect(apiDeprecationId).toBe('10-10-2023|get|/api/test'); + }); + + it('returns apiDeprecationId string for unversioned routes', () => { + const apiDeprecationId = buildApiDeprecationId({ + routeMethod: 'get', + routePath: '/api/test', + }); + expect(apiDeprecationId).toBe('unversioned|get|/api/test'); + }); + + it('gives the same ID the route method is capitalized or not', () => { + const apiDeprecationId = buildApiDeprecationId({ + // @ts-expect-error + routeMethod: 'GeT', + routePath: '/api/test', + routeVersion: '10-10-2023', + }); + + expect(apiDeprecationId).toBe('10-10-2023|get|/api/test'); + }); + + it('gives the same ID the route path has a trailing slash or not', () => { + const apiDeprecationId = buildApiDeprecationId({ + // @ts-expect-error + routeMethod: 'GeT', + routePath: '/api/test/', + routeVersion: '10-10-2023', + }); + + expect(apiDeprecationId).toBe('10-10-2023|get|/api/test'); + }); +}); diff --git a/packages/core/deprecations/core-deprecations-server-internal/src/deprecations/api_deprecations.ts b/packages/core/deprecations/core-deprecations-server-internal/src/deprecations/api_deprecations.ts new file mode 100644 index 00000000000000..45893987ddf925 --- /dev/null +++ b/packages/core/deprecations/core-deprecations-server-internal/src/deprecations/api_deprecations.ts @@ -0,0 +1,96 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the "Elastic License + * 2.0", the "GNU Affero General Public License v3.0 only", and the "Server Side + * Public License v 1"; you may not use this file except in compliance with, at + * your election, the "Elastic License 2.0", the "GNU Affero General Public + * License v3.0 only", or the "Server Side Public License, v 1". + */ + +import type { InternalHttpServiceSetup } from '@kbn/core-http-server-internal'; +import type { InternalCoreUsageDataSetup } from '@kbn/core-usage-data-base-server-internal'; +import type { RouterDeprecatedRouteDetails } from '@kbn/core-http-server'; +import { DeprecationsDetails } from '@kbn/core-deprecations-common'; +import type { DeprecationsFactory } from '../deprecations_factory'; +import { + getApiDeprecationMessage, + getApiDeprecationsManualSteps, + getApiDeprecationTitle, +} from './i18n_texts'; + +interface ApiDeprecationsServiceDeps { + deprecationsFactory: DeprecationsFactory; + http: InternalHttpServiceSetup; + coreUsageData: InternalCoreUsageDataSetup; +} + +export const buildApiDeprecationId = ({ + routePath, + routeMethod, + routeVersion, +}: Pick): string => { + return [ + routeVersion || 'unversioned', + routeMethod.toLocaleLowerCase(), + routePath.replace(/\/$/, ''), + ].join('|'); +}; + +export const createGetApiDeprecations = + ({ http, coreUsageData }: Pick) => + async (): Promise => { + const deprecatedRoutes = http.getRegisteredDeprecatedApis(); + const usageClient = coreUsageData.getClient(); + const deprecatedApiUsageStats = await usageClient.getDeprecatedApiUsageStats(); + + return deprecatedApiUsageStats + .filter(({ apiTotalCalls, totalMarkedAsResolved }) => { + return apiTotalCalls > totalMarkedAsResolved; + }) + .filter(({ apiId }) => + deprecatedRoutes.some((routeDetails) => buildApiDeprecationId(routeDetails) === apiId) + ) + .map((apiUsageStats) => { + const { apiId, apiTotalCalls, totalMarkedAsResolved } = apiUsageStats; + const routeDeprecationDetails = deprecatedRoutes.find( + (routeDetails) => buildApiDeprecationId(routeDetails) === apiId + )!; + const { routeVersion, routePath, routeDeprecationOptions, routeMethod } = + routeDeprecationDetails; + + const deprecationLevel = routeDeprecationOptions.severity || 'warning'; + + return { + apiId, + title: getApiDeprecationTitle(routeDeprecationDetails), + level: deprecationLevel, + message: getApiDeprecationMessage(routeDeprecationDetails, apiUsageStats), + documentationUrl: routeDeprecationOptions.documentationUrl, + correctiveActions: { + manualSteps: getApiDeprecationsManualSteps(routeDeprecationDetails), + mark_as_resolved_api: { + routePath, + routeMethod, + routeVersion, + apiTotalCalls, + totalMarkedAsResolved, + timestamp: new Date(), + }, + }, + deprecationType: 'api', + domainId: 'core.routes-deprecations', + }; + }); + }; + +export const registerApiDeprecationsInfo = ({ + deprecationsFactory, + http, + coreUsageData, +}: ApiDeprecationsServiceDeps): void => { + const deprecationsRegistery = deprecationsFactory.getRegistry('core.api_deprecations'); + + deprecationsRegistery.registerDeprecations({ + getDeprecations: createGetApiDeprecations({ http, coreUsageData }), + }); +}; diff --git a/packages/core/deprecations/core-deprecations-server-internal/src/deprecations/config_deprecations.test.ts b/packages/core/deprecations/core-deprecations-server-internal/src/deprecations/config_deprecations.test.ts new file mode 100644 index 00000000000000..92d0703c8037eb --- /dev/null +++ b/packages/core/deprecations/core-deprecations-server-internal/src/deprecations/config_deprecations.test.ts @@ -0,0 +1,115 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the "Elastic License + * 2.0", the "GNU Affero General Public License v3.0 only", and the "Server Side + * Public License v 1"; you may not use this file except in compliance with, at + * your election, the "Elastic License 2.0", the "GNU Affero General Public + * License v3.0 only", or the "Server Side Public License, v 1". + */ + +import { registerConfigDeprecationsInfo } from './config_deprecations'; +import { mockDeprecationsRegistry, mockDeprecationsFactory } from '../mocks'; +import { mockCoreContext } from '@kbn/core-base-server-mocks'; +import { configServiceMock } from '@kbn/config-mocks'; + +describe('#registerConfigDeprecationsInfo', () => { + let coreContext: ReturnType; + + const deprecationsFactory = mockDeprecationsFactory.create(); + const deprecationsRegistry = mockDeprecationsRegistry.create(); + const getDeprecationsContext = mockDeprecationsRegistry.createGetDeprecationsContext(); + + beforeEach(() => { + const configService = configServiceMock.create({ + atPath: { skip_deprecated_settings: ['hello', 'world'] }, + }); + jest.clearAllMocks(); + coreContext = mockCoreContext.create({ configService }); + }); + + it('registers config deprecations', async () => { + coreContext.configService.getHandledDeprecatedConfigs.mockReturnValue([ + [ + 'testDomain', + [ + { + configPath: 'test', + level: 'critical', + message: 'testMessage', + documentationUrl: 'testDocUrl', + correctiveActions: { + manualSteps: [ + 'Using Kibana user management, change all users using the kibana_user role to the kibana_admin role.', + 'Using Kibana role-mapping management, change all role-mappings which assign the kibana_user role to the kibana_admin role.', + ], + }, + }, + ], + ], + ]); + + deprecationsFactory.getRegistry.mockReturnValue(deprecationsRegistry); + registerConfigDeprecationsInfo({ + deprecationsFactory, + configService: coreContext.configService, + }); + + expect(coreContext.configService.getHandledDeprecatedConfigs).toBeCalledTimes(1); + expect(deprecationsFactory.getRegistry).toBeCalledTimes(1); + expect(deprecationsFactory.getRegistry).toBeCalledWith('testDomain'); + expect(deprecationsRegistry.registerDeprecations).toBeCalledTimes(1); + const configDeprecations = + await deprecationsRegistry.registerDeprecations.mock.calls[0][0].getDeprecations( + getDeprecationsContext + ); + expect(configDeprecations).toMatchInlineSnapshot(` + Array [ + Object { + "configPath": "test", + "correctiveActions": Object { + "manualSteps": Array [ + "Using Kibana user management, change all users using the kibana_user role to the kibana_admin role.", + "Using Kibana role-mapping management, change all role-mappings which assign the kibana_user role to the kibana_admin role.", + ], + }, + "deprecationType": "config", + "documentationUrl": "testDocUrl", + "level": "critical", + "message": "testMessage", + "requireRestart": true, + "title": "testDomain has a deprecated setting", + }, + ] + `); + }); + + it('accepts `level` field overrides', async () => { + coreContext.configService.getHandledDeprecatedConfigs.mockReturnValue([ + [ + 'testDomain', + [ + { + configPath: 'test', + message: 'testMessage', + level: 'warning', + correctiveActions: { + manualSteps: ['step a'], + }, + }, + ], + ], + ]); + + deprecationsFactory.getRegistry.mockReturnValue(deprecationsRegistry); + registerConfigDeprecationsInfo({ + deprecationsFactory, + configService: coreContext.configService, + }); + + const configDeprecations = + await deprecationsRegistry.registerDeprecations.mock.calls[0][0].getDeprecations( + getDeprecationsContext + ); + expect(configDeprecations[0].level).toBe('warning'); + }); +}); diff --git a/packages/core/deprecations/core-deprecations-server-internal/src/deprecations/config_deprecations.ts b/packages/core/deprecations/core-deprecations-server-internal/src/deprecations/config_deprecations.ts new file mode 100644 index 00000000000000..f9df0edacd9d1a --- /dev/null +++ b/packages/core/deprecations/core-deprecations-server-internal/src/deprecations/config_deprecations.ts @@ -0,0 +1,50 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the "Elastic License + * 2.0", the "GNU Affero General Public License v3.0 only", and the "Server Side + * Public License v 1"; you may not use this file except in compliance with, at + * your election, the "Elastic License 2.0", the "GNU Affero General Public + * License v3.0 only", or the "Server Side Public License, v 1". + */ + +import type { IConfigService } from '@kbn/config'; +import { DeprecationsFactory } from '../deprecations_factory'; + +interface RegisterConfigDeprecationsInfo { + deprecationsFactory: DeprecationsFactory; + configService: IConfigService; +} + +export const registerConfigDeprecationsInfo = ({ + deprecationsFactory, + configService, +}: RegisterConfigDeprecationsInfo) => { + const handledDeprecatedConfigs = configService.getHandledDeprecatedConfigs(); + + for (const [domainId, deprecationsContexts] of handledDeprecatedConfigs) { + const deprecationsRegistry = deprecationsFactory.getRegistry(domainId); + deprecationsRegistry.registerDeprecations({ + getDeprecations: () => { + return deprecationsContexts.map( + ({ + configPath, + title = `${domainId} has a deprecated setting`, + level, + message, + correctiveActions, + documentationUrl, + }) => ({ + configPath, + title, + level, + message, + correctiveActions, + documentationUrl, + deprecationType: 'config', + requireRestart: true, + }) + ); + }, + }); + } +}; diff --git a/packages/core/deprecations/core-deprecations-server-internal/src/deprecations/i18n_texts.ts b/packages/core/deprecations/core-deprecations-server-internal/src/deprecations/i18n_texts.ts new file mode 100644 index 00000000000000..cb1dacc97bd910 --- /dev/null +++ b/packages/core/deprecations/core-deprecations-server-internal/src/deprecations/i18n_texts.ts @@ -0,0 +1,132 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the "Elastic License + * 2.0", the "GNU Affero General Public License v3.0 only", and the "Server Side + * Public License v 1"; you may not use this file except in compliance with, at + * your election, the "Elastic License 2.0", the "GNU Affero General Public + * License v3.0 only", or the "Server Side Public License, v 1". + */ + +import { RouterDeprecatedRouteDetails } from '@kbn/core-http-server'; +import { CoreDeprecatedApiUsageStats } from '@kbn/core-usage-data-server'; +import { i18n } from '@kbn/i18n'; +import moment from 'moment'; + +export const getApiDeprecationTitle = (details: RouterDeprecatedRouteDetails) => { + const { routePath, routeMethod, routeDeprecationOptions } = details; + const deprecationType = routeDeprecationOptions.reason.type; + const routeWithMethod = `${routeMethod.toUpperCase()} ${routePath}`; + const deprecationTypeText = i18n.translate('core.deprecations.deprecations.apiDeprecationType', { + defaultMessage: + '{deprecationType, select, remove {is removed} bump {has a newer version available} migrate {is migrated to a different API} other {is deprecated}}', + values: { deprecationType }, + }); + + return i18n.translate('core.deprecations.deprecations.apiDeprecationInfoTitle', { + defaultMessage: 'The "{routeWithMethod}" route {deprecationTypeText}', + values: { + routeWithMethod, + deprecationTypeText, + }, + }); +}; + +export const getApiDeprecationMessage = ( + details: RouterDeprecatedRouteDetails, + apiUsageStats: CoreDeprecatedApiUsageStats +): string[] => { + const { routePath, routeMethod } = details; + const { apiLastCalledAt, apiTotalCalls, markedAsResolvedLastCalledAt, totalMarkedAsResolved } = + apiUsageStats; + + const diff = apiTotalCalls - totalMarkedAsResolved; + const wasResolvedBefore = totalMarkedAsResolved > 0; + const routeWithMethod = `${routeMethod.toUpperCase()} ${routePath}`; + + const messages = [ + i18n.translate('core.deprecations.deprecations.apiDeprecationApiCallsDetailsMessage', { + defaultMessage: + 'The API "{routeWithMethod}" has been called {apiTotalCalls} times. The last call was on {apiLastCalledAt}.', + values: { + routeWithMethod, + apiTotalCalls, + apiLastCalledAt: moment(apiLastCalledAt).format('LLLL Z'), + }, + }), + ]; + + if (wasResolvedBefore) { + messages.push( + i18n.translate( + 'core.deprecations.deprecations.apiDeprecationPreviouslyMarkedAsResolvedMessage', + { + defaultMessage: + 'This issue has been marked as resolved on {markedAsResolvedLastCalledAt} but the API has been called {timeSinceLastResolved, plural, one {# time} other {# times}} since.', + values: { + timeSinceLastResolved: diff, + markedAsResolvedLastCalledAt: moment(markedAsResolvedLastCalledAt).format('LLLL Z'), + }, + } + ) + ); + } + + return messages; +}; + +export const getApiDeprecationsManualSteps = (details: RouterDeprecatedRouteDetails): string[] => { + const { routeDeprecationOptions } = details; + const deprecationType = routeDeprecationOptions.reason.type; + + const manualSteps = [ + i18n.translate('core.deprecations.deprecations.manualSteps.apiIseprecatedStep', { + defaultMessage: 'Identify the origin of these API calls.', + }), + ]; + + switch (deprecationType) { + case 'bump': { + const { newApiVersion } = routeDeprecationOptions.reason; + manualSteps.push( + i18n.translate('core.deprecations.deprecations.manualSteps.bumpDetailsStep', { + defaultMessage: + 'Update the requests to use the following new version of the API instead: "{newApiVersion}".', + values: { newApiVersion }, + }) + ); + break; + } + + case 'remove': { + manualSteps.push( + i18n.translate('core.deprecations.deprecations.manualSteps.removeTypeExplainationStep', { + defaultMessage: + 'This API no longer exists and no replacement is available. Delete any requests you have that use this API.', + }) + ); + break; + } + case 'migrate': { + const { newApiPath, newApiMethod } = routeDeprecationOptions.reason; + const newRouteWithMethod = `${newApiMethod.toUpperCase()} ${newApiPath}`; + + manualSteps.push( + i18n.translate('core.deprecations.deprecations.manualSteps.migrateDetailsStep', { + defaultMessage: + 'Update the requests to use the following new API instead: "{newRouteWithMethod}".', + values: { newRouteWithMethod }, + }) + ); + break; + } + } + + manualSteps.push( + i18n.translate('core.deprecations.deprecations.manualSteps.markAsResolvedStep', { + defaultMessage: + 'Check that you are no longer using the old API in any requests, and mark this issue as resolved. It will no longer appear in the Upgrade Assistant unless another call using this API is detected.', + }) + ); + + return manualSteps; +}; diff --git a/packages/core/deprecations/core-deprecations-server-internal/src/deprecations/index.ts b/packages/core/deprecations/core-deprecations-server-internal/src/deprecations/index.ts new file mode 100644 index 00000000000000..aecf3d5b299a27 --- /dev/null +++ b/packages/core/deprecations/core-deprecations-server-internal/src/deprecations/index.ts @@ -0,0 +1,11 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the "Elastic License + * 2.0", the "GNU Affero General Public License v3.0 only", and the "Server Side + * Public License v 1"; you may not use this file except in compliance with, at + * your election, the "Elastic License 2.0", the "GNU Affero General Public + * License v3.0 only", or the "Server Side Public License, v 1". + */ + +export { buildApiDeprecationId, registerApiDeprecationsInfo } from './api_deprecations'; +export { registerConfigDeprecationsInfo } from './config_deprecations'; diff --git a/packages/core/deprecations/core-deprecations-server-internal/src/deprecations_service.test.mocks.ts b/packages/core/deprecations/core-deprecations-server-internal/src/deprecations_service.test.mocks.ts index 9ce9f52fb7a50b..93550539343e37 100644 --- a/packages/core/deprecations/core-deprecations-server-internal/src/deprecations_service.test.mocks.ts +++ b/packages/core/deprecations/core-deprecations-server-internal/src/deprecations_service.test.mocks.ts @@ -14,6 +14,14 @@ export const DeprecationsFactoryMock = jest .fn() .mockImplementation(() => mockedDeprecationFactoryInstance); +export const registerConfigDeprecationsInfoMock = jest.fn(); +export const registerApiDeprecationsInfoMock = jest.fn(); + +jest.doMock('./deprecations', () => ({ + registerConfigDeprecationsInfo: registerConfigDeprecationsInfoMock, + registerApiDeprecationsInfo: registerApiDeprecationsInfoMock, +})); + jest.doMock('./deprecations_factory', () => ({ DeprecationsFactory: DeprecationsFactoryMock, })); diff --git a/packages/core/deprecations/core-deprecations-server-internal/src/deprecations_service.test.ts b/packages/core/deprecations/core-deprecations-server-internal/src/deprecations_service.test.ts index 14a131ca8e5637..39c299d9805317 100644 --- a/packages/core/deprecations/core-deprecations-server-internal/src/deprecations_service.test.ts +++ b/packages/core/deprecations/core-deprecations-server-internal/src/deprecations_service.test.ts @@ -7,22 +7,24 @@ * License v3.0 only", or the "Server Side Public License, v 1". */ -import { DeprecationsFactoryMock } from './deprecations_service.test.mocks'; - +import { + DeprecationsFactoryMock, + registerConfigDeprecationsInfoMock, +} from './deprecations_service.test.mocks'; import { mockCoreContext } from '@kbn/core-base-server-mocks'; import { httpServiceMock } from '@kbn/core-http-server-mocks'; +import { coreUsageDataServiceMock } from '@kbn/core-usage-data-server-mocks'; import { configServiceMock } from '@kbn/config-mocks'; import { savedObjectsClientMock } from '@kbn/core-saved-objects-api-server-mocks'; import { elasticsearchServiceMock } from '@kbn/core-elasticsearch-server-mocks'; import { DeprecationsService, DeprecationsSetupDeps } from './deprecations_service'; -import { mockDeprecationsRegistry, mockDeprecationsFactory } from './mocks'; -/* eslint-disable dot-notation */ describe('DeprecationsService', () => { let coreContext: ReturnType; let http: ReturnType; let router: ReturnType; let deprecationsCoreSetupDeps: DeprecationsSetupDeps; + let coreUsageData: ReturnType; beforeEach(() => { const configService = configServiceMock.create({ @@ -30,14 +32,16 @@ describe('DeprecationsService', () => { }); coreContext = mockCoreContext.create({ configService }); http = httpServiceMock.createInternalSetupContract(); + coreUsageData = coreUsageDataServiceMock.createSetupContract(); router = httpServiceMock.createRouter(); http.createRouter.mockReturnValue(router); - deprecationsCoreSetupDeps = { http }; + deprecationsCoreSetupDeps = { http, coreUsageData }; }); afterEach(() => { jest.clearAllMocks(); DeprecationsFactoryMock.mockClear(); + registerConfigDeprecationsInfoMock.mockClear(); }); describe('#setup', () => { @@ -53,10 +57,8 @@ describe('DeprecationsService', () => { it('calls registerConfigDeprecationsInfo', async () => { const deprecationsService = new DeprecationsService(coreContext); - const mockRegisterConfigDeprecationsInfo = jest.fn(); - deprecationsService['registerConfigDeprecationsInfo'] = mockRegisterConfigDeprecationsInfo; await deprecationsService.setup(deprecationsCoreSetupDeps); - expect(mockRegisterConfigDeprecationsInfo).toBeCalledTimes(1); + expect(registerConfigDeprecationsInfoMock).toBeCalledTimes(1); }); it('creates DeprecationsFactory with the correct parameters', async () => { @@ -89,92 +91,4 @@ describe('DeprecationsService', () => { }); }); }); - - describe('#registerConfigDeprecationsInfo', () => { - const deprecationsFactory = mockDeprecationsFactory.create(); - const deprecationsRegistry = mockDeprecationsRegistry.create(); - const getDeprecationsContext = mockDeprecationsRegistry.createGetDeprecationsContext(); - - it('registers config deprecations', async () => { - const deprecationsService = new DeprecationsService(coreContext); - coreContext.configService.getHandledDeprecatedConfigs.mockReturnValue([ - [ - 'testDomain', - [ - { - configPath: 'test', - level: 'critical', - message: 'testMessage', - documentationUrl: 'testDocUrl', - correctiveActions: { - manualSteps: [ - 'Using Kibana user management, change all users using the kibana_user role to the kibana_admin role.', - 'Using Kibana role-mapping management, change all role-mappings which assign the kibana_user role to the kibana_admin role.', - ], - }, - }, - ], - ], - ]); - - deprecationsFactory.getRegistry.mockReturnValue(deprecationsRegistry); - deprecationsService['registerConfigDeprecationsInfo'](deprecationsFactory); - - expect(coreContext.configService.getHandledDeprecatedConfigs).toBeCalledTimes(1); - expect(deprecationsFactory.getRegistry).toBeCalledTimes(1); - expect(deprecationsFactory.getRegistry).toBeCalledWith('testDomain'); - expect(deprecationsRegistry.registerDeprecations).toBeCalledTimes(1); - const configDeprecations = - await deprecationsRegistry.registerDeprecations.mock.calls[0][0].getDeprecations( - getDeprecationsContext - ); - expect(configDeprecations).toMatchInlineSnapshot(` - Array [ - Object { - "configPath": "test", - "correctiveActions": Object { - "manualSteps": Array [ - "Using Kibana user management, change all users using the kibana_user role to the kibana_admin role.", - "Using Kibana role-mapping management, change all role-mappings which assign the kibana_user role to the kibana_admin role.", - ], - }, - "deprecationType": "config", - "documentationUrl": "testDocUrl", - "level": "critical", - "message": "testMessage", - "requireRestart": true, - "title": "testDomain has a deprecated setting", - }, - ] - `); - }); - - it('accepts `level` field overrides', async () => { - const deprecationsService = new DeprecationsService(coreContext); - coreContext.configService.getHandledDeprecatedConfigs.mockReturnValue([ - [ - 'testDomain', - [ - { - configPath: 'test', - message: 'testMessage', - level: 'warning', - correctiveActions: { - manualSteps: ['step a'], - }, - }, - ], - ], - ]); - - deprecationsFactory.getRegistry.mockReturnValue(deprecationsRegistry); - deprecationsService['registerConfigDeprecationsInfo'](deprecationsFactory); - - const configDeprecations = - await deprecationsRegistry.registerDeprecations.mock.calls[0][0].getDeprecations( - getDeprecationsContext - ); - expect(configDeprecations[0].level).toBe('warning'); - }); - }); }); diff --git a/packages/core/deprecations/core-deprecations-server-internal/src/deprecations_service.ts b/packages/core/deprecations/core-deprecations-server-internal/src/deprecations_service.ts index 4c8f564943ab18..c0a0ef0f88c7b0 100644 --- a/packages/core/deprecations/core-deprecations-server-internal/src/deprecations_service.ts +++ b/packages/core/deprecations/core-deprecations-server-internal/src/deprecations_service.ts @@ -19,9 +19,11 @@ import type { DeprecationRegistryProvider, DeprecationsClient, } from '@kbn/core-deprecations-server'; +import { InternalCoreUsageDataSetup } from '@kbn/core-usage-data-base-server-internal'; import { DeprecationsFactory } from './deprecations_factory'; import { registerRoutes } from './routes'; import { config as deprecationConfig, DeprecationConfigType } from './deprecation_config'; +import { registerApiDeprecationsInfo, registerConfigDeprecationsInfo } from './deprecations'; export interface InternalDeprecationsServiceStart { /** @@ -40,6 +42,7 @@ export type InternalDeprecationsServiceSetup = DeprecationRegistryProvider; /** @internal */ export interface DeprecationsSetupDeps { http: InternalHttpServiceSetup; + coreUsageData: InternalCoreUsageDataSetup; } /** @internal */ @@ -55,7 +58,10 @@ export class DeprecationsService this.configService = coreContext.configService; } - public async setup({ http }: DeprecationsSetupDeps): Promise { + public async setup({ + http, + coreUsageData, + }: DeprecationsSetupDeps): Promise { this.logger.debug('Setting up Deprecations service'); const config = await firstValueFrom( @@ -69,8 +75,18 @@ export class DeprecationsService }, }); - registerRoutes({ http }); - this.registerConfigDeprecationsInfo(this.deprecationsFactory); + registerRoutes({ http, coreUsageData }); + + registerConfigDeprecationsInfo({ + deprecationsFactory: this.deprecationsFactory, + configService: this.configService, + }); + + registerApiDeprecationsInfo({ + deprecationsFactory: this.deprecationsFactory, + http, + coreUsageData, + }); const deprecationsFactory = this.deprecationsFactory; return { @@ -87,6 +103,7 @@ export class DeprecationsService if (!this.deprecationsFactory) { throw new Error('`setup` must be called before `start`'); } + return { asScopedToClient: this.createScopedDeprecations(), }; @@ -107,35 +124,4 @@ export class DeprecationsService }; }; } - - private registerConfigDeprecationsInfo(deprecationsFactory: DeprecationsFactory) { - const handledDeprecatedConfigs = this.configService.getHandledDeprecatedConfigs(); - - for (const [domainId, deprecationsContexts] of handledDeprecatedConfigs) { - const deprecationsRegistry = deprecationsFactory.getRegistry(domainId); - deprecationsRegistry.registerDeprecations({ - getDeprecations: () => { - return deprecationsContexts.map( - ({ - configPath, - title = `${domainId} has a deprecated setting`, - level, - message, - correctiveActions, - documentationUrl, - }) => ({ - configPath, - title, - level, - message, - correctiveActions, - documentationUrl, - deprecationType: 'config', - requireRestart: true, - }) - ); - }, - }); - } - } } diff --git a/packages/core/deprecations/core-deprecations-server-internal/src/routes/index.ts b/packages/core/deprecations/core-deprecations-server-internal/src/routes/index.ts index e1a925610327fd..f812bbfd15acd3 100644 --- a/packages/core/deprecations/core-deprecations-server-internal/src/routes/index.ts +++ b/packages/core/deprecations/core-deprecations-server-internal/src/routes/index.ts @@ -8,10 +8,22 @@ */ import type { InternalHttpServiceSetup } from '@kbn/core-http-server-internal'; +import { InternalCoreUsageDataSetup } from '@kbn/core-usage-data-base-server-internal'; import type { InternalDeprecationRequestHandlerContext } from '../internal_types'; import { registerGetRoute } from './get'; +import { registerMarkAsResolvedRoute } from './resolve_deprecated_api'; +import { registerApiDeprecationsPostValidationHandler } from './post_validation_handler'; -export function registerRoutes({ http }: { http: InternalHttpServiceSetup }) { +export function registerRoutes({ + http, + coreUsageData, +}: { + http: InternalHttpServiceSetup; + coreUsageData: InternalCoreUsageDataSetup; +}) { const router = http.createRouter('/api/deprecations'); registerGetRoute(router); + + registerApiDeprecationsPostValidationHandler({ http, coreUsageData }); + registerMarkAsResolvedRoute(router, { coreUsageData }); } diff --git a/packages/core/deprecations/core-deprecations-server-internal/src/routes/post_validation_handler.ts b/packages/core/deprecations/core-deprecations-server-internal/src/routes/post_validation_handler.ts new file mode 100644 index 00000000000000..b93c17af2f5367 --- /dev/null +++ b/packages/core/deprecations/core-deprecations-server-internal/src/routes/post_validation_handler.ts @@ -0,0 +1,51 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the "Elastic License + * 2.0", the "GNU Affero General Public License v3.0 only", and the "Server Side + * Public License v 1"; you may not use this file except in compliance with, at + * your election, the "Elastic License 2.0", the "GNU Affero General Public + * License v3.0 only", or the "Server Side Public License, v 1". + */ + +import type { InternalCoreUsageDataSetup } from '@kbn/core-usage-data-server-internal'; +import type { CoreKibanaRequest } from '@kbn/core-http-router-server-internal'; +import type { InternalHttpServiceSetup } from '@kbn/core-http-server-internal'; +import { isObject } from 'lodash'; +import { RouteDeprecationInfo } from '@kbn/core-http-server/src/router/route'; +import { buildApiDeprecationId } from '../deprecations'; + +interface Dependencies { + coreUsageData: InternalCoreUsageDataSetup; + http: InternalHttpServiceSetup; +} + +/** + * listens to http post validation events to increment deprecated api calls + * This will keep track of any called deprecated API. + */ +export const registerApiDeprecationsPostValidationHandler = ({ + coreUsageData, + http, +}: Dependencies) => { + http.registerOnPostValidation(createRouteDeprecationsHandler({ coreUsageData })); +}; + +export function createRouteDeprecationsHandler({ + coreUsageData, +}: { + coreUsageData: InternalCoreUsageDataSetup; +}) { + return (req: CoreKibanaRequest, { deprecated }: { deprecated?: RouteDeprecationInfo }) => { + if (deprecated && isObject(deprecated) && req.route.routePath) { + const counterName = buildApiDeprecationId({ + routeMethod: req.route.method, + routePath: req.route.routePath, + routeVersion: req.apiVersion, + }); + + const client = coreUsageData.getClient(); + // no await we just fire it off. + void client.incrementDeprecatedApi(counterName, { resolved: false }); + } + }; +} diff --git a/packages/core/deprecations/core-deprecations-server-internal/src/routes/resolve_deprecated_api.ts b/packages/core/deprecations/core-deprecations-server-internal/src/routes/resolve_deprecated_api.ts new file mode 100644 index 00000000000000..840bc5ac22d23e --- /dev/null +++ b/packages/core/deprecations/core-deprecations-server-internal/src/routes/resolve_deprecated_api.ts @@ -0,0 +1,52 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the "Elastic License + * 2.0", the "GNU Affero General Public License v3.0 only", and the "Server Side + * Public License v 1"; you may not use this file except in compliance with, at + * your election, the "Elastic License 2.0", the "GNU Affero General Public + * License v3.0 only", or the "Server Side Public License, v 1". + */ + +import { schema } from '@kbn/config-schema'; +import { InternalCoreUsageDataSetup } from '@kbn/core-usage-data-base-server-internal'; +import type { InternalDeprecationRouter } from '../internal_types'; +import { buildApiDeprecationId } from '../deprecations'; + +export const registerMarkAsResolvedRoute = ( + router: InternalDeprecationRouter, + { coreUsageData }: { coreUsageData: InternalCoreUsageDataSetup } +) => { + router.post( + { + path: '/mark_as_resolved', + validate: { + body: schema.object({ + domainId: schema.string(), + routePath: schema.string(), + routeMethod: schema.oneOf([ + schema.literal('post'), + schema.literal('put'), + schema.literal('delete'), + schema.literal('patch'), + schema.literal('get'), + schema.literal('options'), + ]), + routeVersion: schema.maybe(schema.string()), + incrementBy: schema.number(), + }), + }, + }, + async (_, req, res) => { + const usageClient = coreUsageData.getClient(); + const { routeMethod, routePath, routeVersion, incrementBy } = req.body; + const counterName = buildApiDeprecationId({ + routeMethod, + routePath, + routeVersion, + }); + + await usageClient.incrementDeprecatedApi(counterName, { resolved: true, incrementBy }); + return res.ok(); + } + ); +}; diff --git a/packages/core/deprecations/core-deprecations-server-internal/tsconfig.json b/packages/core/deprecations/core-deprecations-server-internal/tsconfig.json index ba06a3e9ec2f7c..02be6b7cb8198f 100644 --- a/packages/core/deprecations/core-deprecations-server-internal/tsconfig.json +++ b/packages/core/deprecations/core-deprecations-server-internal/tsconfig.json @@ -33,6 +33,11 @@ "@kbn/core-elasticsearch-server-mocks", "@kbn/core-http-server", "@kbn/core-elasticsearch-client-server-mocks", + "@kbn/core-usage-data-base-server-internal", + "@kbn/core-usage-data-server", + "@kbn/core-usage-data-server-internal", + "@kbn/core-usage-data-server-mocks", + "@kbn/core-http-router-server-internal", ], "exclude": [ "target/**/*", diff --git a/packages/core/http/core-http-router-server-internal/index.ts b/packages/core/http/core-http-router-server-internal/index.ts index 6c684d5f8169cc..6aa6ac117f5331 100644 --- a/packages/core/http/core-http-router-server-internal/index.ts +++ b/packages/core/http/core-http-router-server-internal/index.ts @@ -13,16 +13,10 @@ export { CoreVersionedRouter, ALLOWED_PUBLIC_VERSION, unwrapVersionedResponseBodyValidation, - type VersionedRouterRoute, type HandlerResolutionStrategy, } from './src/versioned_router'; export { Router } from './src/router'; -export type { - RouterOptions, - InternalRegistrar, - InternalRegistrarOptions, - InternalRouterRoute, -} from './src/router'; +export type { RouterOptions, InternalRegistrar, InternalRegistrarOptions } from './src/router'; export { isKibanaRequest, isRealRequest, ensureRawRequest, CoreKibanaRequest } from './src/request'; export { isSafeMethod } from './src/route'; export { HapiResponseAdapter } from './src/response_adapter'; diff --git a/packages/core/http/core-http-router-server-internal/src/request.ts b/packages/core/http/core-http-router-server-internal/src/request.ts index 286b900fc24f52..9f89f1a70bb476 100644 --- a/packages/core/http/core-http-router-server-internal/src/request.ts +++ b/packages/core/http/core-http-router-server-internal/src/request.ts @@ -143,6 +143,8 @@ export class CoreKibanaRequest< public readonly rewrittenUrl?: URL; /** {@inheritDoc KibanaRequest.httpVersion} */ public readonly httpVersion: string; + /** {@inheritDoc KibanaRequest.apiVersion} */ + public readonly apiVersion: undefined; /** {@inheritDoc KibanaRequest.protocol} */ public readonly protocol: HttpProtocol; /** {@inheritDoc KibanaRequest.authzResult} */ @@ -185,6 +187,7 @@ export class CoreKibanaRequest< }); this.httpVersion = isRealReq ? request.raw.req.httpVersion : '1.0'; + this.apiVersion = undefined; this.protocol = getProtocolFromHttpVersion(this.httpVersion); this.route = deepFreeze(this.getRouteInfo(request)); @@ -216,6 +219,7 @@ export class CoreKibanaRequest< }, route: this.route, authzResult: this.authzResult, + apiVersion: this.apiVersion, }; } @@ -252,7 +256,14 @@ export class CoreKibanaRequest< } = request.route?.settings?.payload || {}; // the socket is undefined when using @hapi/shot, or when a "fake request" is used - const socketTimeout = isRealRawRequest(request) ? request.raw.req.socket?.timeout : undefined; + let socketTimeout: undefined | number; + let routePath: undefined | string; + + if (isRealRawRequest(request)) { + socketTimeout = request.raw.req.socket?.timeout; + routePath = request.route.path; + } + const options = { authRequired: this.getAuthRequired(request), // TypeScript note: Casting to `RouterOptions` to fix the following error: @@ -266,6 +277,8 @@ export class CoreKibanaRequest< xsrfRequired: ((request.route?.settings as RouteOptions)?.app as KibanaRouteOptions)?.xsrfRequired ?? true, // some places in LP call KibanaRequest.from(request) manually. remove fallback to true before v8 + deprecated: ((request.route?.settings as RouteOptions)?.app as KibanaRouteOptions) + ?.deprecated, access: this.getAccess(request), tags: request.route?.settings?.tags || [], security: this.getSecurity(request), @@ -285,6 +298,7 @@ export class CoreKibanaRequest< return { path: request.path ?? '/', + routePath, method, options, }; diff --git a/packages/core/http/core-http-router-server-internal/src/router.test.ts b/packages/core/http/core-http-router-server-internal/src/router.test.ts index f611e3b6308fe2..2c702fb3ef702c 100644 --- a/packages/core/http/core-http-router-server-internal/src/router.test.ts +++ b/packages/core/http/core-http-router-server-internal/src/router.test.ts @@ -50,7 +50,11 @@ describe('Router', () => { path: '/', validate: { body: validation, query: validation, params: validation }, options: { - deprecated: true, + deprecated: { + documentationUrl: 'https://fake-url.com', + reason: { type: 'remove' }, + severity: 'warning', + }, discontinued: 'post test discontinued', summary: 'post test summary', description: 'post test description', @@ -72,7 +76,11 @@ describe('Router', () => { validationSchemas: { body: validation, query: validation, params: validation }, isVersioned: false, options: { - deprecated: true, + deprecated: { + documentationUrl: 'https://fake-url.com', + reason: { type: 'remove' }, + severity: 'warning', + }, discontinued: 'post test discontinued', summary: 'post test summary', description: 'post test description', @@ -93,7 +101,7 @@ describe('Router', () => { validate: { body: validation, query: validation, params: validation }, }, (context, req, res) => res.ok(), - { isVersioned: true } + { isVersioned: true, events: false } ); router.get( { diff --git a/packages/core/http/core-http-router-server-internal/src/router.ts b/packages/core/http/core-http-router-server-internal/src/router.ts index 36f324236a4d2b..e7ad85fcda33a3 100644 --- a/packages/core/http/core-http-router-server-internal/src/router.ts +++ b/packages/core/http/core-http-router-server-internal/src/router.ts @@ -7,6 +7,7 @@ * License v3.0 only", or the "Server Side Public License, v 1". */ +import { EventEmitter } from 'node:events'; import type { Request, ResponseToolkit } from '@hapi/hapi'; import apm from 'elastic-apm-node'; import { isConfigSchema } from '@kbn/config-schema'; @@ -32,6 +33,7 @@ import { isZod } from '@kbn/zod'; import { validBodyOutput, getRequestValidation } from '@kbn/core-http-server'; import type { RouteSecurityGetter } from '@kbn/core-http-server'; import type { DeepPartial } from '@kbn/utility-types'; +import { RouteDeprecationInfo } from '@kbn/core-http-server/src/router/route'; import { RouteValidator } from './validator'; import { ALLOWED_PUBLIC_VERSION, CoreVersionedRouter } from './versioned_router'; import { CoreKibanaRequest } from './request'; @@ -52,7 +54,7 @@ export type ContextEnhancer< Context extends RequestHandlerContextBase > = (handler: RequestHandler) => RequestHandlerEnhanced; -function getRouteFullPath(routerPath: string, routePath: string) { +export function getRouteFullPath(routerPath: string, routePath: string) { // If router's path ends with slash and route's path starts with slash, // we should omit one of them to have a valid concatenated path. const routePathStartIndex = routerPath.endsWith('/') && routePath.startsWith('/') ? 1 : 0; @@ -147,7 +149,13 @@ export interface RouterOptions { /** @internal */ export interface InternalRegistrarOptions { + /** @default false */ isVersioned: boolean; + /** + * Whether this route should emit "route events" like postValidate + * @default true + */ + events: boolean; } /** @internal */ @@ -166,15 +174,9 @@ export type InternalRegistrar ReturnType>; /** @internal */ -export interface InternalRouterRoute extends RouterRoute { - readonly isVersioned: boolean; -} - -/** @internal */ -interface InternalGetRoutesOptions { - /** @default false */ - excludeVersionedRoutes?: boolean; -} +type RouterEvents = + /** Called after route validation, regardless of success or failure */ + 'onPostValidate'; /** * @internal @@ -182,7 +184,8 @@ interface InternalGetRoutesOptions { export class Router implements IRouter { - public routes: Array> = []; + private static ee = new EventEmitter(); + public routes: Array> = []; public pluginId?: symbol; public get: InternalRegistrar<'get', Context>; public post: InternalRegistrar<'post', Context>; @@ -202,25 +205,27 @@ export class Router( route: InternalRouteConfig, handler: RequestHandler, - { isVersioned }: InternalRegistrarOptions = { isVersioned: false } + { isVersioned, events }: InternalRegistrarOptions = { isVersioned: false, events: true } ) => { route = prepareRouteConfigValidation(route); const routeSchemas = routeSchemasFromRouteConfig(route, method); - const isPublicUnversionedApi = + const isPublicUnversionedRoute = !isVersioned && route.options?.access === 'public' && // We do not consider HTTP resource routes as APIs route.options?.httpResource !== true; this.routes.push({ - handler: async (req, responseToolkit) => - await this.handle({ + handler: async (req, responseToolkit) => { + return await this.handle({ routeSchemas, request: req, responseToolkit, - isPublicUnversionedApi, + isPublicUnversionedRoute, handler: this.enhanceWithContext(handler), - }), + emit: events ? { onPostValidation: this.emitPostValidate } : undefined, + }); + }, method, path: getRouteFullPath(this.routerPath, route.path), options: validOptions(method, route), @@ -229,6 +234,8 @@ export class Router, route.options), validationSchemas: route.validate, + // @ts-ignore using isVersioned: false in the type instead of boolean + // for typeguarding between versioned and unversioned RouterRoute types isVersioned, }); }; @@ -240,7 +247,15 @@ export class Router void) { + Router.ee.on(event, cb); + } + + public static off(event: RouterEvents, cb: (req: CoreKibanaRequest, ...args: any[]) => void) { + Router.ee.off(event, cb); + } + + public getRoutes({ excludeVersionedRoutes }: { excludeVersionedRoutes?: boolean } = {}) { if (excludeVersionedRoutes) { return this.routes.filter((route) => !route.isVersioned); } @@ -269,16 +284,29 @@ export class Router { + const postValidate: RouterEvents = 'onPostValidate'; + Router.ee.emit(postValidate, request, routeOptions); + }; + private async handle({ routeSchemas, request, responseToolkit, - isPublicUnversionedApi, + emit, + isPublicUnversionedRoute, handler, }: { request: Request; responseToolkit: ResponseToolkit; - isPublicUnversionedApi: boolean; + emit?: { + onPostValidation: (req: KibanaRequest, reqOptions: any) => void; + }; + isPublicUnversionedRoute: boolean; handler: RequestHandlerEnhanced< P, Q, @@ -300,18 +328,24 @@ export class Router { it('should pass validation for valid route security with authz enabled and valid required privileges', () => { @@ -276,4 +277,31 @@ describe('RouteSecurity validation', () => { `"[authz.requiredPrivileges]: anyRequired privileges must contain unique values"` ); }); + + it('should fail validation when anyRequired has superuser privileges set', () => { + const invalidRouteSecurity = { + authz: { + requiredPrivileges: [ + { anyRequired: ['privilege1', 'privilege1'], allRequired: ['privilege4'] }, + { anyRequired: ['privilege5', ReservedPrivilegesSet.superuser] }, + ], + }, + }; + + expect(() => validRouteSecurity(invalidRouteSecurity)).toThrowErrorMatchingInlineSnapshot( + `"[authz.requiredPrivileges]: Combining superuser with other privileges is redundant, superuser privileges set can be only used as a standalone privilege."` + ); + }); + + it('should fail validation when allRequired combines superuser privileges set with other privileges', () => { + const invalidRouteSecurity = { + authz: { + requiredPrivileges: [ReservedPrivilegesSet.superuser, 'privilege1'], + }, + }; + + expect(() => validRouteSecurity(invalidRouteSecurity)).toThrowErrorMatchingInlineSnapshot( + `"[authz.requiredPrivileges]: Combining superuser with other privileges is redundant, superuser privileges set can be only used as a standalone privilege."` + ); + }); }); diff --git a/packages/core/http/core-http-router-server-internal/src/security_route_config_validator.ts b/packages/core/http/core-http-router-server-internal/src/security_route_config_validator.ts index d74f41d3157b49..65073f9a66ec6f 100644 --- a/packages/core/http/core-http-router-server-internal/src/security_route_config_validator.ts +++ b/packages/core/http/core-http-router-server-internal/src/security_route_config_validator.ts @@ -9,6 +9,7 @@ import { schema } from '@kbn/config-schema'; import type { RouteSecurity, RouteConfigOptions } from '@kbn/core-http-server'; +import { ReservedPrivilegesSet } from '@kbn/core-http-server'; import type { DeepPartial } from '@kbn/utility-types'; const privilegeSetSchema = schema.object( @@ -49,6 +50,15 @@ const requiredPrivilegesSchema = schema.arrayOf( } }); + // Combining superuser with other privileges is redundant. + // If user is a superuser, they inherently have access to all the privileges that may come with other roles. + if ( + anyRequired.includes(ReservedPrivilegesSet.superuser) || + (allRequired.includes(ReservedPrivilegesSet.superuser) && allRequired.length > 1) + ) { + return 'Combining superuser with other privileges is redundant, superuser privileges set can be only used as a standalone privilege.'; + } + if (anyRequired.length && allRequired.length) { for (const privilege of anyRequired) { if (allRequired.includes(privilege)) { diff --git a/packages/core/http/core-http-router-server-internal/src/versioned_router/core_versioned_route.test.ts b/packages/core/http/core-http-router-server-internal/src/versioned_router/core_versioned_route.test.ts index 1442467012d8bd..0ecb65ee768040 100644 --- a/packages/core/http/core-http-router-server-internal/src/versioned_router/core_versioned_route.test.ts +++ b/packages/core/http/core-http-router-server-internal/src/versioned_router/core_versioned_route.test.ts @@ -198,7 +198,7 @@ describe('Versioned route', () => { expect(router.post).toHaveBeenCalledWith( expect.objectContaining(expectedRouteConfig), expect.any(Function), - { isVersioned: true } + { isVersioned: true, events: false } ); }); diff --git a/packages/core/http/core-http-router-server-internal/src/versioned_router/core_versioned_route.ts b/packages/core/http/core-http-router-server-internal/src/versioned_router/core_versioned_route.ts index e9a9e60de8193e..45654696ba0cf0 100644 --- a/packages/core/http/core-http-router-server-internal/src/versioned_router/core_versioned_route.ts +++ b/packages/core/http/core-http-router-server-internal/src/versioned_router/core_versioned_route.ts @@ -18,7 +18,6 @@ import type { KibanaRequest, KibanaResponseFactory, ApiVersion, - AddVersionOpts, VersionedRoute, VersionedRouteConfig, IKibanaResponse, @@ -26,9 +25,10 @@ import type { RouteSecurityGetter, RouteSecurity, RouteMethod, + VersionedRouterRoute, } from '@kbn/core-http-server'; import type { Mutable } from 'utility-types'; -import type { HandlerResolutionStrategy, Method, VersionedRouterRoute } from './types'; +import type { HandlerResolutionStrategy, Method, Options } from './types'; import { validate } from './validate'; import { @@ -46,8 +46,6 @@ import { prepareVersionedRouteValidation, unwrapVersionedResponseBodyValidation import type { RequestLike } from './route_version_utils'; import { Router } from '../router'; -type Options = AddVersionOpts; - interface InternalVersionedRouteConfig extends VersionedRouteConfig { isDev: boolean; useVersionResolutionStrategyForInternalPaths: Map; @@ -68,7 +66,7 @@ function extractValidationSchemaFromHandler(handler: VersionedRouterRoute['handl } export class CoreVersionedRoute implements VersionedRoute { - private readonly handlers = new Map< + public readonly handlers = new Map< ApiVersion, { fn: RequestHandler; @@ -127,7 +125,7 @@ export class CoreVersionedRoute implements VersionedRoute { security: this.getSecurity, }, this.requestHandler, - { isVersioned: true } + { isVersioned: true, events: false } ); } @@ -181,6 +179,7 @@ export class CoreVersionedRoute implements VersionedRoute { } const req = originalReq as Mutable; const version = this.getVersion(req); + req.apiVersion = version; if (!version) { return res.badRequest({ @@ -221,6 +220,8 @@ export class CoreVersionedRoute implements VersionedRoute { req.params = params; req.query = query; } catch (e) { + // Emit onPostValidation even if validation fails. + this.router.emitPostValidate(req, handler.options.options); return res.badRequest({ body: e.message, headers: getVersionHeader(version) }); } } else { @@ -230,6 +231,8 @@ export class CoreVersionedRoute implements VersionedRoute { req.query = {}; } + this.router.emitPostValidate(req, handler.options.options); + const response = await handler.fn(ctx, req, res); if (this.isDev && validation?.response?.[response.status]?.body) { @@ -280,7 +283,6 @@ export class CoreVersionedRoute implements VersionedRoute { public addVersion(options: Options, handler: RequestHandler): VersionedRoute { this.validateVersion(options.version); options = prepareVersionedRouteValidation(options); - this.handlers.set(options.version, { fn: handler, options, diff --git a/packages/core/http/core-http-router-server-internal/src/versioned_router/core_versioned_router.test.ts b/packages/core/http/core-http-router-server-internal/src/versioned_router/core_versioned_router.test.ts index d56de36ba9a29b..a3ffffc0ef219c 100644 --- a/packages/core/http/core-http-router-server-internal/src/versioned_router/core_versioned_router.test.ts +++ b/packages/core/http/core-http-router-server-internal/src/versioned_router/core_versioned_router.test.ts @@ -36,7 +36,6 @@ describe('Versioned router', () => { versionedRouter.get({ path: '/test/{id}', access: 'internal', - deprecated: true, discontinued: 'x.y.z', }); versionedRouter.post({ @@ -50,16 +49,17 @@ describe('Versioned router', () => { Array [ Object { "handlers": Array [], + "isVersioned": true, "method": "get", "options": Object { "access": "internal", - "deprecated": true, "discontinued": "x.y.z", }, "path": "/test/{id}", }, Object { "handlers": Array [], + "isVersioned": true, "method": "post", "options": Object { "access": "internal", @@ -70,6 +70,7 @@ describe('Versioned router', () => { }, Object { "handlers": Array [], + "isVersioned": true, "method": "delete", "options": Object { "access": "internal", diff --git a/packages/core/http/core-http-router-server-internal/src/versioned_router/core_versioned_router.ts b/packages/core/http/core-http-router-server-internal/src/versioned_router/core_versioned_router.ts index e9272e17ab18ed..ef1f8255420ae0 100644 --- a/packages/core/http/core-http-router-server-internal/src/versioned_router/core_versioned_router.ts +++ b/packages/core/http/core-http-router-server-internal/src/versioned_router/core_versioned_router.ts @@ -7,11 +7,16 @@ * License v3.0 only", or the "Server Side Public License, v 1". */ -import type { VersionedRouter, VersionedRoute, VersionedRouteConfig } from '@kbn/core-http-server'; +import type { + VersionedRouter, + VersionedRoute, + VersionedRouteConfig, + VersionedRouterRoute, +} from '@kbn/core-http-server'; import { omit } from 'lodash'; import { CoreVersionedRoute } from './core_versioned_route'; -import type { HandlerResolutionStrategy, Method, VersionedRouterRoute } from './types'; -import type { Router } from '../router'; +import type { HandlerResolutionStrategy, Method } from './types'; +import { getRouteFullPath, type Router } from '../router'; /** @internal */ export interface VersionedRouterArgs { @@ -98,10 +103,11 @@ export class CoreVersionedRouter implements VersionedRouter { public getRoutes(): VersionedRouterRoute[] { return [...this.routes].map((route) => { return { - path: route.path, + path: getRouteFullPath(this.router.routerPath, route.path), method: route.method, options: omit(route.options, 'path'), handlers: route.getHandlers(), + isVersioned: true, }; }); } diff --git a/packages/core/http/core-http-router-server-internal/src/versioned_router/index.ts b/packages/core/http/core-http-router-server-internal/src/versioned_router/index.ts index e283fcc2a590f9..14c08076faae06 100644 --- a/packages/core/http/core-http-router-server-internal/src/versioned_router/index.ts +++ b/packages/core/http/core-http-router-server-internal/src/versioned_router/index.ts @@ -9,6 +9,6 @@ export { resolvers as versionHandlerResolvers } from './handler_resolvers'; export { CoreVersionedRouter } from './core_versioned_router'; -export type { HandlerResolutionStrategy, VersionedRouterRoute } from './types'; +export type { HandlerResolutionStrategy } from './types'; export { ALLOWED_PUBLIC_VERSION } from './route_version_utils'; export { unwrapVersionedResponseBodyValidation } from './util'; diff --git a/packages/core/http/core-http-router-server-internal/src/versioned_router/mocks.ts b/packages/core/http/core-http-router-server-internal/src/versioned_router/mocks.ts index 5a958fa9251f71..36a672ca6a9f75 100644 --- a/packages/core/http/core-http-router-server-internal/src/versioned_router/mocks.ts +++ b/packages/core/http/core-http-router-server-internal/src/versioned_router/mocks.ts @@ -20,6 +20,7 @@ export function createRouter(opts: CreateMockRouterOptions = {}) { put: jest.fn(), getRoutes: jest.fn(), handleLegacyErrors: jest.fn(), + emitPostValidate: jest.fn(), patch: jest.fn(), routerPath: '', versioned: {} as any, diff --git a/packages/core/http/core-http-router-server-internal/src/versioned_router/types.ts b/packages/core/http/core-http-router-server-internal/src/versioned_router/types.ts index aec1f8b0cf0abe..bdcaae486cd9c4 100644 --- a/packages/core/http/core-http-router-server-internal/src/versioned_router/types.ts +++ b/packages/core/http/core-http-router-server-internal/src/versioned_router/types.ts @@ -7,25 +7,12 @@ * License v3.0 only", or the "Server Side Public License, v 1". */ -import type { - AddVersionOpts, - RequestHandler, - RouteMethod, - VersionedRouteConfig, -} from '@kbn/core-http-server'; +import type { AddVersionOpts, RouteMethod } from '@kbn/core-http-server'; export type Method = Exclude; /** @internal */ -export interface VersionedRouterRoute { - method: string; - path: string; - options: Omit, 'path'>; - handlers: Array<{ - fn: RequestHandler; - options: AddVersionOpts; - }>; -} +export type Options = AddVersionOpts; /** * Specifies resolution strategy to use if a request does not provide a version. diff --git a/packages/core/http/core-http-router-server-mocks/src/versioned_router.mock.ts b/packages/core/http/core-http-router-server-mocks/src/versioned_router.mock.ts index 987288cf372bd6..fec80b06963a04 100644 --- a/packages/core/http/core-http-router-server-mocks/src/versioned_router.mock.ts +++ b/packages/core/http/core-http-router-server-mocks/src/versioned_router.mock.ts @@ -14,6 +14,7 @@ import type { AddVersionOpts, RequestHandler, KibanaResponseFactory, + VersionedRouterRoute, } from '@kbn/core-http-server'; export type MockedVersionedRoute = jest.Mocked; @@ -24,14 +25,16 @@ const createMockVersionedRoute = (): MockedVersionedRoute => { return api; }; +type VersionedRouterMethods = keyof Omit; + export type MockedVersionedRouter = jest.Mocked> & { - getRoute: (method: keyof VersionedRouter, path: string) => RegisteredVersionedRoute; + getRoute: (method: VersionedRouterMethods, path: string) => RegisteredVersionedRoute; }; const createMethodHandler = () => jest.fn((_) => createMockVersionedRoute()); - +const createMockGetRoutes = () => jest.fn(() => [] as VersionedRouterRoute[]); export const createVersionedRouterMock = (): MockedVersionedRouter => { - const router: Omit = { + const router: Omit = { delete: createMethodHandler(), get: createMethodHandler(), patch: createMethodHandler(), @@ -42,6 +45,7 @@ export const createVersionedRouterMock = (): MockedVersionedRouter => { return { ...router, getRoute: getRoute.bind(null, router), + getRoutes: createMockGetRoutes(), }; }; @@ -54,9 +58,10 @@ export interface RegisteredVersionedRoute { }; }; } + const getRoute = ( - router: Omit, - method: keyof VersionedRouter, + router: Omit, + method: VersionedRouterMethods, path: string ): RegisteredVersionedRoute => { if (!router[method].mock.calls.length) { diff --git a/packages/core/http/core-http-server-internal/src/http_server.test.ts b/packages/core/http/core-http-server-internal/src/http_server.test.ts index c374ff7ca2107d..69e69f784e65ee 100644 --- a/packages/core/http/core-http-server-internal/src/http_server.test.ts +++ b/packages/core/http/core-http-server-internal/src/http_server.test.ts @@ -906,6 +906,7 @@ test('exposes route details of incoming request to a route handler', async () => .expect(200, { method: 'get', path: '/', + routePath: '/', options: { authRequired: true, xsrfRequired: false, @@ -1088,6 +1089,7 @@ test('exposes route details of incoming request to a route handler (POST + paylo .expect(200, { method: 'post', path: '/', + routePath: '/', options: { authRequired: true, xsrfRequired: true, diff --git a/packages/core/http/core-http-server-internal/src/http_server.ts b/packages/core/http/core-http-server-internal/src/http_server.ts index 46470bac7c5047..1dee6a32867881 100644 --- a/packages/core/http/core-http-server-internal/src/http_server.ts +++ b/packages/core/http/core-http-server-internal/src/http_server.ts @@ -35,10 +35,12 @@ import type { HttpServerInfo, HttpAuth, IAuthHeadersStorage, + RouterDeprecatedRouteDetails, + RouteMethod, } from '@kbn/core-http-server'; import { performance } from 'perf_hooks'; import { isBoom } from '@hapi/boom'; -import { identity } from 'lodash'; +import { identity, isObject } from 'lodash'; import { IHttpEluMonitorConfig } from '@kbn/core-http-server/src/elu_monitor'; import { Env } from '@kbn/config'; import { CoreContext } from '@kbn/core-base-server-internal'; @@ -140,6 +142,7 @@ export interface HttpServerSetup { registerAuth: HttpServiceSetup['registerAuth']; registerOnPostAuth: HttpServiceSetup['registerOnPostAuth']; registerOnPreResponse: HttpServiceSetup['registerOnPreResponse']; + getDeprecatedRoutes: HttpServiceSetup['getDeprecatedRoutes']; authRequestHeaders: IAuthHeadersStorage; auth: HttpAuth; getServerInfo: () => HttpServerInfo; @@ -280,6 +283,7 @@ export class HttpServer { return { registerRouter: this.registerRouter.bind(this), + getDeprecatedRoutes: this.getDeprecatedRoutes.bind(this), registerRouterAfterListening: this.registerRouterAfterListening.bind(this), registerStaticDir: this.registerStaticDir.bind(this), staticAssets, @@ -385,6 +389,45 @@ export class HttpServer { } } + private getDeprecatedRoutes(): RouterDeprecatedRouteDetails[] { + const deprecatedRoutes: RouterDeprecatedRouteDetails[] = []; + + for (const router of this.registeredRouters) { + const allRouterRoutes = [ + // exclude so we dont get double entries. + // we need to call the versioned getRoutes to grab the full version options details + router.getRoutes({ excludeVersionedRoutes: true }), + router.versioned.getRoutes(), + ].flat(); + + deprecatedRoutes.push( + ...allRouterRoutes + .flat() + .map((route) => { + if (route.isVersioned === true) { + return [...route.handlers.entries()].map(([_, { options }]) => { + const deprecated = options.options?.deprecated; + return { route, version: `${options.version}`, deprecated }; + }); + } + return { route, version: undefined, deprecated: route.options.deprecated }; + }) + .flat() + .filter(({ deprecated }) => isObject(deprecated)) + .flatMap(({ route, deprecated, version }) => { + return { + routeDeprecationOptions: deprecated!, + routeMethod: route.method as RouteMethod, + routePath: route.path, + routeVersion: version, + }; + }) + ); + } + + return deprecatedRoutes; + } + private setupGracefulShutdownHandlers() { this.registerOnPreRouting((request, response, toolkit) => { if (this.stopping || this.stopped) { @@ -693,12 +736,13 @@ export class HttpServer { this.log.debug(`registering route handler for [${route.path}]`); // Hapi does not allow payload validation to be specified for 'head' or 'get' requests const validate = isSafeMethod(route.method) ? undefined : { payload: true }; - const { authRequired, tags, body = {}, timeout } = route.options; + const { authRequired, tags, body = {}, timeout, deprecated } = route.options; const { accepts: allow, override, maxBytes, output, parse } = body; const kibanaRouteOptions: KibanaRouteOptions = { xsrfRequired: route.options.xsrfRequired ?? !isSafeMethod(route.method), access: route.options.access ?? 'internal', + deprecated, security: route.security, }; // Log HTTP API target consumer. diff --git a/packages/core/http/core-http-server-internal/src/http_service.ts b/packages/core/http/core-http-server-internal/src/http_service.ts index 3f803b06f15fdd..af310a67920577 100644 --- a/packages/core/http/core-http-server-internal/src/http_service.ts +++ b/packages/core/http/core-http-server-internal/src/http_service.ts @@ -162,7 +162,7 @@ export class HttpService return this.internalPreboot; } - public async setup(deps: SetupDeps) { + public async setup(deps: SetupDeps): Promise { this.requestHandlerContext = deps.context.createContextContainer(); this.configSubscription = this.config$.subscribe(() => { if (this.httpServer.isListening()) { @@ -185,9 +185,11 @@ export class HttpService this.internalSetup = { ...serverContract, - + registerOnPostValidation: (cb) => { + Router.on('onPostValidate', cb); + }, + getRegisteredDeprecatedApis: () => serverContract.getDeprecatedRoutes(), externalUrl: new ExternalUrlConfig(config.externalUrl), - createRouter: ( path: string, pluginId: PluginOpaqueId = this.coreContext.coreId diff --git a/packages/core/http/core-http-server-internal/src/types.ts b/packages/core/http/core-http-server-internal/src/types.ts index 70dde23f035d0d..0706af9ad73a21 100644 --- a/packages/core/http/core-http-server-internal/src/types.ts +++ b/packages/core/http/core-http-server-internal/src/types.ts @@ -16,7 +16,10 @@ import type { IContextContainer, HttpServiceSetup, HttpServiceStart, + RouterDeprecatedRouteDetails, } from '@kbn/core-http-server'; +import { CoreKibanaRequest } from '@kbn/core-http-router-server-internal'; +import { RouteDeprecationInfo } from '@kbn/core-http-server/src/router/route'; import type { HttpServerSetup } from './http_server'; import type { ExternalUrlConfig } from './external_url'; import type { InternalStaticAssets } from './static_assets'; @@ -54,6 +57,9 @@ export interface InternalHttpServiceSetup path: string, plugin?: PluginOpaqueId ) => IRouter; + registerOnPostValidation( + cb: (req: CoreKibanaRequest, metadata: { deprecated: RouteDeprecationInfo }) => void + ): void; registerRouterAfterListening: (router: IRouter) => void; registerStaticDir: (path: string, dirPath: string) => void; authRequestHeaders: IAuthHeadersStorage; @@ -65,6 +71,7 @@ export interface InternalHttpServiceSetup contextName: ContextName, provider: IContextProvider ) => IContextContainer; + getRegisteredDeprecatedApis: () => RouterDeprecatedRouteDetails[]; } /** @internal */ diff --git a/packages/core/http/core-http-server-mocks/src/http_service.mock.ts b/packages/core/http/core-http-server-mocks/src/http_service.mock.ts index 4e803ee5f86a8d..116db3648f120c 100644 --- a/packages/core/http/core-http-server-mocks/src/http_service.mock.ts +++ b/packages/core/http/core-http-server-mocks/src/http_service.mock.ts @@ -171,6 +171,9 @@ const createInternalSetupContractMock = () => { createCookieSessionStorageFactory: jest.fn(), registerOnPreRouting: jest.fn(), registerOnPreAuth: jest.fn(), + getDeprecatedRoutes: jest.fn(), + getRegisteredDeprecatedApis: jest.fn(), + registerOnPostValidation: jest.fn(), registerAuth: jest.fn(), registerOnPostAuth: jest.fn(), registerRouteHandlerContext: jest.fn(), @@ -207,6 +210,7 @@ const createSetupContractMock = < createCookieSessionStorageFactory: internalMock.createCookieSessionStorageFactory, registerOnPreRouting: internalMock.registerOnPreRouting, registerOnPreAuth: jest.fn(), + getDeprecatedRoutes: jest.fn(), registerAuth: internalMock.registerAuth, registerOnPostAuth: internalMock.registerOnPostAuth, registerOnPreResponse: internalMock.registerOnPreResponse, diff --git a/packages/core/http/core-http-server/index.ts b/packages/core/http/core-http-server/index.ts index 4ba653fbd534c1..9c12f6a09ac456 100644 --- a/packages/core/http/core-http-server/index.ts +++ b/packages/core/http/core-http-server/index.ts @@ -93,6 +93,7 @@ export type { IRouter, RouteRegistrar, RouterRoute, + RouterDeprecatedRouteDetails, IKibanaSocket, KibanaErrorResponseFactory, KibanaRedirectionResponseFactory, @@ -127,6 +128,7 @@ export { getResponseValidation, isFullValidatorContainer, isKibanaResponse, + ReservedPrivilegesSet, } from './src/router'; export type { ICspConfig } from './src/csp'; @@ -170,6 +172,7 @@ export type { VersionedRouter, VersionedRouteCustomResponseBodyValidation, VersionedResponseBodyValidation, + VersionedRouterRoute, } from './src/versioning'; export type { IStaticAssets } from './src/static_assets'; diff --git a/packages/core/http/core-http-server/src/http_contract.ts b/packages/core/http/core-http-server/src/http_contract.ts index 72eb70149f5297..e2f675bd8d0c02 100644 --- a/packages/core/http/core-http-server/src/http_contract.ts +++ b/packages/core/http/core-http-server/src/http_contract.ts @@ -12,6 +12,7 @@ import type { IContextProvider, IRouter, RequestHandlerContextBase, + RouterDeprecatedRouteDetails, } from './router'; import type { AuthenticationHandler, @@ -359,6 +360,14 @@ export interface HttpServiceSetup< * Provides common {@link HttpServerInfo | information} about the running http server. */ getServerInfo: () => HttpServerInfo; + + /** + * Provides a list of all registered deprecated routes {{@link RouterDeprecatedRouteDetails | information}}. + * The routers will be evaluated everytime this function gets called to + * accommodate for any late route registrations + * @returns {RouterDeprecatedRouteDetails[]} + */ + getDeprecatedRoutes: () => RouterDeprecatedRouteDetails[]; } /** @public */ diff --git a/packages/core/http/core-http-server/src/router/index.ts b/packages/core/http/core-http-server/src/router/index.ts index c26212fa0de815..8e2b9373c43bd7 100644 --- a/packages/core/http/core-http-server/src/router/index.ts +++ b/packages/core/http/core-http-server/src/router/index.ts @@ -66,7 +66,7 @@ export type { PrivilegeSet, } from './route'; -export { validBodyOutput } from './route'; +export { validBodyOutput, ReservedPrivilegesSet } from './route'; export type { RouteValidationFunction, RouteValidationResultFactory, @@ -80,7 +80,7 @@ export type { LazyValidator, } from './route_validator'; export { RouteValidationError } from './route_validator'; -export type { IRouter, RouteRegistrar, RouterRoute } from './router'; +export type { IRouter, RouteRegistrar, RouterRoute, RouterDeprecatedRouteDetails } from './router'; export type { IKibanaSocket } from './socket'; export type { KibanaErrorResponseFactory, diff --git a/packages/core/http/core-http-server/src/router/request.ts b/packages/core/http/core-http-server/src/router/request.ts index 5cb84a21be0c3f..066372faca1e4b 100644 --- a/packages/core/http/core-http-server/src/router/request.ts +++ b/packages/core/http/core-http-server/src/router/request.ts @@ -13,7 +13,7 @@ import type { Observable } from 'rxjs'; import type { RecursiveReadonly } from '@kbn/utility-types'; import type { HttpProtocol } from '../http_contract'; import type { IKibanaSocket } from './socket'; -import type { RouteMethod, RouteConfigOptions, RouteSecurity } from './route'; +import type { RouteMethod, RouteConfigOptions, RouteSecurity, RouteDeprecationInfo } from './route'; import type { Headers } from './headers'; export type RouteSecurityGetter = (request: { @@ -26,6 +26,7 @@ export type InternalRouteSecurity = RouteSecurity | RouteSecurityGetter; * @public */ export interface KibanaRouteOptions extends RouteOptionsApp { + deprecated?: RouteDeprecationInfo; xsrfRequired: boolean; access: 'internal' | 'public'; security?: InternalRouteSecurity; @@ -59,6 +60,7 @@ export interface KibanaRequestRoute { path: string; method: Method; options: KibanaRequestRouteOptions; + routePath?: string; } /** @@ -190,6 +192,11 @@ export interface KibanaRequest< */ readonly rewrittenUrl?: URL; + /** + * The versioned route API version of this request. + */ + readonly apiVersion: string | undefined; + /** * The path parameter of this request. */ diff --git a/packages/core/http/core-http-server/src/router/route.ts b/packages/core/http/core-http-server/src/router/route.ts index ac723db924a5a5..17fecd1c48b178 100644 --- a/packages/core/http/core-http-server/src/router/route.ts +++ b/packages/core/http/core-http-server/src/router/route.ts @@ -113,6 +113,43 @@ export type RouteAccess = 'public' | 'internal'; export type Privilege = string; +/** + * Route Deprecation info + * This information will assist Kibana HTTP API users when upgrading to new versions + * of the Elastic stack (via Upgrade Assistant) and will be surfaced in documentation + * created from HTTP API introspection (like OAS). + */ +export interface RouteDeprecationInfo { + documentationUrl: string; + severity: 'warning' | 'critical'; + reason: VersionBumpDeprecationType | RemovalApiDeprecationType | MigrationApiDeprecationType; +} + +/** + * bump deprecation reason denotes a new version of the API is available + */ +interface VersionBumpDeprecationType { + type: 'bump'; + newApiVersion: string; +} + +/** + * remove deprecation reason denotes the API was fully removed with no replacement + */ +interface RemovalApiDeprecationType { + type: 'remove'; +} + +/** + * migrate deprecation reason denotes the API has been migrated to a different API path + * Please make sure that if you are only incrementing the version of the API to use 'bump' instead + */ +interface MigrationApiDeprecationType { + type: 'migrate'; + newApiPath: string; + newApiMethod: string; +} + /** * A set of privileges that can be used to define complex authorization requirements. * @@ -187,6 +224,14 @@ export interface RouteSecurity { authc?: RouteAuthc; } +/** + * A set of reserved privileges that can be used to check access to the route. + */ +export enum ReservedPrivilegesSet { + operator = 'operator', + superuser = 'superuser', +} + /** * Additional route options. * @public @@ -277,12 +322,18 @@ export interface RouteConfigOptions { description?: string; /** - * Setting this to `true` declares this route to be deprecated. Consumers SHOULD - * refrain from usage of this route. + * Description of deprecations for this HTTP API. * - * @remarks This will be surfaced in OAS documentation. + * @remark This will assist Kibana HTTP API users when upgrading to new versions + * of the Elastic stack (via Upgrade Assistant) and will be surfaced in documentation + * created from HTTP API introspection (like OAS). + * + * Setting this object marks the route as deprecated. + * + * @remarks This may be surfaced in OAS documentation. + * @public */ - deprecated?: boolean; + deprecated?: RouteDeprecationInfo; /** * Whether this route should be treated as "invisible" and excluded from router diff --git a/packages/core/http/core-http-server/src/router/router.ts b/packages/core/http/core-http-server/src/router/router.ts index ba2b5eb906a937..d8b79bee13025a 100644 --- a/packages/core/http/core-http-server/src/router/router.ts +++ b/packages/core/http/core-http-server/src/router/router.ts @@ -10,7 +10,7 @@ import type { Request, ResponseObject, ResponseToolkit } from '@hapi/hapi'; import type Boom from '@hapi/boom'; import type { VersionedRouter } from '../versioning'; -import type { RouteConfig, RouteMethod } from './route'; +import type { RouteConfig, RouteDeprecationInfo, RouteMethod } from './route'; import type { RequestHandler, RequestHandlerWrapper } from './request_handler'; import type { RequestHandlerContextBase } from './request_handler_context'; import type { RouteConfigOptions } from './route'; @@ -98,7 +98,7 @@ export interface IRouter RouterRoute[]; + getRoutes: (options?: { excludeVersionedRoutes?: boolean }) => RouterRoute[]; /** * An instance very similar to {@link IRouter} that can be used for versioning HTTP routes @@ -139,4 +139,13 @@ export interface RouterRoute { req: Request, responseToolkit: ResponseToolkit ) => Promise>; + isVersioned: false; +} + +/** @public */ +export interface RouterDeprecatedRouteDetails { + routeDeprecationOptions: RouteDeprecationInfo; + routeMethod: RouteMethod; + routePath: string; + routeVersion?: string; } diff --git a/packages/core/http/core-http-server/src/versioning/index.ts b/packages/core/http/core-http-server/src/versioning/index.ts index 94b60bd105aac5..8d8a664c769acc 100644 --- a/packages/core/http/core-http-server/src/versioning/index.ts +++ b/packages/core/http/core-http-server/src/versioning/index.ts @@ -19,4 +19,5 @@ export type { VersionedRouter, VersionedRouteCustomResponseBodyValidation, VersionedResponseBodyValidation, + VersionedRouterRoute, } from './types'; diff --git a/packages/core/http/core-http-server/src/versioning/types.ts b/packages/core/http/core-http-server/src/versioning/types.ts index 7998c9cc91fa9f..63e1e377548038 100644 --- a/packages/core/http/core-http-server/src/versioning/types.ts +++ b/packages/core/http/core-http-server/src/versioning/types.ts @@ -20,7 +20,7 @@ import type { RouteValidationFunction, LazyValidator, } from '../..'; - +import type { RouteDeprecationInfo } from '../router/route'; type RqCtx = RequestHandlerContextBase; export type { ApiVersion }; @@ -89,17 +89,9 @@ export type VersionedRouteConfig = Omit< */ description?: string; - /** - * Declares this operation to be deprecated. Consumers SHOULD refrain from usage - * of this route. This will be surfaced in OAS documentation. - * - * @default false - */ - deprecated?: boolean; - /** * Release version or date that this route will be removed - * Use with `deprecated: true` + * Use with `deprecated: {@link RouteDeprecationInfo}` * * @default undefined */ @@ -234,6 +226,11 @@ export interface VersionedRouter { * @track-adoption */ delete: VersionedRouteRegistrar<'delete', Ctx>; + + /** + * @public + */ + getRoutes: () => VersionedRouterRoute[]; } /** @public */ @@ -341,6 +338,10 @@ export interface AddVersionOpts { validate: false | VersionedRouteValidation | (() => VersionedRouteValidation); // Provide a way to lazily load validation schemas security?: Exclude['security'], undefined>; + + options?: { + deprecated?: RouteDeprecationInfo; + }; } /** @@ -363,3 +364,11 @@ export interface VersionedRoute< handler: (...params: Parameters>) => MaybePromise ): VersionedRoute; } + +export interface VersionedRouterRoute

{ + method: string; + path: string; + options: Omit, 'path'>; + handlers: Array<{ fn: RequestHandler; options: AddVersionOpts }>; + isVersioned: true; +} diff --git a/packages/core/http/core-http-server/tsconfig.json b/packages/core/http/core-http-server/tsconfig.json index 64b2dacf2f292b..50a0ce973eb4e4 100644 --- a/packages/core/http/core-http-server/tsconfig.json +++ b/packages/core/http/core-http-server/tsconfig.json @@ -15,7 +15,7 @@ "@kbn/utility-types", "@kbn/core-base-common", "@kbn/core-http-common", - "@kbn/zod" + "@kbn/zod", ], "exclude": [ "target/**/*", diff --git a/packages/core/lifecycle/core-lifecycle-server-mocks/src/core_setup.mock.ts b/packages/core/lifecycle/core-lifecycle-server-mocks/src/core_setup.mock.ts index b50e9279d47214..30f5958bd92c53 100644 --- a/packages/core/lifecycle/core-lifecycle-server-mocks/src/core_setup.mock.ts +++ b/packages/core/lifecycle/core-lifecycle-server-mocks/src/core_setup.mock.ts @@ -76,6 +76,8 @@ export function createCoreSetupMock({ userProfile: userProfileServiceMock.createSetup(), coreUsageData: { registerUsageCounter: coreUsageDataServiceMock.createSetupContract().registerUsageCounter, + registerDeprecatedUsageFetch: + coreUsageDataServiceMock.createSetupContract().registerDeprecatedUsageFetch, }, plugins: { onSetup: jest.fn(), diff --git a/packages/core/plugins/core-plugins-server-internal/src/plugin_context.ts b/packages/core/plugins/core-plugins-server-internal/src/plugin_context.ts index 2fcdf384cb8971..d7d40c9b792f78 100644 --- a/packages/core/plugins/core-plugins-server-internal/src/plugin_context.ts +++ b/packages/core/plugins/core-plugins-server-internal/src/plugin_context.ts @@ -225,6 +225,7 @@ export function createPluginSetupContext({ }, http: { createCookieSessionStorageFactory: deps.http.createCookieSessionStorageFactory, + getDeprecatedRoutes: deps.http.getDeprecatedRoutes, registerRouteHandlerContext: < Context extends RequestHandlerContext, ContextName extends keyof Omit @@ -283,6 +284,7 @@ export function createPluginSetupContext({ deprecations: deps.deprecations.getRegistry(plugin.name), coreUsageData: { registerUsageCounter: deps.coreUsageData.registerUsageCounter, + registerDeprecatedUsageFetch: deps.coreUsageData.registerDeprecatedUsageFetch, }, plugins: { onSetup: (...dependencyNames) => runtimeResolver.onSetup(plugin.name, dependencyNames), diff --git a/packages/core/root/core-root-server-internal/src/server.ts b/packages/core/root/core-root-server-internal/src/server.ts index 447db192c3048b..5082a27930e877 100644 --- a/packages/core/root/core-root-server-internal/src/server.ts +++ b/packages/core/root/core-root-server-internal/src/server.ts @@ -276,10 +276,6 @@ export class Server { executionContext: executionContextSetup, }); - const deprecationsSetup = await this.deprecations.setup({ - http: httpSetup, - }); - // setup i18n prior to any other service, to have translations ready const i18nServiceSetup = await this.i18n.setup({ http: httpSetup, pluginPaths }); @@ -303,6 +299,11 @@ export class Server { changedDeprecatedConfigPath$: this.configService.getDeprecatedConfigPath$(), }); + const deprecationsSetup = await this.deprecations.setup({ + http: httpSetup, + coreUsageData: coreUsageDataSetup, + }); + const savedObjectsSetup = await this.savedObjects.setup({ http: httpSetup, elasticsearch: elasticsearchServiceSetup, diff --git a/packages/core/saved-objects/core-saved-objects-migration-server-internal/src/actions/check_target_mappings.test.ts b/packages/core/saved-objects/core-saved-objects-migration-server-internal/src/actions/check_target_mappings.test.ts index ada352154a3cae..cae79279a14abc 100644 --- a/packages/core/saved-objects/core-saved-objects-migration-server-internal/src/actions/check_target_mappings.test.ts +++ b/packages/core/saved-objects/core-saved-objects-migration-server-internal/src/actions/check_target_mappings.test.ts @@ -176,8 +176,9 @@ describe('checkTargetTypesMappings', () => { const result = await task(); expect(result).toEqual( - Either.right({ - type: 'types_match' as const, + Either.left({ + type: 'types_added' as const, + newTypes: ['type3'], }) ); }); diff --git a/packages/core/saved-objects/core-saved-objects-migration-server-internal/src/actions/check_target_mappings.ts b/packages/core/saved-objects/core-saved-objects-migration-server-internal/src/actions/check_target_mappings.ts index 0caee08825373e..d3432d524071ad 100644 --- a/packages/core/saved-objects/core-saved-objects-migration-server-internal/src/actions/check_target_mappings.ts +++ b/packages/core/saved-objects/core-saved-objects-migration-server-internal/src/actions/check_target_mappings.ts @@ -11,7 +11,7 @@ import * as Either from 'fp-ts/lib/Either'; import * as TaskEither from 'fp-ts/lib/TaskEither'; import type { IndexMapping, VirtualVersionMap } from '@kbn/core-saved-objects-base-server-internal'; -import { getUpdatedTypes } from '../core/compare_mappings'; +import { getNewAndUpdatedTypes } from '../core/compare_mappings'; /** @internal */ export interface CheckTargetTypesMappingsParams { @@ -38,6 +38,12 @@ export interface TypesChanged { updatedTypes: string[]; } +/** @internal */ +export interface TypesAdded { + type: 'types_added'; + newTypes: string[]; +} + export const checkTargetTypesMappings = ({ indexTypes, @@ -46,7 +52,7 @@ export const checkTargetTypesMappings = latestMappingsVersions, hashToVersionMap = {}, }: CheckTargetTypesMappingsParams): TaskEither.TaskEither< - IndexMappingsIncomplete | TypesChanged, + IndexMappingsIncomplete | TypesChanged | TypesAdded, TypesMatch > => async () => { @@ -58,7 +64,7 @@ export const checkTargetTypesMappings = return Either.left({ type: 'index_mappings_incomplete' as const }); } - const updatedTypes = getUpdatedTypes({ + const { newTypes, updatedTypes } = getNewAndUpdatedTypes({ indexTypes, indexMeta: indexMappings?._meta, latestMappingsVersions, @@ -70,6 +76,11 @@ export const checkTargetTypesMappings = type: 'types_changed' as const, updatedTypes, }); + } else if (newTypes.length) { + return Either.left({ + type: 'types_added' as const, + newTypes, + }); } else { return Either.right({ type: 'types_match' as const }); } diff --git a/packages/core/saved-objects/core-saved-objects-migration-server-internal/src/actions/index.ts b/packages/core/saved-objects/core-saved-objects-migration-server-internal/src/actions/index.ts index d489b6e51ae03e..94727f88580ace 100644 --- a/packages/core/saved-objects/core-saved-objects-migration-server-internal/src/actions/index.ts +++ b/packages/core/saved-objects/core-saved-objects-migration-server-internal/src/actions/index.ts @@ -112,7 +112,7 @@ import type { UnknownDocsFound } from './check_for_unknown_docs'; import type { IncompatibleClusterRoutingAllocation } from './check_cluster_routing_allocation'; import type { ClusterShardLimitExceeded } from './create_index'; import type { SynchronizationFailed } from './synchronize_migrators'; -import type { IndexMappingsIncomplete, TypesChanged } from './check_target_mappings'; +import type { IndexMappingsIncomplete, TypesAdded, TypesChanged } from './check_target_mappings'; export type { CheckForUnknownDocsParams, @@ -193,6 +193,7 @@ export interface ActionErrorTypeMap { synchronization_failed: SynchronizationFailed; index_mappings_incomplete: IndexMappingsIncomplete; types_changed: TypesChanged; + types_added: TypesAdded; operation_not_supported: OperationNotSupported; source_equals_target: SourceEqualsTarget; } diff --git a/packages/core/saved-objects/core-saved-objects-migration-server-internal/src/actions/update_source_mappings_properties.test.ts b/packages/core/saved-objects/core-saved-objects-migration-server-internal/src/actions/update_source_mappings_properties.test.ts index d79b7f531167aa..80fad365f2c74f 100644 --- a/packages/core/saved-objects/core-saved-objects-migration-server-internal/src/actions/update_source_mappings_properties.test.ts +++ b/packages/core/saved-objects/core-saved-objects-migration-server-internal/src/actions/update_source_mappings_properties.test.ts @@ -47,6 +47,7 @@ describe('updateSourceMappingsProperties', () => { appMappings: { properties: { a: { type: 'keyword' }, + b: { type: 'long' }, c: { type: 'long' }, ...getBaseMappings().properties, }, @@ -68,8 +69,10 @@ describe('updateSourceMappingsProperties', () => { it('should not update mappings when there are no changes', async () => { // we overwrite the app mappings to have the "unchanged" values with respect to the index mappings const sameMappingsParams = chain(params) + // let's not introduce 'c' for now + .set('indexTypes', ['a', 'b']) // even if the app versions are more recent, we emulate a scenario where mappings haven NOT changed - .set('latestMappingsVersions', { a: '10.1.0', b: '10.1.0', c: '10.1.0' }) + .set('latestMappingsVersions', { a: '10.1.0', b: '10.1.0' }) .value(); const result = await updateSourceMappingsProperties(sameMappingsParams)(); @@ -78,6 +81,28 @@ describe('updateSourceMappingsProperties', () => { expect(result).toHaveProperty('right', 'update_mappings_succeeded'); }); + it('should update mappings if there are new types', async () => { + // we overwrite the app mappings to have the "unchanged" values with respect to the index mappings + const sameMappingsParams = chain(params) + // even if the app versions are more recent, we emulate a scenario where mappings haven NOT changed + .set('latestMappingsVersions', { a: '10.1.0', b: '10.1.0', c: '10.1.0' }) + .value(); + const result = await updateSourceMappingsProperties(sameMappingsParams)(); + + expect(client.indices.putMapping).toHaveBeenCalledTimes(1); + expect(client.indices.putMapping).toHaveBeenCalledWith( + expect.objectContaining({ + properties: expect.objectContaining({ + a: { type: 'keyword' }, + b: { type: 'long' }, + c: { type: 'long' }, + }), + }) + ); + expect(Either.isRight(result)).toEqual(true); + expect(result).toHaveProperty('right', 'update_mappings_succeeded'); + }); + it('should return that mappings are updated when changes are compatible', async () => { const result = await updateSourceMappingsProperties(params)(); diff --git a/packages/core/saved-objects/core-saved-objects-migration-server-internal/src/core/compare_mappings.test.ts b/packages/core/saved-objects/core-saved-objects-migration-server-internal/src/core/compare_mappings.test.ts index 4a155944c4149b..e756fb65ce71f6 100644 --- a/packages/core/saved-objects/core-saved-objects-migration-server-internal/src/core/compare_mappings.test.ts +++ b/packages/core/saved-objects/core-saved-objects-migration-server-internal/src/core/compare_mappings.test.ts @@ -9,17 +9,20 @@ import type { IndexMappingMeta } from '@kbn/core-saved-objects-base-server-internal'; import { getBaseMappings } from './build_active_mappings'; -import { getUpdatedTypes, getUpdatedRootFields } from './compare_mappings'; +import { getUpdatedRootFields, getNewAndUpdatedTypes } from './compare_mappings'; -describe('getUpdatedTypes', () => { +describe('getNewAndUpdatedTypes', () => { test('returns all types if _meta is missing in indexMappings', () => { const indexTypes = ['foo', 'bar']; const latestMappingsVersions = {}; - expect(getUpdatedTypes({ indexTypes, indexMeta: undefined, latestMappingsVersions })).toEqual([ - 'foo', - 'bar', - ]); + const { newTypes, updatedTypes } = getNewAndUpdatedTypes({ + indexTypes, + indexMeta: undefined, + latestMappingsVersions, + }); + expect(newTypes).toEqual([]); + expect(updatedTypes).toEqual(['foo', 'bar']); }); test('returns all types if migrationMappingPropertyHashes and mappingVersions are missing in indexMappings', () => { @@ -27,14 +30,17 @@ describe('getUpdatedTypes', () => { const indexMeta: IndexMappingMeta = {}; const latestMappingsVersions = {}; - expect(getUpdatedTypes({ indexTypes, indexMeta, latestMappingsVersions })).toEqual([ - 'foo', - 'bar', - ]); + const { newTypes, updatedTypes } = getNewAndUpdatedTypes({ + indexTypes, + indexMeta, + latestMappingsVersions, + }); + expect(newTypes).toEqual([]); + expect(updatedTypes).toEqual(['foo', 'bar']); }); describe('when ONLY migrationMappingPropertyHashes exists in indexMappings', () => { - test('uses the provided hashToVersionMap to compare changes and return only the types that have changed', async () => { + test('uses the provided hashToVersionMap to compare changes and return new types and types that have changed', async () => { const indexTypes = ['type1', 'type2', 'type4']; const indexMeta: IndexMappingMeta = { migrationMappingPropertyHashes: { @@ -56,14 +62,19 @@ describe('getUpdatedTypes', () => { type4: '10.5.0', // new type, no need to pick it up }; - expect( - getUpdatedTypes({ indexTypes, indexMeta, latestMappingsVersions, hashToVersionMap }) - ).toEqual(['type2']); + const { newTypes, updatedTypes } = getNewAndUpdatedTypes({ + indexTypes, + indexMeta, + latestMappingsVersions, + hashToVersionMap, + }); + expect(newTypes).toEqual(['type4']); + expect(updatedTypes).toEqual(['type2']); }); }); describe('when mappingVersions exist in indexMappings', () => { - test('compares the modelVersions and returns only the types that have changed', async () => { + test('compares the modelVersions and returns new types and types that have changed', async () => { const indexTypes = ['type1', 'type2', 'type4']; const indexMeta: IndexMappingMeta = { @@ -90,9 +101,14 @@ describe('getUpdatedTypes', () => { // empty on purpose, not used as mappingVersions is present in indexMappings }; - expect( - getUpdatedTypes({ indexTypes, indexMeta, latestMappingsVersions, hashToVersionMap }) - ).toEqual(['type2']); + const { newTypes, updatedTypes } = getNewAndUpdatedTypes({ + indexTypes, + indexMeta, + latestMappingsVersions, + hashToVersionMap, + }); + expect(newTypes).toEqual(['type4']); + expect(updatedTypes).toEqual(['type2']); }); }); }); diff --git a/packages/core/saved-objects/core-saved-objects-migration-server-internal/src/core/compare_mappings.ts b/packages/core/saved-objects/core-saved-objects-migration-server-internal/src/core/compare_mappings.ts index b10311cb9f7ed6..0e2de5ee51ec6f 100644 --- a/packages/core/saved-objects/core-saved-objects-migration-server-internal/src/core/compare_mappings.ts +++ b/packages/core/saved-objects/core-saved-objects-migration-server-internal/src/core/compare_mappings.ts @@ -33,43 +33,56 @@ export const getUpdatedRootFields = (indexMappings: IndexMapping): string[] => { .map(([propertyName]) => propertyName); }; +interface GetUpdatedTypesParams { + indexMeta?: IndexMappingMeta; + indexTypes: string[]; + latestMappingsVersions: VirtualVersionMap; + hashToVersionMap?: Record; +} + /** * Compares the current vs stored mappings' hashes or modelVersions. - * Returns a list with all the types that have been updated. + * Returns 2 lists: one with all the new types and one with the types that have been updated. * @param indexMeta The meta information stored in the SO index * @param knownTypes The list of SO types that belong to the index and are enabled * @param latestMappingsVersions A map holding [type => version] with the latest versions where mappings have changed for each type * @param hashToVersionMap A map holding information about [md5 => modelVersion] equivalence - * @returns the list of types that have been updated (in terms of their mappings) + * @returns the lists of new types and updated types */ -export const getUpdatedTypes = ({ +export const getNewAndUpdatedTypes = ({ indexMeta, indexTypes, latestMappingsVersions, hashToVersionMap = {}, -}: { - indexMeta?: IndexMappingMeta; - indexTypes: string[]; - latestMappingsVersions: VirtualVersionMap; - hashToVersionMap?: Record; -}): string[] => { +}: GetUpdatedTypesParams) => { if (!indexMeta || (!indexMeta.mappingVersions && !indexMeta.migrationMappingPropertyHashes)) { // if we currently do NOT have meta information stored in the index // we consider that all types have been updated - return indexTypes; + return { newTypes: [], updatedTypes: indexTypes }; } // If something exists in stored, but is missing in current // we don't care, as it could be a disabled plugin, etc // and keeping stale stuff around is better than migrating unecessesarily. - return indexTypes.filter((type) => - isTypeUpdated({ + const newTypes: string[] = []; + const updatedTypes: string[] = []; + + indexTypes.forEach((type) => { + const status = checkTypeStatus({ type, mappingVersion: latestMappingsVersions[type], indexMeta, hashToVersionMap, - }) - ); + }); + + if (status === 'new') { + newTypes.push(type); + } else if (status === 'updated') { + updatedTypes.push(type); + } + }); + + return { newTypes, updatedTypes }; }; /** @@ -78,9 +91,9 @@ export const getUpdatedTypes = ({ * @param mappingVersion The most recent model version that includes mappings changes * @param indexMeta The meta information stored in the SO index * @param hashToVersionMap A map holding information about [md5 => modelVersion] equivalence - * @returns true if the mappings for the given type have changed since Kibana was last started + * @returns 'new' | 'updated' | 'unchanged' depending on whether the type has changed */ -function isTypeUpdated({ +function checkTypeStatus({ type, mappingVersion, indexMeta, @@ -90,7 +103,7 @@ function isTypeUpdated({ mappingVersion: string; indexMeta: IndexMappingMeta; hashToVersionMap: Record; -}): boolean { +}): 'new' | 'updated' | 'unchanged' { const latestMappingsVersion = Semver.parse(mappingVersion); if (!latestMappingsVersion) { throw new Error( @@ -104,26 +117,28 @@ function isTypeUpdated({ if (!indexVersion) { // either a new type, and thus there's not need to update + pickup any docs // or an old re-enabled type, which will be updated on OUTDATED_DOCUMENTS_TRANSFORM - return false; + return 'new'; } // if the last version where mappings have changed is more recent than the one stored in the index // it means that the type has been updated - return latestMappingsVersion.compare(indexVersion) === 1; + return latestMappingsVersion.compare(indexVersion) === 1 ? 'updated' : 'unchanged'; } else if (indexMeta.migrationMappingPropertyHashes) { const latestHash = indexMeta.migrationMappingPropertyHashes?.[type]; if (!latestHash) { // either a new type, and thus there's not need to update + pickup any docs // or an old re-enabled type, which will be updated on OUTDATED_DOCUMENTS_TRANSFORM - return false; + return 'new'; } const indexEquivalentVersion = hashToVersionMap[`${type}|${latestHash}`]; - return !indexEquivalentVersion || latestMappingsVersion.compare(indexEquivalentVersion) === 1; + return !indexEquivalentVersion || latestMappingsVersion.compare(indexEquivalentVersion) === 1 + ? 'updated' + : 'unchanged'; } // at this point, the mappings do not contain any meta informataion // we consider the type has been updated, out of caution - return true; + return 'updated'; } diff --git a/packages/core/saved-objects/core-saved-objects-migration-server-internal/src/core/diff_mappings.test.ts b/packages/core/saved-objects/core-saved-objects-migration-server-internal/src/core/diff_mappings.test.ts index c9c4beabe2d7f5..5a34dfba6eddc2 100644 --- a/packages/core/saved-objects/core-saved-objects-migration-server-internal/src/core/diff_mappings.test.ts +++ b/packages/core/saved-objects/core-saved-objects-migration-server-internal/src/core/diff_mappings.test.ts @@ -9,12 +9,14 @@ import type { IndexMapping } from '@kbn/core-saved-objects-base-server-internal'; import { getBaseMappings } from './build_active_mappings'; -import { getUpdatedRootFields, getUpdatedTypes } from './compare_mappings'; +import { getUpdatedRootFields, getNewAndUpdatedTypes } from './compare_mappings'; import { diffMappings } from './diff_mappings'; jest.mock('./compare_mappings'); const getUpdatedRootFieldsMock = getUpdatedRootFields as jest.MockedFn; -const getUpdatedTypesMock = getUpdatedTypes as jest.MockedFn; +const getNewAndUpdatedTypesMock = getNewAndUpdatedTypes as jest.MockedFn< + typeof getNewAndUpdatedTypes +>; const dummyMappings: IndexMapping = { _meta: { @@ -56,7 +58,7 @@ const dummyHashToVersionMap = { describe('diffMappings', () => { beforeEach(() => { getUpdatedRootFieldsMock.mockReset(); - getUpdatedTypesMock.mockReset(); + getNewAndUpdatedTypesMock.mockReset(); }); test('is different if dynamic is different', () => { @@ -114,14 +116,17 @@ describe('diffMappings', () => { expect(getUpdatedRootFieldsMock).toHaveBeenCalledTimes(1); expect(getUpdatedRootFieldsMock).toHaveBeenCalledWith(initialMappings); - expect(getUpdatedTypesMock).not.toHaveBeenCalled(); + expect(getNewAndUpdatedTypesMock).not.toHaveBeenCalled(); }); }); - describe('if some types have changed', () => { + describe('if there are new or updated types', () => { test('returns a changed type', () => { getUpdatedRootFieldsMock.mockReturnValueOnce([]); - getUpdatedTypesMock.mockReturnValueOnce(['foo', 'bar']); + getNewAndUpdatedTypesMock.mockReturnValueOnce({ + newTypes: ['baz'], + updatedTypes: ['foo'], + }); expect( diffMappings({ @@ -137,8 +142,8 @@ describe('diffMappings', () => { expect(getUpdatedRootFieldsMock).toHaveBeenCalledTimes(1); expect(getUpdatedRootFieldsMock).toHaveBeenCalledWith(initialMappings); - expect(getUpdatedTypesMock).toHaveBeenCalledTimes(1); - expect(getUpdatedTypesMock).toHaveBeenCalledWith({ + expect(getNewAndUpdatedTypesMock).toHaveBeenCalledTimes(1); + expect(getNewAndUpdatedTypesMock).toHaveBeenCalledWith({ indexTypes: ['foo', 'bar', 'baz'], indexMeta: initialMappings._meta, latestMappingsVersions: { @@ -152,7 +157,10 @@ describe('diffMappings', () => { describe('if no root field or types have changed', () => { test('returns undefined', () => { getUpdatedRootFieldsMock.mockReturnValueOnce([]); - getUpdatedTypesMock.mockReturnValueOnce([]); + getNewAndUpdatedTypesMock.mockReturnValueOnce({ + newTypes: [], + updatedTypes: [], + }); expect( diffMappings({ diff --git a/packages/core/saved-objects/core-saved-objects-migration-server-internal/src/core/diff_mappings.ts b/packages/core/saved-objects/core-saved-objects-migration-server-internal/src/core/diff_mappings.ts index 1f018487545025..7bc806e4277c09 100644 --- a/packages/core/saved-objects/core-saved-objects-migration-server-internal/src/core/diff_mappings.ts +++ b/packages/core/saved-objects/core-saved-objects-migration-server-internal/src/core/diff_mappings.ts @@ -8,7 +8,7 @@ */ import type { IndexMapping, VirtualVersionMap } from '@kbn/core-saved-objects-base-server-internal'; -import { getUpdatedRootFields, getUpdatedTypes } from './compare_mappings'; +import { getNewAndUpdatedTypes, getUpdatedRootFields } from './compare_mappings'; /** * Diffs the stored vs app mappings. @@ -56,8 +56,9 @@ export function diffMappings({ } /** - * Finds a property that has changed its schema with respect to the mappings stored in the SO index - * It can either be a root field or a SO type + * Finds a property (either a root field or a SO type) that either: + * - is new (did not exist in the current mappings) + * - has changed its schema with respect to the mappings stored in the SO index * @returns the name of the property (if any) */ function findChangedProp({ @@ -76,7 +77,7 @@ function findChangedProp({ return updatedFields[0]; } - const updatedTypes = getUpdatedTypes({ + const { newTypes, updatedTypes } = getNewAndUpdatedTypes({ indexMeta: indexMappings._meta, indexTypes, latestMappingsVersions, @@ -84,6 +85,8 @@ function findChangedProp({ }); if (updatedTypes.length) { return updatedTypes[0]; + } else if (newTypes.length) { + return newTypes[0]; } return undefined; diff --git a/packages/core/saved-objects/core-saved-objects-migration-server-internal/src/model/model.test.ts b/packages/core/saved-objects/core-saved-objects-migration-server-internal/src/model/model.test.ts index 23e5fba10fe3b0..54d8c9a6d0b7cc 100644 --- a/packages/core/saved-objects/core-saved-objects-migration-server-internal/src/model/model.test.ts +++ b/packages/core/saved-objects/core-saved-objects-migration-server-internal/src/model/model.test.ts @@ -2689,6 +2689,18 @@ describe('migrations v2 model', () => { }); }); + it('CHECK_TARGET_MAPPINGS -> UPDATE_TARGET_MAPPINGS_META if ONLY new SO types have been added', () => { + const res: ResponseType<'CHECK_TARGET_MAPPINGS'> = Either.left({ + type: 'types_added' as const, + updatedFields: [], + newTypes: ['newFeatureType'], + }); + const newState = model(checkTargetTypesMappingsState, res) as UpdateTargetMappingsMeta; + expect(newState.controlState).toEqual('UPDATE_TARGET_MAPPINGS_META'); + expect(newState.retryCount).toEqual(0); + expect(newState.retryDelay).toEqual(0); + }); + it('CHECK_TARGET_MAPPINGS -> CHECK_VERSION_INDEX_READY_ACTIONS if types match (there might be additions in core fields)', () => { const res: ResponseType<'CHECK_TARGET_MAPPINGS'> = Either.right({ type: 'types_match' as const, diff --git a/packages/core/saved-objects/core-saved-objects-migration-server-internal/src/model/model.ts b/packages/core/saved-objects/core-saved-objects-migration-server-internal/src/model/model.ts index 14b171ac097da0..f31f7c886af787 100644 --- a/packages/core/saved-objects/core-saved-objects-migration-server-internal/src/model/model.ts +++ b/packages/core/saved-objects/core-saved-objects-migration-server-internal/src/model/model.ts @@ -1522,6 +1522,12 @@ export const model = (currentState: State, resW: ResponseType): }, ], }; + } else if (isTypeof(left, 'types_added')) { + // compatible migration: ONLY new SO types have been introduced, skip directly to UPDATE_TARGET_MAPPINGS_META + return { + ...stateP, + controlState: 'UPDATE_TARGET_MAPPINGS_META', + }; } else { throwBadResponse(stateP, res as never); } diff --git a/packages/core/saved-objects/core-saved-objects-server-internal/src/mocks/internal_mocks.ts b/packages/core/saved-objects/core-saved-objects-server-internal/src/mocks/internal_mocks.ts index 625c8ed77fb48f..ff5fe86df11735 100644 --- a/packages/core/saved-objects/core-saved-objects-server-internal/src/mocks/internal_mocks.ts +++ b/packages/core/saved-objects/core-saved-objects-server-internal/src/mocks/internal_mocks.ts @@ -36,6 +36,7 @@ export const createCoreUsageDataSetupMock = () => { getClient: jest.fn(), registerUsageCounter: jest.fn(), incrementUsageCounter: jest.fn(), + registerDeprecatedUsageFetch: jest.fn(), }; return setupContract; }; diff --git a/packages/core/saved-objects/core-saved-objects-server-internal/src/routes/bulk_create.ts b/packages/core/saved-objects/core-saved-objects-server-internal/src/routes/bulk_create.ts index b90aa0226d71c6..c9a8656b3f7530 100644 --- a/packages/core/saved-objects/core-saved-objects-server-internal/src/routes/bulk_create.ts +++ b/packages/core/saved-objects/core-saved-objects-server-internal/src/routes/bulk_create.ts @@ -38,6 +38,7 @@ export const registerBulkCreateRoute = ( summary: `Create saved objects`, tags: ['oas-tag:saved objects'], access, + // @ts-expect-error TODO(https://github.com/elastic/kibana/issues/196095): Replace {RouteDeprecationInfo} deprecated: true, }, validate: { diff --git a/packages/core/saved-objects/core-saved-objects-server-internal/src/routes/bulk_delete.ts b/packages/core/saved-objects/core-saved-objects-server-internal/src/routes/bulk_delete.ts index 0f33ddc384bedb..65209a60727486 100644 --- a/packages/core/saved-objects/core-saved-objects-server-internal/src/routes/bulk_delete.ts +++ b/packages/core/saved-objects/core-saved-objects-server-internal/src/routes/bulk_delete.ts @@ -38,6 +38,7 @@ export const registerBulkDeleteRoute = ( summary: `Delete saved objects`, tags: ['oas-tag:saved objects'], access, + // @ts-expect-error TODO(https://github.com/elastic/kibana/issues/196095): Replace {RouteDeprecationInfo} deprecated: true, }, validate: { diff --git a/packages/core/saved-objects/core-saved-objects-server-internal/src/routes/bulk_get.ts b/packages/core/saved-objects/core-saved-objects-server-internal/src/routes/bulk_get.ts index 95fd9f5eab10a9..3f87ca12248ae9 100644 --- a/packages/core/saved-objects/core-saved-objects-server-internal/src/routes/bulk_get.ts +++ b/packages/core/saved-objects/core-saved-objects-server-internal/src/routes/bulk_get.ts @@ -38,6 +38,7 @@ export const registerBulkGetRoute = ( summary: `Get saved objects`, tags: ['oas-tag:saved objects'], access, + // @ts-expect-error TODO(https://github.com/elastic/kibana/issues/196095): Replace {RouteDeprecationInfo} deprecated: true, }, validate: { diff --git a/packages/core/saved-objects/core-saved-objects-server-internal/src/routes/bulk_resolve.ts b/packages/core/saved-objects/core-saved-objects-server-internal/src/routes/bulk_resolve.ts index d6b74131fb74d1..8e19114e798e0d 100644 --- a/packages/core/saved-objects/core-saved-objects-server-internal/src/routes/bulk_resolve.ts +++ b/packages/core/saved-objects/core-saved-objects-server-internal/src/routes/bulk_resolve.ts @@ -38,6 +38,7 @@ export const registerBulkResolveRoute = ( summary: `Resolve saved objects`, tags: ['oas-tag:saved objects'], access, + // @ts-expect-error TODO(https://github.com/elastic/kibana/issues/196095): Replace {RouteDeprecationInfo} deprecated: true, description: `Retrieve multiple Kibana saved objects by ID, using any legacy URL aliases if they exist. Under certain circumstances, when Kibana is upgraded, saved object migrations may necessitate regenerating some object IDs to enable new features. When an object's ID is regenerated, a legacy URL alias is created for that object, preserving its old ID. In such a scenario, that object can be retrieved with the bulk resolve API using either its new ID or its old ID.`, diff --git a/packages/core/saved-objects/core-saved-objects-server-internal/src/routes/bulk_update.ts b/packages/core/saved-objects/core-saved-objects-server-internal/src/routes/bulk_update.ts index 7a7ec340d98ca4..825a5f95482c06 100644 --- a/packages/core/saved-objects/core-saved-objects-server-internal/src/routes/bulk_update.ts +++ b/packages/core/saved-objects/core-saved-objects-server-internal/src/routes/bulk_update.ts @@ -38,6 +38,7 @@ export const registerBulkUpdateRoute = ( summary: `Update saved objects`, tags: ['oas-tag:saved objects'], access, + // @ts-expect-error TODO(https://github.com/elastic/kibana/issues/196095): Replace {RouteDeprecationInfo} deprecated: true, }, validate: { diff --git a/packages/core/saved-objects/core-saved-objects-server-internal/src/routes/create.ts b/packages/core/saved-objects/core-saved-objects-server-internal/src/routes/create.ts index c8bfd4c0feaf96..57f4a10ed93779 100644 --- a/packages/core/saved-objects/core-saved-objects-server-internal/src/routes/create.ts +++ b/packages/core/saved-objects/core-saved-objects-server-internal/src/routes/create.ts @@ -38,6 +38,7 @@ export const registerCreateRoute = ( summary: `Create a saved object`, tags: ['oas-tag:saved objects'], access, + // @ts-expect-error TODO(https://github.com/elastic/kibana/issues/196095): Replace {RouteDeprecationInfo} deprecated: true, }, validate: { diff --git a/packages/core/saved-objects/core-saved-objects-server-internal/src/routes/delete.ts b/packages/core/saved-objects/core-saved-objects-server-internal/src/routes/delete.ts index 7ef8aac3fa1b10..69287821d80498 100644 --- a/packages/core/saved-objects/core-saved-objects-server-internal/src/routes/delete.ts +++ b/packages/core/saved-objects/core-saved-objects-server-internal/src/routes/delete.ts @@ -38,6 +38,7 @@ export const registerDeleteRoute = ( summary: `Delete a saved object`, tags: ['oas-tag:saved objects'], access, + // @ts-expect-error TODO(https://github.com/elastic/kibana/issues/196095): Replace {RouteDeprecationInfo} deprecated: true, }, validate: { diff --git a/packages/core/saved-objects/core-saved-objects-server-internal/src/routes/find.ts b/packages/core/saved-objects/core-saved-objects-server-internal/src/routes/find.ts index ac3b0555a7694f..884ba1ed5c423f 100644 --- a/packages/core/saved-objects/core-saved-objects-server-internal/src/routes/find.ts +++ b/packages/core/saved-objects/core-saved-objects-server-internal/src/routes/find.ts @@ -42,6 +42,7 @@ export const registerFindRoute = ( summary: `Search for saved objects`, tags: ['oas-tag:saved objects'], access, + // @ts-expect-error TODO(https://github.com/elastic/kibana/issues/196095): Replace {RouteDeprecationInfo} deprecated: true, }, validate: { diff --git a/packages/core/saved-objects/core-saved-objects-server-internal/src/routes/get.ts b/packages/core/saved-objects/core-saved-objects-server-internal/src/routes/get.ts index 9784ef1c79ff44..9fe3aa8ff20c71 100644 --- a/packages/core/saved-objects/core-saved-objects-server-internal/src/routes/get.ts +++ b/packages/core/saved-objects/core-saved-objects-server-internal/src/routes/get.ts @@ -38,6 +38,7 @@ export const registerGetRoute = ( summary: `Get a saved object`, tags: ['oas-tag:saved objects'], access, + // @ts-expect-error TODO(https://github.com/elastic/kibana/issues/196095): Replace {RouteDeprecationInfo} deprecated: true, }, validate: { diff --git a/packages/core/saved-objects/core-saved-objects-server-internal/src/routes/resolve.ts b/packages/core/saved-objects/core-saved-objects-server-internal/src/routes/resolve.ts index 295acacc0ba0e5..28a6c82e9ffdfe 100644 --- a/packages/core/saved-objects/core-saved-objects-server-internal/src/routes/resolve.ts +++ b/packages/core/saved-objects/core-saved-objects-server-internal/src/routes/resolve.ts @@ -34,6 +34,7 @@ export const registerResolveRoute = ( summary: `Resolve a saved object`, tags: ['oas-tag:saved objects'], access, + // @ts-expect-error TODO(https://github.com/elastic/kibana/issues/196095): Replace {RouteDeprecationInfo} deprecated: true, description: `Retrieve a single Kibana saved object by ID, using any legacy URL alias if it exists. Under certain circumstances, when Kibana is upgraded, saved object migrations may necessitate regenerating some object IDs to enable new features. When an object's ID is regenerated, a legacy URL alias is created for that object, preserving its old ID. In such a scenario, that object can be retrieved with the resolve API using either its new ID or its old ID.`, diff --git a/packages/core/saved-objects/core-saved-objects-server-internal/src/routes/update.ts b/packages/core/saved-objects/core-saved-objects-server-internal/src/routes/update.ts index 9eeea40a29b683..cfedc3ce03d2ac 100644 --- a/packages/core/saved-objects/core-saved-objects-server-internal/src/routes/update.ts +++ b/packages/core/saved-objects/core-saved-objects-server-internal/src/routes/update.ts @@ -39,6 +39,7 @@ export const registerUpdateRoute = ( summary: `Update a saved object`, tags: ['oas-tag:saved objects'], access, + // @ts-expect-error TODO(https://github.com/elastic/kibana/issues/196095): Replace {RouteDeprecationInfo} deprecated: true, }, validate: { diff --git a/packages/core/ui-settings/core-ui-settings-browser-internal/src/ui_settings_client_common.ts b/packages/core/ui-settings/core-ui-settings-browser-internal/src/ui_settings_client_common.ts index 32740c6a6fbe7b..6ece79b0a675c4 100644 --- a/packages/core/ui-settings/core-ui-settings-browser-internal/src/ui_settings_client_common.ts +++ b/packages/core/ui-settings/core-ui-settings-browser-internal/src/ui_settings_client_common.ts @@ -38,7 +38,11 @@ export abstract class UiSettingsClientCommon implements IUiSettingsClient { constructor(params: UiSettingsClientParams) { this.api = params.api; this.defaults = cloneDeep(params.defaults); - this.cache = defaultsDeep({}, this.defaults, cloneDeep(params.initialSettings)); + this.cache = defaultsDeep( + Object.create(null), + this.defaults, + cloneDeep(params.initialSettings) + ); params.done$.subscribe({ complete: () => { @@ -102,7 +106,10 @@ You can use \`IUiSettingsClient.get("${key}", defaultValue)\`, which will just r } isDeclared(key: string) { - return key in this.cache; + return ( + // @ts-ignore + (key !== '__proto__' || key !== 'constructor' || key !== 'prototype') && key in this.cache + ); } isDefault(key: string) { diff --git a/packages/core/usage-data/core-usage-data-base-server-internal/src/usage_stats_client.ts b/packages/core/usage-data/core-usage-data-base-server-internal/src/usage_stats_client.ts index 649e972af2abce..044fb683fb69a7 100644 --- a/packages/core/usage-data/core-usage-data-base-server-internal/src/usage_stats_client.ts +++ b/packages/core/usage-data/core-usage-data-base-server-internal/src/usage_stats_client.ts @@ -8,7 +8,7 @@ */ import type { KibanaRequest } from '@kbn/core-http-server'; -import type { CoreUsageStats } from '@kbn/core-usage-data-server'; +import type { CoreUsageStats, CoreDeprecatedApiUsageStats } from '@kbn/core-usage-data-server'; /** @internal */ export interface BaseIncrementOptions { @@ -38,6 +38,13 @@ export type IncrementSavedObjectsExportOptions = BaseIncrementOptions & { export interface ICoreUsageStatsClient { getUsageStats(): Promise; + getDeprecatedApiUsageStats(): Promise; + + incrementDeprecatedApi( + counterName: string, + options: { resolved?: boolean; incrementBy?: number } + ): Promise; + incrementSavedObjectsBulkCreate(options: BaseIncrementOptions): Promise; incrementSavedObjectsBulkGet(options: BaseIncrementOptions): Promise; diff --git a/packages/core/usage-data/core-usage-data-server-internal/src/core_usage_data_service.ts b/packages/core/usage-data/core-usage-data-server-internal/src/core_usage_data_service.ts index 2a10e06567d020..7ac7cbb7fbb579 100644 --- a/packages/core/usage-data/core-usage-data-server-internal/src/core_usage_data_service.ts +++ b/packages/core/usage-data/core-usage-data-server-internal/src/core_usage_data_service.ts @@ -37,6 +37,7 @@ import type { CoreConfigUsageData, CoreIncrementCounterParams, CoreUsageCounter, + DeprecatedApiUsageFetcher, } from '@kbn/core-usage-data-server'; import { CORE_USAGE_STATS_TYPE, @@ -48,6 +49,7 @@ import { type SavedObjectsServiceStart, } from '@kbn/core-saved-objects-server'; +import { ISavedObjectsRepository } from '@kbn/core-saved-objects-api-server'; import { isConfigured } from './is_configured'; import { coreUsageStatsType } from './saved_objects'; import { CoreUsageStatsClient } from './core_usage_stats_client'; @@ -88,6 +90,7 @@ export class CoreUsageDataService private coreUsageStatsClient?: CoreUsageStatsClient; private deprecatedConfigPaths: ChangedDeprecatedPaths = { set: [], unset: [] }; private incrementUsageCounter: CoreIncrementUsageCounter = () => {}; // Initially set to noop + private deprecatedApiUsageFetcher: DeprecatedApiUsageFetcher = async () => []; // Initially set to noop constructor(core: CoreContext) { this.logger = core.logger.get('core-usage-stats-service'); @@ -513,12 +516,21 @@ export class CoreUsageDataService } }; + const registerDeprecatedUsageFetch = (fetchFn: DeprecatedApiUsageFetcher) => { + this.deprecatedApiUsageFetcher = fetchFn; + }; + + const fetchDeprecatedUsageStats = (params: { soClient: ISavedObjectsRepository }) => { + return this.deprecatedApiUsageFetcher(params); + }; + this.coreUsageStatsClient = new CoreUsageStatsClient({ debugLogger: (message: string) => this.logger.debug(message), basePath: http.basePath, repositoryPromise: internalRepositoryPromise, stop$: this.stop$, incrementUsageCounter, + fetchDeprecatedUsageStats, }); const contract: InternalCoreUsageDataSetup = { @@ -526,6 +538,7 @@ export class CoreUsageDataService getClient: () => this.coreUsageStatsClient!, registerUsageCounter, incrementUsageCounter, + registerDeprecatedUsageFetch, }; return contract; diff --git a/packages/core/usage-data/core-usage-data-server-internal/src/core_usage_stats_client.test.ts b/packages/core/usage-data/core-usage-data-server-internal/src/core_usage_stats_client.test.ts index 948332c71f59ad..9702e4b512345f 100644 --- a/packages/core/usage-data/core-usage-data-server-internal/src/core_usage_stats_client.test.ts +++ b/packages/core/usage-data/core-usage-data-server-internal/src/core_usage_stats_client.test.ts @@ -52,6 +52,7 @@ describe('CoreUsageStatsClient', () => { debugLogger: debugLoggerMock, basePath: basePathMock, repositoryPromise: Promise.resolve(repositoryMock), + fetchDeprecatedUsageStats: jest.fn(), stop$, incrementUsageCounter: incrementUsageCounterMock, }); diff --git a/packages/core/usage-data/core-usage-data-server-internal/src/core_usage_stats_client.ts b/packages/core/usage-data/core-usage-data-server-internal/src/core_usage_stats_client.ts index 67ab6d9b30c9c7..69eba9e1abf231 100644 --- a/packages/core/usage-data/core-usage-data-server-internal/src/core_usage_stats_client.ts +++ b/packages/core/usage-data/core-usage-data-server-internal/src/core_usage_stats_client.ts @@ -37,6 +37,7 @@ import { takeUntil, tap, } from 'rxjs'; +import type { DeprecatedApiUsageFetcher } from '@kbn/core-usage-data-server'; export const BULK_CREATE_STATS_PREFIX = 'apiCalls.savedObjectsBulkCreate'; export const BULK_GET_STATS_PREFIX = 'apiCalls.savedObjectsBulkGet'; @@ -108,6 +109,16 @@ export interface CoreUsageEvent { types?: string[]; } +/** + * Interface that models core events triggered by API deprecations. (e.g. SO HTTP API calls) + * @internal + */ +export interface CoreUsageDeprecatedApiEvent { + id: string; + resolved: boolean; + incrementBy: number; +} + /** @internal */ export interface CoreUsageStatsClientParams { debugLogger: (message: string) => void; @@ -116,6 +127,7 @@ export interface CoreUsageStatsClientParams { stop$: Observable; incrementUsageCounter: (params: CoreIncrementCounterParams) => void; bufferTimeMs?: number; + fetchDeprecatedUsageStats: DeprecatedApiUsageFetcher; } /** @internal */ @@ -126,6 +138,8 @@ export class CoreUsageStatsClient implements ICoreUsageStatsClient { private readonly fieldsToIncrement$ = new Subject(); private readonly flush$ = new Subject(); private readonly coreUsageEvents$ = new Subject(); + private readonly coreUsageDeprecatedApiCalls$ = new Subject(); + private readonly fetchDeprecatedUsageStats: DeprecatedApiUsageFetcher; constructor({ debugLogger, @@ -134,10 +148,12 @@ export class CoreUsageStatsClient implements ICoreUsageStatsClient { stop$, incrementUsageCounter, bufferTimeMs = DEFAULT_BUFFER_TIME_MS, + fetchDeprecatedUsageStats, }: CoreUsageStatsClientParams) { this.debugLogger = debugLogger; this.basePath = basePath; this.repositoryPromise = repositoryPromise; + this.fetchDeprecatedUsageStats = fetchDeprecatedUsageStats; this.fieldsToIncrement$ .pipe( takeUntil(stop$), @@ -180,6 +196,28 @@ export class CoreUsageStatsClient implements ICoreUsageStatsClient { ) .subscribe(); + this.coreUsageDeprecatedApiCalls$ + .pipe( + takeUntil(stop$), + tap(({ id, incrementBy, resolved }) => { + incrementUsageCounter({ + counterName: id, + counterType: `deprecated_api_call:${resolved ? 'resolved' : 'total'}`, + incrementBy, + }); + + if (resolved) { + // increment number of times the marked_as_resolve has been called + incrementUsageCounter({ + counterName: id, + counterType: 'deprecated_api_call:marked_as_resolved', + incrementBy: 1, + }); + } + }) + ) + .subscribe(); + this.coreUsageEvents$ .pipe( takeUntil(stop$), @@ -215,6 +253,20 @@ export class CoreUsageStatsClient implements ICoreUsageStatsClient { return coreUsageStats; } + public async incrementDeprecatedApi( + id: string, + { resolved = false, incrementBy = 1 }: { resolved: boolean; incrementBy: number } + ) { + const deprecatedField = resolved ? 'deprecated_api_calls_resolved' : 'deprecated_api_calls'; + this.coreUsageDeprecatedApiCalls$.next({ id, resolved, incrementBy }); + this.fieldsToIncrement$.next([`${deprecatedField}.total`]); + } + + public async getDeprecatedApiUsageStats() { + const repository = await this.repositoryPromise; + return await this.fetchDeprecatedUsageStats({ soClient: repository }); + } + public async incrementSavedObjectsBulkCreate(options: BaseIncrementOptions) { await this.updateUsageStats([], BULK_CREATE_STATS_PREFIX, options); } diff --git a/packages/core/usage-data/core-usage-data-server-mocks/src/core_usage_data_service.mock.ts b/packages/core/usage-data/core-usage-data-server-mocks/src/core_usage_data_service.mock.ts index c85aee50653d24..57628901c1a605 100644 --- a/packages/core/usage-data/core-usage-data-server-mocks/src/core_usage_data_service.mock.ts +++ b/packages/core/usage-data/core-usage-data-server-mocks/src/core_usage_data_service.mock.ts @@ -17,6 +17,7 @@ import { coreUsageStatsClientMock } from './core_usage_stats_client.mock'; const createSetupContractMock = (usageStatsClient = coreUsageStatsClientMock.create()) => { const setupContract: jest.Mocked = { registerType: jest.fn(), + registerDeprecatedUsageFetch: jest.fn(), getClient: jest.fn().mockReturnValue(usageStatsClient), registerUsageCounter: jest.fn(), incrementUsageCounter: jest.fn(), diff --git a/packages/core/usage-data/core-usage-data-server-mocks/src/core_usage_stats_client.mock.ts b/packages/core/usage-data/core-usage-data-server-mocks/src/core_usage_stats_client.mock.ts index f6b11204ca040e..8896e9066ef782 100644 --- a/packages/core/usage-data/core-usage-data-server-mocks/src/core_usage_stats_client.mock.ts +++ b/packages/core/usage-data/core-usage-data-server-mocks/src/core_usage_stats_client.mock.ts @@ -12,6 +12,7 @@ import type { ICoreUsageStatsClient } from '@kbn/core-usage-data-base-server-int const createUsageStatsClientMock = () => ({ getUsageStats: jest.fn().mockResolvedValue({}), + getDeprecatedApiUsageStats: jest.fn().mockResolvedValue([]), incrementSavedObjectsBulkCreate: jest.fn().mockResolvedValue(null), incrementSavedObjectsBulkGet: jest.fn().mockResolvedValue(null), incrementSavedObjectsBulkResolve: jest.fn().mockResolvedValue(null), diff --git a/packages/core/usage-data/core-usage-data-server/index.ts b/packages/core/usage-data/core-usage-data-server/index.ts index 77fb0b10667503..45ed369ca83816 100644 --- a/packages/core/usage-data/core-usage-data-server/index.ts +++ b/packages/core/usage-data/core-usage-data-server/index.ts @@ -19,4 +19,6 @@ export type { CoreConfigUsageData, CoreServicesUsageData, CoreUsageStats, + CoreDeprecatedApiUsageStats, + DeprecatedApiUsageFetcher, } from './src'; diff --git a/packages/core/usage-data/core-usage-data-server/src/core_usage_stats.ts b/packages/core/usage-data/core-usage-data-server/src/core_usage_stats.ts index 36409a097129c5..39df9d30d19c96 100644 --- a/packages/core/usage-data/core-usage-data-server/src/core_usage_stats.ts +++ b/packages/core/usage-data/core-usage-data-server/src/core_usage_stats.ts @@ -146,3 +146,16 @@ export interface CoreUsageStats { 'savedObjectsRepository.resolvedOutcome.notFound'?: number; 'savedObjectsRepository.resolvedOutcome.total'?: number; } + +/** + * @public + * + * CoreDeprecatedApiUsageStats are collected over time while Kibana is running. + */ +export interface CoreDeprecatedApiUsageStats { + apiId: string; + totalMarkedAsResolved: number; + markedAsResolvedLastCalledAt: string; + apiTotalCalls: number; + apiLastCalledAt: string; +} diff --git a/packages/core/usage-data/core-usage-data-server/src/index.ts b/packages/core/usage-data/core-usage-data-server/src/index.ts index 01cd52adbe9868..05d0f025000536 100644 --- a/packages/core/usage-data/core-usage-data-server/src/index.ts +++ b/packages/core/usage-data/core-usage-data-server/src/index.ts @@ -12,11 +12,12 @@ export type { CoreEnvironmentUsageData, CoreConfigUsageData, } from './core_usage_data'; -export type { CoreUsageStats } from './core_usage_stats'; +export type { CoreUsageStats, CoreDeprecatedApiUsageStats } from './core_usage_stats'; export type { CoreUsageDataSetup, CoreUsageCounter, CoreIncrementUsageCounter, CoreIncrementCounterParams, + DeprecatedApiUsageFetcher, } from './setup_contract'; export type { CoreUsageData, ConfigUsageData, CoreUsageDataStart } from './start_contract'; diff --git a/packages/core/usage-data/core-usage-data-server/src/setup_contract.ts b/packages/core/usage-data/core-usage-data-server/src/setup_contract.ts index bd87563792e6d1..30ed7edb6ce1d0 100644 --- a/packages/core/usage-data/core-usage-data-server/src/setup_contract.ts +++ b/packages/core/usage-data/core-usage-data-server/src/setup_contract.ts @@ -7,12 +7,12 @@ * License v3.0 only", or the "Server Side Public License, v 1". */ +import type { ISavedObjectsRepository } from '@kbn/core-saved-objects-api-server'; +import type { CoreDeprecatedApiUsageStats } from './core_usage_stats'; + /** * Internal API for registering the Usage Tracker used for Core's usage data payload. * - * @note This API should never be used to drive application logic and is only - * intended for telemetry purposes. - * * @public */ export interface CoreUsageDataSetup { @@ -21,6 +21,7 @@ export interface CoreUsageDataSetup { * when tracking events. */ registerUsageCounter: (usageCounter: CoreUsageCounter) => void; + registerDeprecatedUsageFetch: (fetchFn: DeprecatedApiUsageFetcher) => void; } /** @@ -49,3 +50,11 @@ export interface CoreIncrementCounterParams { * Method to call whenever an event occurs, so the counter can be increased. */ export type CoreIncrementUsageCounter = (params: CoreIncrementCounterParams) => void; + +/** + * @public + * Registers the deprecated API fetcher to be called to grab all the deprecated API usage details. + */ +export type DeprecatedApiUsageFetcher = (params: { + soClient: ISavedObjectsRepository; +}) => Promise; diff --git a/packages/core/usage-data/core-usage-data-server/tsconfig.json b/packages/core/usage-data/core-usage-data-server/tsconfig.json index 77d0aa6ade3b14..83abb04d150ac6 100644 --- a/packages/core/usage-data/core-usage-data-server/tsconfig.json +++ b/packages/core/usage-data/core-usage-data-server/tsconfig.json @@ -12,5 +12,8 @@ ], "exclude": [ "target/**/*", + ], + "kbn_references": [ + "@kbn/core-saved-objects-api-server", ] } diff --git a/packages/deeplinks/search/constants.ts b/packages/deeplinks/search/constants.ts index c4a598145c87c6..a2a17b20efba8e 100644 --- a/packages/deeplinks/search/constants.ts +++ b/packages/deeplinks/search/constants.ts @@ -9,7 +9,7 @@ export const ENTERPRISE_SEARCH_APP_ID = 'enterpriseSearch'; export const ENTERPRISE_SEARCH_CONTENT_APP_ID = 'enterpriseSearchContent'; -export const ENTERPRISE_SEARCH_RELEVANCE_APP_ID = 'enterpriseSearchRelevance'; +export const ENTERPRISE_SEARCH_RELEVANCE_APP_ID = 'searchInferenceEndpoints'; export const ENTERPRISE_SEARCH_APPLICATIONS_APP_ID = 'enterpriseSearchApplications'; export const ENTERPRISE_SEARCH_ANALYTICS_APP_ID = 'enterpriseSearchAnalytics'; export const ENTERPRISE_SEARCH_APPSEARCH_APP_ID = 'appSearch'; diff --git a/packages/kbn-apm-synthtrace-client/src/lib/entities/container_entity.ts b/packages/kbn-apm-synthtrace-client/src/lib/entities/container_entity.ts index 3f408ca16857b3..d7f34d7e9e4846 100644 --- a/packages/kbn-apm-synthtrace-client/src/lib/entities/container_entity.ts +++ b/packages/kbn-apm-synthtrace-client/src/lib/entities/container_entity.ts @@ -15,8 +15,8 @@ class ContainerEntity extends Serializable { super({ ...fields, 'entity.type': 'container', - 'entity.definitionId': 'builtin_containers_from_ecs_data', - 'entity.identityFields': ['container.id'], + 'entity.definition_id': 'builtin_containers_from_ecs_data', + 'entity.identity_fields': ['container.id'], }); } } @@ -36,7 +36,7 @@ export function containerEntity({ 'source_data_stream.type': dataStreamType, 'agent.name': agentName, 'container.id': containerId, - 'entity.displayName': containerId, + 'entity.display_name': containerId, 'entity.id': entityId, }); } diff --git a/packages/kbn-apm-synthtrace-client/src/lib/entities/host_entity.ts b/packages/kbn-apm-synthtrace-client/src/lib/entities/host_entity.ts index 3077e8bae64142..c2c0330bb03ca5 100644 --- a/packages/kbn-apm-synthtrace-client/src/lib/entities/host_entity.ts +++ b/packages/kbn-apm-synthtrace-client/src/lib/entities/host_entity.ts @@ -15,8 +15,8 @@ class HostEntity extends Serializable { super({ ...fields, 'entity.type': 'host', - 'entity.definitionId': 'builtin_hosts_from_ecs_data', - 'entity.identityFields': ['host.name'], + 'entity.definition_id': 'builtin_hosts_from_ecs_data', + 'entity.identity_fields': ['host.name'], }); } } @@ -36,7 +36,7 @@ export function hostEntity({ 'source_data_stream.type': dataStreamType, 'agent.name': agentName, 'host.name': hostName, - 'entity.displayName': hostName, + 'entity.display_name': hostName, 'entity.id': entityId, }); } diff --git a/packages/kbn-apm-synthtrace-client/src/lib/entities/index.ts b/packages/kbn-apm-synthtrace-client/src/lib/entities/index.ts index 10cf982ff41ee1..8665ef0120e254 100644 --- a/packages/kbn-apm-synthtrace-client/src/lib/entities/index.ts +++ b/packages/kbn-apm-synthtrace-client/src/lib/entities/index.ts @@ -11,8 +11,19 @@ import { Fields } from '../entity'; import { serviceEntity } from './service_entity'; import { hostEntity } from './host_entity'; import { containerEntity } from './container_entity'; +import { k8sClusterJobEntity } from './kubernetes/cluster_entity'; +import { k8sCronJobEntity } from './kubernetes/cron_job_entity'; +import { k8sDaemonSetEntity } from './kubernetes/daemon_set_entity'; +import { k8sDeploymentEntity } from './kubernetes/deployment_entity'; +import { k8sJobSetEntity } from './kubernetes/job_set_entity'; +import { k8sNodeEntity } from './kubernetes/node_entity'; +import { k8sPodEntity } from './kubernetes/pod_entity'; +import { k8sReplicaSetEntity } from './kubernetes/replica_set'; +import { k8sStatefulSetEntity } from './kubernetes/stateful_set'; +import { k8sContainerEntity } from './kubernetes/container_entity'; export type EntityDataStreamType = 'metrics' | 'logs' | 'traces'; +export type Schema = 'ecs' | 'semconv'; export type EntityFields = Fields & Partial<{ @@ -20,16 +31,32 @@ export type EntityFields = Fields & 'source_data_stream.type': string | string[]; 'source_data_stream.dataset': string | string[]; 'event.ingested': string; - sourceIndex: string; - 'entity.lastSeenTimestamp': string; - 'entity.schemaVersion': string; - 'entity.definitionVersion': string; - 'entity.displayName': string; - 'entity.identityFields': string | string[]; + source_index: string; + 'entity.last_seen_timestamp': string; + 'entity.schema_version': string; + 'entity.definition_version': string; + 'entity.display_name': string; + 'entity.identity_fields': string | string[]; 'entity.id': string; 'entity.type': string; - 'entity.definitionId': string; + 'entity.definition_id': string; [key: string]: any; }>; -export const entities = { serviceEntity, hostEntity, containerEntity }; +export const entities = { + serviceEntity, + hostEntity, + containerEntity, + k8s: { + k8sClusterJobEntity, + k8sCronJobEntity, + k8sDaemonSetEntity, + k8sDeploymentEntity, + k8sJobSetEntity, + k8sNodeEntity, + k8sPodEntity, + k8sReplicaSetEntity, + k8sStatefulSetEntity, + k8sContainerEntity, + }, +}; diff --git a/packages/kbn-apm-synthtrace-client/src/lib/entities/kubernetes/cluster_entity.ts b/packages/kbn-apm-synthtrace-client/src/lib/entities/kubernetes/cluster_entity.ts new file mode 100644 index 00000000000000..9fa4c81d86ffbf --- /dev/null +++ b/packages/kbn-apm-synthtrace-client/src/lib/entities/kubernetes/cluster_entity.ts @@ -0,0 +1,39 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the "Elastic License + * 2.0", the "GNU Affero General Public License v3.0 only", and the "Server Side + * Public License v 1"; you may not use this file except in compliance with, at + * your election, the "Elastic License 2.0", the "GNU Affero General Public + * License v3.0 only", or the "Server Side Public License, v 1". + */ + +import { Schema } from '..'; +import { K8sEntity } from '.'; + +export function k8sClusterJobEntity({ + schema, + name, + entityId, + ...others +}: { + schema: Schema; + name: string; + entityId: string; + [key: string]: any; +}) { + if (schema === 'ecs') { + return new K8sEntity(schema, { + 'entity.type': 'cluster', + 'orchestrator.cluster.name': name, + 'entity.id': entityId, + ...others, + }); + } + + return new K8sEntity(schema, { + 'entity.type': 'cluster', + 'k8s.cluster.uid': name, + 'entity.id': entityId, + ...others, + }); +} diff --git a/packages/kbn-apm-synthtrace-client/src/lib/entities/kubernetes/container_entity.ts b/packages/kbn-apm-synthtrace-client/src/lib/entities/kubernetes/container_entity.ts new file mode 100644 index 00000000000000..b05d412b0dd5c8 --- /dev/null +++ b/packages/kbn-apm-synthtrace-client/src/lib/entities/kubernetes/container_entity.ts @@ -0,0 +1,39 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the "Elastic License + * 2.0", the "GNU Affero General Public License v3.0 only", and the "Server Side + * Public License v 1"; you may not use this file except in compliance with, at + * your election, the "Elastic License 2.0", the "GNU Affero General Public + * License v3.0 only", or the "Server Side Public License, v 1". + */ + +import { Schema } from '..'; +import { K8sEntity } from '.'; + +export function k8sContainerEntity({ + schema, + id, + entityId, + ...others +}: { + schema: Schema; + id: string; + entityId: string; + [key: string]: any; +}) { + if (schema === 'ecs') { + return new K8sEntity(schema, { + 'entity.type': 'container', + 'kubernetes.container.id': id, + 'entity.id': entityId, + ...others, + }); + } + + return new K8sEntity(schema, { + 'entity.type': 'container', + 'container.id': id, + 'entity.id': entityId, + ...others, + }); +} diff --git a/packages/kbn-apm-synthtrace-client/src/lib/entities/kubernetes/cron_job_entity.ts b/packages/kbn-apm-synthtrace-client/src/lib/entities/kubernetes/cron_job_entity.ts new file mode 100644 index 00000000000000..8590378e699fb0 --- /dev/null +++ b/packages/kbn-apm-synthtrace-client/src/lib/entities/kubernetes/cron_job_entity.ts @@ -0,0 +1,47 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the "Elastic License + * 2.0", the "GNU Affero General Public License v3.0 only", and the "Server Side + * Public License v 1"; you may not use this file except in compliance with, at + * your election, the "Elastic License 2.0", the "GNU Affero General Public + * License v3.0 only", or the "Server Side Public License, v 1". + */ + +import { Schema } from '..'; +import { K8sEntity } from '.'; + +export function k8sCronJobEntity({ + schema, + name, + uid, + clusterName, + entityId, + ...others +}: { + schema: Schema; + name: string; + uid?: string; + clusterName?: string; + entityId: string; + [key: string]: any; +}) { + if (schema === 'ecs') { + return new K8sEntity(schema, { + 'entity.type': 'cron_job', + 'kubernetes.cronjob.name': name, + 'kubernetes.cronjob.uid': uid, + 'kubernetes.namespace': clusterName, + 'entity.id': entityId, + ...others, + }); + } + + return new K8sEntity(schema, { + 'entity.type': 'cron_job', + 'k8s.cronjob.name': name, + 'k8s.cronjob.uid': uid, + 'k8s.cluster.name': clusterName, + 'entity.id': entityId, + ...others, + }); +} diff --git a/packages/kbn-apm-synthtrace-client/src/lib/entities/kubernetes/daemon_set_entity.ts b/packages/kbn-apm-synthtrace-client/src/lib/entities/kubernetes/daemon_set_entity.ts new file mode 100644 index 00000000000000..7e20b1c6d506fd --- /dev/null +++ b/packages/kbn-apm-synthtrace-client/src/lib/entities/kubernetes/daemon_set_entity.ts @@ -0,0 +1,47 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the "Elastic License + * 2.0", the "GNU Affero General Public License v3.0 only", and the "Server Side + * Public License v 1"; you may not use this file except in compliance with, at + * your election, the "Elastic License 2.0", the "GNU Affero General Public + * License v3.0 only", or the "Server Side Public License, v 1". + */ + +import { Schema } from '..'; +import { K8sEntity } from '.'; + +export function k8sDaemonSetEntity({ + schema, + name, + uid, + clusterName, + entityId, + ...others +}: { + schema: Schema; + name: string; + uid?: string; + clusterName?: string; + entityId: string; + [key: string]: any; +}) { + if (schema === 'ecs') { + return new K8sEntity(schema, { + 'entity.type': 'daemon_set', + 'kubernetes.daemonset.name': name, + 'kubernetes.daemonset.uid': uid, + 'kubernetes.namespace': clusterName, + 'entity.id': entityId, + ...others, + }); + } + + return new K8sEntity(schema, { + 'entity.type': 'daemon_set', + 'k8s.daemonset.name': name, + 'k8s.daemonset.uid': uid, + 'k8s.cluster.name': clusterName, + 'entity.id': entityId, + ...others, + }); +} diff --git a/packages/kbn-apm-synthtrace-client/src/lib/entities/kubernetes/deployment_entity.ts b/packages/kbn-apm-synthtrace-client/src/lib/entities/kubernetes/deployment_entity.ts new file mode 100644 index 00000000000000..7eabdd08273251 --- /dev/null +++ b/packages/kbn-apm-synthtrace-client/src/lib/entities/kubernetes/deployment_entity.ts @@ -0,0 +1,47 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the "Elastic License + * 2.0", the "GNU Affero General Public License v3.0 only", and the "Server Side + * Public License v 1"; you may not use this file except in compliance with, at + * your election, the "Elastic License 2.0", the "GNU Affero General Public + * License v3.0 only", or the "Server Side Public License, v 1". + */ + +import { Schema } from '..'; +import { K8sEntity } from '.'; + +export function k8sDeploymentEntity({ + schema, + name, + uid, + clusterName, + entityId, + ...others +}: { + schema: Schema; + name: string; + uid?: string; + clusterName?: string; + entityId: string; + [key: string]: any; +}) { + if (schema === 'ecs') { + return new K8sEntity(schema, { + 'entity.type': 'deployment', + 'kubernetes.deployment.name': name, + 'kubernetes.deployment.uid': uid, + 'kubernetes.namespace': clusterName, + 'entity.id': entityId, + ...others, + }); + } + + return new K8sEntity(schema, { + 'entity.type': 'deployment', + 'k8s.deployment.name': name, + 'k8s.deployment.uid': uid, + 'k8s.cluster.name': clusterName, + 'entity.id': entityId, + ...others, + }); +} diff --git a/packages/kbn-apm-synthtrace-client/src/lib/entities/kubernetes/index.ts b/packages/kbn-apm-synthtrace-client/src/lib/entities/kubernetes/index.ts new file mode 100644 index 00000000000000..36d7f8caf9601e --- /dev/null +++ b/packages/kbn-apm-synthtrace-client/src/lib/entities/kubernetes/index.ts @@ -0,0 +1,76 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the "Elastic License + * 2.0", the "GNU Affero General Public License v3.0 only", and the "Server Side + * Public License v 1"; you may not use this file except in compliance with, at + * your election, the "Elastic License 2.0", the "GNU Affero General Public + * License v3.0 only", or the "Server Side Public License, v 1". + */ + +import type { EntityFields, Schema } from '..'; +import { Serializable } from '../../serializable'; + +const identityFieldsMap: Record> = { + ecs: { + pod: ['kubernetes.pod.name'], + cluster: ['orchestrator.cluster.name'], + cron_job: ['kubernetes.cronjob.name'], + daemon_set: ['kubernetes.daemonset.name'], + deployment: ['kubernetes.deployment.name'], + job: ['kubernetes.job.name'], + node: ['kubernetes.node.name'], + replica_set: ['kubernetes.replicaset.name'], + stateful_set: ['kubernetes.statefulset.name'], + container: ['kubernetes.container.id'], + }, + semconv: { + pod: ['k8s.pod.name'], + cluster: ['k8s.cluster.uid'], + cron_job: ['k8s.cronjob.name'], + daemon_set: ['k8s.daemonset.name'], + deployment: ['k8s.deployment.name'], + job: ['k8s.job.name'], + node: ['k8s.node.uid'], + replica_set: ['k8s.replicaset.name'], + stateful_set: ['k8s.statefulset.name'], + container: ['container.id'], + }, +}; + +export class K8sEntity extends Serializable { + constructor(schema: Schema, fields: EntityFields) { + const entityType = fields['entity.type']; + if (entityType === undefined) { + throw new Error(`Entity type not defined: ${entityType}`); + } + + const entityTypeWithSchema = `kubernetes_${entityType}_${schema}`; + const identityFields = identityFieldsMap[schema][entityType]; + if (identityFields === undefined || identityFields.length === 0) { + throw new Error( + `Identity fields not defined for schema: ${schema} and entity type: ${entityType}` + ); + } + + super({ + ...fields, + 'entity.type': entityTypeWithSchema, + 'entity.definitionId': `builtin_${entityTypeWithSchema}`, + 'entity.identityFields': identityFields, + 'entity.displayName': getDisplayName({ identityFields, fields }), + }); + } +} + +function getDisplayName({ + identityFields, + fields, +}: { + identityFields: string[]; + fields: EntityFields; +}) { + return identityFields + .map((field) => fields[field]) + .filter((_) => _) + .join(':'); +} diff --git a/packages/kbn-apm-synthtrace-client/src/lib/entities/kubernetes/job_set_entity.ts b/packages/kbn-apm-synthtrace-client/src/lib/entities/kubernetes/job_set_entity.ts new file mode 100644 index 00000000000000..e0383563c7266a --- /dev/null +++ b/packages/kbn-apm-synthtrace-client/src/lib/entities/kubernetes/job_set_entity.ts @@ -0,0 +1,47 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the "Elastic License + * 2.0", the "GNU Affero General Public License v3.0 only", and the "Server Side + * Public License v 1"; you may not use this file except in compliance with, at + * your election, the "Elastic License 2.0", the "GNU Affero General Public + * License v3.0 only", or the "Server Side Public License, v 1". + */ + +import { Schema } from '..'; +import { K8sEntity } from '.'; + +export function k8sJobSetEntity({ + schema, + name, + uid, + clusterName, + entityId, + ...others +}: { + schema: Schema; + name: string; + uid?: string; + clusterName?: string; + entityId: string; + [key: string]: any; +}) { + if (schema === 'ecs') { + return new K8sEntity(schema, { + 'entity.type': 'job', + 'kubernetes.job.name': name, + 'kubernetes.job.uid': uid, + 'kubernetes.namespace': clusterName, + 'entity.id': entityId, + ...others, + }); + } + + return new K8sEntity(schema, { + 'entity.type': 'job', + 'k8s.job.name': name, + 'k8s.job.uid': uid, + 'k8s.cluster.name': clusterName, + 'entity.id': entityId, + ...others, + }); +} diff --git a/packages/kbn-apm-synthtrace-client/src/lib/entities/kubernetes/node_entity.ts b/packages/kbn-apm-synthtrace-client/src/lib/entities/kubernetes/node_entity.ts new file mode 100644 index 00000000000000..283df5250d41dc --- /dev/null +++ b/packages/kbn-apm-synthtrace-client/src/lib/entities/kubernetes/node_entity.ts @@ -0,0 +1,46 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the "Elastic License + * 2.0", the "GNU Affero General Public License v3.0 only", and the "Server Side + * Public License v 1"; you may not use this file except in compliance with, at + * your election, the "Elastic License 2.0", the "GNU Affero General Public + * License v3.0 only", or the "Server Side Public License, v 1". + */ + +import { Schema } from '..'; +import { K8sEntity } from '.'; + +export function k8sNodeEntity({ + schema, + name, + uid, + clusterName, + entityId, + ...others +}: { + schema: Schema; + name: string; + uid?: string; + clusterName?: string; + entityId: string; + [key: string]: any; +}) { + if (schema === 'ecs') { + return new K8sEntity(schema, { + 'entity.type': 'node', + 'kubernetes.node.name': name, + 'kubernetes.node.uid': uid, + 'kubernetes.namespace': clusterName, + 'entity.id': entityId, + ...others, + }); + } + + return new K8sEntity(schema, { + 'entity.type': 'node', + 'k8s.node.uid': uid, + 'k8s.cluster.name': clusterName, + 'entity.id': entityId, + ...others, + }); +} diff --git a/packages/kbn-apm-synthtrace-client/src/lib/entities/kubernetes/pod_entity.ts b/packages/kbn-apm-synthtrace-client/src/lib/entities/kubernetes/pod_entity.ts new file mode 100644 index 00000000000000..1b71c4e39a4fc6 --- /dev/null +++ b/packages/kbn-apm-synthtrace-client/src/lib/entities/kubernetes/pod_entity.ts @@ -0,0 +1,47 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the "Elastic License + * 2.0", the "GNU Affero General Public License v3.0 only", and the "Server Side + * Public License v 1"; you may not use this file except in compliance with, at + * your election, the "Elastic License 2.0", the "GNU Affero General Public + * License v3.0 only", or the "Server Side Public License, v 1". + */ + +import { Schema } from '..'; +import { K8sEntity } from '.'; + +export function k8sPodEntity({ + schema, + name, + uid, + clusterName, + entityId, + ...others +}: { + schema: Schema; + name: string; + uid?: string; + clusterName?: string; + entityId: string; + [key: string]: any; +}) { + if (schema === 'ecs') { + return new K8sEntity(schema, { + 'entity.type': 'pod', + 'kubernetes.pod.name': name, + 'kubernetes.pod.uid': uid, + 'kubernetes.namespace': clusterName, + 'entity.id': entityId, + ...others, + }); + } + + return new K8sEntity(schema, { + 'entity.type': 'pod', + 'k8s.pod.name': name, + 'k8s.pod.uid': uid, + 'k8s.cluster.name': clusterName, + 'entity.id': entityId, + ...others, + }); +} diff --git a/packages/kbn-apm-synthtrace-client/src/lib/entities/kubernetes/replica_set.ts b/packages/kbn-apm-synthtrace-client/src/lib/entities/kubernetes/replica_set.ts new file mode 100644 index 00000000000000..fcf20c0530c303 --- /dev/null +++ b/packages/kbn-apm-synthtrace-client/src/lib/entities/kubernetes/replica_set.ts @@ -0,0 +1,47 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the "Elastic License + * 2.0", the "GNU Affero General Public License v3.0 only", and the "Server Side + * Public License v 1"; you may not use this file except in compliance with, at + * your election, the "Elastic License 2.0", the "GNU Affero General Public + * License v3.0 only", or the "Server Side Public License, v 1". + */ + +import { Schema } from '..'; +import { K8sEntity } from '.'; + +export function k8sReplicaSetEntity({ + schema, + name, + uid, + clusterName, + entityId, + ...others +}: { + schema: Schema; + name: string; + uid?: string; + clusterName?: string; + entityId: string; + [key: string]: any; +}) { + if (schema === 'ecs') { + return new K8sEntity(schema, { + 'entity.type': 'replica_set', + 'kubernetes.replicaset.name': name, + 'kubernetes.replicaset.uid': uid, + 'kubernetes.namespace': clusterName, + 'entity.id': entityId, + ...others, + }); + } + + return new K8sEntity(schema, { + 'entity.type': 'replica_set', + 'k8s.replicaset.name': name, + 'k8s.replicaset.uid': uid, + 'k8s.cluster.name': clusterName, + 'entity.id': entityId, + ...others, + }); +} diff --git a/packages/kbn-apm-synthtrace-client/src/lib/entities/kubernetes/stateful_set.ts b/packages/kbn-apm-synthtrace-client/src/lib/entities/kubernetes/stateful_set.ts new file mode 100644 index 00000000000000..58c603704ebc0e --- /dev/null +++ b/packages/kbn-apm-synthtrace-client/src/lib/entities/kubernetes/stateful_set.ts @@ -0,0 +1,47 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the "Elastic License + * 2.0", the "GNU Affero General Public License v3.0 only", and the "Server Side + * Public License v 1"; you may not use this file except in compliance with, at + * your election, the "Elastic License 2.0", the "GNU Affero General Public + * License v3.0 only", or the "Server Side Public License, v 1". + */ + +import { Schema } from '..'; +import { K8sEntity } from '.'; + +export function k8sStatefulSetEntity({ + schema, + name, + uid, + clusterName, + entityId, + ...others +}: { + schema: Schema; + name: string; + uid?: string; + clusterName?: string; + entityId: string; + [key: string]: any; +}) { + if (schema === 'ecs') { + return new K8sEntity(schema, { + 'entity.type': 'stateful_set', + 'kubernetes.statefulset.name': name, + 'kubernetes.statefulset.uid': uid, + 'kubernetes.namespace': clusterName, + 'entity.id': entityId, + ...others, + }); + } + + return new K8sEntity(schema, { + 'entity.type': 'stateful_set', + 'k8s.statefulset.name': name, + 'k8s.statefulset.uid': uid, + 'k8s.cluster.name': clusterName, + 'entity.id': entityId, + ...others, + }); +} diff --git a/packages/kbn-apm-synthtrace-client/src/lib/entities/service_entity.ts b/packages/kbn-apm-synthtrace-client/src/lib/entities/service_entity.ts index 092135c4160e67..e711f2dad223fa 100644 --- a/packages/kbn-apm-synthtrace-client/src/lib/entities/service_entity.ts +++ b/packages/kbn-apm-synthtrace-client/src/lib/entities/service_entity.ts @@ -15,8 +15,8 @@ class ServiceEntity extends Serializable { super({ ...fields, 'entity.type': 'service', - 'entity.definitionId': 'builtin_services_from_ecs_data', - 'entity.identityFields': ['service.name'], + 'entity.definition_id': 'builtin_services_from_ecs_data', + 'entity.identity_fields': ['service.name'], }); } } @@ -36,7 +36,7 @@ export function serviceEntity({ }) { return new ServiceEntity({ 'service.name': serviceName, - 'entity.displayName': serviceName, + 'entity.display_name': serviceName, 'service.environment': environment, 'source_data_stream.type': dataStreamType, 'agent.name': agentName, diff --git a/packages/kbn-apm-synthtrace/src/lib/entities/entities_synthtrace_es_client.ts b/packages/kbn-apm-synthtrace/src/lib/entities/entities_synthtrace_es_client.ts index 684e3efc0f3723..4c5d17111fca61 100644 --- a/packages/kbn-apm-synthtrace/src/lib/entities/entities_synthtrace_es_client.ts +++ b/packages/kbn-apm-synthtrace/src/lib/entities/entities_synthtrace_es_client.ts @@ -62,7 +62,7 @@ function lastSeenTimestampTransform() { const timestamp = document['@timestamp']; if (timestamp) { const isoString = new Date(timestamp).toISOString(); - document['entity.lastSeenTimestamp'] = isoString; + document['entity.last_seen_timestamp'] = isoString; document['event.ingested'] = isoString; delete document['@timestamp']; } @@ -82,7 +82,8 @@ function getRoutingTransform() { const entityIndexName = `${entityType}s`; document._action = { index: { - _index: `.entities.v1.latest.builtin_${entityIndexName}_from_ecs_data`, + _index: + `.entities.v1.latest.builtin_${entityIndexName}_from_ecs_data`.toLocaleLowerCase(), _id: document['entity.id'], }, }; diff --git a/packages/kbn-apm-synthtrace/src/scenarios/k8s_entities.ts b/packages/kbn-apm-synthtrace/src/scenarios/k8s_entities.ts new file mode 100644 index 00000000000000..7d94cc3180a7ea --- /dev/null +++ b/packages/kbn-apm-synthtrace/src/scenarios/k8s_entities.ts @@ -0,0 +1,155 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the "Elastic License + * 2.0", the "GNU Affero General Public License v3.0 only", and the "Server Side + * Public License v 1"; you may not use this file except in compliance with, at + * your election, the "Elastic License 2.0", the "GNU Affero General Public + * License v3.0 only", or the "Server Side Public License, v 1". + */ + +import { EntityFields, entities, generateShortId } from '@kbn/apm-synthtrace-client'; +import { Schema } from '@kbn/apm-synthtrace-client/src/lib/entities'; +import { Scenario } from '../cli/scenario'; +import { withClient } from '../lib/utils/with_client'; + +const CLUSTER_NAME = 'cluster_foo'; + +const CLUSTER_ENTITY_ID = generateShortId(); +const POD_ENTITY_ID = generateShortId(); +const POD_UID = generateShortId(); +const REPLICA_SET_ENTITY_ID = generateShortId(); +const REPLICA_SET_UID = generateShortId(); +const DEPLOYMENT_ENTITY_ID = generateShortId(); +const DEPLOYMENT_UID = generateShortId(); +const STATEFUL_SET_ENTITY_ID = generateShortId(); +const STATEFUL_SET_UID = generateShortId(); +const DAEMON_SET_ENTITY_ID = generateShortId(); +const DAEMON_SET_UID = generateShortId(); +const JOB_SET_ENTITY_ID = generateShortId(); +const JOB_SET_UID = generateShortId(); +const CRON_JOB_ENTITY_ID = generateShortId(); +const CRON_JOB_UID = generateShortId(); +const NODE_ENTITY_ID = generateShortId(); +const NODE_UID = generateShortId(); + +const scenario: Scenario> = async (runOptions) => { + const { logger } = runOptions; + + return { + bootstrap: async ({ entitiesKibanaClient }) => { + await entitiesKibanaClient.installEntityIndexPatterns(); + }, + generate: ({ range, clients: { entitiesEsClient } }) => { + const getK8sEntitiesEvents = (schema: Schema) => + range + .interval('1m') + .rate(1) + .generator((timestamp) => { + return [ + entities.k8s + .k8sClusterJobEntity({ + schema, + name: CLUSTER_NAME, + entityId: CLUSTER_ENTITY_ID, + }) + .timestamp(timestamp), + entities.k8s + .k8sPodEntity({ + schema, + clusterName: CLUSTER_NAME, + name: 'pod_foo', + uid: POD_UID, + entityId: POD_ENTITY_ID, + }) + .timestamp(timestamp), + entities.k8s + .k8sReplicaSetEntity({ + clusterName: CLUSTER_NAME, + name: 'replica_set_foo', + schema, + uid: REPLICA_SET_UID, + entityId: REPLICA_SET_ENTITY_ID, + }) + .timestamp(timestamp), + entities.k8s + .k8sDeploymentEntity({ + clusterName: CLUSTER_NAME, + name: 'deployment_foo', + schema, + uid: DEPLOYMENT_UID, + entityId: DEPLOYMENT_ENTITY_ID, + }) + .timestamp(timestamp), + entities.k8s + .k8sStatefulSetEntity({ + clusterName: CLUSTER_NAME, + name: 'stateful_set_foo', + schema, + uid: STATEFUL_SET_UID, + entityId: STATEFUL_SET_ENTITY_ID, + }) + .timestamp(timestamp), + entities.k8s + .k8sDaemonSetEntity({ + clusterName: CLUSTER_NAME, + name: 'daemon_set_foo', + schema, + uid: DAEMON_SET_UID, + entityId: DAEMON_SET_ENTITY_ID, + }) + .timestamp(timestamp), + entities.k8s + .k8sJobSetEntity({ + clusterName: CLUSTER_NAME, + name: 'job_set_foo', + schema, + uid: JOB_SET_UID, + entityId: JOB_SET_ENTITY_ID, + }) + .timestamp(timestamp), + entities.k8s + .k8sCronJobEntity({ + clusterName: CLUSTER_NAME, + name: 'cron_job_foo', + schema, + uid: CRON_JOB_UID, + entityId: CRON_JOB_ENTITY_ID, + }) + .timestamp(timestamp), + entities.k8s + .k8sNodeEntity({ + clusterName: CLUSTER_NAME, + name: 'node_job_foo', + schema, + uid: NODE_UID, + entityId: NODE_ENTITY_ID, + }) + .timestamp(timestamp), + entities.k8s + .k8sContainerEntity({ + id: '123', + schema, + entityId: NODE_ENTITY_ID, + }) + .timestamp(timestamp), + ]; + }); + + const ecsEntities = getK8sEntitiesEvents('ecs'); + const otelEntities = getK8sEntitiesEvents('semconv'); + + return [ + withClient( + entitiesEsClient, + logger.perf('generating_entities_ecs_events', () => ecsEntities) + ), + withClient( + entitiesEsClient, + logger.perf('generating_entities_otel_events', () => otelEntities) + ), + ]; + }, + }; +}; + +export default scenario; diff --git a/packages/kbn-apm-synthtrace/src/scenarios/many_entities.ts b/packages/kbn-apm-synthtrace/src/scenarios/many_entities.ts new file mode 100644 index 00000000000000..8b0d2afa5a9711 --- /dev/null +++ b/packages/kbn-apm-synthtrace/src/scenarios/many_entities.ts @@ -0,0 +1,185 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the "Elastic License + * 2.0", the "GNU Affero General Public License v3.0 only", and the "Server Side + * Public License v 1"; you may not use this file except in compliance with, at + * your election, the "Elastic License 2.0", the "GNU Affero General Public + * License v3.0 only", or the "Server Side Public License, v 1". + */ + +import { EntityFields, entities, generateShortId } from '@kbn/apm-synthtrace-client'; +import { Schema } from '@kbn/apm-synthtrace-client/src/lib/entities'; +import { Scenario } from '../cli/scenario'; +import { withClient } from '../lib/utils/with_client'; + +const CLUSTER_NAME = 'cluster_foo'; + +const CLUSTER_ENTITY_ID = generateShortId(); +const POD_ENTITY_ID = generateShortId(); +const POD_UID = generateShortId(); +const REPLICA_SET_ENTITY_ID = generateShortId(); +const REPLICA_SET_UID = generateShortId(); +const DEPLOYMENT_ENTITY_ID = generateShortId(); +const DEPLOYMENT_UID = generateShortId(); +const STATEFUL_SET_ENTITY_ID = generateShortId(); +const STATEFUL_SET_UID = generateShortId(); +const DAEMON_SET_ENTITY_ID = generateShortId(); +const DAEMON_SET_UID = generateShortId(); +const JOB_SET_ENTITY_ID = generateShortId(); +const JOB_SET_UID = generateShortId(); +const CRON_JOB_ENTITY_ID = generateShortId(); +const CRON_JOB_UID = generateShortId(); +const NODE_ENTITY_ID = generateShortId(); +const NODE_UID = generateShortId(); +const SYNTH_JAVA_TRACE_ENTITY_ID = generateShortId(); +const SYNTH_HOST_FOO_LOGS_ENTITY_ID = generateShortId(); +const SYNTH_CONTAINER_FOO_LOGS_ENTITY_ID = generateShortId(); + +const scenario: Scenario> = async (runOptions) => { + const { logger } = runOptions; + + return { + bootstrap: async ({ entitiesKibanaClient }) => { + await entitiesKibanaClient.installEntityIndexPatterns(); + }, + generate: ({ range, clients: { entitiesEsClient } }) => { + const rangeInterval = range.interval('1m').rate(1); + const getK8sEntitiesEvents = (schema: Schema) => + rangeInterval.generator((timestamp) => { + return [ + entities.k8s + .k8sClusterJobEntity({ + schema, + name: CLUSTER_NAME, + entityId: CLUSTER_ENTITY_ID, + }) + .timestamp(timestamp), + entities.k8s + .k8sPodEntity({ + schema, + clusterName: CLUSTER_NAME, + name: 'pod_foo', + uid: POD_UID, + entityId: POD_ENTITY_ID, + }) + .timestamp(timestamp), + entities.k8s + .k8sReplicaSetEntity({ + clusterName: CLUSTER_NAME, + name: 'replica_set_foo', + schema, + uid: REPLICA_SET_UID, + entityId: REPLICA_SET_ENTITY_ID, + }) + .timestamp(timestamp), + entities.k8s + .k8sDeploymentEntity({ + clusterName: CLUSTER_NAME, + name: 'deployment_foo', + schema, + uid: DEPLOYMENT_UID, + entityId: DEPLOYMENT_ENTITY_ID, + }) + .timestamp(timestamp), + entities.k8s + .k8sStatefulSetEntity({ + clusterName: CLUSTER_NAME, + name: 'stateful_set_foo', + schema, + uid: STATEFUL_SET_UID, + entityId: STATEFUL_SET_ENTITY_ID, + }) + .timestamp(timestamp), + entities.k8s + .k8sDaemonSetEntity({ + clusterName: CLUSTER_NAME, + name: 'daemon_set_foo', + schema, + uid: DAEMON_SET_UID, + entityId: DAEMON_SET_ENTITY_ID, + }) + .timestamp(timestamp), + entities.k8s + .k8sJobSetEntity({ + clusterName: CLUSTER_NAME, + name: 'job_set_foo', + schema, + uid: JOB_SET_UID, + entityId: JOB_SET_ENTITY_ID, + }) + .timestamp(timestamp), + entities.k8s + .k8sCronJobEntity({ + clusterName: CLUSTER_NAME, + name: 'cron_job_foo', + schema, + uid: CRON_JOB_UID, + entityId: CRON_JOB_ENTITY_ID, + }) + .timestamp(timestamp), + entities.k8s + .k8sNodeEntity({ + clusterName: CLUSTER_NAME, + name: 'node_job_foo', + schema, + uid: NODE_UID, + entityId: NODE_ENTITY_ID, + }) + .timestamp(timestamp), + entities.k8s + .k8sContainerEntity({ + id: '123', + schema, + entityId: NODE_ENTITY_ID, + }) + .timestamp(timestamp), + ]; + }); + + const ecsEntities = getK8sEntitiesEvents('ecs'); + const otelEntities = getK8sEntitiesEvents('semconv'); + const synthJavaTraces = entities.serviceEntity({ + serviceName: 'synth_java', + agentName: ['java'], + dataStreamType: ['traces'], + environment: 'production', + entityId: SYNTH_JAVA_TRACE_ENTITY_ID, + }); + const synthHostFooLogs = entities.hostEntity({ + hostName: 'synth_host_foo', + agentName: ['macbook'], + dataStreamType: ['logs'], + entityId: SYNTH_HOST_FOO_LOGS_ENTITY_ID, + }); + const synthContainerFooLogs = entities.containerEntity({ + containerId: 'synth_container_foo', + agentName: ['macbook'], + dataStreamType: ['logs'], + entityId: SYNTH_CONTAINER_FOO_LOGS_ENTITY_ID, + }); + + const otherEvents = rangeInterval.generator((timestamp) => [ + synthJavaTraces.timestamp(timestamp), + synthHostFooLogs.timestamp(timestamp), + synthContainerFooLogs.timestamp(timestamp), + ]); + + return [ + withClient( + entitiesEsClient, + logger.perf('generating_entities_k8s_ecs_events', () => ecsEntities) + ), + withClient( + entitiesEsClient, + logger.perf('generating_entities_k8s_otel_events', () => otelEntities) + ), + withClient( + entitiesEsClient, + logger.perf('generating_entities_other_events', () => otherEvents) + ), + ]; + }, + }; +}; + +export default scenario; diff --git a/packages/kbn-data-stream-adapter/src/field_maps/types.ts b/packages/kbn-data-stream-adapter/src/field_maps/types.ts index 4f42a6c6b686de..62f4c7c600036c 100644 --- a/packages/kbn-data-stream-adapter/src/field_maps/types.ts +++ b/packages/kbn-data-stream-adapter/src/field_maps/types.ts @@ -38,8 +38,9 @@ export interface EcsMetadata { properties?: Record; } -export interface FieldMap { - [key: string]: { +export type FieldMap = Record< + T, + { type: string; required: boolean; array?: boolean; @@ -53,5 +54,17 @@ export interface FieldMap { scaling_factor?: number; dynamic?: boolean | 'strict'; properties?: Record; - }; -} + } +>; + +// This utility type flattens all the keys of a schema object and its nested objects as a union type. +// Its purpose is to ensure that the FieldMap keys are always in sync with the schema object. +// It assumes all optional fields of the schema are required in the field map, they can always be omitted from the resulting type. +export type SchemaFieldMapKeys< + T extends Record, + Key = keyof T +> = Key extends string + ? NonNullable extends Record + ? `${Key}` | `${Key}.${SchemaFieldMapKeys>}` + : `${Key}` + : never; diff --git a/packages/kbn-discover-contextual-components/README.md b/packages/kbn-discover-contextual-components/README.md new file mode 100644 index 00000000000000..ae9e2402c2a693 --- /dev/null +++ b/packages/kbn-discover-contextual-components/README.md @@ -0,0 +1,3 @@ +# @kbn/discover-contextual-components + +Houses contextual (e.g. logs) components that are used by Discover. diff --git a/src/plugins/discover/common/data_types/logs/display_options.ts b/packages/kbn-discover-contextual-components/index.ts similarity index 75% rename from src/plugins/discover/common/data_types/logs/display_options.ts rename to packages/kbn-discover-contextual-components/index.ts index 05803ba0bde7f1..55b900ad5137a7 100644 --- a/src/plugins/discover/common/data_types/logs/display_options.ts +++ b/packages/kbn-discover-contextual-components/index.ts @@ -7,9 +7,4 @@ * License v3.0 only", or the "Server Side Public License, v 1". */ -export interface SmartFieldGridColumnOptions { - type: 'smart-field'; - smartField: 'content' | 'resource'; - fallbackFields: string[]; - width?: number; -} +export * from './src'; diff --git a/packages/kbn-discover-contextual-components/jest.config.js b/packages/kbn-discover-contextual-components/jest.config.js new file mode 100644 index 00000000000000..bacfd33649ce41 --- /dev/null +++ b/packages/kbn-discover-contextual-components/jest.config.js @@ -0,0 +1,14 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the "Elastic License + * 2.0", the "GNU Affero General Public License v3.0 only", and the "Server Side + * Public License v 1"; you may not use this file except in compliance with, at + * your election, the "Elastic License 2.0", the "GNU Affero General Public + * License v3.0 only", or the "Server Side Public License, v 1". + */ + +module.exports = { + preset: '@kbn/test', + rootDir: '../..', + roots: ['/packages/kbn-discover-contextual-components'], +}; diff --git a/packages/kbn-discover-contextual-components/kibana.jsonc b/packages/kbn-discover-contextual-components/kibana.jsonc new file mode 100644 index 00000000000000..cfb9b1d5431efa --- /dev/null +++ b/packages/kbn-discover-contextual-components/kibana.jsonc @@ -0,0 +1,5 @@ +{ + "type": "shared-browser", + "id": "@kbn/discover-contextual-components", + "owner": ["@elastic/obs-ux-logs-team", "@elastic/kibana-data-discovery"] +} diff --git a/packages/kbn-discover-contextual-components/package.json b/packages/kbn-discover-contextual-components/package.json new file mode 100644 index 00000000000000..4a63d975cda42f --- /dev/null +++ b/packages/kbn-discover-contextual-components/package.json @@ -0,0 +1,7 @@ +{ + "name": "@kbn/discover-contextual-components", + "private": true, + "version": "1.0.0", + "license": "Elastic License 2.0 OR AGPL-3.0-only OR SSPL-1.0", + "sideEffects": false +} \ No newline at end of file diff --git a/src/plugins/discover/public/components/data_types/logs/cell_actions_popover.tsx b/packages/kbn-discover-contextual-components/src/data_types/logs/components/cell_actions_popover.tsx similarity index 75% rename from src/plugins/discover/public/components/data_types/logs/cell_actions_popover.tsx rename to packages/kbn-discover-contextual-components/src/data_types/logs/components/cell_actions_popover.tsx index 7b9d68e8f3dd75..96651cf26189b9 100644 --- a/src/plugins/discover/public/components/data_types/logs/cell_actions_popover.tsx +++ b/packages/kbn-discover-contextual-components/src/data_types/logs/components/cell_actions_popover.tsx @@ -24,7 +24,9 @@ import { import { css } from '@emotion/react'; import { useBoolean } from '@kbn/react-hooks'; import { euiThemeVars } from '@kbn/ui-theme'; -import { DocViewFilterFn } from '@kbn/unified-doc-viewer/types'; +import type { DocViewFilterFn } from '@kbn/unified-doc-viewer/types'; +import type { SharePluginStart } from '@kbn/share-plugin/public'; +import type { CoreStart } from '@kbn/core-lifecycle-browser'; import { actionFilterForText, actionFilterOutText, @@ -109,30 +111,32 @@ export function CellActionsPopover({ /> - - - - {filterForText} - - - {filterOutText} - - - + {onFilter ? ( + + + + {filterForText} + + + {filterOutText} + + + + ) : null} {(copy) => ( @@ -158,13 +162,21 @@ export interface FieldBadgeWithActionsProps icon?: EuiBadgeProps['iconType']; } +interface FieldBadgeWithActionsDependencies { + core?: CoreStart; + share?: SharePluginStart; +} + +export type FieldBadgeWithActionsPropsAndDependencies = FieldBadgeWithActionsProps & + FieldBadgeWithActionsDependencies; + export function FieldBadgeWithActions({ icon, onFilter, property, renderValue, value, -}: FieldBadgeWithActionsProps) { +}: FieldBadgeWithActionsPropsAndDependencies) { return ( { const LogLevelBadgeCell = getLogLevelBadgeCell(logLevelField); diff --git a/src/plugins/discover/public/components/data_types/logs/log_level_badge_cell.tsx b/packages/kbn-discover-contextual-components/src/data_types/logs/components/log_level_badge_cell/log_level_badge_cell.tsx similarity index 92% rename from src/plugins/discover/public/components/data_types/logs/log_level_badge_cell.tsx rename to packages/kbn-discover-contextual-components/src/data_types/logs/components/log_level_badge_cell/log_level_badge_cell.tsx index bff3bdddee0261..4223f1e0de5c10 100644 --- a/src/plugins/discover/public/components/data_types/logs/log_level_badge_cell.tsx +++ b/packages/kbn-discover-contextual-components/src/data_types/logs/components/log_level_badge_cell/log_level_badge_cell.tsx @@ -9,8 +9,8 @@ import type { CSSObject } from '@emotion/react'; import React from 'react'; +import type { DataGridCellValueElementProps } from '@kbn/unified-data-table/src/types'; import { LogLevelBadge } from '@kbn/discover-utils'; -import type { DataGridCellValueElementProps } from '@kbn/unified-data-table'; const dataTestSubj = 'logLevelBadgeCell'; const badgeCss: CSSObject = { marginTop: '-4px' }; @@ -32,3 +32,5 @@ export const getLogLevelBadgeCell = /> ); }; + +export type LogLevelBadgeCell = ReturnType; diff --git a/src/plugins/discover/public/components/data_types/logs/service_name_badge_with_actions.tsx b/packages/kbn-discover-contextual-components/src/data_types/logs/components/service_name_badge_with_actions.tsx similarity index 80% rename from src/plugins/discover/public/components/data_types/logs/service_name_badge_with_actions.tsx rename to packages/kbn-discover-contextual-components/src/data_types/logs/components/service_name_badge_with_actions.tsx index 581c889b8e98ee..7916b1144d8510 100644 --- a/src/plugins/discover/public/components/data_types/logs/service_name_badge_with_actions.tsx +++ b/packages/kbn-discover-contextual-components/src/data_types/logs/components/service_name_badge_with_actions.tsx @@ -11,17 +11,20 @@ import React from 'react'; import { getRouterLinkProps } from '@kbn/router-utils'; import { EuiLink } from '@elastic/eui'; import { OBSERVABILITY_ENTITY_CENTRIC_EXPERIENCE } from '@kbn/management-settings-ids'; -import { SharePublicStart } from '@kbn/share-plugin/public/plugin'; -import { useDiscoverServices } from '../../../hooks/use_discover_services'; -import { FieldBadgeWithActions, FieldBadgeWithActionsProps } from './cell_actions_popover'; +import type { SharePublicStart } from '@kbn/share-plugin/public/plugin'; +import { + FieldBadgeWithActions, + FieldBadgeWithActionsProps, + FieldBadgeWithActionsPropsAndDependencies, +} from './cell_actions_popover'; const SERVICE_ENTITY_LOCATOR = 'SERVICE_ENTITY_LOCATOR'; -export function ServiceNameBadgeWithActions(props: FieldBadgeWithActionsProps) { - const { share, core } = useDiscoverServices(); - const canViewApm = core.application.capabilities.apm?.show || false; +export function ServiceNameBadgeWithActions(props: FieldBadgeWithActionsPropsAndDependencies) { + const { share, core } = props; + const canViewApm = core?.application.capabilities.apm?.show || false; const isEntityCentricExperienceSettingEnabled = canViewApm - ? core.uiSettings.get(OBSERVABILITY_ENTITY_CENTRIC_EXPERIENCE) + ? core?.uiSettings.get(OBSERVABILITY_ENTITY_CENTRIC_EXPERIENCE) : false; const derivedPropsForEntityExperience = isEntityCentricExperienceSettingEnabled diff --git a/src/plugins/discover/public/components/data_types/logs/summary_column/content.tsx b/packages/kbn-discover-contextual-components/src/data_types/logs/components/summary_column/content.tsx similarity index 95% rename from src/plugins/discover/public/components/data_types/logs/summary_column/content.tsx rename to packages/kbn-discover-contextual-components/src/data_types/logs/components/summary_column/content.tsx index 0da98cbf7145e1..cc576efff17db9 100644 --- a/src/plugins/discover/public/components/data_types/logs/summary_column/content.tsx +++ b/packages/kbn-discover-contextual-components/src/data_types/logs/components/summary_column/content.tsx @@ -14,7 +14,7 @@ import { getLogDocumentOverview, getMessageFieldWithFallbacks, } from '@kbn/discover-utils'; -import * as constants from '../../../../../common/data_types/logs/constants'; +import { MESSAGE_FIELD } from '@kbn/discover-utils'; import { formatJsonDocumentForContent } from './utils'; interface ContentProps extends DataGridCellValueElementProps { @@ -32,7 +32,7 @@ const LogMessage = ({ value: string; className: string; }) => { - const shouldRenderFieldName = field !== constants.MESSAGE_FIELD; + const shouldRenderFieldName = field !== MESSAGE_FIELD; if (shouldRenderFieldName) { return ( diff --git a/packages/kbn-discover-contextual-components/src/data_types/logs/components/summary_column/index.ts b/packages/kbn-discover-contextual-components/src/data_types/logs/components/summary_column/index.ts new file mode 100644 index 00000000000000..006ec34d0a4750 --- /dev/null +++ b/packages/kbn-discover-contextual-components/src/data_types/logs/components/summary_column/index.ts @@ -0,0 +1,13 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the "Elastic License + * 2.0", the "GNU Affero General Public License v3.0 only", and the "Server Side + * Public License v 1"; you may not use this file except in compliance with, at + * your election, the "Elastic License 2.0", the "GNU Affero General Public + * License v3.0 only", or the "Server Side Public License, v 1". + */ + +export * from './content'; +export * from './resource'; +export * from './summary_column'; +export * from './utils'; diff --git a/src/plugins/discover/public/components/data_types/logs/summary_column/resource.tsx b/packages/kbn-discover-contextual-components/src/data_types/logs/components/summary_column/resource.tsx similarity index 89% rename from src/plugins/discover/public/components/data_types/logs/summary_column/resource.tsx rename to packages/kbn-discover-contextual-components/src/data_types/logs/components/summary_column/resource.tsx index a7955fadde6225..5ea7ddda7a6b76 100644 --- a/src/plugins/discover/public/components/data_types/logs/summary_column/resource.tsx +++ b/packages/kbn-discover-contextual-components/src/data_types/logs/components/summary_column/resource.tsx @@ -8,8 +8,8 @@ */ import React from 'react'; -import { EuiBadge, EuiFlexGroup } from '@elastic/eui'; -import { DocViewFilterFn } from '@kbn/unified-doc-viewer/types'; +import { CommonProps, EuiBadge, EuiFlexGroup } from '@elastic/eui'; +import type { DocViewFilterFn } from '@kbn/unified-doc-viewer/types'; import { ResourceFieldDescriptor } from './utils'; const MAX_LIMITED_FIELDS_VISIBLE = 3; @@ -19,6 +19,7 @@ interface ResourceProps { /* When true, the column will render a predefined number of resources and indicates with a badge how many more we have */ limited?: boolean; onFilter?: DocViewFilterFn; + css?: CommonProps['css']; } export const Resource = ({ fields, limited = false, onFilter, ...props }: ResourceProps) => { diff --git a/src/plugins/discover/public/components/data_types/logs/summary_column/summary_column.test.tsx b/packages/kbn-discover-contextual-components/src/data_types/logs/components/summary_column/summary_column.test.tsx similarity index 86% rename from src/plugins/discover/public/components/data_types/logs/summary_column/summary_column.test.tsx rename to packages/kbn-discover-contextual-components/src/data_types/logs/components/summary_column/summary_column.test.tsx index b8eeea613c9c65..6b337167279e3c 100644 --- a/src/plugins/discover/public/components/data_types/logs/summary_column/summary_column.test.tsx +++ b/packages/kbn-discover-contextual-components/src/data_types/logs/components/summary_column/summary_column.test.tsx @@ -8,41 +8,41 @@ */ import React from 'react'; -import { buildDataTableRecord, DataTableRecord } from '@kbn/discover-utils'; -import { dataViewMock } from '@kbn/discover-utils/src/__mocks__'; import { fieldFormatsMock } from '@kbn/field-formats-plugin/common/mocks'; import { render, screen } from '@testing-library/react'; import SummaryColumn, { SummaryColumnFactoryDeps, SummaryColumnProps } from './summary_column'; import { DataGridDensity, ROWS_HEIGHT_OPTIONS } from '@kbn/unified-data-table'; -import * as constants from '../../../../../common/data_types/logs/constants'; -import { KibanaContextProvider } from '@kbn/kibana-react-plugin/public'; -import { discoverServiceMock } from '../../../../__mocks__/services'; +import * as constants from '@kbn/discover-utils/src/data_types/logs/constants'; +import { sharePluginMock } from '@kbn/share-plugin/public/mocks'; +import { coreMock as corePluginMock } from '@kbn/core/public/mocks'; +import { DataTableRecord, buildDataTableRecord } from '@kbn/discover-utils'; +import { dataViewMock } from '@kbn/discover-utils/src/__mocks__/data_view'; const renderSummary = ( record: DataTableRecord, opts: Partial = {} ) => { render( - - {}} - closePopover={() => {}} - density={DataGridDensity.COMPACT} - rowHeight={ROWS_HEIGHT_OPTIONS.single} - onFilter={jest.fn()} - shouldShowFieldHandler={() => true} - {...opts} - /> - + {}} + closePopover={() => {}} + density={DataGridDensity.COMPACT} + rowHeight={ROWS_HEIGHT_OPTIONS.single} + onFilter={jest.fn()} + shouldShowFieldHandler={() => true} + core={corePluginMock.createStart()} + share={sharePluginMock.createStartContract()} + {...opts} + /> ); }; diff --git a/packages/kbn-discover-contextual-components/src/data_types/logs/components/summary_column/summary_column.tsx b/packages/kbn-discover-contextual-components/src/data_types/logs/components/summary_column/summary_column.tsx new file mode 100644 index 00000000000000..98f772fcf41d18 --- /dev/null +++ b/packages/kbn-discover-contextual-components/src/data_types/logs/components/summary_column/summary_column.tsx @@ -0,0 +1,171 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the "Elastic License + * 2.0", the "GNU Affero General Public License v3.0 only", and the "Server Side + * Public License v 1"; you may not use this file except in compliance with, at + * your election, the "Elastic License 2.0", the "GNU Affero General Public + * License v3.0 only", or the "Server Side Public License, v 1". + */ + +import { DataGridDensity, type DataGridCellValueElementProps } from '@kbn/unified-data-table'; +import React from 'react'; +import { EuiButtonIcon, EuiCodeBlock, EuiFlexGroup, EuiText, EuiTitle } from '@elastic/eui'; +import { JsonCodeEditor } from '@kbn/unified-doc-viewer-plugin/public'; +import { DocViewFilterFn } from '@kbn/unified-doc-viewer/types'; +import type { CoreStart } from '@kbn/core-lifecycle-browser'; +import type { SharePluginStart } from '@kbn/share-plugin/public'; +import { + ShouldShowFieldInTableHandler, + getLogDocumentOverview, + getMessageFieldWithFallbacks, +} from '@kbn/discover-utils'; +import { ROWS_HEIGHT_OPTIONS } from '@kbn/unified-data-table'; +import { Resource } from './resource'; +import { Content } from './content'; +import { createResourceFields, formatJsonDocumentForContent } from './utils'; +import { + closeCellActionPopoverText, + contentLabel, + jsonLabel, + resourceLabel, +} from '../translations'; + +export interface SummaryColumnFactoryDeps { + density: DataGridDensity | undefined; + rowHeight: number | undefined; + shouldShowFieldHandler: ShouldShowFieldInTableHandler; + onFilter?: DocViewFilterFn; + core: CoreStart; + share?: SharePluginStart; +} + +export type SummaryColumnProps = DataGridCellValueElementProps; +export type AllSummaryColumnProps = SummaryColumnProps & SummaryColumnFactoryDeps; + +export const SummaryColumn = (props: AllSummaryColumnProps) => { + const { isDetails } = props; + + if (isDetails) { + return ; + } + + return ; +}; + +// eslint-disable-next-line import/no-default-export +export default SummaryColumn; + +const SummaryCell = ({ + density: maybeNullishDensity, + rowHeight: maybeNullishRowHeight, + ...props +}: AllSummaryColumnProps) => { + const { onFilter, row, share, core } = props; + + const density = maybeNullishDensity ?? DataGridDensity.COMPACT; + const isCompressed = density === DataGridDensity.COMPACT; + + const rowHeight = maybeNullishRowHeight ?? ROWS_HEIGHT_OPTIONS.single; + const isSingleLine = rowHeight === ROWS_HEIGHT_OPTIONS.single || rowHeight === 1; + + const resourceFields = createResourceFields(row, core, share); + const shouldRenderResource = resourceFields.length > 0; + + return isSingleLine ? ( + + {shouldRenderResource && ( + + )} + + + ) : ( + <> + {shouldRenderResource && ( + + )} + + + ); +}; + +const SummaryCellPopover = (props: AllSummaryColumnProps) => { + const { row, dataView, fieldFormats, onFilter, closePopover, share, core } = props; + + const resourceFields = createResourceFields(row, core, share); + const shouldRenderResource = resourceFields.length > 0; + + const documentOverview = getLogDocumentOverview(row, { dataView, fieldFormats }); + const { field, value } = getMessageFieldWithFallbacks(documentOverview); + const shouldRenderContent = Boolean(field && value); + + const shouldRenderSource = !shouldRenderContent; + + return ( + + + {shouldRenderResource && ( + + + {resourceLabel} + + + + )} + + + {contentLabel} + + {shouldRenderContent && ( + + + {field} + + + {value} + + + )} + {shouldRenderSource && ( + + + {jsonLabel} + + + + )} + + + ); +}; + +const singleLineResourceCss = { + flexGrow: 0, + lineHeight: 'normal', + marginTop: -1, +}; + +const multiLineResourceCss = { display: 'inline-flex' }; diff --git a/packages/kbn-discover-contextual-components/src/data_types/logs/components/summary_column/utils.tsx b/packages/kbn-discover-contextual-components/src/data_types/logs/components/summary_column/utils.tsx new file mode 100644 index 00000000000000..7dacc3393763e1 --- /dev/null +++ b/packages/kbn-discover-contextual-components/src/data_types/logs/components/summary_column/utils.tsx @@ -0,0 +1,147 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the "Elastic License + * 2.0", the "GNU Affero General Public License v3.0 only", and the "Server Side + * Public License v 1"; you may not use this file except in compliance with, at + * your election, the "Elastic License 2.0", the "GNU Affero General Public + * License v3.0 only", or the "Server Side Public License, v 1". + */ + +import { dynamic } from '@kbn/shared-ux-utility'; +import React from 'react'; +import { css } from '@emotion/react'; +import { AgentName } from '@kbn/elastic-agent-utils'; +import { euiThemeVars } from '@kbn/ui-theme'; +import type { SharePluginStart } from '@kbn/share-plugin/public'; +import type { CoreStart } from '@kbn/core-lifecycle-browser'; +import { + AGENT_NAME_FIELD, + CLOUD_INSTANCE_ID_FIELD, + CONTAINER_ID_FIELD, + CONTAINER_NAME_FIELD, + FILTER_OUT_FIELDS_PREFIXES_FOR_CONTENT, + HOST_NAME_FIELD, + ORCHESTRATOR_CLUSTER_NAME_FIELD, + ORCHESTRATOR_NAMESPACE_FIELD, + ORCHESTRATOR_RESOURCE_ID_FIELD, + SERVICE_NAME_FIELD, +} from '@kbn/discover-utils'; +import { DataTableRecord, getFieldValue } from '@kbn/discover-utils'; +import { LogDocument, ResourceFields, getAvailableResourceFields } from '@kbn/discover-utils/src'; +import { FieldBadgeWithActions, FieldBadgeWithActionsProps } from '../cell_actions_popover'; +import { ServiceNameBadgeWithActions } from '../service_name_badge_with_actions'; +/** + * getUnformattedResourceFields definitions + */ +export const getUnformattedResourceFields = (doc: LogDocument): ResourceFields => { + const serviceName = getFieldValue(doc, SERVICE_NAME_FIELD); + const hostName = getFieldValue(doc, HOST_NAME_FIELD); + const agentName = getFieldValue(doc, AGENT_NAME_FIELD); + const orchestratorClusterName = getFieldValue(doc, ORCHESTRATOR_CLUSTER_NAME_FIELD); + const orchestratorResourceId = getFieldValue(doc, ORCHESTRATOR_RESOURCE_ID_FIELD); + const orchestratorNamespace = getFieldValue(doc, ORCHESTRATOR_NAMESPACE_FIELD); + const containerName = getFieldValue(doc, CONTAINER_NAME_FIELD); + const containerId = getFieldValue(doc, CONTAINER_ID_FIELD); + const cloudInstanceId = getFieldValue(doc, CLOUD_INSTANCE_ID_FIELD); + + return { + [SERVICE_NAME_FIELD]: serviceName, + [HOST_NAME_FIELD]: hostName, + [AGENT_NAME_FIELD]: agentName, + [ORCHESTRATOR_CLUSTER_NAME_FIELD]: orchestratorClusterName, + [ORCHESTRATOR_RESOURCE_ID_FIELD]: orchestratorResourceId, + [ORCHESTRATOR_NAMESPACE_FIELD]: orchestratorNamespace, + [CONTAINER_NAME_FIELD]: containerName, + [CONTAINER_ID_FIELD]: containerId, + [CLOUD_INSTANCE_ID_FIELD]: cloudInstanceId, + }; +}; + +/** + * createResourceFields definitions + */ +const AgentIcon = dynamic(() => import('@kbn/custom-icons/src/components/agent_icon')); + +const resourceCustomComponentsMap: Partial< + Record> +> = { + [SERVICE_NAME_FIELD]: ServiceNameBadgeWithActions, +}; + +export interface ResourceFieldDescriptor { + ResourceBadge: React.ComponentType; + Icon?: () => JSX.Element; + name: keyof ResourceFields; + value: string; +} + +export const createResourceFields = ( + row: DataTableRecord, + core: CoreStart, + share?: SharePluginStart +): ResourceFieldDescriptor[] => { + const resourceDoc = getUnformattedResourceFields(row as LogDocument); + + const availableResourceFields = getAvailableResourceFields(resourceDoc); + + const resourceFields = availableResourceFields.map((name) => { + const ResourceBadgeComponent = resourceCustomComponentsMap[name] ?? FieldBadgeWithActions; + const resourceBadgeComponentWithDependencies = (props: FieldBadgeWithActionsProps) => ( + + ); + return { + name, + value: resourceDoc[name] as string, + ResourceBadge: resourceBadgeComponentWithDependencies, + ...(name === SERVICE_NAME_FIELD && { + Icon: () => ( + + ), + }), + }; + }); + + return resourceFields; +}; + +/** + * formatJsonDocumentForContent definitions + */ +export const formatJsonDocumentForContent = (row: DataTableRecord) => { + const flattenedResult: DataTableRecord['flattened'] = {}; + const rawFieldResult: DataTableRecord['raw']['fields'] = {}; + const { raw, flattened } = row; + const { fields } = raw; + + // We need 2 loops here for flattened and raw.fields. Flattened contains all fields, + // whereas raw.fields only contains certain fields excluding _ignored + for (const fieldName in flattened) { + if (isFieldAllowed(fieldName) && flattened[fieldName]) { + flattenedResult[fieldName] = flattened[fieldName]; + } + } + + for (const fieldName in fields) { + if (isFieldAllowed(fieldName) && fields[fieldName]) { + rawFieldResult[fieldName] = fields[fieldName]; + } + } + + return { + ...row, + flattened: flattenedResult, + raw: { + ...raw, + fields: rawFieldResult, + }, + }; +}; + +const isFieldAllowed = (field: string) => + !FILTER_OUT_FIELDS_PREFIXES_FOR_CONTENT.some((prefix) => field.startsWith(prefix)); diff --git a/packages/kbn-discover-contextual-components/src/data_types/logs/components/translations.tsx b/packages/kbn-discover-contextual-components/src/data_types/logs/components/translations.tsx new file mode 100644 index 00000000000000..52e083f8b86b85 --- /dev/null +++ b/packages/kbn-discover-contextual-components/src/data_types/logs/components/translations.tsx @@ -0,0 +1,72 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the "Elastic License + * 2.0", the "GNU Affero General Public License v3.0 only", and the "Server Side + * Public License v 1"; you may not use this file except in compliance with, at + * your election, the "Elastic License 2.0", the "GNU Affero General Public + * License v3.0 only", or the "Server Side Public License, v 1". + */ + +import { i18n } from '@kbn/i18n'; + +export const jsonLabel = i18n.translate('discover.logs.dataTable.header.popover.json', { + defaultMessage: 'JSON', +}); + +export const contentLabel = i18n.translate('discover.logs.dataTable.header.popover.content', { + defaultMessage: 'Content', +}); + +export const resourceLabel = i18n.translate('discover.logs.dataTable.header.popover.resource', { + defaultMessage: 'Resource', +}); + +export const actionFilterForText = (text: string) => + i18n.translate('discover.logs.flyoutDetail.value.hover.filterFor', { + defaultMessage: 'Filter for this {value}', + values: { + value: text, + }, + }); + +export const actionFilterOutText = (text: string) => + i18n.translate('discover.logs.flyoutDetail.value.hover.filterOut', { + defaultMessage: 'Filter out this {value}', + values: { + value: text, + }, + }); + +export const filterOutText = i18n.translate('discover.logs.popoverAction.filterOut', { + defaultMessage: 'Filter out', +}); + +export const filterForText = i18n.translate('discover.logs.popoverAction.filterFor', { + defaultMessage: 'Filter for', +}); + +export const copyValueText = i18n.translate('discover.logs.popoverAction.copyValue', { + defaultMessage: 'Copy value', +}); + +export const copyValueAriaText = (fieldName: string) => + i18n.translate('discover.logs.popoverAction.copyValueAriaText', { + defaultMessage: 'Copy value of {fieldName}', + values: { + fieldName, + }, + }); + +export const openCellActionPopoverAriaText = i18n.translate( + 'discover.logs.popoverAction.openPopover', + { + defaultMessage: 'Open popover', + } +); + +export const closeCellActionPopoverText = i18n.translate( + 'discover.logs.popoverAction.closePopover', + { + defaultMessage: 'Close popover', + } +); diff --git a/packages/kbn-discover-contextual-components/src/index.ts b/packages/kbn-discover-contextual-components/src/index.ts new file mode 100644 index 00000000000000..52ee5931aa4fc4 --- /dev/null +++ b/packages/kbn-discover-contextual-components/src/index.ts @@ -0,0 +1,16 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the "Elastic License + * 2.0", the "GNU Affero General Public License v3.0 only", and the "Server Side + * Public License v 1"; you may not use this file except in compliance with, at + * your election, the "Elastic License 2.0", the "GNU Affero General Public + * License v3.0 only", or the "Server Side Public License, v 1". + */ + +import { dynamic } from '@kbn/shared-ux-utility'; + +export * from './data_types/logs/components'; + +export const LazySummaryColumn = dynamic( + () => import('./data_types/logs/components/summary_column/summary_column') +); diff --git a/packages/kbn-discover-contextual-components/tsconfig.json b/packages/kbn-discover-contextual-components/tsconfig.json new file mode 100644 index 00000000000000..21d65228b95976 --- /dev/null +++ b/packages/kbn-discover-contextual-components/tsconfig.json @@ -0,0 +1,37 @@ +{ + "extends": "../../tsconfig.base.json", + "compilerOptions": { + "outDir": "target/types", + "types": [ + "jest", + "node", + "@testing-library/jest-dom", + "@testing-library/react" + ] + }, + "include": [ + "**/*.ts", + "**/*.tsx", + ], + "exclude": [ + "target/**/*" + ], + "kbn_references": [ + "@kbn/field-formats-plugin", + "@kbn/discover-utils", + "@kbn/router-utils", + "@kbn/management-settings-ids", + "@kbn/share-plugin", + "@kbn/ui-theme", + "@kbn/unified-data-table", + "@kbn/unified-doc-viewer", + "@kbn/react-hooks", + "@kbn/core-lifecycle-browser", + "@kbn/i18n", + "@kbn/unified-doc-viewer-plugin", + "@kbn/core", + "@kbn/shared-ux-utility", + "@kbn/elastic-agent-utils", + "@kbn/custom-icons", + ] +} diff --git a/packages/kbn-discover-utils/index.ts b/packages/kbn-discover-utils/index.ts index ed6d58ca3da8da..72349447830370 100644 --- a/packages/kbn-discover-utils/index.ts +++ b/packages/kbn-discover-utils/index.ts @@ -52,15 +52,17 @@ export { getLogLevelCoalescedValue, getLogLevelCoalescedValueLabel, LogLevelCoalescedValue, - LogLevelBadge, getFieldValue, getVisibleColumns, canPrependTimeFieldColumn, DiscoverFlyouts, dismissAllFlyoutsExceptFor, dismissFlyouts, + LogLevelBadge, } from './src'; export type { LogsContextService } from './src'; export * from './src/types'; + +export * from './src/data_types/logs/constants'; diff --git a/packages/kbn-discover-utils/src/data_types/logs/components/index.ts b/packages/kbn-discover-utils/src/data_types/logs/components/index.tsx similarity index 100% rename from packages/kbn-discover-utils/src/data_types/logs/components/index.ts rename to packages/kbn-discover-utils/src/data_types/logs/components/index.tsx diff --git a/packages/kbn-discover-utils/src/data_types/logs/constants.ts b/packages/kbn-discover-utils/src/data_types/logs/constants.ts new file mode 100644 index 00000000000000..82edebaff0e815 --- /dev/null +++ b/packages/kbn-discover-utils/src/data_types/logs/constants.ts @@ -0,0 +1,70 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the "Elastic License + * 2.0", the "GNU Affero General Public License v3.0 only", and the "Server Side + * Public License v 1"; you may not use this file except in compliance with, at + * your election, the "Elastic License 2.0", the "GNU Affero General Public + * License v3.0 only", or the "Server Side Public License, v 1". + */ + +import { fieldConstants } from '../..'; +import { SmartFieldGridColumnOptions } from './types'; + +export * from '../../field_constants'; + +export const LOGS_EXPLORER_PROFILE_ID = 'logs-explorer'; + +// Virtual column fields +export const CONTENT_FIELD = 'content'; +export const RESOURCE_FIELD = 'resource'; + +// Sizing +export const DATA_GRID_COLUMN_WIDTH_SMALL = 240; +export const DATA_GRID_COLUMN_WIDTH_MEDIUM = 320; +export const ACTIONS_COLUMN_WIDTH = 80; + +export const RESOURCE_FIELD_CONFIGURATION: SmartFieldGridColumnOptions = { + type: 'smart-field', + smartField: RESOURCE_FIELD, + fallbackFields: [fieldConstants.HOST_NAME_FIELD, fieldConstants.SERVICE_NAME_FIELD], + width: DATA_GRID_COLUMN_WIDTH_MEDIUM, +}; + +export const CONTENT_FIELD_CONFIGURATION: SmartFieldGridColumnOptions = { + type: 'smart-field', + smartField: CONTENT_FIELD, + fallbackFields: [fieldConstants.MESSAGE_FIELD], +}; + +export const SMART_FALLBACK_FIELDS = { + [CONTENT_FIELD]: CONTENT_FIELD_CONFIGURATION, + [RESOURCE_FIELD]: RESOURCE_FIELD_CONFIGURATION, +}; + +// UI preferences +export const DEFAULT_COLUMNS = [RESOURCE_FIELD_CONFIGURATION, CONTENT_FIELD_CONFIGURATION]; +export const DEFAULT_ROWS_PER_PAGE = 100; + +// List of prefixes which needs to be filtered out for Display in Content Column +export const FILTER_OUT_FIELDS_PREFIXES_FOR_CONTENT = [ + '_', // Filter fields like '_id', '_score' + '@timestamp', + 'agent.', + 'elastic_agent.', + 'data_stream.', + 'ecs.', + 'host.', + 'container.', + 'cloud.', + 'kubernetes.', + 'orchestrator.', + 'log.', + 'service.', +]; + +export const DEFAULT_ALLOWED_DATA_VIEWS = ['logs', 'auditbeat', 'filebeat', 'winlogbeat']; +export const DEFAULT_ALLOWED_LOGS_DATA_VIEWS = ['logs', 'auditbeat', 'filebeat', 'winlogbeat']; + +export const LOG_LEVEL_FIELDS = ['log.level', 'log_level']; +export const SERVICE_NAME_FIELDS = ['service.name', 'service_name']; +export const AGENT_NAME_FIELD = 'agent.name'; diff --git a/packages/kbn-discover-utils/src/data_types/logs/index.ts b/packages/kbn-discover-utils/src/data_types/logs/index.ts index 7ec996ee310102..30b023b6328bb7 100644 --- a/packages/kbn-discover-utils/src/data_types/logs/index.ts +++ b/packages/kbn-discover-utils/src/data_types/logs/index.ts @@ -8,7 +8,7 @@ */ export * from './types'; -export * from './components'; export * from './utils'; export * from './logs_context_service'; +export * from './components'; diff --git a/packages/kbn-discover-utils/src/data_types/logs/types.ts b/packages/kbn-discover-utils/src/data_types/logs/types.ts index 843205d6e8b1e4..123ad6c6310269 100644 --- a/packages/kbn-discover-utils/src/data_types/logs/types.ts +++ b/packages/kbn-discover-utils/src/data_types/logs/types.ts @@ -86,3 +86,10 @@ export interface StackTraceFields { 'error.exception.stacktrace'?: string; 'error.log.stacktrace'?: string; } + +export interface SmartFieldGridColumnOptions { + type: 'smart-field'; + smartField: 'content' | 'resource'; + fallbackFields: string[]; + width?: number; +} diff --git a/src/plugins/discover/public/utils/get_available_resource_fields.ts b/packages/kbn-discover-utils/src/data_types/logs/utils/get_available_resource_fields.ts similarity index 87% rename from src/plugins/discover/public/utils/get_available_resource_fields.ts rename to packages/kbn-discover-utils/src/data_types/logs/utils/get_available_resource_fields.ts index 588194d2a13cab..e59b7a99c91632 100644 --- a/src/plugins/discover/public/utils/get_available_resource_fields.ts +++ b/packages/kbn-discover-utils/src/data_types/logs/utils/get_available_resource_fields.ts @@ -7,8 +7,8 @@ * License v3.0 only", or the "Server Side Public License, v 1". */ -import { ResourceFields } from '@kbn/discover-utils/src'; -import * as constants from '../../common/data_types/logs/constants'; +import { ResourceFields } from '../../..'; +import * as constants from '../constants'; export const getAvailableResourceFields = (resourceDoc: ResourceFields) => { const resourceFields: Array = [ diff --git a/packages/kbn-discover-utils/src/data_types/logs/utils/index.ts b/packages/kbn-discover-utils/src/data_types/logs/utils/index.ts index 0b266fa5b4935f..365365eb7ac13b 100644 --- a/packages/kbn-discover-utils/src/data_types/logs/utils/index.ts +++ b/packages/kbn-discover-utils/src/data_types/logs/utils/index.ts @@ -9,3 +9,4 @@ export * from './get_log_level_color'; export * from './get_log_level_coalesed_value'; +export * from './get_available_resource_fields'; diff --git a/packages/kbn-discover-utils/tsconfig.json b/packages/kbn-discover-utils/tsconfig.json index 90235fada49c56..865603e379eca9 100644 --- a/packages/kbn-discover-utils/tsconfig.json +++ b/packages/kbn-discover-utils/tsconfig.json @@ -25,9 +25,9 @@ "@kbn/field-types", "@kbn/i18n", "@kbn/core-ui-settings-browser", - "@kbn/ui-theme", "@kbn/expressions-plugin", "@kbn/logs-data-access-plugin", + "@kbn/ui-theme", "@kbn/i18n-react" ] } diff --git a/packages/kbn-es/src/serverless_resources/project_roles/security/roles.yml b/packages/kbn-es/src/serverless_resources/project_roles/security/roles.yml index e9223cd5d73ef5..5c8446123a4fb0 100644 --- a/packages/kbn-es/src/serverless_resources/project_roles/security/roles.yml +++ b/packages/kbn-es/src/serverless_resources/project_roles/security/roles.yml @@ -35,6 +35,7 @@ viewer: - '.fleet-actions*' - 'risk-score.risk-score-*' - '.asset-criticality.asset-criticality-*' + - '.entities.v1.latest.security_*' - '.ml-anomalies-*' privileges: - read @@ -99,6 +100,7 @@ editor: - 'maintenance' - names: - '.asset-criticality.asset-criticality-*' + - '.entities.v1.latest.security_*' privileges: - 'read' - 'write' @@ -162,6 +164,7 @@ t1_analyst: - '.fleet-actions*' - risk-score.risk-score-* - .asset-criticality.asset-criticality-* + - .entities.v1.latest.security_* - '.ml-anomalies-*' privileges: - read @@ -211,6 +214,7 @@ t2_analyst: - .fleet-agents* - .fleet-actions* - risk-score.risk-score-* + - .entities.v1.latest.security_* - '.ml-anomalies-*' privileges: - read @@ -274,6 +278,7 @@ t3_analyst: - .fleet-agents* - .fleet-actions* - risk-score.risk-score-* + - .entities.v1.latest.security_* - '.ml-anomalies-*' privileges: - read @@ -346,6 +351,7 @@ threat_intelligence_analyst: - .fleet-agents* - .fleet-actions* - risk-score.risk-score-* + - .entities.v1.latest.security_* - '.ml-anomalies-*' privileges: - read @@ -406,6 +412,7 @@ rule_author: - .fleet-agents* - .fleet-actions* - risk-score.risk-score-* + - .entities.v1.latest.security_* - '.ml-anomalies-*' privileges: - read @@ -472,6 +479,7 @@ soc_manager: - .fleet-agents* - .fleet-actions* - risk-score.risk-score-* + - .entities.v1.latest.security_* - '.ml-anomalies-*' privileges: - read @@ -543,6 +551,7 @@ detections_admin: - all - names: - .asset-criticality.asset-criticality-* + - .entities.v1.latest.security_* privileges: - read - write @@ -590,6 +599,7 @@ platform_engineer: - all - names: - .asset-criticality.asset-criticality-* + - .entities.v1.latest.security_* privileges: - read - write @@ -648,6 +658,7 @@ endpoint_operations_analyst: - .lists* - .items* - risk-score.risk-score-* + - .entities.v1.latest.security_* - '.ml-anomalies-*' privileges: - read @@ -717,6 +728,7 @@ endpoint_policy_manager: - winlogbeat-* - logstash-* - risk-score.risk-score-* + - .entities.v1.latest.security_* privileges: - read - names: diff --git a/packages/kbn-es/src/serverless_resources/security_roles.json b/packages/kbn-es/src/serverless_resources/security_roles.json index 0554853b82df93..75106ba041d606 100644 --- a/packages/kbn-es/src/serverless_resources/security_roles.json +++ b/packages/kbn-es/src/serverless_resources/security_roles.json @@ -120,7 +120,12 @@ "privileges": ["read", "write"] }, { - "names": ["metrics-endpoint.metadata_current_*", ".fleet-agents*", ".fleet-actions*", "risk-score.risk-score-*"], + "names": [ + "metrics-endpoint.metadata_current_*", + ".fleet-agents*", ".fleet-actions*", + "risk-score.risk-score-*", + ".entities.v1.latest.security_*" + ], "privileges": ["read"] } ], diff --git a/packages/kbn-esql-ast/src/ast/helpers.ts b/packages/kbn-esql-ast/src/ast/helpers.ts index 9ca49dcb388229..74a7b5c0991e80 100644 --- a/packages/kbn-esql-ast/src/ast/helpers.ts +++ b/packages/kbn-esql-ast/src/ast/helpers.ts @@ -7,11 +7,22 @@ * License v3.0 only", or the "Server Side Public License, v 1". */ -import { ESQLAstNode, ESQLBinaryExpression, ESQLFunction } from '../types'; +import type { + ESQLAstNode, + ESQLBinaryExpression, + ESQLColumn, + ESQLFunction, + ESQLIntegerLiteral, + ESQLLiteral, + ESQLProperNode, +} from '../types'; import { BinaryExpressionGroup } from './constants'; +export const isProperNode = (node: unknown): node is ESQLProperNode => + !!node && typeof node === 'object' && !Array.isArray(node); + export const isFunctionExpression = (node: unknown): node is ESQLFunction => - !!node && typeof node === 'object' && !Array.isArray(node) && (node as any).type === 'function'; + isProperNode(node) && node.type === 'function'; /** * Returns true if the given node is a binary expression, i.e. an operator @@ -28,6 +39,18 @@ export const isFunctionExpression = (node: unknown): node is ESQLFunction => export const isBinaryExpression = (node: unknown): node is ESQLBinaryExpression => isFunctionExpression(node) && node.subtype === 'binary-expression'; +export const isLiteral = (node: unknown): node is ESQLLiteral => + isProperNode(node) && node.type === 'literal'; + +export const isIntegerLiteral = (node: unknown): node is ESQLIntegerLiteral => + isLiteral(node) && node.literalType === 'integer'; + +export const isDoubleLiteral = (node: unknown): node is ESQLIntegerLiteral => + isLiteral(node) && node.literalType === 'double'; + +export const isColumn = (node: unknown): node is ESQLColumn => + isProperNode(node) && node.type === 'column'; + /** * Returns the group of a binary expression: * diff --git a/packages/kbn-esql-ast/src/pretty_print/__tests__/basic_pretty_printer.test.ts b/packages/kbn-esql-ast/src/pretty_print/__tests__/basic_pretty_printer.test.ts index 20db9e729f0945..9e21c45f75b4b1 100644 --- a/packages/kbn-esql-ast/src/pretty_print/__tests__/basic_pretty_printer.test.ts +++ b/packages/kbn-esql-ast/src/pretty_print/__tests__/basic_pretty_printer.test.ts @@ -16,7 +16,7 @@ const reprint = (src: string) => { const { root } = parse(src); const text = BasicPrettyPrinter.print(root); - // console.log(JSON.stringify(ast, null, 2)); + // console.log(JSON.stringify(root, null, 2)); return { text }; }; @@ -194,6 +194,66 @@ describe('single line query', () => { expect(text).toBe('ROW NOT a'); }); + + test('negative numbers', () => { + const { text } = reprint('ROW -1'); + + expect(text).toBe('ROW -1'); + }); + + test('negative numbers in brackets', () => { + const { text } = reprint('ROW -(1)'); + + expect(text).toBe('ROW -1'); + }); + + test('negative column names', () => { + const { text } = reprint('ROW -col'); + + expect(text).toBe('ROW -col'); + }); + + test('plus unary expression', () => { + const { text } = reprint('ROW +(23)'); + + expect(text).toBe('ROW 23'); + }); + + test('chained multiple unary expressions', () => { + const { text } = reprint('ROW ----+-+(23)'); + + expect(text).toBe('ROW -23'); + }); + + test('before another expression', () => { + const { text } = reprint('ROW ----+-+(1 + 1)'); + + expect(text).toBe('ROW -(1 + 1)'); + }); + + test('negative one from the right side', () => { + const { text } = reprint('ROW 2 * -1'); + + expect(text).toBe('ROW -2'); + }); + + test('two minuses is plus', () => { + const { text } = reprint('ROW --123'); + + expect(text).toBe('ROW 123'); + }); + + test('two minuses is plus (float)', () => { + const { text } = reprint('ROW --1.23'); + + expect(text).toBe('ROW 1.23'); + }); + + test('two minuses is plus (with brackets)', () => { + const { text } = reprint('ROW --(123)'); + + expect(text).toBe('ROW 123'); + }); }); describe('postfix unary expression', () => { diff --git a/packages/kbn-esql-ast/src/pretty_print/basic_pretty_printer.ts b/packages/kbn-esql-ast/src/pretty_print/basic_pretty_printer.ts index ec744c65f636e4..2f1e3439cd3a33 100644 --- a/packages/kbn-esql-ast/src/pretty_print/basic_pretty_printer.ts +++ b/packages/kbn-esql-ast/src/pretty_print/basic_pretty_printer.ts @@ -7,9 +7,18 @@ * License v3.0 only", or the "Server Side Public License, v 1". */ -import { binaryExpressionGroup } from '../ast/helpers'; +import { + binaryExpressionGroup, + isBinaryExpression, + isColumn, + isDoubleLiteral, + isIntegerLiteral, + isLiteral, + isProperNode, +} from '../ast/helpers'; import { ESQLAstBaseItem, ESQLAstCommand, ESQLAstQueryExpression } from '../types'; import { ESQLAstExpressionNode, Visitor } from '../visitor'; +import { resolveItem } from '../visitor/utils'; import { LeafPrinter } from './leaf_printer'; export interface BasicPrettyPrinterOptions { @@ -152,6 +161,62 @@ export class BasicPrettyPrinter { return formatted; } + protected simplifyMultiplicationByOne( + node: ESQLAstExpressionNode, + minusCount: number = 0 + ): string | undefined { + if (isBinaryExpression(node) && node.name === '*') { + let [left, right] = node.args; + left = resolveItem(left); + right = resolveItem(right); + + if (isProperNode(left) && isProperNode(right)) { + if (!!left.formatting || !!right.formatting) { + return undefined; + } + if (isIntegerLiteral(left)) { + if (left.value === 1) { + return this.simplifyMultiplicationByOne(right, minusCount); + } else if (left.value === -1) { + return this.simplifyMultiplicationByOne(right, minusCount + 1); + } + } + if (isIntegerLiteral(right)) { + if (right.value === 1) { + return this.simplifyMultiplicationByOne(left, minusCount); + } else if (right.value === -1) { + return this.simplifyMultiplicationByOne(left, minusCount + 1); + } + } + return undefined; + } else { + return undefined; + } + } + + const isNegative = minusCount % 2 === 1; + + if (isNegative && (isIntegerLiteral(node) || isDoubleLiteral(node)) && node.value < 0) { + return BasicPrettyPrinter.expression( + { + ...node, + value: Math.abs(node.value), + }, + this.opts + ); + } + + let expression = BasicPrettyPrinter.expression(node, this.opts); + const sign = isNegative ? '-' : ''; + const needsBrackets = !!sign && !isColumn(node) && !isLiteral(node); + + if (needsBrackets) { + expression = `(${expression})`; + } + + return sign ? `${sign}${expression}` : expression; + } + protected readonly visitor: Visitor = new Visitor() .on('visitExpression', (ctx) => { return ''; @@ -237,6 +302,18 @@ export class BasicPrettyPrinter { const groupLeft = binaryExpressionGroup(left); const groupRight = binaryExpressionGroup(right); + if ( + node.name === '*' && + ((isIntegerLiteral(left) && Math.abs(left.value) === 1) || + (isIntegerLiteral(right) && Math.abs(right.value) === 1)) + ) { + const formatted = this.simplifyMultiplicationByOne(node); + + if (formatted) { + return formatted; + } + } + let leftFormatted = ctx.visitArgument(0); let rightFormatted = ctx.visitArgument(1); diff --git a/packages/kbn-esql-ast/src/pretty_print/helpers.ts b/packages/kbn-esql-ast/src/pretty_print/helpers.ts index f9d9daac84e7a1..1b4a75a119cb29 100644 --- a/packages/kbn-esql-ast/src/pretty_print/helpers.ts +++ b/packages/kbn-esql-ast/src/pretty_print/helpers.ts @@ -7,7 +7,7 @@ * License v3.0 only", or the "Server Side Public License, v 1". */ -import { ESQLAstBaseItem, ESQLProperNode } from '../types'; +import type { ESQLAstBaseItem, ESQLProperNode } from '../types'; import { Walker } from '../walker'; export interface QueryPrettyPrintStats { diff --git a/packages/kbn-esql-ast/src/visitor/utils.ts b/packages/kbn-esql-ast/src/visitor/utils.ts index 0dc95b73cf9d79..da8544ef46c906 100644 --- a/packages/kbn-esql-ast/src/visitor/utils.ts +++ b/packages/kbn-esql-ast/src/visitor/utils.ts @@ -36,6 +36,10 @@ export const firstItem = (items: ESQLAstItem[]): ESQLSingleAstItem | undefined = } }; +export const resolveItem = (items: ESQLAstItem | ESQLAstItem[]): ESQLAstItem => { + return Array.isArray(items) ? resolveItem(items[0]) : items; +}; + /** * Returns the last normalized "single item" from the "item" list. * diff --git a/packages/kbn-esql-validation-autocomplete/src/autocomplete/__tests__/autocomplete.suggest.eval.test.ts b/packages/kbn-esql-validation-autocomplete/src/autocomplete/__tests__/autocomplete.suggest.eval.test.ts index dcb6fe76f184b5..81fd8f7f43902c 100644 --- a/packages/kbn-esql-validation-autocomplete/src/autocomplete/__tests__/autocomplete.suggest.eval.test.ts +++ b/packages/kbn-esql-validation-autocomplete/src/autocomplete/__tests__/autocomplete.suggest.eval.test.ts @@ -51,6 +51,13 @@ describe('autocomplete.suggest', () => { ...getFieldNamesByType('any'), ...getFunctionSignaturesByReturnType('eval', 'any', { scalar: true }), ]); + + await assertSuggestions('from a | eval doubleField/', [ + 'doubleField, ', + 'doubleField | ', + 'var0 = ', + ]); + await assertSuggestions('from a | eval doubleField /', [ ...getFunctionSignaturesByReturnType('eval', 'any', { builtin: true, skipAssign: true }, [ 'double', diff --git a/packages/kbn-esql-validation-autocomplete/src/autocomplete/autocomplete.test.ts b/packages/kbn-esql-validation-autocomplete/src/autocomplete/autocomplete.test.ts index e463902554074f..deb4592428089b 100644 --- a/packages/kbn-esql-validation-autocomplete/src/autocomplete/autocomplete.test.ts +++ b/packages/kbn-esql-validation-autocomplete/src/autocomplete/autocomplete.test.ts @@ -1123,7 +1123,7 @@ describe('autocomplete', () => { { filterText: '_source', text: '_source, ', command: TRIGGER_SUGGESTION_COMMAND }, ]); // no comma if there are no more fields - testSuggestions('FROM a METADATA _id, _ignored, _index, _source, _version/', [ + testSuggestions('FROM a METADATA _id, _ignored, _index, _source, _index_mode, _version/', [ { filterText: '_version', text: '_version | ', command: TRIGGER_SUGGESTION_COMMAND }, ]); }); diff --git a/packages/kbn-esql-validation-autocomplete/src/autocomplete/autocomplete.ts b/packages/kbn-esql-validation-autocomplete/src/autocomplete/autocomplete.ts index cbc84232b8eb6a..98a26b0c8dd4be 100644 --- a/packages/kbn-esql-validation-autocomplete/src/autocomplete/autocomplete.ts +++ b/packages/kbn-esql-validation-autocomplete/src/autocomplete/autocomplete.ts @@ -596,6 +596,17 @@ async function getExpressionSuggestionsByType( const suggestions: SuggestionRawDefinition[] = []; + // When user types and accepts autocomplete suggestion, and cursor is placed at the end of a valid field + // we should not show irrelevant functions that might have words matching + const columnWithActiveCursor = commands.find( + (c) => + c.name === command.name && + command.name === 'eval' && + c.args.some((arg) => isColumnItem(arg) && arg.name.includes(EDITOR_MARKER)) + ); + + const shouldShowFunctions = !columnWithActiveCursor; + // in this flow there's a clear plan here from argument definitions so try to follow it if (argDef) { if (argDef.type === 'column' || argDef.type === 'any' || argDef.type === 'function') { @@ -722,7 +733,7 @@ async function getExpressionSuggestionsByType( option?.name, getFieldsByType, { - functions: true, + functions: shouldShowFunctions, fields: false, variables: nodeArg ? undefined : anyVariables, literals: argDef.constantOnly, diff --git a/packages/kbn-esql-validation-autocomplete/src/autocomplete/recommended_queries/templates.ts b/packages/kbn-esql-validation-autocomplete/src/autocomplete/recommended_queries/templates.ts index 6a3226c9dcc8fa..5e8d2174919254 100644 --- a/packages/kbn-esql-validation-autocomplete/src/autocomplete/recommended_queries/templates.ts +++ b/packages/kbn-esql-validation-autocomplete/src/autocomplete/recommended_queries/templates.ts @@ -32,7 +32,7 @@ export const getRecommendedQueries = ({ defaultMessage: 'Count aggregation', } ), - queryString: `${fromCommand}\n | STATS count = COUNT(*) // you can group by a field using the BY operator`, + queryString: `${fromCommand}\n | STATS count = COUNT(*) /* you can group by a field using the BY operator */`, }, ...(timeField ? [ @@ -49,7 +49,7 @@ export const getRecommendedQueries = ({ defaultMessage: 'Sort by time', } ), - queryString: `${fromCommand}\n | SORT ${timeField} // Data is not sorted by default`, + queryString: `${fromCommand}\n | SORT ${timeField} /* Data is not sorted by default */`, }, { label: i18n.translate( @@ -64,7 +64,7 @@ export const getRecommendedQueries = ({ defaultMessage: 'Count aggregation over time', } ), - queryString: `${fromCommand}\n | EVAL buckets = DATE_TRUNC(5 minute, ${timeField}) | STATS count = COUNT(*) BY buckets // try out different intervals`, + queryString: `${fromCommand}\n | EVAL buckets = DATE_TRUNC(5 minute, ${timeField}) | STATS count = COUNT(*) BY buckets /* try out different intervals */`, }, ] : []), @@ -98,7 +98,7 @@ export const getRecommendedQueries = ({ defaultMessage: 'Count aggregation over time', } ), - queryString: `${fromCommand}\n | WHERE ${timeField} <=?_tend and ${timeField} >?_tstart\n | STATS count = COUNT(*) BY \`Over time\` = BUCKET(${timeField}, 50, ?_tstart, ?_tend) // ?_tstart and ?_tend take the values of the time picker`, + queryString: `${fromCommand}\n | WHERE ${timeField} <=?_tend and ${timeField} >?_tstart\n | STATS count = COUNT(*) BY \`Over time\` = BUCKET(${timeField}, 50, ?_tstart, ?_tend) /* ?_tstart and ?_tend take the values of the time picker */`, }, { label: i18n.translate( @@ -113,7 +113,7 @@ export const getRecommendedQueries = ({ defaultMessage: 'Event rate over time', } ), - queryString: `${fromCommand}\n | STATS count = COUNT(*), min_timestamp = MIN(${timeField}) // MIN(dateField) finds the earliest timestamp in the dataset.\n | EVAL event_rate = count / DATE_DIFF("seconds", min_timestamp, NOW()) // Calculates the event rate by dividing the total count of events by the time difference (in seconds) between the earliest event and the current time.\n | KEEP event_rate`, + queryString: `${fromCommand}\n | STATS count = COUNT(*), min_timestamp = MIN(${timeField}) /* MIN(dateField) finds the earliest timestamp in the dataset. */ \n | EVAL event_rate = count / DATE_DIFF("seconds", min_timestamp, NOW()) /* Calculates the event rate by dividing the total count of events by the time difference (in seconds) between the earliest event and the current time. */\n | KEEP event_rate`, }, { label: i18n.translate( diff --git a/packages/kbn-esql-validation-autocomplete/src/shared/constants.ts b/packages/kbn-esql-validation-autocomplete/src/shared/constants.ts index c1942118a41e27..1a9f382d32a6da 100644 --- a/packages/kbn-esql-validation-autocomplete/src/shared/constants.ts +++ b/packages/kbn-esql-validation-autocomplete/src/shared/constants.ts @@ -15,4 +15,4 @@ export const SINGLE_TICK_REGEX = /`/g; export const DOUBLE_BACKTICK = '``'; export const SINGLE_BACKTICK = '`'; -export const METADATA_FIELDS = ['_version', '_id', '_index', '_source', '_ignored']; +export const METADATA_FIELDS = ['_version', '_id', '_index', '_source', '_ignored', '_index_mode']; diff --git a/packages/kbn-esql-validation-autocomplete/src/shared/helpers.ts b/packages/kbn-esql-validation-autocomplete/src/shared/helpers.ts index 31c2c01a114040..2392a448149978 100644 --- a/packages/kbn-esql-validation-autocomplete/src/shared/helpers.ts +++ b/packages/kbn-esql-validation-autocomplete/src/shared/helpers.ts @@ -465,7 +465,7 @@ export function checkFunctionArgMatchesDefinition( const wrappedTypes: Array<(typeof validHit)['type']> = Array.isArray(validHit.type) ? validHit.type : [validHit.type]; - return wrappedTypes.some((ct) => ct === argType || ct === 'null' || ct === 'unknown'); + return wrappedTypes.some((ct) => ct === argType || ct === 'null'); } if (arg.type === 'inlineCast') { const lowerArgType = argType?.toLowerCase(); diff --git a/packages/kbn-esql-validation-autocomplete/src/validation/__tests__/functions.test.ts b/packages/kbn-esql-validation-autocomplete/src/validation/__tests__/functions.test.ts index a3934c1a35627c..ec0fbe5395334e 100644 --- a/packages/kbn-esql-validation-autocomplete/src/validation/__tests__/functions.test.ts +++ b/packages/kbn-esql-validation-autocomplete/src/validation/__tests__/functions.test.ts @@ -505,67 +505,41 @@ describe('function validation', () => { ['Invalid option ["foo"] for test. Supported options: ["ASC", "DESC"].'] ); }); - }); - describe('command/option support', () => { - it('validates command support', async () => { + it('validates values of type unknown', async () => { setTestFunctions([ { - name: 'eval_fn', + name: 'test1', type: 'eval', description: '', supportedCommands: ['eval'], signatures: [ { - params: [], - returnType: 'keyword', - }, - ], - }, - { - name: 'stats_fn', - type: 'agg', - description: '', - supportedCommands: ['stats'], - signatures: [ - { - params: [], - returnType: 'keyword', - }, - ], - }, - { - name: 'row_fn', - type: 'eval', - description: '', - supportedCommands: ['row'], - signatures: [ - { - params: [], + params: [{ name: 'arg1', type: 'keyword' }], returnType: 'keyword', }, ], }, { - name: 'where_fn', + name: 'test2', type: 'eval', description: '', - supportedCommands: ['where'], + supportedCommands: ['eval'], signatures: [ { - params: [], + params: [{ name: 'arg1', type: 'keyword' }], returnType: 'keyword', }, ], }, { - name: 'sort_fn', + name: 'test3', type: 'eval', description: '', - supportedCommands: ['sort'], + supportedCommands: ['eval'], signatures: [ { - params: [], + params: [{ name: 'arg1', type: 'long' }], returnType: 'keyword', }, ], @@ -573,155 +547,235 @@ describe('function validation', () => { ]); const { expectErrors } = await setup(); + await expectErrors( + `FROM a_index + | EVAL foo = TEST1(1.) + | EVAL TEST2(foo) + | EVAL TEST3(foo)`, + [ + 'Argument of [test1] must be [keyword], found value [1.] type [double]', + 'Argument of [test2] must be [keyword], found value [foo] type [unknown]', + 'Argument of [test3] must be [long], found value [foo] type [unknown]', + ] + ); + }); - await expectErrors('FROM a_index | EVAL EVAL_FN()', []); - await expectErrors('FROM a_index | SORT SORT_FN()', []); - await expectErrors('FROM a_index | STATS STATS_FN()', []); - await expectErrors('ROW ROW_FN()', []); - await expectErrors('FROM a_index | WHERE WHERE_FN()', []); + describe('command/option support', () => { + it('validates command support', async () => { + setTestFunctions([ + { + name: 'eval_fn', + type: 'eval', + description: '', + supportedCommands: ['eval'], + signatures: [ + { + params: [], + returnType: 'keyword', + }, + ], + }, + { + name: 'stats_fn', + type: 'agg', + description: '', + supportedCommands: ['stats'], + signatures: [ + { + params: [], + returnType: 'keyword', + }, + ], + }, + { + name: 'row_fn', + type: 'eval', + description: '', + supportedCommands: ['row'], + signatures: [ + { + params: [], + returnType: 'keyword', + }, + ], + }, + { + name: 'where_fn', + type: 'eval', + description: '', + supportedCommands: ['where'], + signatures: [ + { + params: [], + returnType: 'keyword', + }, + ], + }, + { + name: 'sort_fn', + type: 'eval', + description: '', + supportedCommands: ['sort'], + signatures: [ + { + params: [], + returnType: 'keyword', + }, + ], + }, + ]); - await expectErrors('FROM a_index | EVAL SORT_FN()', [ - 'EVAL does not support function sort_fn', - ]); - await expectErrors('FROM a_index | SORT STATS_FN()', [ - 'SORT does not support function stats_fn', - ]); - await expectErrors('FROM a_index | STATS ROW_FN()', [ - 'At least one aggregation function required in [STATS], found [ROW_FN()]', - 'STATS does not support function row_fn', - ]); - await expectErrors('ROW WHERE_FN()', ['ROW does not support function where_fn']); - await expectErrors('FROM a_index | WHERE EVAL_FN()', [ - 'WHERE does not support function eval_fn', - ]); - }); + const { expectErrors } = await setup(); - it('validates option support', async () => { - setTestFunctions([ - { - name: 'supports_by_option', - type: 'eval', - description: '', - supportedCommands: ['eval'], - supportedOptions: ['by'], - signatures: [ - { - params: [], - returnType: 'keyword', - }, - ], - }, - { - name: 'does_not_support_by_option', - type: 'eval', - description: '', - supportedCommands: ['eval'], - supportedOptions: [], - signatures: [ - { - params: [], - returnType: 'keyword', - }, - ], - }, + await expectErrors('FROM a_index | EVAL EVAL_FN()', []); + await expectErrors('FROM a_index | SORT SORT_FN()', []); + await expectErrors('FROM a_index | STATS STATS_FN()', []); + await expectErrors('ROW ROW_FN()', []); + await expectErrors('FROM a_index | WHERE WHERE_FN()', []); - { - name: 'agg_fn', - type: 'agg', - description: '', - supportedCommands: ['stats'], - supportedOptions: [], - signatures: [ - { - params: [], - returnType: 'keyword', - }, - ], - }, - ]); + await expectErrors('FROM a_index | EVAL SORT_FN()', [ + 'EVAL does not support function sort_fn', + ]); + await expectErrors('FROM a_index | SORT STATS_FN()', [ + 'SORT does not support function stats_fn', + ]); + await expectErrors('FROM a_index | STATS ROW_FN()', [ + 'At least one aggregation function required in [STATS], found [ROW_FN()]', + 'STATS does not support function row_fn', + ]); + await expectErrors('ROW WHERE_FN()', ['ROW does not support function where_fn']); + await expectErrors('FROM a_index | WHERE EVAL_FN()', [ + 'WHERE does not support function eval_fn', + ]); + }); - const { expectErrors } = await setup(); + it('validates option support', async () => { + setTestFunctions([ + { + name: 'supports_by_option', + type: 'eval', + description: '', + supportedCommands: ['eval'], + supportedOptions: ['by'], + signatures: [ + { + params: [], + returnType: 'keyword', + }, + ], + }, + { + name: 'does_not_support_by_option', + type: 'eval', + description: '', + supportedCommands: ['eval'], + supportedOptions: [], + signatures: [ + { + params: [], + returnType: 'keyword', + }, + ], + }, - await expectErrors('FROM a_index | STATS AGG_FN() BY SUPPORTS_BY_OPTION()', []); - await expectErrors('FROM a_index | STATS AGG_FN() BY DOES_NOT_SUPPORT_BY_OPTION()', [ - 'STATS BY does not support function does_not_support_by_option', - ]); + { + name: 'agg_fn', + type: 'agg', + description: '', + supportedCommands: ['stats'], + supportedOptions: [], + signatures: [ + { + params: [], + returnType: 'keyword', + }, + ], + }, + ]); + + const { expectErrors } = await setup(); + + await expectErrors('FROM a_index | STATS AGG_FN() BY SUPPORTS_BY_OPTION()', []); + await expectErrors('FROM a_index | STATS AGG_FN() BY DOES_NOT_SUPPORT_BY_OPTION()', [ + 'STATS BY does not support function does_not_support_by_option', + ]); + }); }); - }); - describe('nested functions', () => { - it('supports deep nesting', async () => { - setTestFunctions([ - { - name: 'test', - type: 'eval', - description: '', - supportedCommands: ['eval'], - signatures: [ - { - params: [{ name: 'arg1', type: 'keyword' }], - returnType: 'integer', - }, - ], - }, - { - name: 'test2', - type: 'eval', - description: '', - supportedCommands: ['eval'], - signatures: [ - { - params: [{ name: 'arg1', type: 'integer' }], - returnType: 'keyword', - }, - ], - }, - ]); + describe('nested functions', () => { + it('supports deep nesting', async () => { + setTestFunctions([ + { + name: 'test', + type: 'eval', + description: '', + supportedCommands: ['eval'], + signatures: [ + { + params: [{ name: 'arg1', type: 'keyword' }], + returnType: 'integer', + }, + ], + }, + { + name: 'test2', + type: 'eval', + description: '', + supportedCommands: ['eval'], + signatures: [ + { + params: [{ name: 'arg1', type: 'integer' }], + returnType: 'keyword', + }, + ], + }, + ]); - const { expectErrors } = await setup(); + const { expectErrors } = await setup(); - await expectErrors('FROM a_index | EVAL TEST(TEST2(TEST(TEST2(1))))', []); - }); + await expectErrors('FROM a_index | EVAL TEST(TEST2(TEST(TEST2(1))))', []); + }); - it("doesn't allow nested aggregation functions", async () => { - setTestFunctions([ - { - name: 'agg_fn', - type: 'agg', - description: '', - supportedCommands: ['stats'], - signatures: [ - { - params: [{ name: 'arg1', type: 'keyword' }], - returnType: 'keyword', - }, - ], - }, - { - name: 'scalar_fn', - type: 'eval', - description: '', - supportedCommands: ['stats'], - signatures: [ - { - params: [{ name: 'arg1', type: 'keyword' }], - returnType: 'keyword', - }, - ], - }, - ]); + it("doesn't allow nested aggregation functions", async () => { + setTestFunctions([ + { + name: 'agg_fn', + type: 'agg', + description: '', + supportedCommands: ['stats'], + signatures: [ + { + params: [{ name: 'arg1', type: 'keyword' }], + returnType: 'keyword', + }, + ], + }, + { + name: 'scalar_fn', + type: 'eval', + description: '', + supportedCommands: ['stats'], + signatures: [ + { + params: [{ name: 'arg1', type: 'keyword' }], + returnType: 'keyword', + }, + ], + }, + ]); - const { expectErrors } = await setup(); + const { expectErrors } = await setup(); - await expectErrors('FROM a_index | STATS AGG_FN(AGG_FN(""))', [ - 'Aggregate function\'s parameters must be an attribute, literal or a non-aggregation function; found [AGG_FN("")] of type [keyword]', - ]); - // @TODO — enable this test when we have fixed this bug - // await expectErrors('FROM a_index | STATS AGG_FN(SCALAR_FN(AGG_FN("")))', [ - // 'No nested aggregation functions.', - // ]); - }); + await expectErrors('FROM a_index | STATS AGG_FN(AGG_FN(""))', [ + 'Aggregate function\'s parameters must be an attribute, literal or a non-aggregation function; found [AGG_FN("")] of type [keyword]', + ]); + // @TODO — enable this test when we have fixed this bug + // await expectErrors('FROM a_index | STATS AGG_FN(SCALAR_FN(AGG_FN("")))', [ + // 'No nested aggregation functions.', + // ]); + }); - // @TODO — test function aliases + // @TODO — test function aliases + }); }); }); diff --git a/packages/kbn-flot-charts/lib/jquery_flot.js b/packages/kbn-flot-charts/lib/jquery_flot.js index 3b13b317c616c5..50524fd8f4926a 100644 --- a/packages/kbn-flot-charts/lib/jquery_flot.js +++ b/packages/kbn-flot-charts/lib/jquery_flot.js @@ -1,8 +1,6 @@ /* JavaScript plotting library for jQuery, version 0.8.3. - Copyright (c) 2007-2014 IOLA and Ole Laursen. Licensed under the MIT license. - */ // first an inline dependency, jquery.colorhelpers.js, we inline it here @@ -29,482 +27,602 @@ Licensed under the MIT license. * V. 1.1: Fix error handling so e.g. parsing an empty string does * produce a color rather than just crashing. */ + (function($){$.color={};$.color.make=function(r,g,b,a){var o={};o.r=r||0;o.g=g||0;o.b=b||0;o.a=a!=null?a:1;o.add=function(c,d){for(var i=0;i=1){return"rgb("+[o.r,o.g,o.b].join(",")+")"}else{return"rgba("+[o.r,o.g,o.b,o.a].join(",")+")"}};o.normalize=function(){function clamp(min,value,max){return valuemax?max:value}o.r=clamp(0,parseInt(o.r),255);o.g=clamp(0,parseInt(o.g),255);o.b=clamp(0,parseInt(o.b),255);o.a=clamp(0,o.a,1);return o};o.clone=function(){return $.color.make(o.r,o.b,o.g,o.a)};return o.normalize()};$.color.extract=function(elem,css){var c;do{c=elem.css(css).toLowerCase();if(c!=""&&c!="transparent")break;elem=elem.parent()}while(elem.length&&!$.nodeName(elem.get(0),"body"));if(c=="rgba(0, 0, 0, 0)")c="transparent";return $.color.parse(c)};$.color.parse=function(str){var res,m=$.color.make;if(res=/rgb\(\s*([0-9]{1,3})\s*,\s*([0-9]{1,3})\s*,\s*([0-9]{1,3})\s*\)/.exec(str))return m(parseInt(res[1],10),parseInt(res[2],10),parseInt(res[3],10));if(res=/rgba\(\s*([0-9]{1,3})\s*,\s*([0-9]{1,3})\s*,\s*([0-9]{1,3})\s*,\s*([0-9]+(?:\.[0-9]+)?)\s*\)/.exec(str))return m(parseInt(res[1],10),parseInt(res[2],10),parseInt(res[3],10),parseFloat(res[4]));if(res=/rgb\(\s*([0-9]+(?:\.[0-9]+)?)\%\s*,\s*([0-9]+(?:\.[0-9]+)?)\%\s*,\s*([0-9]+(?:\.[0-9]+)?)\%\s*\)/.exec(str))return m(parseFloat(res[1])*2.55,parseFloat(res[2])*2.55,parseFloat(res[3])*2.55);if(res=/rgba\(\s*([0-9]+(?:\.[0-9]+)?)\%\s*,\s*([0-9]+(?:\.[0-9]+)?)\%\s*,\s*([0-9]+(?:\.[0-9]+)?)\%\s*,\s*([0-9]+(?:\.[0-9]+)?)\s*\)/.exec(str))return m(parseFloat(res[1])*2.55,parseFloat(res[2])*2.55,parseFloat(res[3])*2.55,parseFloat(res[4]));if(res=/#([a-fA-F0-9]{2})([a-fA-F0-9]{2})([a-fA-F0-9]{2})/.exec(str))return m(parseInt(res[1],16),parseInt(res[2],16),parseInt(res[3],16));if(res=/#([a-fA-F0-9])([a-fA-F0-9])([a-fA-F0-9])/.exec(str))return m(parseInt(res[1]+res[1],16),parseInt(res[2]+res[2],16),parseInt(res[3]+res[3],16));var name=$.trim(str).toLowerCase();if(name=="transparent")return m(255,255,255,0);else{res=lookupColors[name]||[0,0,0];return m(res[0],res[1],res[2])}};var lookupColors={aqua:[0,255,255],azure:[240,255,255],beige:[245,245,220],black:[0,0,0],blue:[0,0,255],brown:[165,42,42],cyan:[0,255,255],darkblue:[0,0,139],darkcyan:[0,139,139],darkgrey:[169,169,169],darkgreen:[0,100,0],darkkhaki:[189,183,107],darkmagenta:[139,0,139],darkolivegreen:[85,107,47],darkorange:[255,140,0],darkorchid:[153,50,204],darkred:[139,0,0],darksalmon:[233,150,122],darkviolet:[148,0,211],fuchsia:[255,0,255],gold:[255,215,0],green:[0,128,0],indigo:[75,0,130],khaki:[240,230,140],lightblue:[173,216,230],lightcyan:[224,255,255],lightgreen:[144,238,144],lightgrey:[211,211,211],lightpink:[255,182,193],lightyellow:[255,255,224],lime:[0,255,0],magenta:[255,0,255],maroon:[128,0,0],navy:[0,0,128],olive:[128,128,0],orange:[255,165,0],pink:[255,192,203],purple:[128,0,128],violet:[128,0,128],red:[255,0,0],silver:[192,192,192],white:[255,255,255],yellow:[255,255,0]}})(jQuery); // the actual Flot code +/* Javascript plotting library for jQuery, version 0.9.0-alpha. + +Copyright (c) 2007-2013 IOLA and Ole Laursen. +Licensed under the MIT license. + +*/ + (function($) { - // Cache the prototype hasOwnProperty for faster access + // A jquery-esque isNumeric method since we currently support 1.4.4 + // and $.isNumeric was introduced on in 1.7 + var isNumeric = $.isNumeric || function(obj) { + return obj - parseFloat( obj ) >= 0; + }; + + /** + * The Canvas object is a wrapper around an HTML5 tag. + * + * @constructor + * @param {string} cls List of classes to apply to the canvas. + * @param {element} container Element onto which to append the canvas. + * + * Requiring a container is a little iffy, but unfortunately canvas + * operations don't work unless the canvas is attached to the DOM. + */ + function Canvas(cls, container) { + + var element = container.children("." + cls)[0]; - var hasOwnProperty = Object.prototype.hasOwnProperty; + if (element == null) { - // A shim to provide 'detach' to jQuery versions prior to 1.4. Using a DOM - // operation produces the same effect as detach, i.e. removing the element - // without touching its jQuery data. + element = document.createElement("canvas"); + element.className = cls; - // Do not merge this into Flot 0.9, since it requires jQuery 1.4.4+. + $(element).css({ direction: "ltr", position: "absolute", left: 0, top: 0 }) + .appendTo(container); - if (!$.fn.detach) { - $.fn.detach = function() { - return this.each(function() { - if (this.parentNode) { - this.parentNode.removeChild( this ); + // If HTML5 Canvas isn't available, fall back to [Ex|Flash]canvas + + if (!element.getContext) { + if (window.G_vmlCanvasManager) { + element = window.G_vmlCanvasManager.initElement(element); + } else { + throw new Error("Canvas is not available. If you're using IE with a fall-back such as Excanvas, then there's either a mistake in your conditional include, or the page has no DOCTYPE and is rendering in Quirks Mode."); } - }); - }; + } + } + + this.element = element; + + var context = this.context = element.getContext("2d"); + + // Determine the screen's ratio of physical to device-independent + // pixels. This is the ratio between the canvas width that the browser + // advertises and the number of pixels actually present in that space. + + // The iPhone 4, for example, has a device-independent width of 320px, + // but its screen is actually 640px wide. It therefore has a pixel + // ratio of 2, while most normal devices have a ratio of 1. + + var devicePixelRatio = window.devicePixelRatio || 1, + backingStoreRatio = + context.webkitBackingStorePixelRatio || + context.mozBackingStorePixelRatio || + context.msBackingStorePixelRatio || + context.oBackingStorePixelRatio || + context.backingStorePixelRatio || 1; + + this.pixelRatio = devicePixelRatio / backingStoreRatio; + + // Size the canvas to match the internal dimensions of its container + + this.resize(container.width(), container.height()); + + // Collection of HTML div layers for text overlaid onto the canvas + + this.textContainer = null; + this.text = {}; + + // Cache of text fragments and metrics, so we can avoid expensively + // re-calculating them when the plot is re-rendered in a loop. + + this._textCache = {}; } - /////////////////////////////////////////////////////////////////////////// - // The Canvas object is a wrapper around an HTML5 tag. - // - // @constructor - // @param {string} cls List of classes to apply to the canvas. - // @param {element} container Element onto which to append the canvas. - // - // Requiring a container is a little iffy, but unfortunately canvas - // operations don't work unless the canvas is attached to the DOM. + /** + * Resizes the canvas to the given dimensions. + * + * @param {number} width New width of the canvas, in pixels. + * @param {number} width New height of the canvas, in pixels. + */ + Canvas.prototype.resize = function(width, height) { + + if (width <= 0 || height <= 0) { + throw new Error("Invalid dimensions for plot, width = " + width + ", height = " + height); + } + + var element = this.element, + context = this.context, + pixelRatio = this.pixelRatio; + + // Resize the canvas, increasing its density based on the display's + // pixel ratio; basically giving it more pixels without increasing the + // size of its element, to take advantage of the fact that retina + // displays have that many more pixels in the same advertised space. + + // Resizing should reset the state (excanvas seems to be buggy though) + + if (this.width !== width) { + element.width = width * pixelRatio; + element.style.width = width + "px"; + this.width = width; + } + + if (this.height !== height) { + element.height = height * pixelRatio; + element.style.height = height + "px"; + this.height = height; + } + + // Save the context, so we can reset in case we get replotted. The + // restore ensure that we're really back at the initial state, and + // should be safe even if we haven't saved the initial state yet. + + context.restore(); + context.save(); + + // Scale the coordinate space to match the display density; so even though we + // may have twice as many pixels, we still want lines and other drawing to + // appear at the same size; the extra pixels will just make them crisper. + + context.scale(pixelRatio, pixelRatio); + }; + + /** + * Clears the entire canvas area, not including any overlaid HTML text + */ + Canvas.prototype.clear = function() { + this.context.clearRect(0, 0, this.width, this.height); + }; + + /** + * Finishes rendering the canvas, including managing the text overlay. + */ + Canvas.prototype.render = function() { + + var cache = this._textCache; + + // For each text layer, add elements marked as active that haven't + // already been rendered, and remove those that are no longer active. + + for (var layerKey in cache) { + if (Object.prototype.hasOwnProperty.call(cache, layerKey)) { + + var layer = this.getTextLayer(layerKey), + layerCache = cache[layerKey]; + + layer.hide(); + + for (var styleKey in layerCache) { + if (Object.prototype.hasOwnProperty.call(layerCache, styleKey)) { + var styleCache = layerCache[styleKey]; + for (var angleKey in styleCache) { + if (Object.prototype.hasOwnProperty.call(styleCache, angleKey)) { + var angleCache = styleCache[angleKey]; + for (var key in angleCache) { + if (Object.prototype.hasOwnProperty.call(angleCache, key)) { + + var positions = angleCache[key].positions; + + for (var i = 0, position; position = positions[i]; i++) { + if (position.active) { + if (!position.rendered) { + layer.append(position.element); + position.rendered = true; + } + } else { + positions.splice(i--, 1); + if (position.rendered) { + position.element.detach(); + } + } + } + + if (positions.length === 0) { + delete angleCache[key]; + } + } + } + } + } + } + } + + layer.show(); + } + } + }; + + /** + * Creates (if necessary) and returns the text overlay container. + * + * @param {string} classes String of space-separated CSS classes used to + * uniquely identify the text layer. + * @return {object} The jQuery-wrapped text-layer div. + */ + Canvas.prototype.getTextLayer = function(classes) { + + var layer = this.text[classes]; + + // Create the text layer if it doesn't exist + + if (layer == null) { + + // Create the text layer container, if it doesn't exist + + if (this.textContainer == null) { + this.textContainer = $("

") + .css({ + position: "absolute", + top: 0, + left: 0, + bottom: 0, + right: 0, + "font-size": "smaller", + color: "#545454" + }) + .insertAfter(this.element); + } + + layer = this.text[classes] = $("
") + .addClass(classes) + .css({ + position: "absolute", + top: 0, + left: 0, + bottom: 0, + right: 0 + }) + .appendTo(this.textContainer); + } - function Canvas(cls, container) { + return layer; + }; - var element = container.children("." + cls)[0]; + /** + * Creates (if necessary) and returns a text info object. + * + * The object looks like this: + * + * { + * width: Width of the text's wrapper div. + * height: Height of the text's wrapper div. + * element: The jQuery-wrapped HTML div containing the text. + * positions: Array of positions at which this text is drawn. + * } + * + * The positions array contains objects that look like this: + * + * { + * active: Flag indicating whether the text should be visible. + * rendered: Flag indicating whether the text is currently visible. + * element: The jQuery-wrapped HTML div containing the text. + * x: X coordinate at which to draw the text. + * y: Y coordinate at which to draw the text. + * } + * + * Each position after the first receives a clone of the original element. + * + * The idea is that that the width, height, and general 'identity' of the + * text is constant no matter where it is placed; the placements are a + * secondary property. + * + * Canvas maintains a cache of recently-used text info objects; getTextInfo + * either returns the cached element or creates a new entry. + * + * @param {string} layer A string of space-separated CSS classes uniquely + * identifying the layer containing this text. + * @param {string} text Text string to retrieve info for. + * @param {(string|object)=} font Either a string of space-separated CSS + * classes or a font-spec object, defining the text's font and style. + * @param {number=} angle Angle at which to rotate the text, in degrees. + * @param {number=} width Maximum width of the text before it wraps. + * @return {object} a text info object. + */ + Canvas.prototype.getTextInfo = function(layer, text, font, angle, width) { + + var textStyle, layerCache, styleCache, angleCache, info; + + text = "" + text; // Cast to string in case we have a number or such + angle = (360 + (angle || 0)) % 360; // Normalize the angle to 0...359 + + // If the font is a font-spec object, generate a CSS font definition + + if (typeof font === "object") { + textStyle = font.style + " " + font.variant + " " + font.weight + " " + font.size + "px/" + font.lineHeight + "px " + font.family; + } else { + textStyle = font; + } - if (element == null) { + // Retrieve or create the caches for the text's layer, style, and angle - element = document.createElement("canvas"); - element.className = cls; + layerCache = this._textCache[layer]; + if (layerCache == null) { + layerCache = this._textCache[layer] = {}; + } - $(element).css({ direction: "ltr", position: "absolute", left: 0, top: 0 }) - .appendTo(container); + styleCache = layerCache[textStyle]; + if (styleCache == null) { + styleCache = layerCache[textStyle] = {}; + } - // If HTML5 Canvas isn't available, fall back to [Ex|Flash]canvas + angleCache = styleCache[angle]; + if (angleCache == null) { + angleCache = styleCache[angle] = {}; + } - if (!element.getContext) { - if (window.G_vmlCanvasManager) { - element = window.G_vmlCanvasManager.initElement(element); - } else { - throw new Error("Canvas is not available. If you're using IE with a fall-back such as Excanvas, then there's either a mistake in your conditional include, or the page has no DOCTYPE and is rendering in Quirks Mode."); - } - } - } + info = angleCache[text]; - this.element = element; + // If we can't find a matching element in our cache, create a new one - var context = this.context = element.getContext("2d"); + if (info == null) { - // Determine the screen's ratio of physical to device-independent - // pixels. This is the ratio between the canvas width that the browser - // advertises and the number of pixels actually present in that space. + var element = $("
").html(text) + .css({ + position: "absolute", + "max-width": width, + top: -9999 + }) + .appendTo(this.getTextLayer(layer)); - // The iPhone 4, for example, has a device-independent width of 320px, - // but its screen is actually 640px wide. It therefore has a pixel - // ratio of 2, while most normal devices have a ratio of 1. + if (typeof font === "object") { + element.css({ + font: textStyle, + color: font.color + }); + } else if (typeof font === "string") { + element.addClass(font); + } + + // Save the original dimensions of the text; we'll modify these + // later to take into account rotation, if there is any. + + var textWidth = element.outerWidth(true), + textHeight = element.outerHeight(true); + + // Apply rotation to the text using CSS3/IE matrix transforms + + // Note how we also set the element's width, as a work-around for + // the way most browsers resize the div on rotate, which may cause + // the contents to wrap differently. The extra +1 is because IE + // rounds the width differently and needs a little extra help. + + if (angle) { + + var radians = angle * Math.PI / 180, + sin = Math.sin(radians), + cos = Math.cos(radians), + a = cos.toFixed(6), // Use fixed-point so these don't + b = (-sin).toFixed(6), // show up in scientific notation + c = sin.toFixed(6), // when we add them to the string + transformRule; + + if ($.support.leadingWhitespace) { + + // The transform origin defaults to '50% 50%', producing + // blurry text on some browsers (Chrome) when the width or + // height happens to be odd, making 50% fractional. Avoid + // this by setting the origin to rounded values. + + var cx = textWidth / 2, + cy = textHeight / 2, + transformOrigin = Math.floor(cx) + "px " + Math.floor(cy) + "px"; + + // Transforms alter the div's appearance without changing + // its origin. This will make it difficult to position it + // later, since we'll be positioning the new bounding box + // with respect to the old origin. We can work around this + // by adding a translation to align the new bounding box's + // top-left corner with the origin, using the same matrix. + + // Rather than examining all four points, we can use the + // angle to figure out in advance which two points are in + // the top-left quadrant; we can then use the x-coordinate + // of the first (left-most) point and the y-coordinate of + // the second (top-most) point as the bounding box corner. + + var x, y; + if (angle < 90) { + x = Math.floor(cx * cos + cy * sin - cx); + y = Math.floor(cx * sin + cy * cos - cy); + } else if (angle < 180) { + x = Math.floor(cy * sin - cx * cos - cx); + y = Math.floor(cx * sin - cy * cos - cy); + } else if (angle < 270) { + x = Math.floor(-cx * cos - cy * sin - cx); + y = Math.floor(-cx * sin - cy * cos - cy); + } else { + x = Math.floor(cx * cos - cy * sin - cx); + y = Math.floor(cy * cos - cx * sin - cy); + } + + transformRule = "matrix(" + a + "," + c + "," + b + "," + a + "," + x + "," + y + ")"; + + element.css({ + width: textWidth + 1, + transform: transformRule, + "-o-transform": transformRule, + "-ms-transform": transformRule, + "-moz-transform": transformRule, + "-webkit-transform": transformRule, + "transform-origin": transformOrigin, + "-o-transform-origin": transformOrigin, + "-ms-transform-origin": transformOrigin, + "-moz-transform-origin": transformOrigin, + "-webkit-transform-origin": transformOrigin + }); - var devicePixelRatio = window.devicePixelRatio || 1, - backingStoreRatio = - context.webkitBackingStorePixelRatio || - context.mozBackingStorePixelRatio || - context.msBackingStorePixelRatio || - context.oBackingStorePixelRatio || - context.backingStorePixelRatio || 1; + } else { - this.pixelRatio = devicePixelRatio / backingStoreRatio; + // The IE7/8 matrix filter produces very ugly aliasing for + // text with a transparent background. Using a solid color + // greatly improves text clarity, although it does result + // in ugly boxes for plots using a non-white background. - // Size the canvas to match the internal dimensions of its container + // TODO: Instead of white use the actual background color? + // This still wouldn't solve the problem when the plot has + // a gradient background, but it would at least help. - this.resize(container.width(), container.height()); + transformRule = "progid:DXImageTransform.Microsoft.Matrix(M11=" + a + ", M12=" + b + ", M21=" + c + ", M22=" + a + ",sizingMethod='auto expand')"; - // Collection of HTML div layers for text overlaid onto the canvas + element.css({ + width: textWidth + 1, + filter: transformRule, + "-ms-filter": transformRule, + "background-color": "#fff" + }); + } - this.textContainer = null; - this.text = {}; + // Compute the final dimensions of the text's bounding box - // Cache of text fragments and metrics, so we can avoid expensively - // re-calculating them when the plot is re-rendered in a loop. + var ac = Math.abs(cos), + as = Math.abs(sin), + originalWidth = textWidth; + textWidth = Math.round(ac * textWidth + as * textHeight); + textHeight = Math.round(as * originalWidth + ac * textHeight); + } - this._textCache = {}; - } + info = angleCache[text] = { + width: textWidth, + height: textHeight, + element: element, + positions: [] + }; - // Resizes the canvas to the given dimensions. - // - // @param {number} width New width of the canvas, in pixels. - // @param {number} width New height of the canvas, in pixels. + element.detach(); + } - Canvas.prototype.resize = function(width, height) { + return info; + }; - if (width <= 0 || height <= 0) { - throw new Error("Invalid dimensions for plot, width = " + width + ", height = " + height); - } + /** + * Adds a text string to the canvas text overlay. + * + * The text isn't drawn immediately; it is marked as rendering, which will + * result in its addition to the canvas on the next render pass. + * + * @param {string} layer A string of space-separated CSS classes uniquely + * identifying the layer containing this text. + * @param {number} x X coordinate at which to draw the text. + * @param {number} y Y coordinate at which to draw the text. + * @param {string} text Text string to draw. + * @param {(string|object)=} font Either a string of space-separated CSS + * classes or a font-spec object, defining the text's font and style. + * @param {number=} angle Angle at which to rotate the text, in degrees. + * @param {number=} width Maximum width of the text before it wraps. + * @param {string=} halign Horizontal alignment of the text; either "left", + * "center" or "right". + * @param {string=} valign Vertical alignment of the text; either "top", + * "middle" or "bottom". + */ + Canvas.prototype.addText = function(layer, x, y, text, font, angle, width, halign, valign) { + + var info = this.getTextInfo(layer, text, font, angle, width), + positions = info.positions; + + // Tweak the div's position to match the text's alignment + + if (halign === "center") { + x -= info.width / 2; + } else if (halign === "right") { + x -= info.width; + } - var element = this.element, - context = this.context, - pixelRatio = this.pixelRatio; + if (valign === "middle") { + y -= info.height / 2; + } else if (valign === "bottom") { + y -= info.height; + } - // Resize the canvas, increasing its density based on the display's - // pixel ratio; basically giving it more pixels without increasing the - // size of its element, to take advantage of the fact that retina - // displays have that many more pixels in the same advertised space. + // Determine whether this text already exists at this position. + // If so, mark it for inclusion in the next render pass. - // Resizing should reset the state (excanvas seems to be buggy though) + for (var i = 0, position; position = positions[i]; i++) { + if (position.x === x && position.y === y) { + position.active = true; + return; + } + } - if (this.width != width) { - element.width = width * pixelRatio; - element.style.width = width + "px"; - this.width = width; - } + // If the text doesn't exist at this position, create a new entry - if (this.height != height) { - element.height = height * pixelRatio; - element.style.height = height + "px"; - this.height = height; - } + // For the very first position we'll re-use the original element, + // while for subsequent ones we'll clone it. - // Save the context, so we can reset in case we get replotted. The - // restore ensure that we're really back at the initial state, and - // should be safe even if we haven't saved the initial state yet. + position = { + active: true, + rendered: false, + element: positions.length ? info.element.clone() : info.element, + x: x, + y: y + }; - context.restore(); - context.save(); + positions.push(position); - // Scale the coordinate space to match the display density; so even though we - // may have twice as many pixels, we still want lines and other drawing to - // appear at the same size; the extra pixels will just make them crisper. + // Move the element to its final position within the container - context.scale(pixelRatio, pixelRatio); - }; + position.element.css({ + top: Math.round(y), + left: Math.round(x), + "text-align": halign // In case the text wraps + }); + }; - // Clears the entire canvas area, not including any overlaid HTML text - - Canvas.prototype.clear = function() { - this.context.clearRect(0, 0, this.width, this.height); - }; - - // Finishes rendering the canvas, including managing the text overlay. - - Canvas.prototype.render = function() { - - var cache = this._textCache; - - // For each text layer, add elements marked as active that haven't - // already been rendered, and remove those that are no longer active. - - for (var layerKey in cache) { - if (hasOwnProperty.call(cache, layerKey)) { - - var layer = this.getTextLayer(layerKey), - layerCache = cache[layerKey]; - - layer.hide(); - - for (var styleKey in layerCache) { - if (hasOwnProperty.call(layerCache, styleKey)) { - var styleCache = layerCache[styleKey]; - for (var key in styleCache) { - if (hasOwnProperty.call(styleCache, key)) { - - var positions = styleCache[key].positions; - - for (var i = 0, position; position = positions[i]; i++) { - if (position.active) { - if (!position.rendered) { - layer.append(position.element); - position.rendered = true; - } - } else { - positions.splice(i--, 1); - if (position.rendered) { - position.element.detach(); - } - } - } - - if (positions.length == 0) { - delete styleCache[key]; - } - } - } - } - } - - layer.show(); - } - } - }; - - // Creates (if necessary) and returns the text overlay container. - // - // @param {string} classes String of space-separated CSS classes used to - // uniquely identify the text layer. - // @return {object} The jQuery-wrapped text-layer div. - - Canvas.prototype.getTextLayer = function(classes) { - - var layer = this.text[classes]; - - // Create the text layer if it doesn't exist - - if (layer == null) { - - // Create the text layer container, if it doesn't exist - - if (this.textContainer == null) { - this.textContainer = $("
") - .css({ - position: "absolute", - top: 0, - left: 0, - bottom: 0, - right: 0, - 'font-size': "smaller", - color: "#545454" - }) - .insertAfter(this.element); - } - - layer = this.text[classes] = $("
") - .addClass(classes) - .css({ - position: "absolute", - top: 0, - left: 0, - bottom: 0, - right: 0 - }) - .appendTo(this.textContainer); - } - - return layer; - }; - - // Creates (if necessary) and returns a text info object. - // - // The object looks like this: - // - // { - // width: Width of the text's wrapper div. - // height: Height of the text's wrapper div. - // element: The jQuery-wrapped HTML div containing the text. - // positions: Array of positions at which this text is drawn. - // } - // - // The positions array contains objects that look like this: - // - // { - // active: Flag indicating whether the text should be visible. - // rendered: Flag indicating whether the text is currently visible. - // element: The jQuery-wrapped HTML div containing the text. - // x: X coordinate at which to draw the text. - // y: Y coordinate at which to draw the text. - // } - // - // Each position after the first receives a clone of the original element. - // - // The idea is that that the width, height, and general 'identity' of the - // text is constant no matter where it is placed; the placements are a - // secondary property. - // - // Canvas maintains a cache of recently-used text info objects; getTextInfo - // either returns the cached element or creates a new entry. - // - // @param {string} layer A string of space-separated CSS classes uniquely - // identifying the layer containing this text. - // @param {string} text Text string to retrieve info for. - // @param {(string|object)=} font Either a string of space-separated CSS - // classes or a font-spec object, defining the text's font and style. - // @param {number=} angle Angle at which to rotate the text, in degrees. - // Angle is currently unused, it will be implemented in the future. - // @param {number=} width Maximum width of the text before it wraps. - // @return {object} a text info object. - - Canvas.prototype.getTextInfo = function(layer, text, font, angle, width) { - - var textStyle, layerCache, styleCache, info; - - // Cast the value to a string, in case we were given a number or such - - text = "" + text; - - // If the font is a font-spec object, generate a CSS font definition - - if (typeof font === "object") { - textStyle = font.style + " " + font.variant + " " + font.weight + " " + font.size + "px/" + font.lineHeight + "px " + font.family; - } else { - textStyle = font; - } - - // Retrieve (or create) the cache for the text's layer and styles - - layerCache = this._textCache[layer]; - - if (layerCache == null) { - layerCache = this._textCache[layer] = {}; - } - - styleCache = layerCache[textStyle]; - - if (styleCache == null) { - styleCache = layerCache[textStyle] = {}; - } - - info = styleCache[text]; - - // If we can't find a matching element in our cache, create a new one - - if (info == null) { - - var element = $("
").text(text) - .css({ - position: "absolute", - 'max-width': width, - top: -9999 - }) - .appendTo(this.getTextLayer(layer)); - - if (typeof font === "object") { - element.css({ - font: textStyle, - color: font.color - }); - } else if (typeof font === "string") { - element.addClass(font); - } - - info = styleCache[text] = { - width: element.outerWidth(true), - height: element.outerHeight(true), - element: element, - positions: [] - }; - - element.detach(); - } - - return info; - }; - - // Adds a text string to the canvas text overlay. - // - // The text isn't drawn immediately; it is marked as rendering, which will - // result in its addition to the canvas on the next render pass. - // - // @param {string} layer A string of space-separated CSS classes uniquely - // identifying the layer containing this text. - // @param {number} x X coordinate at which to draw the text. - // @param {number} y Y coordinate at which to draw the text. - // @param {string} text Text string to draw. - // @param {(string|object)=} font Either a string of space-separated CSS - // classes or a font-spec object, defining the text's font and style. - // @param {number=} angle Angle at which to rotate the text, in degrees. - // Angle is currently unused, it will be implemented in the future. - // @param {number=} width Maximum width of the text before it wraps. - // @param {string=} halign Horizontal alignment of the text; either "left", - // "center" or "right". - // @param {string=} valign Vertical alignment of the text; either "top", - // "middle" or "bottom". - - Canvas.prototype.addText = function(layer, x, y, text, font, angle, width, halign, valign) { - - var info = this.getTextInfo(layer, text, font, angle, width), - positions = info.positions; - - // Tweak the div's position to match the text's alignment - - if (halign == "center") { - x -= info.width / 2; - } else if (halign == "right") { - x -= info.width; - } - - if (valign == "middle") { - y -= info.height / 2; - } else if (valign == "bottom") { - y -= info.height; - } - - // Determine whether this text already exists at this position. - // If so, mark it for inclusion in the next render pass. - - for (var i = 0, position; position = positions[i]; i++) { - if (position.x == x && position.y == y) { - position.active = true; - return; - } - } - - // If the text doesn't exist at this position, create a new entry - - // For the very first position we'll re-use the original element, - // while for subsequent ones we'll clone it. - - position = { - active: true, - rendered: false, - element: positions.length ? info.element.clone() : info.element, - x: x, - y: y - }; - - positions.push(position); - - // Move the element to its final position within the container - - position.element.css({ - top: Math.round(y), - left: Math.round(x), - 'text-align': halign // In case the text wraps - }); - }; - - // Removes one or more text strings from the canvas text overlay. - // - // If no parameters are given, all text within the layer is removed. - // - // Note that the text is not immediately removed; it is simply marked as - // inactive, which will result in its removal on the next render pass. - // This avoids the performance penalty for 'clear and redraw' behavior, - // where we potentially get rid of all text on a layer, but will likely - // add back most or all of it later, as when redrawing axes, for example. - // - // @param {string} layer A string of space-separated CSS classes uniquely - // identifying the layer containing this text. - // @param {number=} x X coordinate of the text. - // @param {number=} y Y coordinate of the text. - // @param {string=} text Text string to remove. - // @param {(string|object)=} font Either a string of space-separated CSS - // classes or a font-spec object, defining the text's font and style. - // @param {number=} angle Angle at which the text is rotated, in degrees. - // Angle is currently unused, it will be implemented in the future. - - Canvas.prototype.removeText = function(layer, x, y, text, font, angle) { - if (text == null) { - var layerCache = this._textCache[layer]; - if (layerCache != null) { - for (var styleKey in layerCache) { - if (hasOwnProperty.call(layerCache, styleKey)) { - var styleCache = layerCache[styleKey]; - for (var key in styleCache) { - if (hasOwnProperty.call(styleCache, key)) { - var positions = styleCache[key].positions; - for (var i = 0, position; position = positions[i]; i++) { - position.active = false; - } - } - } - } - } - } - } else { - var positions = this.getTextInfo(layer, text, font, angle).positions; - for (var i = 0, position; position = positions[i]; i++) { - if (position.x == x && position.y == y) { - position.active = false; - } - } - } - }; - - /////////////////////////////////////////////////////////////////////////// - // The top-level container for the entire plot. + /** + * Removes one or more text strings from the canvas text overlay. + * + * If no parameters are given, all text within the layer is removed. + * + * Note that the text is not immediately removed; it is simply marked as + * inactive, which will result in its removal on the next render pass. + * This avoids the performance penalty for 'clear and redraw' behavior, + * where we potentially get rid of all text on a layer, but will likely + * add back most or all of it later, as when redrawing axes, for example. + * + * @param {string} layer A string of space-separated CSS classes uniquely + * identifying the layer containing this text. + * @param {number=} x X coordinate of the text. + * @param {number=} y Y coordinate of the text. + * @param {string=} text Text string to remove. + * @param {(string|object)=} font Either a string of space-separated CSS + * classes or a font-spec object, defining the text's font and style. + * @param {number=} angle Angle at which the text is rotated, in degrees. + * Angle is currently unused, it will be implemented in the future. + */ + Canvas.prototype.removeText = function(layer, x, y, text, font, angle) { + var i, positions, position; + if (text == null) { + var layerCache = this._textCache[layer]; + if (layerCache != null) { + for (var styleKey in layerCache) { + if (Object.prototype.hasOwnProperty.call(layerCache, styleKey)) { + var styleCache = layerCache[styleKey]; + for (var angleKey in styleCache) { + if (Object.prototype.hasOwnProperty.call(styleCache, angleKey)) { + var angleCache = styleCache[angleKey]; + for (var key in angleCache) { + if (Object.prototype.hasOwnProperty.call(angleCache, key)) { + positions = angleCache[key].positions; + for (i = 0; position = positions[i]; i++) { + position.active = false; + } + } + } + } + } + } + } + } + } else { + positions = this.getTextInfo(layer, text, font, angle).positions; + for (i = 0; position = positions[i]; i++) { + if (position.x === x && position.y === y) { + position.active = false; + } + } + } + }; + /** + * The top-level container for the entire plot. + */ function Plot(placeholder, data_, options_, plugins) { // data is on the form: // [ series1, series2 ... ] @@ -517,7 +635,7 @@ Licensed under the MIT license. colors: ["#edc240", "#afd8f8", "#cb4b4b", "#4da74d", "#9440ed"], legend: { show: true, - noColumns: 1, // number of columns in legend table + noColumns: 1, // number of colums in legend table labelFormatter: null, // fn: string -> string labelBoxBorderColor: "#ccc", // border color for the little label boxes container: null, // container (as jQuery object) to put legend in, null means default on top of graph @@ -528,31 +646,45 @@ Licensed under the MIT license. sorted: null // default to no legend sorting }, xaxis: { - show: null, // null = auto-detect, true = always, false = never - position: "bottom", // or "top" - mode: null, // null or "time" - font: null, // null (derived from CSS in placeholder) or object like { size: 11, lineHeight: 13, style: "italic", weight: "bold", family: "sans-serif", variant: "small-caps" } - color: null, // base color, labels, ticks - tickColor: null, // possibly different color of ticks, e.g. "rgba(0,0,0,0.15)" - transform: null, // null or f: number -> number to transform axis + + show: null, // null = auto-detect, true = always, false = never + position: "bottom", // or "top" + mode: null, // null or "time" + + color: null, // base color, labels, ticks + font: null, // null (derived from CSS in placeholder) or object like { size: 11, lineHeight: 13, style: "italic", weight: "bold", family: "sans-serif", variant: "small-caps" } + + min: null, // min. value to show, null means set automatically + max: null, // max. value to show, null means set automatically + autoscaleMargin: null, // margin in % to add if auto-setting min/max + + transform: null, // null or f: number -> number to transform axis inverseTransform: null, // if transform is set, this should be the inverse function - min: null, // min. value to show, null means set automatically - max: null, // max. value to show, null means set automatically - autoscaleMargin: null, // margin in % to add if auto-setting min/max - ticks: null, // either [1, 3] or [[1, "a"], 3] or (fn: axis info -> ticks) or app. number of ticks for auto-ticks - tickFormatter: null, // fn: number -> string - labelWidth: null, // size of tick labels in pixels - labelHeight: null, - reserveSpace: null, // whether to reserve space even if axis isn't shown - tickLength: null, // size in pixels of ticks, or "full" for whole line - alignTicksWithAxis: null, // axis number or null for no sync - tickDecimals: null, // no. of decimals, null means auto - tickSize: null, // number or [number, "unit"] - minTickSize: null // number or [number, "unit"] + + ticks: null, // either [1, 3] or [[1, "a"], 3] or (fn: axis info -> ticks) or app. number of ticks for auto-ticks + tickSize: null, // number or [number, "unit"] + minTickSize: null, // number or [number, "unit"] + tickFormatter: null, // fn: number -> string + tickDecimals: null, // no. of decimals, null means auto + + tickColor: null, // possibly different color of ticks, e.g. "rgba(0,0,0,0.15)" + tickLength: null, // size in pixels of ticks, or "full" for whole line + + tickWidth: null, // width of tick labels in pixels + tickHeight: null, // height of tick labels in pixels + tickFont: null, // null or font-spec object (see font, above) + + label: null, // null or an axis label string + labelFont: null, // null or font-spec object (see font, above) + labelPadding: 2, // spacing between the axis and its label + + reserveSpace: null, // whether to reserve space even if axis isn't shown + alignTicksWithAxis: null // axis number or null for no sync }, yaxis: { + position: "left", // or "right" autoscaleMargin: 0.02, - position: "left" // or "right" + labelPadding: 2 }, xaxes: [], yaxes: [], @@ -563,6 +695,7 @@ Licensed under the MIT license. lineWidth: 2, // in pixels fill: true, fillColor: "#ffffff", + strokeColor: null, symbol: "circle" // or callback }, lines: { @@ -614,26 +747,26 @@ Licensed under the MIT license. }, hooks: {} }, - surface = null, // the canvas for the plot itself - overlay = null, // canvas for interactive stuff on top of plot - eventHolder = null, // jQuery object that events should be bound to - ctx = null, octx = null, - xaxes = [], yaxes = [], - plotOffset = { left: 0, right: 0, top: 0, bottom: 0}, - plotWidth = 0, plotHeight = 0, - hooks = { - processOptions: [], - processRawData: [], - processDatapoints: [], - processOffset: [], - drawBackground: [], - drawSeries: [], - draw: [], - bindEvents: [], - drawOverlay: [], - shutdown: [] - }, - plot = this; + surface = null, // the canvas for the plot itself + overlay = null, // canvas for interactive stuff on top of plot + eventHolder = null, // jQuery object that events should be bound to + ctx = null, octx = null, + xaxes = [], yaxes = [], + plotOffset = { left: 0, right: 0, top: 0, bottom: 0}, + plotWidth = 0, plotHeight = 0, + hooks = { + processOptions: [], + processRawData: [], + processDatapoints: [], + processOffset: [], + drawBackground: [], + drawSeries: [], + draw: [], + bindEvents: [], + drawOverlay: [], + shutdown: [] + }, + plot = this; // public functions plot.setData = setData; @@ -652,10 +785,11 @@ Licensed under the MIT license. }; plot.getData = function () { return series; }; plot.getAxes = function () { - var res = {}, i; + var res = {}; $.each(xaxes.concat(yaxes), function (_, axis) { - if (axis) - res[axis.direction + (axis.n != 1 ? axis.n : "") + "axis"] = axis; + if (axis) { + res[axis.direction + (axis.n !== 1 ? axis.n : "") + "axis"] = axis; + } }); return res; }; @@ -674,26 +808,9 @@ Licensed under the MIT license. }; }; plot.shutdown = shutdown; - plot.destroy = function () { - shutdown(); - placeholder.removeData("plot").empty(); - - series = []; - options = null; - surface = null; - overlay = null; - eventHolder = null; - ctx = null; - octx = null; - xaxes = []; - yaxes = []; - hooks = null; - highlights = []; - plot = null; - }; plot.resize = function () { - var width = placeholder.width(), - height = placeholder.height(); + var width = placeholder.width(), + height = placeholder.height(); surface.resize(width, height); overlay.resize(width, height); }; @@ -713,8 +830,9 @@ Licensed under the MIT license. function executeHooks(hook, args) { args = [plot].concat(args); - for (var i = 0; i < hook.length; ++i) + for (var i = 0; i < hook.length; ++i) { hook[i].apply(this, args); + } } function initPlugins() { @@ -728,8 +846,9 @@ Licensed under the MIT license. for (var i = 0; i < plugins.length; ++i) { var p = plugins[i]; p.init(plot, classes); - if (p.options) + if (p.options) { $.extend(true, options, p.options); + } } } @@ -743,23 +862,29 @@ Licensed under the MIT license. // not expected behavior; avoid it by replacing them here. if (opts && opts.colors) { - options.colors = opts.colors; + options.colors = opts.colors; } - if (options.xaxis.color == null) - options.xaxis.color = $.color.parse(options.grid.color).scale('a', 0.22).toString(); - if (options.yaxis.color == null) - options.yaxis.color = $.color.parse(options.grid.color).scale('a', 0.22).toString(); + if (options.xaxis.color == null) { + options.xaxis.color = $.color.parse(options.grid.color).scale("a", 0.22).toString(); + } + if (options.yaxis.color == null) { + options.yaxis.color = $.color.parse(options.grid.color).scale("a", 0.22).toString(); + } - if (options.xaxis.tickColor == null) // grid.tickColor for back-compatibility + if (options.xaxis.tickColor == null) { // grid.tickColor for back-compatibility options.xaxis.tickColor = options.grid.tickColor || options.xaxis.color; - if (options.yaxis.tickColor == null) // grid.tickColor for back-compatibility + } + if (options.yaxis.tickColor == null) { // grid.tickColor for back-compatibility options.yaxis.tickColor = options.grid.tickColor || options.yaxis.color; + } - if (options.grid.borderColor == null) + if (options.grid.borderColor == null) { options.grid.borderColor = options.grid.color; - if (options.grid.tickColor == null) - options.grid.tickColor = $.color.parse(options.grid.color).scale('a', 0.22).toString(); + } + if (options.grid.tickColor == null) { + options.grid.tickColor = $.color.parse(options.grid.color).scale("a", 0.22).toString(); + } // Fill in defaults for axis options, including any unspecified // font-spec fields, if a font-spec was provided. @@ -768,16 +893,16 @@ Licensed under the MIT license. // since the rest of the code assumes that they exist. var i, axisOptions, axisCount, - fontSize = placeholder.css("font-size"), - fontSizeDefault = fontSize ? +fontSize.replace("px", "") : 13, fontDefaults = { style: placeholder.css("font-style"), - size: Math.round(0.8 * fontSizeDefault), + size: Math.round(0.8 * (+placeholder.css("font-size").replace("px", "") || 13)), variant: placeholder.css("font-variant"), weight: placeholder.css("font-weight"), family: placeholder.css("font-family") }; + fontDefaults.lineHeight = fontDefaults.size * 1.15; + axisCount = options.xaxes.length || 1; for (i = 0; i < axisCount; ++i) { @@ -786,17 +911,29 @@ Licensed under the MIT license. axisOptions.tickColor = axisOptions.color; } + // Compatibility with markrcote/flot-axislabels + + if (axisOptions) { + if (!axisOptions.label && axisOptions.axisLabel) { + axisOptions.label = axisOptions.axisLabel; + } + if (!axisOptions.labelPadding && axisOptions.axisLabelPadding) { + axisOptions.labelPadding = axisOptions.axisLabelPadding; + } + } + axisOptions = $.extend(true, {}, options.xaxis, axisOptions); options.xaxes[i] = axisOptions; + fontDefaults.color = axisOptions.color; if (axisOptions.font) { axisOptions.font = $.extend({}, fontDefaults, axisOptions.font); - if (!axisOptions.font.color) { - axisOptions.font.color = axisOptions.color; - } - if (!axisOptions.font.lineHeight) { - axisOptions.font.lineHeight = Math.round(axisOptions.font.size * 1.15); - } + } + if (axisOptions.tickFont || axisOptions.font) { + axisOptions.tickFont = $.extend({}, axisOptions.font || fontDefaults, axisOptions.tickFont); + } + if (axisOptions.label && (axisOptions.labelFont || axisOptions.font)) { + axisOptions.labelFont = $.extend({}, axisOptions.font || fontDefaults, axisOptions.labelFont); } } @@ -808,72 +945,83 @@ Licensed under the MIT license. axisOptions.tickColor = axisOptions.color; } + // Compatibility with markrcote/flot-axislabels + + if (axisOptions) { + if (!axisOptions.label && axisOptions.axisLabel) { + axisOptions.label = axisOptions.axisLabel; + } + if (!axisOptions.labelPadding && axisOptions.axisLabelPadding) { + axisOptions.labelPadding = axisOptions.axisLabelPadding; + } + } + axisOptions = $.extend(true, {}, options.yaxis, axisOptions); options.yaxes[i] = axisOptions; + fontDefaults.color = axisOptions.color; if (axisOptions.font) { axisOptions.font = $.extend({}, fontDefaults, axisOptions.font); - if (!axisOptions.font.color) { - axisOptions.font.color = axisOptions.color; - } - if (!axisOptions.font.lineHeight) { - axisOptions.font.lineHeight = Math.round(axisOptions.font.size * 1.15); - } + } + if (axisOptions.tickFont || axisOptions.font) { + axisOptions.tickFont = $.extend({}, axisOptions.font || fontDefaults, axisOptions.tickFont); + } + if (axisOptions.label && (axisOptions.labelFont || axisOptions.font)) { + axisOptions.labelFont = $.extend({}, axisOptions.font || fontDefaults, axisOptions.labelFont); } } // backwards compatibility, to be removed in future - if (options.xaxis.noTicks && options.xaxis.ticks == null) + if (options.xaxis.noTicks && options.xaxis.ticks == null) { options.xaxis.ticks = options.xaxis.noTicks; - if (options.yaxis.noTicks && options.yaxis.ticks == null) + } + if (options.yaxis.noTicks && options.yaxis.ticks == null) { options.yaxis.ticks = options.yaxis.noTicks; + } if (options.x2axis) { options.xaxes[1] = $.extend(true, {}, options.xaxis, options.x2axis); options.xaxes[1].position = "top"; - // Override the inherit to allow the axis to auto-scale - if (options.x2axis.min == null) { - options.xaxes[1].min = null; - } - if (options.x2axis.max == null) { - options.xaxes[1].max = null; - } } if (options.y2axis) { options.yaxes[1] = $.extend(true, {}, options.yaxis, options.y2axis); options.yaxes[1].position = "right"; - // Override the inherit to allow the axis to auto-scale - if (options.y2axis.min == null) { - options.yaxes[1].min = null; - } - if (options.y2axis.max == null) { - options.yaxes[1].max = null; - } } - if (options.grid.coloredAreas) + if (options.grid.coloredAreas) { options.grid.markings = options.grid.coloredAreas; - if (options.grid.coloredAreasColor) + } + if (options.grid.coloredAreasColor) { options.grid.markingsColor = options.grid.coloredAreasColor; - if (options.lines) + } + if (options.lines) { $.extend(true, options.series.lines, options.lines); - if (options.points) + } + if (options.points) { $.extend(true, options.series.points, options.points); - if (options.bars) + } + if (options.bars) { $.extend(true, options.series.bars, options.bars); - if (options.shadowSize != null) + } + if (options.shadowSize != null) { options.series.shadowSize = options.shadowSize; - if (options.highlightColor != null) + } + if (options.highlightColor != null) { options.series.highlightColor = options.highlightColor; + } // save options on axes for future reference - for (i = 0; i < options.xaxes.length; ++i) + for (i = 0; i < options.xaxes.length; ++i) { getOrCreateAxis(xaxes, i + 1).options = options.xaxes[i]; - for (i = 0; i < options.yaxes.length; ++i) + } + for (i = 0; i < options.yaxes.length; ++i) { getOrCreateAxis(yaxes, i + 1).options = options.yaxes[i]; + } // add hooks from options - for (var n in hooks) - if (options.hooks[n] && options.hooks[n].length) + for (var n in hooks) { + if (options.hooks[n] && options.hooks[n].length) { hooks[n] = hooks[n].concat(options.hooks[n]); + } + } executeHooks(hooks.processOptions, [options]); } @@ -896,9 +1044,9 @@ Licensed under the MIT license. $.extend(true, s, d[i]); d[i].data = s.data; - } - else + } else { s.data = d[i]; + } res.push(s); } @@ -907,10 +1055,12 @@ Licensed under the MIT license. function axisNumber(obj, coord) { var a = obj[coord + "axis"]; - if (typeof a == "object") // if we got a real axis, extract number + if (typeof a === "object") { // if we got a real axis, extract number a = a.n; - if (typeof a != "number") + } + if (!isNumeric(a)) { a = 1; // default to first axis + } return a; } @@ -924,20 +1074,24 @@ Licensed under the MIT license. var res = {}, i, axis; for (i = 0; i < xaxes.length; ++i) { axis = xaxes[i]; - if (axis && axis.used) + if (axis && axis.used) { res["x" + axis.n] = axis.c2p(pos.left); + } } for (i = 0; i < yaxes.length; ++i) { axis = yaxes[i]; - if (axis && axis.used) + if (axis && axis.used) { res["y" + axis.n] = axis.c2p(pos.top); + } } - if (res.x1 !== undefined) + if (res.x1 !== undefined) { res.x = res.x1; - if (res.y1 !== undefined) + } + if (res.y1 !== undefined) { res.y = res.y1; + } return res; } @@ -950,8 +1104,9 @@ Licensed under the MIT license. axis = xaxes[i]; if (axis && axis.used) { key = "x" + axis.n; - if (pos[key] == null && axis.n == 1) + if (pos[key] == null && axis.n === 1) { key = "x"; + } if (pos[key] != null) { res.left = axis.p2c(pos[key]); @@ -964,8 +1119,9 @@ Licensed under the MIT license. axis = yaxes[i]; if (axis && axis.used) { key = "y" + axis.n; - if (pos[key] == null && axis.n == 1) + if (pos[key] == null && axis.n === 1) { key = "y"; + } if (pos[key] != null) { res.top = axis.p2c(pos[key]); @@ -978,12 +1134,13 @@ Licensed under the MIT license. } function getOrCreateAxis(axes, number) { - if (!axes[number - 1]) + if (!axes[number - 1]) { axes[number - 1] = { n: number, // save the number for future reference - direction: axes == xaxes ? "x" : "y", - options: $.extend(true, {}, axes == xaxes ? options.xaxis : options.yaxis) + direction: axes === xaxes ? "x" : "y", + options: $.extend(true, {}, axes === xaxes ? options.xaxis : options.yaxis) }; + } return axes[number - 1]; } @@ -999,7 +1156,7 @@ Licensed under the MIT license. var sc = series[i].color; if (sc != null) { neededColors--; - if (typeof sc == "number" && sc > maxIndex) { + if (isNumeric(sc) && sc > maxIndex) { maxIndex = sc; } } @@ -1030,15 +1187,19 @@ Licensed under the MIT license. // Reset the variation after every few cycles, or else // it will end up producing only white or black colors. - if (i % colorPoolSize == 0 && i) { + if (i % colorPoolSize === 0 && i) { if (variation >= 0) { if (variation < 0.5) { variation = -variation - 0.2; - } else variation = 0; - } else variation = -variation; + } else { + variation = 0; + } + } else { + variation = -variation; + } } - colors[i] = c.scale('rgb', 1 + variation); + colors[i] = c.scale("rgb", 1 + variation); } // Finalize the series options, filling in their colors @@ -1051,20 +1212,22 @@ Licensed under the MIT license. if (s.color == null) { s.color = colors[colori].toString(); ++colori; - } - else if (typeof s.color == "number") + } else if (isNumeric(s.color)) { s.color = colors[s.color].toString(); + } // turn on lines automatically in case nothing is set if (s.lines.show == null) { var v, show = true; - for (v in s) + for (v in s) { if (s[v] && s[v].show) { show = false; break; } - if (show) + } + if (show) { s.lines.show = true; + } } // If nothing was provided for lines.zero, default it to match @@ -1084,15 +1247,15 @@ Licensed under the MIT license. var topSentry = Number.POSITIVE_INFINITY, bottomSentry = Number.NEGATIVE_INFINITY, fakeInfinity = Number.MAX_VALUE, - i, j, k, m, length, - s, points, ps, x, y, axis, val, f, p, - data, format; + i, j, k, m, s, points, ps, val, f, p, data, format; function updateAxis(axis, min, max) { - if (min < axis.datamin && min != -fakeInfinity) + if (min < axis.datamin && min !== -fakeInfinity) { axis.datamin = min; - if (max > axis.datamax && max != fakeInfinity) + } + if (max > axis.datamax && max !== fakeInfinity) { axis.datamax = max; + } } $.each(allAxes(), function (_, axis) { @@ -1105,7 +1268,6 @@ Licensed under the MIT license. for (i = 0; i < series.length; ++i) { s = series[i]; s.datapoints = { points: [] }; - executeHooks(hooks.processRawData, [ s, s.data, s.datapoints ]); } @@ -1134,8 +1296,9 @@ Licensed under the MIT license. s.datapoints.format = format; } - if (s.datapoints.pointsize != null) + if (s.datapoints.pointsize != null) { continue; // already filled in + } s.datapoints.pointsize = format.length; @@ -1157,20 +1320,23 @@ Licensed under the MIT license. if (f) { if (f.number && val != null) { val = +val; // convert to number - if (isNaN(val)) + if (isNaN(val)) { val = null; - else if (val == Infinity) + } else if (val === Infinity) { val = fakeInfinity; - else if (val == -Infinity) + } else if (val === -Infinity) { val = -fakeInfinity; + } } if (val == null) { - if (f.required) + if (f.required) { nullify = true; + } - if (f.defaultValue != null) + if (f.defaultValue != null) { val = f.defaultValue; + } } } @@ -1184,7 +1350,7 @@ Licensed under the MIT license. if (val != null) { f = format[m]; // extract min/max info - if (f.autoscale !== false) { + if (f.autoscale) { if (f.x) { updateAxis(s.xaxis, val, val); } @@ -1195,18 +1361,18 @@ Licensed under the MIT license. } points[k + m] = null; } - } - else { + } else { // a little bit of line specific stuff that // perhaps shouldn't be here, but lacking // better means... - if (insertSteps && k > 0 - && points[k - ps] != null - && points[k - ps] != points[k] - && points[k - ps + 1] != points[k + 1]) { + if (insertSteps && k > 0 && + points[k - ps] != null && + points[k - ps] !== points[k] && + points[k - ps + 1] !== points[k + 1]) { // copy the point to make room for a middle point - for (m = 0; m < ps; ++m) + for (m = 0; m < ps; ++m) { points[k + ps + m] = points[k + m]; + } // middle point has same y points[k + 1] = points[k - ps + 1]; @@ -1236,26 +1402,32 @@ Licensed under the MIT license. xmax = bottomSentry, ymax = bottomSentry; for (j = 0; j < points.length; j += ps) { - if (points[j] == null) + if (points[j] == null) { continue; + } for (m = 0; m < ps; ++m) { val = points[j + m]; f = format[m]; - if (!f || f.autoscale === false || val == fakeInfinity || val == -fakeInfinity) + if (!f || f.autoscale === false || val === fakeInfinity || val === -fakeInfinity) { continue; + } if (f.x) { - if (val < xmin) + if (val < xmin) { xmin = val; - if (val > xmax) + } + if (val > xmax) { xmax = val; + } } if (f.y) { - if (val < ymin) + if (val < ymin) { ymin = val; - if (val > ymax) + } + if (val > ymax) { ymax = val; + } } } } @@ -1265,21 +1437,23 @@ Licensed under the MIT license. var delta; switch (s.bars.align) { - case "left": - delta = 0; - break; - case "right": - delta = -s.bars.barWidth; - break; - default: - delta = -s.bars.barWidth / 2; + case "left": + delta = 0; + break; + case "right": + delta = -s.bars.barWidth; + break; + case "center": + delta = -s.bars.barWidth / 2; + break; + default: + throw new Error("Invalid bar alignment: " + s.bars.align); } if (s.bars.horizontal) { ymin += delta; ymax += delta + s.bars.barWidth; - } - else { + } else { xmin += delta; xmax += delta + s.bars.barWidth; } @@ -1290,10 +1464,12 @@ Licensed under the MIT license. } $.each(allAxes(), function (_, axis) { - if (axis.datamin == topSentry) + if (axis.datamin === topSentry) { axis.datamin = null; - if (axis.datamax == bottomSentry) + } + if (axis.datamax === bottomSentry) { axis.datamax = null; + } }); } @@ -1303,12 +1479,11 @@ Licensed under the MIT license. // from a previous plot in this container that we'll try to re-use. placeholder.css("padding", 0) // padding messes up the positioning - .children().filter(function(){ - return !$(this).hasClass("flot-overlay") && !$(this).hasClass('flot-base'); - }).remove(); + .children(":not(.flot-base,.flot-overlay)").remove(); - if (placeholder.css("position") == 'static') + if (placeholder.css("position") === "static") { placeholder.css("position", "relative"); // for positioning labels and overlay + } surface = new Canvas("flot-base", placeholder); overlay = new Canvas("flot-overlay", placeholder); // overlay canvas for interactive features @@ -1346,15 +1521,17 @@ Licensed under the MIT license. eventHolder.bind("mouseleave", onMouseLeave); } - if (options.grid.clickable) + if (options.grid.clickable) { eventHolder.click(onClick); + } executeHooks(hooks.bindEvents, [eventHolder]); } function shutdown() { - if (redrawTimeout) + if (redrawTimeout) { clearTimeout(redrawTimeout); + } eventHolder.unbind("mousemove", onMouseMove); eventHolder.unbind("mouseleave", onMouseLeave); @@ -1374,136 +1551,143 @@ Licensed under the MIT license. // precompute how much the axis is scaling a point // in canvas space - if (axis.direction == "x") { + if (axis.direction === "x") { s = axis.scale = plotWidth / Math.abs(t(axis.max) - t(axis.min)); m = Math.min(t(axis.max), t(axis.min)); - } - else { + } else { s = axis.scale = plotHeight / Math.abs(t(axis.max) - t(axis.min)); s = -s; m = Math.max(t(axis.max), t(axis.min)); } // data point to canvas coordinate - if (t == identity) // slight optimization + if (t === identity) { // slight optimization axis.p2c = function (p) { return (p - m) * s; }; - else + } else { axis.p2c = function (p) { return (t(p) - m) * s; }; + } // canvas coordinate to data point - if (!it) + if (!it) { axis.c2p = function (c) { return m + c / s; }; - else + } else { axis.c2p = function (c) { return it(m + c / s); }; + } } function measureTickLabels(axis) { var opts = axis.options, ticks = axis.ticks || [], - labelWidth = opts.labelWidth || 0, - labelHeight = opts.labelHeight || 0, - maxWidth = labelWidth || (axis.direction == "x" ? Math.floor(surface.width / (ticks.length || 1)) : null), - legacyStyles = axis.direction + "Axis " + axis.direction + axis.n + "Axis", - layer = "flot-" + axis.direction + "-axis flot-" + axis.direction + axis.n + "-axis " + legacyStyles, - font = opts.font || "flot-tick-label tickLabel"; + // Label width & height are deprecated; remove in 1.0! + tickWidth = opts.tickWidth || opts.labelWidth || 0, + tickHeight = opts.tickHeight || opts.labelHeight || 0, + maxWidth = tickWidth || axis.direction === "x" ? Math.floor(surface.width / (ticks.length || 1)) : null, + layer = "flot-" + axis.direction + "-axis flot-" + axis.direction + axis.n + "-axis " + axis.direction + "Axis " + axis.direction + axis.n + "Axis", + font = opts.tickFont || "flot-tick-label tickLabel"; for (var i = 0; i < ticks.length; ++i) { var t = ticks[i]; - if (!t.label) + if (!t.label) { continue; + } var info = surface.getTextInfo(layer, t.label, font, null, maxWidth); - labelWidth = Math.max(labelWidth, info.width); - labelHeight = Math.max(labelHeight, info.height); + tickWidth = Math.max(tickWidth, info.width); + tickHeight = Math.max(tickHeight, info.height); } - axis.labelWidth = opts.labelWidth || labelWidth; - axis.labelHeight = opts.labelHeight || labelHeight; + axis.tickWidth = opts.tickWidth || opts.labelWidth || tickWidth; + axis.tickHeight = opts.tickHeight || opts.labelHeight || tickHeight; + + // Label width/height properties are deprecated; remove in 1.0! + + axis.labelWidth = axis.tickWidth; + axis.labelHeight = axis.tickHeight; } + /////////////////////////////////////////////////////////////////////// + // Compute the axis bounding box based on the dimensions of its label + // and tick labels, then adjust the plotOffset to make room for it. + // + // This first phase only considers one dimension per axis; the other + // dimension depends on the other axes, and will be calculated later. + function allocateAxisBoxFirstPhase(axis) { - // find the bounding box of the axis by looking at label - // widths/heights and ticks, make room by diminishing the - // plotOffset; this first phase only looks at one - // dimension per axis, the other dimension depends on the - // other axes so will have to wait - - var lw = axis.labelWidth, - lh = axis.labelHeight, - pos = axis.options.position, - isXAxis = axis.direction === "x", - tickLength = axis.options.tickLength, + + var contentWidth = axis.tickWidth, + contentHeight = axis.tickHeight, + axisOptions = axis.options, + tickLength = axisOptions.tickLength, + axisPosition = axisOptions.position, axisMargin = options.grid.axisMargin, padding = options.grid.labelMargin, - innermost = true, - outermost = true, - first = true, - found = false; - - // Determine the axis's position in its direction and on its side - - $.each(isXAxis ? xaxes : yaxes, function(i, a) { - if (a && (a.show || a.reserveSpace)) { - if (a === axis) { - found = true; - } else if (a.options.position === pos) { - if (found) { - outermost = false; - } else { - innermost = false; - } - } - if (!found) { - first = false; - } - } - }); + all = axis.direction === "x" ? xaxes : yaxes, + innermost; - // The outermost axis on each side has no margin + // Determine the margin around the axis - if (outermost) { - axisMargin = 0; + var samePosition = $.grep(all, function(axis) { + return axis && axis.options.position === axisPosition && axis.reserveSpace; + }); + if ($.inArray(axis, samePosition) === samePosition.length - 1) { + axisMargin = 0; // outermost } - // The ticks for the first axis in each direction stretch across + // Determine whether the axis is the first (innermost) on its side + + innermost = $.inArray(axis, samePosition) === 0; + + // Determine the length of the tick marks if (tickLength == null) { - tickLength = first ? "full" : 5; + if (innermost) { + tickLength = "full"; + } else { + tickLength = 5; + } } - if (!isNaN(+tickLength)) + if (!isNaN(+tickLength)) { padding += +tickLength; + } - if (isXAxis) { - lh += padding; + // Measure the dimensions of the axis label, if it has one - if (pos == "bottom") { - plotOffset.bottom += lh + axisMargin; - axis.box = { top: surface.height - plotOffset.bottom, height: lh }; - } - else { - axis.box = { top: plotOffset.top + axisMargin, height: lh }; - plotOffset.top += lh + axisMargin; - } + if (axisOptions.label) { + var layer = "flot-" + axis.direction + "-axis flot-" + axis.direction + axis.n + "-axis " + axis.direction + "Axis " + axis.direction + axis.n + "Axis", + font = axisOptions.labelFont || "flot-axis-label axisLabels " + axis.direction + axis.n + "axisLabel", + angle = axis.direction === "x" ? 0 : axisOptions.position === "right" ? 90 : -90, + labelInfo = surface.getTextInfo(layer, axisOptions.label, font, angle); + contentWidth += labelInfo.width + axisOptions.labelPadding; + contentHeight += labelInfo.height + axisOptions.labelPadding; } - else { - lw += padding; - if (pos == "left") { - axis.box = { left: plotOffset.left + axisMargin, width: lw }; - plotOffset.left += lw + axisMargin; + // Compute the axis bounding box and update the plot bounds + + if (axis.direction === "x") { + contentHeight += padding; + if (axisPosition === "top") { + axis.box = { top: plotOffset.top + axisMargin, height: contentHeight }; + plotOffset.top += contentHeight + axisMargin; + } else { + plotOffset.bottom += contentHeight + axisMargin; + axis.box = { top: surface.height - plotOffset.bottom, height: contentHeight }; } - else { - plotOffset.right += lw + axisMargin; - axis.box = { left: surface.width - plotOffset.right, width: lw }; + } else { + contentWidth += padding; + if (axisPosition === "right") { + plotOffset.right += contentWidth + axisMargin; + axis.box = { left: surface.width - plotOffset.right, width: contentWidth }; + } else { + axis.box = { left: plotOffset.left + axisMargin, width: contentWidth }; + plotOffset.left += contentWidth + axisMargin; } } - // save for future reference - axis.position = pos; + axis.position = axisPosition; axis.tickLength = tickLength; axis.box.padding = padding; axis.innermost = innermost; @@ -1512,13 +1696,12 @@ Licensed under the MIT license. function allocateAxisBoxSecondPhase(axis) { // now that all axis boxes have been placed in one // dimension, we can set the remaining dimension coordinates - if (axis.direction == "x") { - axis.box.left = plotOffset.left - axis.labelWidth / 2; - axis.box.width = surface.width - plotOffset.left - plotOffset.right + axis.labelWidth; - } - else { - axis.box.top = plotOffset.top - axis.labelHeight / 2; - axis.box.height = surface.height - plotOffset.bottom - plotOffset.top + axis.labelHeight; + if (axis.direction === "x") { + axis.box.left = plotOffset.left - axis.tickWidth / 2; + axis.box.width = surface.width - plotOffset.left - plotOffset.right + axis.tickWidth; + } else { + axis.box.top = plotOffset.top - axis.tickHeight / 2; + axis.box.height = surface.height - plotOffset.bottom - plotOffset.top + axis.tickHeight; } } @@ -1527,95 +1710,92 @@ Licensed under the MIT license. // inside the canvas and isn't clipped off var minMargin = options.grid.minBorderMargin, - axis, i; + margins = { x: 0, y: 0 }, i; // check stuff from the plot (FIXME: this should just read // a value from the series, otherwise it's impossible to // customize) if (minMargin == null) { minMargin = 0; - for (i = 0; i < series.length; ++i) + for (i = 0; i < series.length; ++i) { minMargin = Math.max(minMargin, 2 * (series[i].points.radius + series[i].points.lineWidth/2)); + } } - var margins = { - left: minMargin, - right: minMargin, - top: minMargin, - bottom: minMargin - }; + margins.x = margins.y = Math.ceil(minMargin); // check axis labels, note we don't check the actual // labels but instead use the overall width/height to not // jump as much around with replots $.each(allAxes(), function (_, axis) { - if (axis.reserveSpace && axis.ticks && axis.ticks.length) { - if (axis.direction === "x") { - margins.left = Math.max(margins.left, axis.labelWidth / 2); - margins.right = Math.max(margins.right, axis.labelWidth / 2); - } else { - margins.bottom = Math.max(margins.bottom, axis.labelHeight / 2); - margins.top = Math.max(margins.top, axis.labelHeight / 2); - } + var dir = axis.direction; + if (axis.reserveSpace) { + margins[dir] = Math.ceil(Math.max(margins[dir], (dir === "x" ? axis.tickWidth : axis.tickHeight) / 2)); } }); - plotOffset.left = Math.ceil(Math.max(margins.left, plotOffset.left)); - plotOffset.right = Math.ceil(Math.max(margins.right, plotOffset.right)); - plotOffset.top = Math.ceil(Math.max(margins.top, plotOffset.top)); - plotOffset.bottom = Math.ceil(Math.max(margins.bottom, plotOffset.bottom)); + plotOffset.left = Math.max(margins.x, plotOffset.left); + plotOffset.right = Math.max(margins.x, plotOffset.right); + plotOffset.top = Math.max(margins.y, plotOffset.top); + plotOffset.bottom = Math.max(margins.y, plotOffset.bottom); } function setupGrid() { - var i, axes = allAxes(), showGrid = options.grid.show; + var axes = allAxes(), + showGrid = options.grid.show, + margin = options.grid.margin || 0, + i, a; // Initialize the plot's offset from the edge of the canvas - for (var a in plotOffset) { - var margin = options.grid.margin || 0; - plotOffset[a] = typeof margin == "number" ? margin : margin[a] || 0; + for (a in plotOffset) { + if (Object.prototype.hasOwnProperty.call(plotOffset, a)) { + plotOffset[a] = isNumeric(margin) ? margin : margin[a] || 0; + } } executeHooks(hooks.processOffset, [plotOffset]); // If the grid is visible, add its border width to the offset - for (var a in plotOffset) { - if(typeof(options.grid.borderWidth) == "object") { + for (a in plotOffset) { + if(typeof(options.grid.borderWidth) === "object") { plotOffset[a] += showGrid ? options.grid.borderWidth[a] : 0; - } - else { + } else { plotOffset[a] += showGrid ? options.grid.borderWidth : 0; } } + // init axes $.each(axes, function (_, axis) { - var axisOpts = axis.options; - axis.show = axisOpts.show == null ? axis.used : axisOpts.show; - axis.reserveSpace = axisOpts.reserveSpace == null ? axis.show : axisOpts.reserveSpace; + axis.show = axis.options.show; + if (axis.show == null) { + axis.show = axis.used; // by default an axis is visible if it's got data + } + + axis.reserveSpace = axis.show || axis.options.reserveSpace; + setRange(axis); }); if (showGrid) { - var allocatedAxes = $.grep(axes, function (axis) { - return axis.show || axis.reserveSpace; - }); + var allocatedAxes = $.grep(axes, function (axis) { return axis.reserveSpace; }); $.each(allocatedAxes, function (_, axis) { // make the ticks setupTickGeneration(axis); setTicks(axis); snapRangeToTicks(axis, axis.ticks); - // find labelWidth/Height for axis measureTickLabels(axis); }); // with all dimensions calculated, we can compute the // axis bounding boxes, start from the outside // (reverse order) - for (i = allocatedAxes.length - 1; i >= 0; --i) + for (i = allocatedAxes.length - 1; i >= 0; --i) { allocateAxisBoxFirstPhase(allocatedAxes[i]); + } // make sure we've got enough space for things that // might stick out @@ -1647,18 +1827,19 @@ Licensed under the MIT license. max = +(opts.max != null ? opts.max : axis.datamax), delta = max - min; - if (delta == 0.0) { + if (delta === 0.0) { // degenerate case - var widen = max == 0 ? 1 : 0.01; + var widen = max === 0 ? 1 : 0.01; - if (opts.min == null) + if (opts.min == null) { min -= widen; + } // always widen max if we couldn't widen min to ensure we // don't fall into min == max which doesn't work - if (opts.max == null || opts.min != null) + if (opts.max == null || opts.min != null) { max += widen; - } - else { + } + } else { // consider autoscaling var margin = opts.autoscaleMargin; if (margin != null) { @@ -1666,13 +1847,15 @@ Licensed under the MIT license. min -= delta * margin; // make sure we don't go below zero if all values // are positive - if (min < 0 && axis.datamin != null && axis.datamin >= 0) + if (min < 0 && axis.datamin != null && axis.datamin >= 0) { min = 0; + } } if (opts.max == null) { max += delta * margin; - if (max > 0 && axis.datamax != null && axis.datamax <= 0) + if (max > 0 && axis.datamax != null && axis.datamax <= 0) { max = 0; + } } } } @@ -1685,12 +1868,13 @@ Licensed under the MIT license. // estimate number of ticks var noTicks; - if (typeof opts.ticks == "number" && opts.ticks > 0) + if (isNumeric(opts.ticks) && opts.ticks > 0) { noTicks = opts.ticks; - else + } else { // heuristic based on the model a*sqrt(x) fitted to // some data points that seemed reasonable - noTicks = 0.3 * Math.sqrt(axis.direction == "x" ? surface.width : surface.height); + noTicks = 0.3 * Math.sqrt(axis.direction === "x" ? surface.width : surface.height); + } var delta = (axis.max - axis.min) / noTicks, dec = -Math.floor(Math.log(delta) / Math.LN10), @@ -1729,10 +1913,10 @@ Licensed under the MIT license. axis.tickDecimals = Math.max(0, maxDec != null ? maxDec : dec); axis.tickSize = opts.tickSize || size; - // Time mode was moved to a plug-in in 0.8, and since so many people use it - // we'll add an especially friendly reminder to make sure they included it. + // Time mode was moved to a plug-in in 0.8, but since so many people use this + // we'll add an especially friendly make sure they remembered to include it. - if (opts.mode == "time" && !axis.tickGenerator) { + if (opts.mode === "time" && !axis.tickGenerator) { throw new Error("Time mode requires the flot.time plugin."); } @@ -1754,43 +1938,46 @@ Licensed under the MIT license. v = start + i * axis.tickSize; ticks.push(v); ++i; - } while (v < axis.max && v != prev); + } while (v < axis.max && v !== prev); return ticks; }; - axis.tickFormatter = function (value, axis) { + axis.tickFormatter = function (value, axis) { - var factor = axis.tickDecimals ? Math.pow(10, axis.tickDecimals) : 1; - var formatted = "" + Math.round(value * factor) / factor; + var factor = axis.tickDecimals ? Math.pow(10, axis.tickDecimals) : 1; + var formatted = "" + Math.round(value * factor) / factor; - // If tickDecimals was specified, ensure that we have exactly that - // much precision; otherwise default to the value's own precision. + // If tickDecimals was specified, ensure that we have exactly that + // much precision; otherwise default to the value's own precision. - if (axis.tickDecimals != null) { - var decimal = formatted.indexOf("."); - var precision = decimal == -1 ? 0 : formatted.length - decimal - 1; - if (precision < axis.tickDecimals) { - return (precision ? formatted : formatted + ".") + ("" + factor).substr(1, axis.tickDecimals - precision); - } - } + if (axis.tickDecimals != null) { + var decimal = formatted.indexOf("."); + var precision = decimal === -1 ? 0 : formatted.length - decimal - 1; + if (precision < axis.tickDecimals) { + return (precision ? formatted : formatted + ".") + ("" + factor).substr(1, axis.tickDecimals - precision); + } + } return formatted; }; } - if ($.isFunction(opts.tickFormatter)) + if ($.isFunction(opts.tickFormatter)) { axis.tickFormatter = function (v, axis) { return "" + opts.tickFormatter(v, axis); }; + } if (opts.alignTicksWithAxis != null) { - var otherAxis = (axis.direction == "x" ? xaxes : yaxes)[opts.alignTicksWithAxis - 1]; - if (otherAxis && otherAxis.used && otherAxis != axis) { + var otherAxis = (axis.direction === "x" ? xaxes : yaxes)[opts.alignTicksWithAxis - 1]; + if (otherAxis && otherAxis.used && otherAxis !== axis) { // consider snapping min/max to outermost nice ticks var niceTicks = axis.tickGenerator(axis); if (niceTicks.length > 0) { - if (opts.min == null) + if (opts.min == null) { axis.min = Math.min(axis.min, niceTicks[0]); - if (opts.max == null && niceTicks.length > 1) + } + if (opts.max == null && niceTicks.length > 1) { axis.max = Math.max(axis.max, niceTicks[niceTicks.length - 1]); + } } axis.tickGenerator = function (axis) { @@ -1813,8 +2000,9 @@ Licensed under the MIT license. // only proceed if the tick interval rounded // with an extra decimal doesn't give us a // zero at end - if (!(ts.length > 1 && /\..*0$/.test((ts[1] - ts[0]).toFixed(extraDec)))) + if (!(ts.length > 1 && /\..*0$/.test((ts[1] - ts[0]).toFixed(extraDec)))) { axis.tickDecimals = extraDec; + } } } } @@ -1822,14 +2010,15 @@ Licensed under the MIT license. function setTicks(axis) { var oticks = axis.options.ticks, ticks = []; - if (oticks == null || (typeof oticks == "number" && oticks > 0)) + if (oticks == null || (isNumeric(oticks) && oticks > 0)) { ticks = axis.tickGenerator(axis); - else if (oticks) { - if ($.isFunction(oticks)) + } else if (oticks) { + if ($.isFunction(oticks)) { // generate the ticks ticks = oticks(axis); - else + } else { ticks = oticks; + } } // clean up/labelify the supplied ticks, copy them over @@ -1838,27 +2027,32 @@ Licensed under the MIT license. for (i = 0; i < ticks.length; ++i) { var label = null; var t = ticks[i]; - if (typeof t == "object") { + if (typeof t === "object") { v = +t[0]; - if (t.length > 1) + if (t.length > 1) { label = t[1]; - } - else + } + } else { v = +t; - if (label == null) + } + if (label == null) { label = axis.tickFormatter(v, axis); - if (!isNaN(v)) + } + if (!isNaN(v)) { axis.ticks.push({ v: v, label: label }); + } } } function snapRangeToTicks(axis, ticks) { if (axis.options.autoscaleMargin && ticks.length > 0) { // snap to ticks - if (axis.options.min == null) + if (axis.options.min == null) { axis.min = Math.min(axis.min, ticks[0].v); - if (axis.options.max == null && ticks.length > 1) + } + if (axis.options.max == null && ticks.length > 1) { axis.max = Math.max(axis.max, ticks[ticks.length - 1].v); + } } } @@ -1871,8 +2065,9 @@ Licensed under the MIT license. var grid = options.grid; // draw background, if any - if (grid.show && grid.backgroundColor) + if (grid.show && grid.backgroundColor) { drawBackground(); + } if (grid.show && !grid.aboveData) { drawGrid(); @@ -1902,10 +2097,11 @@ Licensed under the MIT license. for (var i = 0; i < axes.length; ++i) { axis = axes[i]; - if (axis.direction == coord) { + if (axis.direction === coord) { key = coord + axis.n + "axis"; - if (!ranges[key] && axis.n == 1) + if (!ranges[key] && axis.n === 1) { key = coord + "axis"; // support x1axis as xaxis + } if (ranges[key]) { from = ranges[key].from; to = ranges[key].to; @@ -1916,7 +2112,7 @@ Licensed under the MIT license. // backwards-compat stuff - to be removed in future if (!ranges[key]) { - axis = coord == "x" ? xaxes[0] : yaxes[0]; + axis = coord === "x" ? xaxes[0] : yaxes[0]; from = ranges[coord + "1"]; to = ranges[coord + "2"]; } @@ -1967,53 +2163,50 @@ Licensed under the MIT license. yrange = extractRange(m, "y"); // fill in missing - if (xrange.from == null) + if (xrange.from == null) { xrange.from = xrange.axis.min; - if (xrange.to == null) + } + if (xrange.to == null) { xrange.to = xrange.axis.max; - if (yrange.from == null) + } + if (yrange.from == null) { yrange.from = yrange.axis.min; - if (yrange.to == null) + } + if (yrange.to == null) { yrange.to = yrange.axis.max; + } // clip if (xrange.to < xrange.axis.min || xrange.from > xrange.axis.max || - yrange.to < yrange.axis.min || yrange.from > yrange.axis.max) + yrange.to < yrange.axis.min || yrange.from > yrange.axis.max) { continue; + } xrange.from = Math.max(xrange.from, xrange.axis.min); xrange.to = Math.min(xrange.to, xrange.axis.max); yrange.from = Math.max(yrange.from, yrange.axis.min); yrange.to = Math.min(yrange.to, yrange.axis.max); - var xequal = xrange.from === xrange.to, - yequal = yrange.from === yrange.to; - - if (xequal && yequal) { + if (xrange.from === xrange.to && yrange.from === yrange.to) { continue; } // then draw - xrange.from = Math.floor(xrange.axis.p2c(xrange.from)); - xrange.to = Math.floor(xrange.axis.p2c(xrange.to)); - yrange.from = Math.floor(yrange.axis.p2c(yrange.from)); - yrange.to = Math.floor(yrange.axis.p2c(yrange.to)); - - if (xequal || yequal) { - var lineWidth = m.lineWidth || options.grid.markingsLineWidth, - subPixel = lineWidth % 2 ? 0.5 : 0; + xrange.from = xrange.axis.p2c(xrange.from); + xrange.to = xrange.axis.p2c(xrange.to); + yrange.from = yrange.axis.p2c(yrange.from); + yrange.to = yrange.axis.p2c(yrange.to); + + if (xrange.from === xrange.to || yrange.from === yrange.to) { + // draw line ctx.beginPath(); ctx.strokeStyle = m.color || options.grid.markingsColor; - ctx.lineWidth = lineWidth; - if (xequal) { - ctx.moveTo(xrange.to + subPixel, yrange.from); - ctx.lineTo(xrange.to + subPixel, yrange.to); - } else { - ctx.moveTo(xrange.from, yrange.to + subPixel); - ctx.lineTo(xrange.to, yrange.to + subPixel); - } + ctx.lineWidth = m.lineWidth || options.grid.markingsLineWidth; + ctx.moveTo(xrange.from, yrange.from); + ctx.lineTo(xrange.to, yrange.to); ctx.stroke(); } else { + // fill area ctx.fillStyle = m.color || options.grid.markingsColor; ctx.fillRect(xrange.from, yrange.to, xrange.to - xrange.from, @@ -2029,25 +2222,27 @@ Licensed under the MIT license. for (var j = 0; j < axes.length; ++j) { var axis = axes[j], box = axis.box, t = axis.tickLength, x, y, xoff, yoff; - if (!axis.show || axis.ticks.length == 0) + if (!axis.show || axis.ticks.length === 0) { continue; + } ctx.lineWidth = 1; // find the edges - if (axis.direction == "x") { + if (axis.direction === "x") { x = 0; - if (t == "full") - y = (axis.position == "top" ? 0 : plotHeight); - else - y = box.top - plotOffset.top + (axis.position == "top" ? box.height : 0); - } - else { + if (t === "full") { + y = (axis.position === "top" ? 0 : plotHeight); + } else { + y = box.top - plotOffset.top + (axis.position === "top" ? box.height : 0); + } + } else { y = 0; - if (t == "full") - x = (axis.position == "left" ? 0 : plotWidth); - else - x = box.left - plotOffset.left + (axis.position == "left" ? box.width : 0); + if (t === "full") { + x = (axis.position === "left" ? 0 : plotWidth); + } else { + x = box.left - plotOffset.left + (axis.position === "left" ? box.width : 0); + } } // draw tick bar @@ -2055,13 +2250,14 @@ Licensed under the MIT license. ctx.strokeStyle = axis.options.color; ctx.beginPath(); xoff = yoff = 0; - if (axis.direction == "x") + if (axis.direction === "x") { xoff = plotWidth + 1; - else + } else { yoff = plotHeight + 1; + } - if (ctx.lineWidth == 1) { - if (axis.direction == "x") { + if (ctx.lineWidth === 1) { + if (axis.direction === "x") { y = Math.floor(y) + 0.5; } else { x = Math.floor(x) + 0.5; @@ -2083,33 +2279,36 @@ Licensed under the MIT license. xoff = yoff = 0; - if (isNaN(v) || v < axis.min || v > axis.max + if (isNaN(v) || v < axis.min || v > axis.max || ( // skip those lying on the axes if we got a border - || (t == "full" - && ((typeof bw == "object" && bw[axis.position] > 0) || bw > 0) - && (v == axis.min || v == axis.max))) + t === "full" && ((typeof bw === "object" && bw[axis.position] > 0) || bw > 0) && + (v === axis.min || v === axis.max) + )) { continue; + } - if (axis.direction == "x") { + if (axis.direction === "x") { x = axis.p2c(v); - yoff = t == "full" ? -plotHeight : t; + yoff = t === "full" ? -plotHeight : t; - if (axis.position == "top") + if (axis.position === "top") { yoff = -yoff; - } - else { + } + } else { y = axis.p2c(v); - xoff = t == "full" ? -plotWidth : t; + xoff = t === "full" ? -plotWidth : t; - if (axis.position == "left") + if (axis.position === "left") { xoff = -xoff; + } } - if (ctx.lineWidth == 1) { - if (axis.direction == "x") + if (ctx.lineWidth === 1) { + if (axis.direction === "x") { x = Math.floor(x) + 0.5; - else + } else { y = Math.floor(y) + 0.5; + } } ctx.moveTo(x, y); @@ -2125,7 +2324,7 @@ Licensed under the MIT license. // If either borderWidth or borderColor is an object, then draw the border // line by line instead of as one rectangle bc = options.grid.borderColor; - if(typeof bw == "object" || typeof bc == "object") { + if(typeof bw === "object" || typeof bc === "object") { if (typeof bw !== "object") { bw = {top: bw, right: bw, bottom: bw, left: bw}; } @@ -2168,8 +2367,7 @@ Licensed under the MIT license. ctx.lineTo(0- bw.left/2, 0); ctx.stroke(); } - } - else { + } else { ctx.lineWidth = bw; ctx.strokeStyle = options.grid.borderColor; ctx.strokeRect(-bw/2, -bw/2, plotWidth + bw, plotHeight + bw); @@ -2182,31 +2380,48 @@ Licensed under the MIT license. function drawAxisLabels() { $.each(allAxes(), function (_, axis) { + if (!axis.show || axis.ticks.length === 0) { + return; + } + var box = axis.box, - legacyStyles = axis.direction + "Axis " + axis.direction + axis.n + "Axis", - layer = "flot-" + axis.direction + "-axis flot-" + axis.direction + axis.n + "-axis " + legacyStyles, - font = axis.options.font || "flot-tick-label tickLabel", + axisOptions = axis.options, + layer = "flot-" + axis.direction + "-axis flot-" + axis.direction + axis.n + "-axis " + axis.direction + "Axis " + axis.direction + axis.n + "Axis", + labelFont = axisOptions.labelFont || "flot-axis-label axisLabels " + axis.direction + axis.n + "axisLabel", + tickFont = axisOptions.tickFont || "flot-tick-label tickLabel", tick, x, y, halign, valign; - // Remove text before checking for axis.show and ticks.length; - // otherwise plugins, like flot-tickrotor, that draw their own - // tick labels will end up with both theirs and the defaults. - surface.removeText(layer); - if (!axis.show || axis.ticks.length == 0) - return; + if (axisOptions.label) { + if (axis.direction === "x") { + if (axisOptions.position === "top") { + surface.addText(layer, box.left + box.width / 2, box.top, axisOptions.label, labelFont, 0, null, "center", "top"); + } else { + surface.addText(layer, box.left + box.width / 2, box.top + box.height, axisOptions.label, labelFont, 0, null, "center", "bottom"); + } + } else { + if (axisOptions.position === "right") { + surface.addText(layer, box.left + box.width, box.top + box.height / 2, axisOptions.label, labelFont, 90, null, "right", "middle"); + } else { + surface.addText(layer, box.left, box.top + box.height / 2, axisOptions.label, labelFont, -90, null, "left", "middle"); + } + } + } + + // Add labels for the ticks on this axis for (var i = 0; i < axis.ticks.length; ++i) { tick = axis.ticks[i]; - if (!tick.label || tick.v < axis.min || tick.v > axis.max) + if (!tick.label || tick.v < axis.min || tick.v > axis.max) { continue; + } - if (axis.direction == "x") { + if (axis.direction === "x") { halign = "center"; x = plotOffset.left + axis.p2c(tick.v); - if (axis.position == "bottom") { + if (axis.position === "bottom") { y = box.top + box.padding; } else { y = box.top + box.height - box.padding; @@ -2215,7 +2430,7 @@ Licensed under the MIT license. } else { valign = "middle"; y = plotOffset.top + axis.p2c(tick.v); - if (axis.position == "left") { + if (axis.position === "left") { x = box.left + box.width - box.padding; halign = "right"; } else { @@ -2223,18 +2438,21 @@ Licensed under the MIT license. } } - surface.addText(layer, x, y, tick.label, font, null, null, halign, valign); + surface.addText(layer, x, y, tick.label, tickFont, null, null, halign, valign); } }); } function drawSeries(series) { - if (series.lines.show) + if (series.lines.show) { drawSeriesLines(series); - if (series.bars.show) + } + if (series.bars.show) { drawSeriesBars(series); - if (series.points.show) + } + if (series.points.show) { drawSeriesPoints(series); + } } function drawSeriesLines(series) { @@ -2248,68 +2466,74 @@ Licensed under the MIT license. var x1 = points[i - ps], y1 = points[i - ps + 1], x2 = points[i], y2 = points[i + 1]; - if (x1 == null || x2 == null) + if (x1 == null || x2 == null) { continue; + } // clip with ymin if (y1 <= y2 && y1 < axisy.min) { - if (y2 < axisy.min) + if (y2 < axisy.min) { continue; // line segment is outside + } // compute new intersection point x1 = (axisy.min - y1) / (y2 - y1) * (x2 - x1) + x1; y1 = axisy.min; - } - else if (y2 <= y1 && y2 < axisy.min) { - if (y1 < axisy.min) + } else if (y2 <= y1 && y2 < axisy.min) { + if (y1 < axisy.min) { continue; + } x2 = (axisy.min - y1) / (y2 - y1) * (x2 - x1) + x1; y2 = axisy.min; } // clip with ymax if (y1 >= y2 && y1 > axisy.max) { - if (y2 > axisy.max) + if (y2 > axisy.max) { continue; + } x1 = (axisy.max - y1) / (y2 - y1) * (x2 - x1) + x1; y1 = axisy.max; - } - else if (y2 >= y1 && y2 > axisy.max) { - if (y1 > axisy.max) + } else if (y2 >= y1 && y2 > axisy.max) { + if (y1 > axisy.max) { continue; + } x2 = (axisy.max - y1) / (y2 - y1) * (x2 - x1) + x1; y2 = axisy.max; } // clip with xmin if (x1 <= x2 && x1 < axisx.min) { - if (x2 < axisx.min) + if (x2 < axisx.min) { continue; + } y1 = (axisx.min - x1) / (x2 - x1) * (y2 - y1) + y1; x1 = axisx.min; - } - else if (x2 <= x1 && x2 < axisx.min) { - if (x1 < axisx.min) + } else if (x2 <= x1 && x2 < axisx.min) { + if (x1 < axisx.min) { continue; + } y2 = (axisx.min - x1) / (x2 - x1) * (y2 - y1) + y1; x2 = axisx.min; } // clip with xmax if (x1 >= x2 && x1 > axisx.max) { - if (x2 > axisx.max) + if (x2 > axisx.max) { continue; + } y1 = (axisx.max - x1) / (x2 - x1) * (y2 - y1) + y1; x1 = axisx.max; - } - else if (x2 >= x1 && x2 > axisx.max) { - if (x1 > axisx.max) + } else if (x2 >= x1 && x2 > axisx.max) { + if (x1 > axisx.max) { continue; + } y2 = (axisx.max - x1) / (x2 - x1) * (y2 - y1) + y1; x2 = axisx.max; } - if (x1 != prevx || y1 != prevy) + if (x1 !== prevx || y1 !== prevy) { ctx.moveTo(axisx.p2c(x1) + xoffset, axisy.p2c(y1) + yoffset); + } prevx = x2; prevy = y2; @@ -2322,15 +2546,16 @@ Licensed under the MIT license. var points = datapoints.points, ps = datapoints.pointsize, bottom = Math.min(Math.max(0, axisy.min), axisy.max), - i = 0, top, areaOpen = false, + i = 0, areaOpen = false, ypos = 1, segmentStart = 0, segmentEnd = 0; // we process each segment in two turns, first forward // direction to sketch out top, then once we hit the // end we go backwards to sketch the bottom while (true) { - if (ps > 0 && i > points.length + ps) + if (ps > 0 && i > points.length + ps) { break; + } i += ps; // ps is negative if going backwards @@ -2347,7 +2572,7 @@ Licensed under the MIT license. continue; } - if (ps < 0 && i == segmentStart + ps) { + if (ps < 0 && i === segmentStart + ps) { // done with the reverse sweep ctx.fill(); areaOpen = false; @@ -2358,35 +2583,38 @@ Licensed under the MIT license. } } - if (x1 == null || x2 == null) + if (x1 == null || x2 == null) { continue; + } // clip x values // clip with xmin if (x1 <= x2 && x1 < axisx.min) { - if (x2 < axisx.min) + if (x2 < axisx.min) { continue; + } y1 = (axisx.min - x1) / (x2 - x1) * (y2 - y1) + y1; x1 = axisx.min; - } - else if (x2 <= x1 && x2 < axisx.min) { - if (x1 < axisx.min) + } else if (x2 <= x1 && x2 < axisx.min) { + if (x1 < axisx.min) { continue; + } y2 = (axisx.min - x1) / (x2 - x1) * (y2 - y1) + y1; x2 = axisx.min; } // clip with xmax if (x1 >= x2 && x1 > axisx.max) { - if (x2 > axisx.max) + if (x2 > axisx.max) { continue; + } y1 = (axisx.max - x1) / (x2 - x1) * (y2 - y1) + y1; x1 = axisx.max; - } - else if (x2 >= x1 && x2 > axisx.max) { - if (x1 > axisx.max) + } else if (x2 >= x1 && x2 > axisx.max) { + if (x1 > axisx.max) { continue; + } y2 = (axisx.max - x1) / (x2 - x1) * (y2 - y1) + y1; x2 = axisx.max; } @@ -2403,8 +2631,7 @@ Licensed under the MIT license. ctx.lineTo(axisx.p2c(x1), axisy.p2c(axisy.max)); ctx.lineTo(axisx.p2c(x2), axisy.p2c(axisy.max)); continue; - } - else if (y1 <= axisy.min && y2 <= axisy.min) { + } else if (y1 <= axisy.min && y2 <= axisy.min) { ctx.lineTo(axisx.p2c(x1), axisy.p2c(axisy.min)); ctx.lineTo(axisx.p2c(x2), axisy.p2c(axisy.min)); continue; @@ -2423,8 +2650,7 @@ Licensed under the MIT license. if (y1 <= y2 && y1 < axisy.min && y2 >= axisy.min) { x1 = (axisy.min - y1) / (y2 - y1) * (x2 - x1) + x1; y1 = axisy.min; - } - else if (y2 <= y1 && y2 < axisy.min && y1 >= axisy.min) { + } else if (y2 <= y1 && y2 < axisy.min && y1 >= axisy.min) { x2 = (axisy.min - y1) / (y2 - y1) * (x2 - x1) + x1; y2 = axisy.min; } @@ -2433,15 +2659,14 @@ Licensed under the MIT license. if (y1 >= y2 && y1 > axisy.max && y2 <= axisy.max) { x1 = (axisy.max - y1) / (y2 - y1) * (x2 - x1) + x1; y1 = axisy.max; - } - else if (y2 >= y1 && y2 > axisy.max && y1 <= axisy.max) { + } else if (y2 >= y1 && y2 > axisy.max && y1 <= axisy.max) { x2 = (axisy.max - y1) / (y2 - y1) * (x2 - x1) + x1; y2 = axisy.max; } // if the x value was changed we got a rectangle // to fill - if (x1 != x1old) { + if (x1 !== x1old) { ctx.lineTo(axisx.p2c(x1old), axisy.p2c(y1)); // it goes to (x1, y1), but we fill that below } @@ -2453,7 +2678,7 @@ Licensed under the MIT license. ctx.lineTo(axisx.p2c(x2), axisy.p2c(y2)); // fill the other rectangle if it's there - if (x2 != x2old) { + if (x2 !== x2old) { ctx.lineTo(axisx.p2c(x2), axisy.p2c(y2)); ctx.lineTo(axisx.p2c(x2old), axisy.p2c(y2)); } @@ -2486,8 +2711,9 @@ Licensed under the MIT license. plotLineArea(series.datapoints, series.xaxis, series.yaxis); } - if (lw > 0) + if (lw > 0) { plotLine(series.datapoints, 0, 0, series.xaxis, series.yaxis); + } ctx.restore(); } @@ -2497,16 +2723,18 @@ Licensed under the MIT license. for (var i = 0; i < points.length; i += ps) { var x = points[i], y = points[i + 1]; - if (x == null || x < axisx.min || x > axisx.max || y < axisy.min || y > axisy.max) + if (x == null || x < axisx.min || x > axisx.max || y < axisy.min || y > axisy.max) { continue; + } ctx.beginPath(); x = axisx.p2c(x); y = axisy.p2c(y) + offset; - if (symbol == "circle") + if (symbol === "circle") { ctx.arc(x, y, radius, 0, shadow ? Math.PI : Math.PI * 2, false); - else + } else { symbol(ctx, x, y, radius, shadow); + } ctx.closePath(); if (fillStyle) { @@ -2530,8 +2758,9 @@ Licensed under the MIT license. // Doing the conditional here allows the shadow setting to still be // optional even with a lineWidth of 0. - if( lw == 0 ) + if( lw === 0 ) { lw = 0.0001; + } if (lw > 0 && sw > 0) { // draw shadow in two steps @@ -2547,14 +2776,14 @@ Licensed under the MIT license. } ctx.lineWidth = lw; - ctx.strokeStyle = series.color; + ctx.strokeStyle = series.points.strokeColor || series.color; plotPoints(series.datapoints, radius, getFillStyle(series.points, series.color), 0, false, series.xaxis, series.yaxis, symbol); ctx.restore(); } - function drawBar(x, y, b, barLeft, barRight, fillStyleCallback, axisx, axisy, c, horizontal, lineWidth) { + function drawBar(x, y, b, barLeft, barRight, offset, fillStyleCallback, axisx, axisy, c, horizontal, lineWidth) { var left, right, bottom, top, drawLeft, drawRight, drawTop, drawBottom, tmp; @@ -2578,8 +2807,7 @@ Licensed under the MIT license. drawLeft = true; drawRight = false; } - } - else { + } else { drawLeft = drawRight = drawTop = true; drawBottom = false; left = x + barLeft; @@ -2599,8 +2827,9 @@ Licensed under the MIT license. // clip if (right < axisx.min || left > axisx.max || - top < axisy.min || bottom > axisy.max) + top < axisy.min || bottom > axisy.max) { return; + } if (left < axisx.min) { left = axisx.min; @@ -2629,8 +2858,13 @@ Licensed under the MIT license. // fill the bar if (fillStyleCallback) { + c.beginPath(); + c.moveTo(left, bottom); + c.lineTo(left, top); + c.lineTo(right, top); + c.lineTo(right, bottom); c.fillStyle = fillStyleCallback(bottom, top); - c.fillRect(left, top, right - left, bottom - top) + c.fill(); } // draw outline @@ -2638,35 +2872,40 @@ Licensed under the MIT license. c.beginPath(); // FIXME: inline moveTo is buggy with excanvas - c.moveTo(left, bottom); - if (drawLeft) - c.lineTo(left, top); - else - c.moveTo(left, top); - if (drawTop) - c.lineTo(right, top); - else - c.moveTo(right, top); - if (drawRight) - c.lineTo(right, bottom); - else - c.moveTo(right, bottom); - if (drawBottom) - c.lineTo(left, bottom); - else - c.moveTo(left, bottom); + c.moveTo(left, bottom + offset); + if (drawLeft) { + c.lineTo(left, top + offset); + } else { + c.moveTo(left, top + offset); + } + if (drawTop) { + c.lineTo(right, top + offset); + } else { + c.moveTo(right, top + offset); + } + if (drawRight) { + c.lineTo(right, bottom + offset); + } else { + c.moveTo(right, bottom + offset); + } + if (drawBottom) { + c.lineTo(left, bottom + offset); + } else { + c.moveTo(left, bottom + offset); + } c.stroke(); } } function drawSeriesBars(series) { - function plotBars(datapoints, barLeft, barRight, fillStyleCallback, axisx, axisy) { + function plotBars(datapoints, barLeft, barRight, offset, fillStyleCallback, axisx, axisy) { var points = datapoints.points, ps = datapoints.pointsize; for (var i = 0; i < points.length; i += ps) { - if (points[i] == null) + if (points[i] == null) { continue; - drawBar(points[i], points[i + 1], points[i + 2], barLeft, barRight, fillStyleCallback, axisx, axisy, ctx, series.bars.horizontal, series.bars.lineWidth); + } + drawBar(points[i], points[i + 1], points[i + 2], barLeft, barRight, offset, fillStyleCallback, axisx, axisy, ctx, series.bars.horizontal, series.bars.lineWidth); } } @@ -2680,53 +2919,53 @@ Licensed under the MIT license. var barLeft; switch (series.bars.align) { - case "left": - barLeft = 0; - break; - case "right": - barLeft = -series.bars.barWidth; - break; - default: - barLeft = -series.bars.barWidth / 2; + case "left": + barLeft = 0; + break; + case "right": + barLeft = -series.bars.barWidth; + break; + case "center": + barLeft = -series.bars.barWidth / 2; + break; + default: + throw new Error("Invalid bar alignment: " + series.bars.align); } var fillStyleCallback = series.bars.fill ? function (bottom, top) { return getFillStyle(series.bars, series.color, bottom, top); } : null; - plotBars(series.datapoints, barLeft, barLeft + series.bars.barWidth, fillStyleCallback, series.xaxis, series.yaxis); + plotBars(series.datapoints, barLeft, barLeft + series.bars.barWidth, 0, fillStyleCallback, series.xaxis, series.yaxis); ctx.restore(); } function getFillStyle(filloptions, seriesColor, bottom, top) { var fill = filloptions.fill; - if (!fill) + if (!fill) { return null; + } - if (filloptions.fillColor) + if (filloptions.fillColor) { return getColorOrGradient(filloptions.fillColor, bottom, top, seriesColor); + } var c = $.color.parse(seriesColor); - c.a = typeof fill == "number" ? fill : 0.4; + c.a = isNumeric(fill) ? fill : 0.4; c.normalize(); return c.toString(); } function insertLegend() { - if (options.legend.container != null) { - $(options.legend.container).html(""); - } else { - placeholder.find(".legend").remove(); - } + placeholder.find(".legend").remove(); if (!options.legend.show) { return; } - var fragments = [], entries = [], rowStarted = false, - lf = options.legend.labelFormatter, s, label; + var entries = [], lf = options.legend.labelFormatter, s, label, i; // Build a list of legend entries, with each having a label and a color - for (var i = 0; i < series.length; ++i) { + for (i = 0; i < series.length; ++i) { s = series[i]; if (s.label) { label = lf ? lf(s.label, s) : s.label; @@ -2739,18 +2978,24 @@ Licensed under the MIT license. } } + // No entries implies no legend + + if (entries.length === 0) { + return; + } + // Sort the legend using either the default or a custom comparator if (options.legend.sorted) { if ($.isFunction(options.legend.sorted)) { entries.sort(options.legend.sorted); - } else if (options.legend.sorted == "reverse") { - entries.reverse(); + } else if (options.legend.sorted === "reverse") { + entries.reverse(); } else { - var ascending = options.legend.sorted != "descending"; + var ascending = options.legend.sorted !== "descending"; entries.sort(function(a, b) { - return a.label == b.label ? 0 : ( - ((a.label < b.label) != ascending ? 1 : -1) // Logical XOR + return a.label === b.label ? 0 : ( + (a.label < b.label) !== ascending ? 1 : -1 // Logical XOR ); }); } @@ -2758,63 +3003,86 @@ Licensed under the MIT license. // Generate markup for the list of entries, in their final order - for (var i = 0; i < entries.length; ++i) { + var table = $("
").css({ + "font-size": "smaller", + "color": options.grid.color + }), rowBuffer = null; + + for (i = 0; i < entries.length; ++i) { var entry = entries[i]; - if (i % options.legend.noColumns == 0) { - if (rowStarted) - fragments.push(''); - fragments.push(''); - rowStarted = true; + if (i % options.legend.noColumns === 0) { + if (rowBuffer !== null) { + table.append(rowBuffer); + } + rowBuffer = $(""); } - fragments.push( - '
' + - '' + entry.label + '' + var colorbox = $("
").css({ + "width": "4px", + "height": 0, + "border": "5px solid " + entry.color, + "overflow": "hidden" + }), + + borderbox = $("
").css({ + "border": "1px solid " + options.legend.labelBoxBorderColor, + "padding": "1px" + }); + + rowBuffer.append( + $("").addClass("legendColorBox").append(borderbox.append(colorbox)), + $("").addClass("legendLabel").html(entry.label) ); } - if (rowStarted) - fragments.push(''); + table.append(rowBuffer); - if (fragments.length == 0) - return; - - var table = '' + fragments.join("") + '
'; - if (options.legend.container != null) + if (options.legend.container != null) { $(options.legend.container).html(table); - else { - var pos = "", + } else { + var pos = {"position": "absolute"}, p = options.legend.position, m = options.legend.margin; - if (m[0] == null) + if (m[0] == null) { m = [m, m]; - if (p.charAt(0) == "n") - pos += 'top:' + (m[1] + plotOffset.top) + 'px;'; - else if (p.charAt(0) == "s") - pos += 'bottom:' + (m[1] + plotOffset.bottom) + 'px;'; - if (p.charAt(1) == "e") - pos += 'right:' + (m[0] + plotOffset.right) + 'px;'; - else if (p.charAt(1) == "w") - pos += 'left:' + (m[0] + plotOffset.left) + 'px;'; - var legend = $('
' + table.replace('style="', 'style="position:absolute;' + pos +';') + '
').appendTo(placeholder); - if (options.legend.backgroundOpacity != 0.0) { + } + if (p.charAt(0) === "n") { + pos.top = (m[1] + plotOffset.top) + "px"; + } else if (p.charAt(0) === "s") { + pos.bottom = (m[1] + plotOffset.bottom) + "px"; + } + if (p.charAt(1) === "e") { + pos.right = (m[0] + plotOffset.right) + "px"; + } else if (p.charAt(1) === "w") { + pos.left = (m[0] + plotOffset.left) + "px"; + } + var legend = $("
").addClass("legend").append(table.css(pos)).appendTo(placeholder); + if (options.legend.backgroundOpacity !== 0.0) { // put in the transparent background // separately to avoid blended labels and // label boxes var c = options.legend.backgroundColor; if (c == null) { c = options.grid.backgroundColor; - if (c && typeof c == "string") + if (c && typeof c === "string") { c = $.color.parse(c); - else - c = $.color.extract(legend, 'background-color'); + } else { + c = $.color.extract(legend, "background-color"); + } c.a = 1; c = c.toString(); } var div = legend.children(); - $('
').prependTo(legend).css('opacity', options.legend.backgroundOpacity); + + // Position also applies to this + $("
").css(pos).css({ + "width": div.width() + "px", + "height": div.height() + "px", + "background-color": c, + "opacity": options.legend.backgroundOpacity + }).prependTo(legend); } } } @@ -2829,11 +3097,12 @@ Licensed under the MIT license. function findNearbyItem(mouseX, mouseY, seriesFilter) { var maxDistance = options.grid.mouseActiveRadius, smallestDistance = maxDistance * maxDistance + 1, - item = null, foundPoint = false, i, j, ps; + item = null, i, j, ps; for (i = series.length - 1; i >= 0; --i) { - if (!seriesFilter(series[i])) + if (!seriesFilter(series[i])) { continue; + } var s = series[i], axisx = s.xaxis, @@ -2842,27 +3111,35 @@ Licensed under the MIT license. mx = axisx.c2p(mouseX), // precompute some stuff to make the loop faster my = axisy.c2p(mouseY), maxx = maxDistance / axisx.scale, - maxy = maxDistance / axisy.scale; + maxy = maxDistance / axisy.scale, + x, y; ps = s.datapoints.pointsize; // with inverse transforms, we can't use the maxx/maxy // optimization, sadly - if (axisx.options.inverseTransform) + if (axisx.options.inverseTransform) { maxx = Number.MAX_VALUE; - if (axisy.options.inverseTransform) + } + if (axisy.options.inverseTransform) { maxy = Number.MAX_VALUE; + } if (s.lines.show || s.points.show) { for (j = 0; j < points.length; j += ps) { - var x = points[j], y = points[j + 1]; - if (x == null) + + x = points[j]; + y = points[j + 1]; + + if (x == null) { continue; + } // For points and lines, the cursor must be within a // certain distance to the data point if (x - mx > maxx || x - mx < -maxx || - y - my > maxy || y - my < -maxy) + y - my > maxy || y - my < -maxy) { continue; + } // We have to calculate distances in pixels, not in // data units, because the scales of the axes may be different @@ -2880,34 +3157,25 @@ Licensed under the MIT license. } if (s.bars.show && !item) { // no other point can be nearby - - var barLeft, barRight; - - switch (s.bars.align) { - case "left": - barLeft = 0; - break; - case "right": - barLeft = -s.bars.barWidth; - break; - default: - barLeft = -s.bars.barWidth / 2; - } - - barRight = barLeft + s.bars.barWidth; + var barLeft = s.bars.align === "left" ? 0 : -s.bars.barWidth/2, + barRight = barLeft + s.bars.barWidth; for (j = 0; j < points.length; j += ps) { - var x = points[j], y = points[j + 1], b = points[j + 2]; - if (x == null) + x = points[j]; + y = points[j + 1]; + var b = points[j + 2]; + if (x == null) { continue; + } // for a bar graph, the cursor must be inside the bar if (series[i].bars.horizontal ? (mx <= Math.max(b, x) && mx >= Math.min(b, x) && my >= y + barLeft && my <= y + barRight) : (mx >= x + barLeft && mx <= x + barRight && - my >= Math.min(b, y) && my <= Math.max(b, y))) - item = [i, j / ps]; + my >= Math.min(b, y) && my <= Math.max(b, y))) { + item = [i, j / ps]; + } } } } @@ -2927,20 +3195,22 @@ Licensed under the MIT license. } function onMouseMove(e) { - if (options.grid.hoverable) + if (options.grid.hoverable) { triggerClickHoverEvent("plothover", e, - function (s) { return s["hoverable"] != false; }); + function (s) { return s.hoverable !== false; }); + } } function onMouseLeave(e) { - if (options.grid.hoverable) + if (options.grid.hoverable) { triggerClickHoverEvent("plothover", e, - function (s) { return false; }); + function () { return false; }); + } } function onClick(e) { triggerClickHoverEvent("plotclick", e, - function (s) { return s["clickable"] != false; }); + function (s) { return s.clickable !== false; }); } // trigger click or hover event (they send the same parameters @@ -2966,15 +3236,18 @@ Licensed under the MIT license. // clear auto-highlights for (var i = 0; i < highlights.length; ++i) { var h = highlights[i]; - if (h.auto == eventname && - !(item && h.series == item.series && - h.point[0] == item.datapoint[0] && - h.point[1] == item.datapoint[1])) + if (h.auto === eventname && !( + item && h.series === item.series && + h.point[0] === item.datapoint[0] && + h.point[1] === item.datapoint[1] + )) { unhighlight(h.series, h.point); + } } - if (item) + if (item) { highlight(item.series, item.datapoint, eventname); + } } placeholder.trigger(eventname, [ pos, item ]); @@ -2982,13 +3255,14 @@ Licensed under the MIT license. function triggerRedrawOverlay() { var t = options.interaction.redrawOverlayInterval; - if (t == -1) { // skip event queue + if (t === -1) { // skip event queue drawOverlay(); return; } - if (!redrawTimeout) + if (!redrawTimeout) { redrawTimeout = setTimeout(drawOverlay, t); + } } function drawOverlay() { @@ -3003,10 +3277,11 @@ Licensed under the MIT license. for (i = 0; i < highlights.length; ++i) { hi = highlights[i]; - if (hi.series.bars.show) + if (hi.series.bars.show) { drawBarHighlight(hi.series, hi.point); - else + } else { drawPointHighlight(hi.series, hi.point); + } } octx.restore(); @@ -3014,22 +3289,22 @@ Licensed under the MIT license. } function highlight(s, point, auto) { - if (typeof s == "number") + if (isNumeric(s)) { s = series[s]; + } - if (typeof point == "number") { + if (isNumeric(point)) { var ps = s.datapoints.pointsize; point = s.datapoints.points.slice(ps * point, ps * (point + 1)); } var i = indexOfHighlight(s, point); - if (i == -1) { + if (i === -1) { highlights.push({ series: s, point: point, auto: auto }); - triggerRedrawOverlay(); - } - else if (!auto) + } else if (!auto) { highlights[i].auto = false; + } } function unhighlight(s, point) { @@ -3039,18 +3314,18 @@ Licensed under the MIT license. return; } - if (typeof s == "number") + if (isNumeric(s)) { s = series[s]; + } - if (typeof point == "number") { + if (isNumeric(point)) { var ps = s.datapoints.pointsize; point = s.datapoints.points.slice(ps * point, ps * (point + 1)); } var i = indexOfHighlight(s, point); - if (i != -1) { + if (i !== -1) { highlights.splice(i, 1); - triggerRedrawOverlay(); } } @@ -3058,9 +3333,9 @@ Licensed under the MIT license. function indexOfHighlight(s, p) { for (var i = 0; i < highlights.length; ++i) { var h = highlights[i]; - if (h.series == s && h.point[0] == p[0] - && h.point[1] == p[1]) + if (h.series === s && h.point[0] === p[0] && h.point[1] === p[1]) { return i; + } } return -1; } @@ -3068,54 +3343,52 @@ Licensed under the MIT license. function drawPointHighlight(series, point) { var x = point[0], y = point[1], axisx = series.xaxis, axisy = series.yaxis, - highlightColor = (typeof series.highlightColor === "string") ? series.highlightColor : $.color.parse(series.color).scale('a', 0.5).toString(); + highlightColor = (typeof series.highlightColor === "string") ? series.highlightColor : $.color.parse(series.color).scale("a", 0.5).toString(); - if (x < axisx.min || x > axisx.max || y < axisy.min || y > axisy.max) + if (x < axisx.min || x > axisx.max || y < axisy.min || y > axisy.max) { return; + } - var pointRadius = series.points.radius + series.points.lineWidth / 2; + var pointRadius; + var radius; + if (series.points.show) { + pointRadius = series.points.radius + series.points.lineWidth / 2; + radius = 1.5 * pointRadius; + } else { + pointRadius = series.points.radius; + radius = 0.5 * pointRadius; + } octx.lineWidth = pointRadius; octx.strokeStyle = highlightColor; - var radius = 1.5 * pointRadius; x = axisx.p2c(x); y = axisy.p2c(y); octx.beginPath(); - if (series.points.symbol == "circle") + if (series.points.symbol === "circle") { octx.arc(x, y, radius, 0, 2 * Math.PI, false); - else + } else { series.points.symbol(octx, x, y, radius, false); + } octx.closePath(); octx.stroke(); } function drawBarHighlight(series, point) { - var highlightColor = (typeof series.highlightColor === "string") ? series.highlightColor : $.color.parse(series.color).scale('a', 0.5).toString(), + var highlightColor = (typeof series.highlightColor === "string") ? series.highlightColor : $.color.parse(series.color).scale("a", 0.5).toString(), fillStyle = highlightColor, - barLeft; - - switch (series.bars.align) { - case "left": - barLeft = 0; - break; - case "right": - barLeft = -series.bars.barWidth; - break; - default: - barLeft = -series.bars.barWidth / 2; - } + barLeft = series.bars.align === "left" ? 0 : -series.bars.barWidth/2; octx.lineWidth = series.bars.lineWidth; octx.strokeStyle = highlightColor; drawBar(point[0], point[1], point[2] || 0, barLeft, barLeft + series.bars.barWidth, - function () { return fillStyle; }, series.xaxis, series.yaxis, octx, series.bars.horizontal, series.bars.lineWidth); + 0, function () { return fillStyle; }, series.xaxis, series.yaxis, octx, series.bars.horizontal, series.bars.lineWidth); } function getColorOrGradient(spec, bottom, top, defaultColor) { - if (typeof spec == "string") + if (typeof spec === "string") { return spec; - else { + } else { // assume this is a gradient spec; IE currently only // supports a simple vertical gradient properly, so that's // what we support too @@ -3123,12 +3396,14 @@ Licensed under the MIT license. for (var i = 0, l = spec.colors.length; i < l; ++i) { var c = spec.colors[i]; - if (typeof c != "string") { + if (typeof c !== "string") { var co = $.color.parse(defaultColor); - if (c.brightness != null) - co = co.scale('rgb', c.brightness); - if (c.opacity != null) + if (c.brightness != null) { + co = co.scale("rgb", c.brightness); + } + if (c.opacity != null) { co.a *= c.opacity; + } c = co.toString(); } gradient.addColorStop(i / (l - 1), c); @@ -3148,7 +3423,7 @@ Licensed under the MIT license. return plot; }; - $.plot.version = "0.8.3"; + $.plot.version = "0.9.0-alpha"; $.plot.plugins = []; @@ -3165,4 +3440,4 @@ Licensed under the MIT license. return base * Math.floor(n / base); } -})(jQuery); +})(jQuery); \ No newline at end of file diff --git a/packages/kbn-generate-csv/src/generate_csv.ts b/packages/kbn-generate-csv/src/generate_csv.ts index cafc6600f51a36..5ed92df84c581c 100644 --- a/packages/kbn-generate-csv/src/generate_csv.ts +++ b/packages/kbn-generate-csv/src/generate_csv.ts @@ -26,10 +26,12 @@ import { byteSizeValueToNumber, CancellationToken, ReportingError, + ReportingSavedObjectNotFoundError, } from '@kbn/reporting-common'; import type { TaskInstanceFields, TaskRunResult } from '@kbn/reporting-common/types'; import type { ReportingConfigType } from '@kbn/reporting-server'; +import { TaskErrorSource, createTaskRunError } from '@kbn/task-manager-plugin/server'; import { CONTENT_TYPE_CSV } from '../constants'; import type { JobParamsCSV } from '../types'; import { getExportSettings, type CsvExportSettings } from './lib/get_export_settings'; @@ -235,6 +237,21 @@ export class CsvGenerator { public async generateData(): Promise { const logger = this.logger; + + const createSearchSource = async () => { + try { + const source = await this.dependencies.searchSourceStart.create(this.job.searchSource); + return source; + } catch (err) { + // Saved object not found + if (err?.output?.statusCode === 404) { + const reportingError = new ReportingSavedObjectNotFoundError(err); + throw createTaskRunError(reportingError, TaskErrorSource.USER); + } + throw err; + } + }; + const [settings, searchSource] = await Promise.all([ getExportSettings( this.clients.uiSettings, @@ -243,7 +260,7 @@ export class CsvGenerator { this.job.browserTimezone, logger ), - this.dependencies.searchSourceStart.create(this.job.searchSource), + createSearchSource(), ]); const { startedAt, retryAt } = this.taskInstanceFields; diff --git a/packages/kbn-generate-csv/tsconfig.json b/packages/kbn-generate-csv/tsconfig.json index b57990c20eb4a1..4216438b6689a1 100644 --- a/packages/kbn-generate-csv/tsconfig.json +++ b/packages/kbn-generate-csv/tsconfig.json @@ -30,5 +30,6 @@ "@kbn/es-types", "@kbn/data-views-plugin", "@kbn/search-types", + "@kbn/task-manager-plugin", ] } diff --git a/packages/kbn-grid-layout/grid/grid_height_smoother.tsx b/packages/kbn-grid-layout/grid/grid_height_smoother.tsx index 960fe4f52e7354..7693fac72918a0 100644 --- a/packages/kbn-grid-layout/grid/grid_height_smoother.tsx +++ b/packages/kbn-grid-layout/grid/grid_height_smoother.tsx @@ -24,7 +24,7 @@ export const GridHeightSmoother = ({ gridLayoutStateManager.interactionEvent$, ]).subscribe(([dimensions, interactionEvent]) => { if (!smoothHeightRef.current) return; - if (!interactionEvent) { + if (!interactionEvent || interactionEvent.type === 'drop') { smoothHeightRef.current.style.height = `${dimensions.height}px`; return; } diff --git a/packages/kbn-grid-layout/grid/grid_layout.tsx b/packages/kbn-grid-layout/grid/grid_layout.tsx index 7587e57e9dd1ca..c6bbd94dabe562 100644 --- a/packages/kbn-grid-layout/grid/grid_layout.tsx +++ b/packages/kbn-grid-layout/grid/grid_layout.tsx @@ -7,10 +7,11 @@ * License v3.0 only", or the "Server Side Public License, v 1". */ -import { useBatchedPublishingSubjects } from '@kbn/presentation-publishing'; import React from 'react'; + +import { useBatchedPublishingSubjects } from '@kbn/presentation-publishing'; + import { GridHeightSmoother } from './grid_height_smoother'; -import { GridOverlay } from './grid_overlay'; import { GridRow } from './grid_row'; import { GridLayoutData, GridSettings } from './types'; import { useGridLayoutEvents } from './use_grid_layout_events'; @@ -49,17 +50,17 @@ export const GridLayout = ({ key={rowData.title} rowIndex={rowIndex} runtimeSettings={runtimeSettings} - activePanelId={interactionEvent?.id} renderPanelContents={renderPanelContents} targetRowIndex={interactionEvent?.targetRowIndex} + gridLayoutStateManager={gridLayoutStateManager} toggleIsCollapsed={() => { const currentLayout = gridLayoutStateManager.gridLayout$.value; currentLayout[rowIndex].isCollapsed = !currentLayout[rowIndex].isCollapsed; gridLayoutStateManager.gridLayout$.next(currentLayout); }} setInteractionEvent={(nextInteractionEvent) => { - if (!nextInteractionEvent) { - gridLayoutStateManager.hideDragPreview(); + if (nextInteractionEvent?.type === 'drop') { + gridLayoutStateManager.activePanel$.next(undefined); } gridLayoutStateManager.interactionEvent$.next(nextInteractionEvent); }} @@ -69,10 +70,6 @@ export const GridLayout = ({ })} - ); }; diff --git a/packages/kbn-grid-layout/grid/grid_overlay.tsx b/packages/kbn-grid-layout/grid/grid_overlay.tsx deleted file mode 100644 index 958618d2f8f38f..00000000000000 --- a/packages/kbn-grid-layout/grid/grid_overlay.tsx +++ /dev/null @@ -1,135 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the "Elastic License - * 2.0", the "GNU Affero General Public License v3.0 only", and the "Server Side - * Public License v 1"; you may not use this file except in compliance with, at - * your election, the "Elastic License 2.0", the "GNU Affero General Public - * License v3.0 only", or the "Server Side Public License, v 1". - */ - -import { EuiPortal, EuiText, transparentize } from '@elastic/eui'; -import { css } from '@emotion/react'; -import { i18n } from '@kbn/i18n'; -import { euiThemeVars } from '@kbn/ui-theme'; -import React, { useRef, useState } from 'react'; -import { GridLayoutStateManager, PanelInteractionEvent } from './types'; - -type ScrollDirection = 'up' | 'down'; - -const scrollLabels: { [key in ScrollDirection]: string } = { - up: i18n.translate('kbnGridLayout.overlays.scrollUpLabel', { defaultMessage: 'Scroll up' }), - down: i18n.translate('kbnGridLayout.overlays.scrollDownLabel', { defaultMessage: 'Scroll down' }), -}; - -const scrollOnInterval = (direction: ScrollDirection) => { - const interval = setInterval(() => { - window.scroll({ - top: window.scrollY + (direction === 'down' ? 50 : -50), - behavior: 'smooth', - }); - }, 100); - return interval; -}; - -const ScrollOnHover = ({ direction, hide }: { hide: boolean; direction: ScrollDirection }) => { - const [isActive, setIsActive] = useState(false); - const scrollInterval = useRef(null); - const stopScrollInterval = () => { - if (scrollInterval.current) { - clearInterval(scrollInterval.current); - } - }; - - return ( -
{ - setIsActive(true); - scrollInterval.current = scrollOnInterval(direction); - }} - onMouseLeave={() => { - setIsActive(false); - stopScrollInterval(); - }} - css={css` - width: 100%; - position: fixed; - display: flex; - align-items: center; - flex-direction: column; - justify-content: center; - opacity: ${hide ? 0 : 1}; - transition: opacity 100ms linear; - padding: ${euiThemeVars.euiSizeM}; - ${direction === 'down' ? 'bottom: 0;' : 'top: 0;'} - `} - > - {direction === 'up' && ( -
- )} -
- - {scrollLabels[direction]} - -
-
- ); -}; - -export const GridOverlay = ({ - interactionEvent, - gridLayoutStateManager, -}: { - interactionEvent?: PanelInteractionEvent; - gridLayoutStateManager: GridLayoutStateManager; -}) => { - return ( - -
- - -
-
- - ); -}; diff --git a/packages/kbn-grid-layout/grid/grid_panel.tsx b/packages/kbn-grid-layout/grid/grid_panel.tsx index 7bad4d1af037c8..fbe34c4b68e156 100644 --- a/packages/kbn-grid-layout/grid/grid_panel.tsx +++ b/packages/kbn-grid-layout/grid/grid_panel.tsx @@ -7,63 +7,38 @@ * License v3.0 only", or the "Server Side Public License, v 1". */ +import React, { forwardRef } from 'react'; + import { EuiIcon, EuiPanel, euiFullHeight, transparentize, useEuiOverflowScroll, + useEuiTheme, } from '@elastic/eui'; import { css } from '@emotion/react'; import { euiThemeVars } from '@kbn/ui-theme'; -import React, { useCallback, useRef } from 'react'; + import { GridPanelData, PanelInteractionEvent } from './types'; -export const GridPanel = ({ - activePanelId, - panelData, - renderPanelContents, - setInteractionEvent, -}: { - panelData: GridPanelData; - activePanelId: string | undefined; - renderPanelContents: (panelId: string) => React.ReactNode; - setInteractionEvent: (interactionData?: Omit) => void; -}) => { - const panelRef = useRef(null); +export const GridPanel = forwardRef< + HTMLDivElement, + { + panelData: GridPanelData; + activePanelId: string | undefined; + renderPanelContents: (panelId: string) => React.ReactNode; + interactionStart: ( + type: PanelInteractionEvent['type'], + e: React.MouseEvent + ) => void; + } +>(({ activePanelId, panelData, renderPanelContents, interactionStart }, panelRef) => { + const { euiTheme } = useEuiTheme(); const thisPanelActive = activePanelId === panelData.id; - const interactionStart = useCallback( - (type: 'drag' | 'resize', e: React.MouseEvent) => { - if (!panelRef.current) return; - e.preventDefault(); - e.stopPropagation(); - const panelRect = panelRef.current.getBoundingClientRect(); - setInteractionEvent({ - type, - id: panelData.id, - panelDiv: panelRef.current, - mouseOffsets: { - top: e.clientY - panelRect.top, - left: e.clientX - panelRect.left, - right: e.clientX - panelRect.right, - bottom: e.clientY - panelRect.bottom, - }, - }); - }, - [panelData.id, setInteractionEvent] - ); - return ( -
+
interactionStart('drag', e)} + onMouseUp={(e) => interactionStart('drop', e)} >
@@ -109,6 +93,7 @@ export const GridPanel = ({
interactionStart('resize', e)} + onMouseUp={(e) => interactionStart('drop', e)} css={css` right: 0; bottom: 0; @@ -139,4 +124,4 @@ export const GridPanel = ({
); -}; +}); diff --git a/packages/kbn-grid-layout/grid/grid_row.tsx b/packages/kbn-grid-layout/grid/grid_row.tsx index b2a9375c390b1c..917f661c91740b 100644 --- a/packages/kbn-grid-layout/grid/grid_row.tsx +++ b/packages/kbn-grid-layout/grid/grid_row.tsx @@ -7,13 +7,21 @@ * License v3.0 only", or the "Server Side Public License, v 1". */ +import React, { forwardRef, useMemo, useRef } from 'react'; + import { EuiButtonIcon, EuiFlexGroup, EuiSpacer, EuiTitle, transparentize } from '@elastic/eui'; import { css } from '@emotion/react'; import { i18n } from '@kbn/i18n'; import { euiThemeVars } from '@kbn/ui-theme'; -import React, { forwardRef, useMemo } from 'react'; +import { useStateFromPublishingSubject } from '@kbn/presentation-publishing'; + import { GridPanel } from './grid_panel'; -import { GridRowData, PanelInteractionEvent, RuntimeGridSettings } from './types'; +import { + GridLayoutStateManager, + GridRowData, + PanelInteractionEvent, + RuntimeGridSettings, +} from './types'; const gridColor = transparentize(euiThemeVars.euiColorSuccess, 0.2); const getGridBackgroundCSS = (settings: RuntimeGridSettings) => { @@ -32,28 +40,31 @@ export const GridRow = forwardRef< rowIndex: number; rowData: GridRowData; toggleIsCollapsed: () => void; - activePanelId: string | undefined; targetRowIndex: number | undefined; runtimeSettings: RuntimeGridSettings; renderPanelContents: (panelId: string) => React.ReactNode; setInteractionEvent: (interactionData?: PanelInteractionEvent) => void; + gridLayoutStateManager: GridLayoutStateManager; } >( ( { rowData, rowIndex, - activePanelId, targetRowIndex, runtimeSettings, toggleIsCollapsed, renderPanelContents, setInteractionEvent, + gridLayoutStateManager, }, gridRef ) => { + const dragPreviewRef = useRef(null); + const activePanel = useStateFromPublishingSubject(gridLayoutStateManager.activePanel$); + const { gutterSize, columnCount, rowHeight } = runtimeSettings; - const isGridTargeted = activePanelId && targetRowIndex === rowIndex; + const isGridTargeted = activePanel?.id && targetRowIndex === rowIndex; // calculate row count based on the number of rows needed to fit all panels const rowCount = useMemo(() => { @@ -107,20 +118,58 @@ export const GridRow = forwardRef< { - if (partialInteractionEvent) { - setInteractionEvent({ - ...partialInteractionEvent, - targetRowIndex: rowIndex, - }); - return; + interactionStart={(type, e) => { + e.preventDefault(); + e.stopPropagation(); + const panelRef = gridLayoutStateManager.panelRefs.current[rowIndex][panelData.id]; + if (!panelRef) return; + + const panelRect = panelRef.getBoundingClientRect(); + setInteractionEvent({ + type, + id: panelData.id, + panelDiv: panelRef, + targetRowIndex: rowIndex, + mouseOffsets: { + top: e.clientY - panelRect.top, + left: e.clientX - panelRect.left, + right: e.clientX - panelRect.right, + bottom: e.clientY - panelRect.bottom, + }, + }); + }} + ref={(element) => { + if (!gridLayoutStateManager.panelRefs.current[rowIndex]) { + gridLayoutStateManager.panelRefs.current[rowIndex] = {}; } - setInteractionEvent(); + gridLayoutStateManager.panelRefs.current[rowIndex][panelData.id] = element; }} /> ))} + + {/* render the drag preview if this row is currently being targetted */} + {isGridTargeted && ( +
+ )}
)} diff --git a/packages/kbn-grid-layout/grid/types.ts b/packages/kbn-grid-layout/grid/types.ts index 3d63c9f6ea01ab..3a88eeb33baba5 100644 --- a/packages/kbn-grid-layout/grid/types.ts +++ b/packages/kbn-grid-layout/grid/types.ts @@ -46,21 +46,25 @@ export interface GridSettings { */ export type RuntimeGridSettings = GridSettings & { columnPixelWidth: number }; -export interface GridLayoutStateManager { - hideDragPreview: () => void; - updatePreviewElement: (rect: { +export interface ActivePanel { + id: string; + position: { top: number; left: number; bottom: number; right: number; - }) => void; + }; +} +export interface GridLayoutStateManager { gridDimensions$: BehaviorSubject; gridLayout$: BehaviorSubject; runtimeSettings$: BehaviorSubject; - rowRefs: React.MutableRefObject>; - dragPreviewRef: React.MutableRefObject; + activePanel$: BehaviorSubject; interactionEvent$: BehaviorSubject; + + rowRefs: React.MutableRefObject>; + panelRefs: React.MutableRefObject>; } /** @@ -70,7 +74,7 @@ export interface PanelInteractionEvent { /** * The type of interaction being performed. */ - type: 'drag' | 'resize'; + type: 'drag' | 'resize' | 'drop'; /** * The id of the panel being interacted with. diff --git a/packages/kbn-grid-layout/grid/use_grid_layout_events.ts b/packages/kbn-grid-layout/grid/use_grid_layout_events.ts index 34fa84eeb131ed..dfbd013d3642a9 100644 --- a/packages/kbn-grid-layout/grid/use_grid_layout_events.ts +++ b/packages/kbn-grid-layout/grid/use_grid_layout_events.ts @@ -8,8 +8,9 @@ */ import { useEffect, useRef } from 'react'; + import { resolveGridRow } from './resolve_grid_row'; -import { GridPanelData, GridLayoutStateManager } from './types'; +import { GridLayoutStateManager, GridPanelData } from './types'; export const isGridDataEqual = (a?: GridPanelData, b?: GridPanelData) => { return ( @@ -35,12 +36,11 @@ export const useGridLayoutEvents = ({ useEffect(() => { const { runtimeSettings$, interactionEvent$, gridLayout$ } = gridLayoutStateManager; const calculateUserEvent = (e: Event) => { - if (!interactionEvent$.value) return; + if (!interactionEvent$.value || interactionEvent$.value.type === 'drop') return; e.preventDefault(); e.stopPropagation(); const gridRowElements = gridLayoutStateManager.rowRefs.current; - const previewElement = gridLayoutStateManager.dragPreviewRef.current; const interactionEvent = interactionEvent$.value; const isResize = interactionEvent?.type === 'resize'; @@ -53,7 +53,7 @@ export const useGridLayoutEvents = ({ } })(); - if (!runtimeSettings$.value || !previewElement || !gridRowElements || !currentGridData) { + if (!runtimeSettings$.value || !gridRowElements || !currentGridData) { return; } @@ -68,7 +68,7 @@ export const useGridLayoutEvents = ({ bottom: mouseTargetPixel.y - interactionEvent.mouseOffsets.bottom, right: mouseTargetPixel.x - interactionEvent.mouseOffsets.right, }; - gridLayoutStateManager.updatePreviewElement(previewRect); + gridLayoutStateManager.activePanel$.next({ id: interactionEvent.id, position: previewRect }); // find the grid that the preview rect is over const previewBottom = @@ -154,29 +154,19 @@ export const useGridLayoutEvents = ({ const resolvedOriginGrid = resolveGridRow(originGrid); nextLayout[lastRowIndex] = resolvedOriginGrid; } + gridLayout$.next(nextLayout); } }; - const onMouseUp = (e: MouseEvent) => { - if (!interactionEvent$.value) return; - e.preventDefault(); - e.stopPropagation(); - - interactionEvent$.next(undefined); - gridLayoutStateManager.hideDragPreview(); - }; - const onMouseMove = (e: MouseEvent) => { mouseClientPosition.current = { x: e.clientX, y: e.clientY }; calculateUserEvent(e); }; - document.addEventListener('mouseup', onMouseUp); document.addEventListener('mousemove', onMouseMove); document.addEventListener('scroll', calculateUserEvent); return () => { - document.removeEventListener('mouseup', onMouseUp); document.removeEventListener('mousemove', onMouseMove); document.removeEventListener('scroll', calculateUserEvent); }; diff --git a/packages/kbn-grid-layout/grid/use_grid_layout_state.ts b/packages/kbn-grid-layout/grid/use_grid_layout_state.ts index e10ce12fe5b6be..cdb99a9ebbfd04 100644 --- a/packages/kbn-grid-layout/grid/use_grid_layout_state.ts +++ b/packages/kbn-grid-layout/grid/use_grid_layout_state.ts @@ -7,10 +7,12 @@ * License v3.0 only", or the "Server Side Public License, v 1". */ +import { i18n } from '@kbn/i18n'; import { useEffect, useMemo, useRef } from 'react'; -import { BehaviorSubject, debounceTime } from 'rxjs'; +import { BehaviorSubject, combineLatest, debounceTime, map, retry } from 'rxjs'; import useResizeObserver, { type ObservedSize } from 'use-resize-observer/polyfilled'; import { + ActivePanel, GridLayoutData, GridLayoutStateManager, GridSettings, @@ -27,7 +29,7 @@ export const useGridLayoutState = ({ setDimensionsRef: (instance: HTMLDivElement | null) => void; } => { const rowRefs = useRef>([]); - const dragPreviewRef = useRef(null); + const panelRefs = useRef>([]); // eslint-disable-next-line react-hooks/exhaustive-deps const { initialLayout, gridSettings } = useMemo(() => getCreationOptions(), []); @@ -36,6 +38,7 @@ export const useGridLayoutState = ({ const gridLayout$ = new BehaviorSubject(initialLayout); const gridDimensions$ = new BehaviorSubject({ width: 0, height: 0 }); const interactionEvent$ = new BehaviorSubject(undefined); + const activePanel$ = new BehaviorSubject(undefined); const runtimeSettings$ = new BehaviorSubject({ ...gridSettings, columnPixelWidth: 0, @@ -43,41 +46,21 @@ export const useGridLayoutState = ({ return { rowRefs, + panelRefs, gridLayout$, - dragPreviewRef, + activePanel$, gridDimensions$, runtimeSettings$, interactionEvent$, - updatePreviewElement: (previewRect: { - top: number; - bottom: number; - left: number; - right: number; - }) => { - if (!dragPreviewRef.current) return; - dragPreviewRef.current.style.opacity = '1'; - dragPreviewRef.current.style.left = `${previewRect.left}px`; - dragPreviewRef.current.style.top = `${previewRect.top}px`; - dragPreviewRef.current.style.width = `${Math.max( - previewRect.right - previewRect.left, - runtimeSettings$.value.columnPixelWidth - )}px`; - dragPreviewRef.current.style.height = `${Math.max( - previewRect.bottom - previewRect.top, - runtimeSettings$.value.rowHeight - )}px`; - }, - hideDragPreview: () => { - if (!dragPreviewRef.current) return; - dragPreviewRef.current.style.opacity = '0'; - }, }; // eslint-disable-next-line react-hooks/exhaustive-deps }, []); useEffect(() => { - // debounce width changes to avoid unnecessary column width recalculation. - const subscription = gridLayoutStateManager.gridDimensions$ + /** + * debounce width changes to avoid unnecessary column width recalculation. + */ + const resizeSubscription = gridLayoutStateManager.gridDimensions$ .pipe(debounceTime(250)) .subscribe((dimensions) => { const elementWidth = dimensions.width ?? 0; @@ -86,7 +69,116 @@ export const useGridLayoutState = ({ gridSettings.columnCount; gridLayoutStateManager.runtimeSettings$.next({ ...gridSettings, columnPixelWidth }); }); - return () => subscription.unsubscribe(); + + /** + * on layout change, update the styles of every panel so that it renders as expected + */ + const onLayoutChangeSubscription = combineLatest([ + gridLayoutStateManager.gridLayout$, + gridLayoutStateManager.activePanel$, + ]) + .pipe( + map(([gridLayout, activePanel]) => { + // wait for all panel refs to be ready before continuing + for (let rowIndex = 0; rowIndex < gridLayout.length; rowIndex++) { + const currentRow = gridLayout[rowIndex]; + Object.keys(currentRow.panels).forEach((key) => { + const panelRef = gridLayoutStateManager.panelRefs.current[rowIndex][key]; + if (!panelRef && !currentRow.isCollapsed) { + throw new Error( + i18n.translate('kbnGridLayout.panelRefNotFoundError', { + defaultMessage: 'Panel reference does not exist', // the retry will catch this error + }) + ); + } + }); + } + return { gridLayout, activePanel }; + }), + retry({ delay: 10 }) // retry until panel references all exist + ) + .subscribe(({ gridLayout, activePanel }) => { + const runtimeSettings = gridLayoutStateManager.runtimeSettings$.getValue(); + const currentInteractionEvent = gridLayoutStateManager.interactionEvent$.getValue(); + + for (let rowIndex = 0; rowIndex < gridLayout.length; rowIndex++) { + if (activePanel && rowIndex !== currentInteractionEvent?.targetRowIndex) { + /** + * If there is an interaction event happening but the current row is not being targetted, it + * does not need to be re-rendered; so, skip setting the panel styles of this row. + * + * If there is **no** interaction event, then this is the initial render so the styles of every + * panel should be initialized; so, don't skip setting the panel styles. + */ + continue; + } + + // re-render the targetted row + const currentRow = gridLayout[rowIndex]; + Object.keys(currentRow.panels).forEach((key) => { + const panel = currentRow.panels[key]; + const panelRef = gridLayoutStateManager.panelRefs.current[rowIndex][key]; + if (!panelRef) { + return; + } + + const isResize = currentInteractionEvent?.type === 'resize'; + if (panel.id === activePanel?.id) { + // if the current panel is active, give it fixed positioning depending on the interaction event + const { position: draggingPosition } = activePanel; + + if (isResize) { + // if the current panel is being resized, ensure it is not shrunk past the size of a single cell + panelRef.style.width = `${Math.max( + draggingPosition.right - draggingPosition.left, + runtimeSettings.columnPixelWidth + )}px`; + panelRef.style.height = `${Math.max( + draggingPosition.bottom - draggingPosition.top, + runtimeSettings.rowHeight + )}px`; + + // undo any "lock to grid" styles **except** for the top left corner, which stays locked + panelRef.style.gridColumnStart = `${panel.column + 1}`; + panelRef.style.gridRowStart = `${panel.row + 1}`; + panelRef.style.gridColumnEnd = ``; + panelRef.style.gridRowEnd = ``; + } else { + // if the current panel is being dragged, render it with a fixed position + size + panelRef.style.position = 'fixed'; + panelRef.style.left = `${draggingPosition.left}px`; + panelRef.style.top = `${draggingPosition.top}px`; + panelRef.style.width = `${draggingPosition.right - draggingPosition.left}px`; + panelRef.style.height = `${draggingPosition.bottom - draggingPosition.top}px`; + + // undo any "lock to grid" styles + panelRef.style.gridColumnStart = ``; + panelRef.style.gridRowStart = ``; + panelRef.style.gridColumnEnd = ``; + panelRef.style.gridRowEnd = ``; + } + } else { + // if the panel is not being dragged and/or resized, undo any fixed position styles + panelRef.style.position = ''; + panelRef.style.left = ``; + panelRef.style.top = ``; + panelRef.style.width = ``; + panelRef.style.height = ``; + + // and render the panel locked to the grid + panelRef.style.gridColumnStart = `${panel.column + 1}`; + panelRef.style.gridColumnEnd = `${panel.column + 1 + panel.width}`; + panelRef.style.gridRowStart = `${panel.row + 1}`; + panelRef.style.gridRowEnd = `${panel.row + 1 + panel.height}`; + } + }); + } + }); + + return () => { + resizeSubscription.unsubscribe(); + onLayoutChangeSubscription.unsubscribe(); + }; // eslint-disable-next-line react-hooks/exhaustive-deps }, []); diff --git a/packages/kbn-investigation-shared/src/rest_specs/entity.ts b/packages/kbn-investigation-shared/src/rest_specs/entity.ts index 1c29192c2a098d..8e571f3e2a4d47 100644 --- a/packages/kbn-investigation-shared/src/rest_specs/entity.ts +++ b/packages/kbn-investigation-shared/src/rest_specs/entity.ts @@ -19,13 +19,12 @@ const metricsSchema = z.object({ const entitySchema = z.object({ id: z.string(), - definitionId: z.string(), - definitionVersion: z.string(), - displayName: z.string(), - firstSeenTimestamp: z.string(), - lastSeenTimestamp: z.string(), - identityFields: z.array(z.string()), - schemaVersion: z.string(), + definition_id: z.string(), + definition_version: z.string(), + display_name: z.string(), + last_seen_timestamp: z.string(), + identity_fields: z.array(z.string()), + schema_version: z.string(), type: z.string(), metrics: metricsSchema, }); diff --git a/packages/kbn-reporting/common/errors.ts b/packages/kbn-reporting/common/errors.ts index 9f45a1b6ae1d50..45a299115bf1bd 100644 --- a/packages/kbn-reporting/common/errors.ts +++ b/packages/kbn-reporting/common/errors.ts @@ -152,3 +152,10 @@ export class VisualReportingSoftDisabledError extends ReportingError { }); } } + +export class ReportingSavedObjectNotFoundError extends ReportingError { + static code = 'reporting_saved_object_not_found_error' as const; + public get code(): string { + return ReportingSavedObjectNotFoundError.code; + } +} diff --git a/packages/kbn-reporting/public/share/share_context_menu/register_pdf_png_modal_reporting.tsx b/packages/kbn-reporting/public/share/share_context_menu/register_pdf_png_modal_reporting.tsx index 949e7bc5930729..54ced9511d1033 100644 --- a/packages/kbn-reporting/public/share/share_context_menu/register_pdf_png_modal_reporting.tsx +++ b/packages/kbn-reporting/public/share/share_context_menu/register_pdf_png_modal_reporting.tsx @@ -237,18 +237,6 @@ export const reportingExportModalProvider = ({ generateExportUrl: generateExportUrlPDF, reportType: 'printablePdfV2', requiresSavedState, - helpText: ( - - ), - generateExportButton: ( - - ), layoutOption: objectType === 'dashboard' ? ('print' as const) : undefined, renderLayoutOptionSwitch: objectType === 'dashboard', renderCopyURLButton: true, @@ -268,15 +256,6 @@ export const reportingExportModalProvider = ({ generateExportUrl: generateExportUrlPNG, reportType: 'pngV2', requiresSavedState, - helpText: ( - - ), - generateExportButton: ( - - ), layoutOption: objectType === 'dashboard' ? ('print' as const) : undefined, renderCopyURLButton: true, }); diff --git a/packages/kbn-router-to-openapispec/src/__snapshots__/generate_oas.test.ts.snap b/packages/kbn-router-to-openapispec/src/__snapshots__/generate_oas.test.ts.snap index 818c0502ad7749..fef935624ae644 100644 --- a/packages/kbn-router-to-openapispec/src/__snapshots__/generate_oas.test.ts.snap +++ b/packages/kbn-router-to-openapispec/src/__snapshots__/generate_oas.test.ts.snap @@ -572,6 +572,7 @@ OK response oas-test-version-2", }, "/no-xsrf/{id}/{path*}": Object { "post": Object { + "deprecated": true, "operationId": "%2Fno-xsrf%2F%7Bid%7D%2F%7Bpath*%7D#1", "parameters": Array [ Object { diff --git a/packages/kbn-router-to-openapispec/src/generate_oas.test.ts b/packages/kbn-router-to-openapispec/src/generate_oas.test.ts index c3532312d30888..25b786ac7c2c71 100644 --- a/packages/kbn-router-to-openapispec/src/generate_oas.test.ts +++ b/packages/kbn-router-to-openapispec/src/generate_oas.test.ts @@ -189,6 +189,7 @@ describe('generateOpenApiDocument', () => { versionedRouters: { testVersionedRouter: { routes: [{}] } }, bodySchema: createSharedZodSchema(), }); + expect( generateOpenApiDocument( { @@ -240,6 +241,7 @@ describe('generateOpenApiDocument', () => { { method: 'get', path: '/test', + isVersioned: true, options: { access: 'public' }, handlers: [ { diff --git a/packages/kbn-router-to-openapispec/src/generate_oas.test.util.ts b/packages/kbn-router-to-openapispec/src/generate_oas.test.util.ts index 898f234cdc3107..a39afb6357bfc9 100644 --- a/packages/kbn-router-to-openapispec/src/generate_oas.test.util.ts +++ b/packages/kbn-router-to-openapispec/src/generate_oas.test.util.ts @@ -10,6 +10,7 @@ import type { ZodType } from '@kbn/zod'; import { schema, Type } from '@kbn/config-schema'; import type { CoreVersionedRouter, Router } from '@kbn/core-http-router-server-internal'; +import type { RouterRoute, VersionedRouterRoute } from '@kbn/core-http-server'; import { createLargeSchema } from './oas_converter/kbn_config_schema/lib.test.util'; type RoutesMeta = ReturnType[number]; @@ -27,7 +28,7 @@ export const createVersionedRouter = (args: { routes: VersionedRoutesMeta[] }) = } as unknown as CoreVersionedRouter; }; -export const getRouterDefaults = (bodySchema?: RuntimeSchema) => ({ +export const getRouterDefaults = (bodySchema?: RuntimeSchema): RouterRoute => ({ isVersioned: false, path: '/foo/{id}/{path*}', method: 'get', @@ -57,22 +58,29 @@ export const getRouterDefaults = (bodySchema?: RuntimeSchema) => ({ handler: jest.fn(), }); -export const getVersionedRouterDefaults = (bodySchema?: RuntimeSchema) => ({ +export const getVersionedRouterDefaults = (bodySchema?: RuntimeSchema): VersionedRouterRoute => ({ method: 'get', path: '/bar', options: { summary: 'versioned route', access: 'public', - deprecated: true, discontinued: 'route discontinued version or date', options: { tags: ['ignore-me', 'oas-tag:versioned'], }, }, + isVersioned: true, handlers: [ { fn: jest.fn(), options: { + options: { + deprecated: { + documentationUrl: 'https://fake-url', + reason: { type: 'remove' }, + severity: 'critical', + }, + }, validate: { request: { body: diff --git a/packages/kbn-router-to-openapispec/src/process_router.ts b/packages/kbn-router-to-openapispec/src/process_router.ts index 1884b6dddf8630..f0d37fd208b7bf 100644 --- a/packages/kbn-router-to-openapispec/src/process_router.ts +++ b/packages/kbn-router-to-openapispec/src/process_router.ts @@ -63,11 +63,12 @@ export const processRouter = ( parameters.push(...pathObjects, ...queryObjects); } + const hasDeprecations = !!route.options.deprecated; const operation: CustomOperationObject = { summary: route.options.summary ?? '', tags: route.options.tags ? extractTags(route.options.tags) : [], ...(route.options.description ? { description: route.options.description } : {}), - ...(route.options.deprecated ? { deprecated: route.options.deprecated } : {}), + ...(hasDeprecations ? { deprecated: true } : {}), ...(route.options.discontinued ? { 'x-discontinued': route.options.discontinued } : {}), requestBody: !!validationSchemas?.body ? { diff --git a/packages/kbn-router-to-openapispec/src/process_versioned_router.test.ts b/packages/kbn-router-to-openapispec/src/process_versioned_router.test.ts index 6452c2cf3c2cc4..f9f4f4898c1d0b 100644 --- a/packages/kbn-router-to-openapispec/src/process_versioned_router.test.ts +++ b/packages/kbn-router-to-openapispec/src/process_versioned_router.test.ts @@ -8,10 +8,7 @@ */ import { schema } from '@kbn/config-schema'; -import type { - CoreVersionedRouter, - VersionedRouterRoute, -} from '@kbn/core-http-router-server-internal'; +import type { CoreVersionedRouter } from '@kbn/core-http-router-server-internal'; import { get } from 'lodash'; import { OasConverter } from './oas_converter'; import { createOperationIdCounter } from './operation_id_counter'; @@ -20,6 +17,7 @@ import { extractVersionedResponses, extractVersionedRequestBodies, } from './process_versioned_router'; +import { VersionedRouterRoute } from '@kbn/core-http-server'; let oasConverter: OasConverter; beforeEach(() => { @@ -151,6 +149,7 @@ describe('processVersionedRouter', () => { const createTestRoute: () => VersionedRouterRoute = () => ({ path: '/foo', method: 'get', + isVersioned: true, options: { access: 'public', deprecated: true, diff --git a/packages/kbn-router-to-openapispec/src/process_versioned_router.ts b/packages/kbn-router-to-openapispec/src/process_versioned_router.ts index 5446f1409760da..7eee0d20c11d27 100644 --- a/packages/kbn-router-to-openapispec/src/process_versioned_router.ts +++ b/packages/kbn-router-to-openapispec/src/process_versioned_router.ts @@ -10,10 +10,9 @@ import { type CoreVersionedRouter, versionHandlerResolvers, - VersionedRouterRoute, unwrapVersionedResponseBodyValidation, } from '@kbn/core-http-router-server-internal'; -import type { RouteMethod } from '@kbn/core-http-server'; +import type { RouteMethod, VersionedRouterRoute } from '@kbn/core-http-server'; import type { OpenAPIV3 } from 'openapi-types'; import type { GenerateOpenApiDocumentOptionsFilters } from './generate_oas'; import type { OasConverter } from './oas_converter'; @@ -94,11 +93,13 @@ export const processVersionedRouter = ( const hasBody = Boolean(extractValidationSchemaFromVersionedHandler(handler)?.request?.body); const contentType = extractContentType(route.options.options?.body); const hasVersionFilter = Boolean(filters?.version); + // If any handler is deprecated we show deprecated: true in the spec + const hasDeprecations = route.handlers.some(({ options }) => !!options.options?.deprecated); const operation: OpenAPIV3.OperationObject = { summary: route.options.summary ?? '', tags: route.options.options?.tags ? extractTags(route.options.options.tags) : [], ...(route.options.description ? { description: route.options.description } : {}), - ...(route.options.deprecated ? { deprecated: route.options.deprecated } : {}), + ...(hasDeprecations ? { deprecated: true } : {}), ...(route.options.discontinued ? { 'x-discontinued': route.options.discontinued } : {}), requestBody: hasBody ? { diff --git a/packages/kbn-rule-data-utils/src/rule_types/o11y_rules.ts b/packages/kbn-rule-data-utils/src/rule_types/o11y_rules.ts index 8743052e846647..5dae1c99b210f4 100644 --- a/packages/kbn-rule-data-utils/src/rule_types/o11y_rules.ts +++ b/packages/kbn-rule-data-utils/src/rule_types/o11y_rules.ts @@ -20,3 +20,6 @@ export enum ApmRuleType { TransactionDuration = 'apm.transaction_duration', Anomaly = 'apm.anomaly', } + +export const SYNTHETICS_STATUS_RULE = 'xpack.synthetics.alerts.monitorStatus'; +export const SYNTHETICS_TLS_RULE = 'xpack.synthetics.alerts.tls'; diff --git a/packages/kbn-test/kbn_test_config.ts b/packages/kbn-test/kbn_test_config.ts index 1b96946bf2781e..1faa3291f590e7 100644 --- a/packages/kbn-test/kbn_test_config.ts +++ b/packages/kbn-test/kbn_test_config.ts @@ -54,4 +54,21 @@ export const kbnTestConfig = new (class KbnTestConfig { password, }; } + + /** + * Use to get `port:undefined` for assertions if the port is default for the + * used protocol and thus would be stripped by the browser + */ + getUrlPartsWithStrippedDefaultPort(user: UserAuth = kibanaTestUser): UrlParts { + const urlParts = this.getUrlParts(user); + + if ( + (urlParts.protocol === 'http' && urlParts.port === 80) || + (urlParts.protocol === 'https' && urlParts.port === 443) + ) { + urlParts.port = undefined; + } + + return urlParts; + } })(); diff --git a/packages/response-ops/rule_params/README.md b/packages/response-ops/rule_params/README.md new file mode 100644 index 00000000000000..8cc747bf388641 --- /dev/null +++ b/packages/response-ops/rule_params/README.md @@ -0,0 +1,3 @@ +# @kbn/response-ops-rule-params + +The package is responsible for the parameters' schema of all rule types. The alerting plugin uses this package to generate OAS documentation for the `params` property in the rule in requests and responses. diff --git a/packages/response-ops/rule_params/index.ts b/packages/response-ops/rule_params/index.ts new file mode 100644 index 00000000000000..a5ce640a4c5d44 --- /dev/null +++ b/packages/response-ops/rule_params/index.ts @@ -0,0 +1,23 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the "Elastic License + * 2.0", the "GNU Affero General Public License v3.0 only", and the "Server Side + * Public License v 1"; you may not use this file except in compliance with, at + * your election, the "Elastic License 2.0", the "GNU Affero General Public + * License v3.0 only", or the "Server Side Public License, v 1". + */ + +export { ruleParamsSchema, ruleParamsSchemaWithDefaultValue } from './latest'; + +export { + ruleParamsSchema as ruleParamsSchemaV1, + ruleParamsSchemaWithDefaultValue as ruleParamsSchemaWithDefaultValueV1, +} from './v1'; + +export type { RuleParams } from './latest'; +export type { RuleParamsWithDefaultValue } from './latest'; + +export type { + RuleParams as RuleParamsV1, + RuleParamsWithDefaultValue as RuleParamsWithDefaultValueV1, +} from './v1'; diff --git a/packages/response-ops/rule_params/jest.config.js b/packages/response-ops/rule_params/jest.config.js new file mode 100644 index 00000000000000..ee60f7ea422722 --- /dev/null +++ b/packages/response-ops/rule_params/jest.config.js @@ -0,0 +1,14 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the "Elastic License + * 2.0", the "GNU Affero General Public License v3.0 only", and the "Server Side + * Public License v 1"; you may not use this file except in compliance with, at + * your election, the "Elastic License 2.0", the "GNU Affero General Public + * License v3.0 only", or the "Server Side Public License, v 1". + */ + +module.exports = { + preset: '@kbn/test/jest_node', + rootDir: '../../..', + roots: ['/packages/response-ops/rule_params'], +}; diff --git a/packages/response-ops/rule_params/kibana.jsonc b/packages/response-ops/rule_params/kibana.jsonc new file mode 100644 index 00000000000000..6a6744a58c4a14 --- /dev/null +++ b/packages/response-ops/rule_params/kibana.jsonc @@ -0,0 +1,5 @@ +{ + "type": "shared-common", + "id": "@kbn/response-ops-rule-params", + "owner": "@elastic/response-ops" +} diff --git a/packages/response-ops/rule_params/latest.ts b/packages/response-ops/rule_params/latest.ts new file mode 100644 index 00000000000000..f278309c22b03c --- /dev/null +++ b/packages/response-ops/rule_params/latest.ts @@ -0,0 +1,10 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the "Elastic License + * 2.0", the "GNU Affero General Public License v3.0 only", and the "Server Side + * Public License v 1"; you may not use this file except in compliance with, at + * your election, the "Elastic License 2.0", the "GNU Affero General Public + * License v3.0 only", or the "Server Side Public License, v 1". + */ + +export * from './v1'; diff --git a/packages/response-ops/rule_params/package.json b/packages/response-ops/rule_params/package.json new file mode 100644 index 00000000000000..43145b8d5da4cc --- /dev/null +++ b/packages/response-ops/rule_params/package.json @@ -0,0 +1,6 @@ +{ + "name": "@kbn/response-ops-rule-params", + "private": true, + "version": "1.0.0", + "license": "Elastic License 2.0 OR AGPL-3.0-only OR SSPL-1.0" +} \ No newline at end of file diff --git a/packages/response-ops/rule_params/tsconfig.json b/packages/response-ops/rule_params/tsconfig.json new file mode 100644 index 00000000000000..3df73f778fdc18 --- /dev/null +++ b/packages/response-ops/rule_params/tsconfig.json @@ -0,0 +1,19 @@ +{ + "extends": "../../../tsconfig.base.json", + "compilerOptions": { + "outDir": "target/types", + "types": [ + "jest", + "node" + ] + }, + "include": [ + "**/*.ts", + ], + "exclude": [ + "target/**/*" + ], + "kbn_references": [ + "@kbn/config-schema", + ] +} diff --git a/packages/response-ops/rule_params/v1.ts b/packages/response-ops/rule_params/v1.ts new file mode 100644 index 00000000000000..a083f67f10c8cb --- /dev/null +++ b/packages/response-ops/rule_params/v1.ts @@ -0,0 +1,26 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the "Elastic License + * 2.0", the "GNU Affero General Public License v3.0 only", and the "Server Side + * Public License v 1"; you may not use this file except in compliance with, at + * your election, the "Elastic License 2.0", the "GNU Affero General Public + * License v3.0 only", or the "Server Side Public License, v 1". + */ + +import { TypeOf, schema } from '@kbn/config-schema'; + +export const ruleParamsSchema = schema.recordOf(schema.string(), schema.maybe(schema.any()), { + meta: { description: 'The parameters for the rule.' }, +}); + +export const ruleParamsSchemaWithDefaultValue = schema.recordOf( + schema.string(), + schema.maybe(schema.any()), + { + defaultValue: {}, + meta: { description: 'The parameters for the rule.' }, + } +); + +export type RuleParams = TypeOf; +export type RuleParamsWithDefaultValue = TypeOf; diff --git a/packages/serverless/settings/security_project/index.ts b/packages/serverless/settings/security_project/index.ts index 0fd820640bb983..daa11da3af3124 100644 --- a/packages/serverless/settings/security_project/index.ts +++ b/packages/serverless/settings/security_project/index.ts @@ -23,4 +23,5 @@ export const SECURITY_PROJECT_SETTINGS = [ settings.SECURITY_SOLUTION_NEWS_FEED_URL_ID, settings.SECURITY_SOLUTION_ENABLE_NEWS_FEED_ID, settings.SECURITY_SOLUTION_DEFAULT_ALERT_TAGS_KEY, + settings.SECURITY_SOLUTION_ENABLE_VISUALIZATIONS_IN_FLYOUT_SETTING, ]; diff --git a/src/core/server/index.ts b/src/core/server/index.ts index 1ac38b1d441570..52149cd611be38 100644 --- a/src/core/server/index.ts +++ b/src/core/server/index.ts @@ -242,7 +242,11 @@ export type { } from '@kbn/core-http-server'; export type { IExternalUrlPolicy } from '@kbn/core-http-common'; -export { validBodyOutput, OnPostAuthResultType } from '@kbn/core-http-server'; +export { + validBodyOutput, + OnPostAuthResultType, + ReservedPrivilegesSet, +} from '@kbn/core-http-server'; export type { HttpResourcesRenderOptions, diff --git a/src/core/server/integration_tests/http/request_representation.test.ts b/src/core/server/integration_tests/http/request_representation.test.ts index f180a3a49ce0ff..82300eceec7749 100644 --- a/src/core/server/integration_tests/http/request_representation.test.ts +++ b/src/core/server/integration_tests/http/request_representation.test.ts @@ -87,6 +87,7 @@ describe('request logging', () => { route: { method: 'get', path: '/', + routePath: '/', options: expect.any(Object), }, uuid: 'xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx', @@ -116,10 +117,12 @@ describe('request logging', () => { auth: { isAuthenticated: false }, route: { path: '/', + routePath: '/', method: 'get', options: { authRequired: true, xsrfRequired: false, + deprecated: undefined, access: 'internal', tags: [], security: undefined, @@ -127,7 +130,8 @@ describe('request logging', () => { body: undefined } }, - authzResult: undefined + authzResult: undefined, + apiVersion: undefined }" `); }); diff --git a/src/core/server/integration_tests/saved_objects/migrations/archives/8.0.0_v1_migrations_sample_data_saved_objects.zip b/src/core/server/integration_tests/saved_objects/migrations/archives/8.0.0_v1_migrations_sample_data_saved_objects.zip deleted file mode 100644 index 98b0ba6442b0ee..00000000000000 Binary files a/src/core/server/integration_tests/saved_objects/migrations/archives/8.0.0_v1_migrations_sample_data_saved_objects.zip and /dev/null differ diff --git a/src/core/server/integration_tests/saved_objects/migrations/group1/v2_migration.test.ts b/src/core/server/integration_tests/saved_objects/migrations/group1/v2_migration.test.ts index 2236b6adcc62aa..06f7877874e839 100644 --- a/src/core/server/integration_tests/saved_objects/migrations/group1/v2_migration.test.ts +++ b/src/core/server/integration_tests/saved_objects/migrations/group1/v2_migration.test.ts @@ -67,34 +67,48 @@ describe('v2 migration', () => { migrationResults = await upToDateKit.runMigrations(); }); + it('updates the index mappings to account for new SO types', async () => { + const res = await upToDateKit.client.indices.getMapping({ index: defaultKibanaIndex }); + const mappings = res[`${defaultKibanaIndex}_${currentVersion}_001`].mappings; + + expect(mappings._meta?.indexTypesMap[defaultKibanaIndex]).toContain('recent'); + expect(mappings.properties?.recent).toEqual({ + properties: { + name: { + type: 'keyword', + }, + }, + }); + }); + it('skips UPDATE_TARGET_MAPPINGS_PROPERTIES if there are no changes in the mappings', async () => { const logs = await readLog(logFilePath); expect(logs).not.toMatch('CREATE_NEW_TARGET'); + + // defaultKibana index has a new SO type ('recent'), thus we must update the _meta properties expect(logs).toMatch( - `[${defaultKibanaIndex}] CHECK_TARGET_MAPPINGS -> CHECK_VERSION_INDEX_READY_ACTIONS` + `[${defaultKibanaIndex}] CHECK_TARGET_MAPPINGS -> UPDATE_TARGET_MAPPINGS_META.` ); expect(logs).toMatch( `[${defaultKibanaTaskIndex}] CHECK_TARGET_MAPPINGS -> CHECK_VERSION_INDEX_READY_ACTIONS` ); + + // no updated types, so no pickup expect(logs).not.toMatch('UPDATE_TARGET_MAPPINGS_PROPERTIES'); - expect(logs).not.toMatch('UPDATE_TARGET_MAPPINGS_PROPERTIES_WAIT_FOR_TASK'); - expect(logs).not.toMatch('UPDATE_TARGET_MAPPINGS_META'); }); it(`returns a 'patched' status for each SO index`, () => { // omit elapsedMs as it varies in each execution - expect(migrationResults.map((result) => omit(result, 'elapsedMs'))).toMatchInlineSnapshot(` - Array [ - Object { - "destIndex": ".kibana_migrator_${currentVersion}_001", - "status": "patched", - }, - Object { - "destIndex": ".kibana_migrator_tasks_${currentVersion}_001", - "status": "patched", - }, - ] - `); + expect(migrationResults.map((result) => omit(result, 'elapsedMs'))).toEqual([ + { + destIndex: `${defaultKibanaIndex}_${currentVersion}_001`, + status: 'patched', + }, + { + destIndex: `${defaultKibanaTaskIndex}_${currentVersion}_001`, + status: 'patched', + }, + ]); }); it('each migrator takes less than 10 seconds', () => { @@ -318,21 +332,18 @@ describe('v2 migration', () => { it('returns a migrated status for each SO index', () => { // omit elapsedMs as it varies in each execution - expect(migrationResults.map((result) => omit(result, 'elapsedMs'))) - .toMatchInlineSnapshot(` - Array [ - Object { - "destIndex": ".kibana_migrator_${nextMinor}_001", - "sourceIndex": ".kibana_migrator_${currentVersion}_001", - "status": "migrated", - }, - Object { - "destIndex": ".kibana_migrator_tasks_${currentVersion}_001", - "sourceIndex": ".kibana_migrator_tasks_${currentVersion}_001", - "status": "migrated", - }, - ] - `); + expect(migrationResults.map((result) => omit(result, 'elapsedMs'))).toEqual([ + { + destIndex: `${defaultKibanaIndex}_${nextMinor}_001`, + sourceIndex: `${defaultKibanaIndex}_${currentVersion}_001`, + status: 'migrated', + }, + { + destIndex: `${defaultKibanaTaskIndex}_${currentVersion}_001`, + sourceIndex: `${defaultKibanaTaskIndex}_${currentVersion}_001`, + status: 'migrated', + }, + ]); }); it('each migrator takes less than 60 seconds', () => { diff --git a/src/core/server/integration_tests/saved_objects/migrations/group2/multiple_kb_nodes.test.ts b/src/core/server/integration_tests/saved_objects/migrations/group2/multiple_kb_nodes.test.ts index 19100fad017d5e..2f0e429cadb755 100644 --- a/src/core/server/integration_tests/saved_objects/migrations/group2/multiple_kb_nodes.test.ts +++ b/src/core/server/integration_tests/saved_objects/migrations/group2/multiple_kb_nodes.test.ts @@ -139,7 +139,7 @@ describe('multiple Kibana nodes performing a reindexing migration', () => { const typesMap = indicesInfo[`${defaultKibanaIndex}_${nextMinor}_001`].mappings?._meta?.indexTypesMap; - expect(typesMap[defaultKibanaIndex]).toEqual(['complex', 'server']); // 'deprecated' no longer present + expect(typesMap[defaultKibanaIndex]).toEqual(['complex', 'recent', 'server']); // 'deprecated' no longer present expect(typesMap[kibanaSplitIndex]).toEqual(['basic', 'task']); } @@ -239,11 +239,11 @@ describe('multiple Kibana nodes performing a reindexing migration', () => { ) ).toEqual([ { - destIndex: `.kibana_migrator_${nextMinor}_001`, + destIndex: `${defaultKibanaIndex}_${nextMinor}_001`, status: 'patched', }, { - destIndex: `.kibana_migrator_split_${nextMinor}_001`, + destIndex: `${kibanaSplitIndex}_${nextMinor}_001`, status: 'patched', }, ]); diff --git a/src/core/server/integration_tests/saved_objects/migrations/group3/incompatible_cluster_routing_allocation.test.ts b/src/core/server/integration_tests/saved_objects/migrations/group3/incompatible_cluster_routing_allocation.test.ts index ee6c499da7ce82..56488f571ef162 100644 --- a/src/core/server/integration_tests/saved_objects/migrations/group3/incompatible_cluster_routing_allocation.test.ts +++ b/src/core/server/integration_tests/saved_objects/migrations/group3/incompatible_cluster_routing_allocation.test.ts @@ -34,12 +34,7 @@ const { startES } = createTestServers({ settings: { es: { license: 'basic', - dataArchive: Path.join( - __dirname, - '..', - 'archives', - '8.0.0_v1_migrations_sample_data_saved_objects.zip' - ), + dataArchive: Path.join(__dirname, '..', 'archives', '8.4.0_with_sample_data_logs.zip'), }, }, }); diff --git a/src/core/server/integration_tests/saved_objects/migrations/kibana_migrator_test_kit.fixtures.ts b/src/core/server/integration_tests/saved_objects/migrations/kibana_migrator_test_kit.fixtures.ts index 36887dd02a146f..5b5e6db966ab91 100644 --- a/src/core/server/integration_tests/saved_objects/migrations/kibana_migrator_test_kit.fixtures.ts +++ b/src/core/server/integration_tests/saved_objects/migrations/kibana_migrator_test_kit.fixtures.ts @@ -81,8 +81,14 @@ export const baselineTypes: Array> = [ }, ]; -export const getUpToDateBaselineTypes = (filterDeprecated: boolean) => - baselineTypes.filter((type) => !filterDeprecated || type.name !== 'deprecated'); +export const getUpToDateBaselineTypes = (filterDeprecated: boolean) => [ + ...baselineTypes.filter((type) => !filterDeprecated || type.name !== 'deprecated'), + // we add a new SO type + { + ...defaultType, + name: 'recent', + }, +]; export const getCompatibleBaselineTypes = (filterDeprecated: boolean) => getUpToDateBaselineTypes(filterDeprecated).map((type) => { diff --git a/src/plugins/ai_assistant_management/selection/public/routes/components/ai_assistant_selection_page.tsx b/src/plugins/ai_assistant_management/selection/public/routes/components/ai_assistant_selection_page.tsx index 5ff10f3b2c4ba1..c4a537042f6050 100644 --- a/src/plugins/ai_assistant_management/selection/public/routes/components/ai_assistant_selection_page.tsx +++ b/src/plugins/ai_assistant_management/selection/public/routes/components/ai_assistant_selection_page.tsx @@ -139,7 +139,7 @@ export function AiAssistantSelectionPage() { isDisabled={!observabilityAIAssistantEnabled} title={i18n.translate( 'aiAssistantManagementSelection.aiAssistantSelectionPage.observabilityLabel', - { defaultMessage: 'Elastic AI Assistant for Observability' } + { defaultMessage: 'Elastic AI Assistant for Observability and Search' } )} titleSize="xs" /> diff --git a/src/plugins/ai_assistant_management/selection/server/plugin.ts b/src/plugins/ai_assistant_management/selection/server/plugin.ts index a8175f2f0bce85..4b74b55e571abe 100644 --- a/src/plugins/ai_assistant_management/selection/server/plugin.ts +++ b/src/plugins/ai_assistant_management/selection/server/plugin.ts @@ -50,7 +50,7 @@ export class AIAssistantManagementSelectionPlugin core.uiSettings.register({ [PREFERRED_AI_ASSISTANT_TYPE_SETTING_KEY]: { name: i18n.translate('aiAssistantManagementSelection.preferredAIAssistantTypeSettingName', { - defaultMessage: 'Observability AI Assistant scope', + defaultMessage: 'AI Assistant for Observability and Search visibility', }), category: [DEFAULT_APP_CATEGORIES.observability.id], value: this.config.preferredAIAssistantType, @@ -58,7 +58,7 @@ export class AIAssistantManagementSelectionPlugin 'aiAssistantManagementSelection.preferredAIAssistantTypeSettingDescription', { defaultMessage: - '[technical preview] Whether to show the Observability AI Assistant menu item in Observability, everywhere, or nowhere.', + '[technical preview] Whether to show the AI Assistant menu item in Observability and Search, everywhere, or nowhere.', values: { em: (chunks) => `${chunks}`, }, @@ -77,7 +77,7 @@ export class AIAssistantManagementSelectionPlugin optionLabels: { [AIAssistantType.Default]: i18n.translate( 'aiAssistantManagementSelection.preferredAIAssistantTypeSettingValueDefault', - { defaultMessage: 'Observability only (default)' } + { defaultMessage: 'Observability and Search only (default)' } ), [AIAssistantType.Observability]: i18n.translate( 'aiAssistantManagementSelection.preferredAIAssistantTypeSettingValueObservability', diff --git a/src/plugins/dashboard/kibana.jsonc b/src/plugins/dashboard/kibana.jsonc index 2bf60cde55ef0e..d7b0f2c16e04b2 100644 --- a/src/plugins/dashboard/kibana.jsonc +++ b/src/plugins/dashboard/kibana.jsonc @@ -24,7 +24,7 @@ "urlForwarding", "presentationUtil", "visualizations", - "unifiedSearch" + "unifiedSearch", ], "optionalPlugins": [ "home", @@ -35,7 +35,8 @@ "taskManager", "serverless", "noDataPage", - "observabilityAIAssistant" + "observabilityAIAssistant", + "lens" ], "requiredBundles": [ "kibanaReact", diff --git a/src/plugins/dashboard/public/dashboard_app/no_data/dashboard_app_no_data.tsx b/src/plugins/dashboard/public/dashboard_app/no_data/dashboard_app_no_data.tsx index 15b3d00d07ec73..366726267c311a 100644 --- a/src/plugins/dashboard/public/dashboard_app/no_data/dashboard_app_no_data.tsx +++ b/src/plugins/dashboard/public/dashboard_app/no_data/dashboard_app_no_data.tsx @@ -7,9 +7,19 @@ * License v3.0 only", or the "Server Side Public License, v 1". */ -import React from 'react'; - +import React, { useCallback, useEffect, useState } from 'react'; +import { i18n } from '@kbn/i18n'; +import useAsync from 'react-use/lib/useAsync'; +import { v4 as uuidv4 } from 'uuid'; +import { + getESQLAdHocDataview, + getESQLQueryColumns, + getIndexForESQLQuery, + getInitialESQLQuery, +} from '@kbn/esql-utils'; import { withSuspense } from '@kbn/shared-ux-utility'; +import type { TypedLensByValueInput } from '@kbn/lens-plugin/public'; +import { getLensAttributesFromSuggestion } from '@kbn/visualization-utils'; import { DASHBOARD_APP_ID } from '../../dashboard_constants'; import { @@ -19,10 +29,15 @@ import { embeddableService, noDataPageService, shareService, + lensService, } from '../../services/kibana_services'; import { getDashboardBackupService } from '../../services/dashboard_backup_service'; import { getDashboardContentManagementService } from '../../services/dashboard_content_management_service'; +function generateId() { + return uuidv4(); +} + export const DashboardAppNoDataPage = ({ onDataViewCreated, }: { @@ -35,7 +50,7 @@ export const DashboardAppNoDataPage = ({ noDataPage: noDataPageService, share: shareService, }; - + const [abortController, setAbortController] = useState(new AbortController()); const importPromise = import('@kbn/shared-ux-page-analytics-no-data'); const AnalyticsNoDataPageKibanaProvider = withSuspense( React.lazy(() => @@ -44,6 +59,83 @@ export const DashboardAppNoDataPage = ({ }) ) ); + + const lensHelpersAsync = useAsync(() => { + return lensService?.stateHelperApi() ?? Promise.resolve(null); + }, [lensService]); + + useEffect(() => { + return () => { + abortController?.abort(); + }; + }, [abortController]); + + const onTryESQL = useCallback(async () => { + abortController?.abort(); + if (lensHelpersAsync.value) { + const abc = new AbortController(); + const { dataViews } = dataService; + const indexName = (await getIndexForESQLQuery({ dataViews })) ?? '*'; + const dataView = await getESQLAdHocDataview(`from ${indexName}`, dataViews); + const esqlQuery = getInitialESQLQuery(dataView); + + try { + const columns = await getESQLQueryColumns({ + esqlQuery, + search: dataService.search.search, + signal: abc.signal, + timeRange: dataService.query.timefilter.timefilter.getAbsoluteTime(), + }); + + // lens suggestions api context + const context = { + dataViewSpec: dataView?.toSpec(false), + fieldName: '', + textBasedColumns: columns, + query: { esql: esqlQuery }, + }; + + setAbortController(abc); + + const chartSuggestions = lensHelpersAsync.value.suggestions(context, dataView); + if (chartSuggestions?.length) { + const [suggestion] = chartSuggestions; + + const attrs = getLensAttributesFromSuggestion({ + filters: [], + query: { + esql: esqlQuery, + }, + suggestion, + dataView, + }) as TypedLensByValueInput['attributes']; + + const lensEmbeddableInput = { + attributes: attrs, + id: generateId(), + }; + + await embeddableService.getStateTransfer().navigateToWithEmbeddablePackage('dashboards', { + state: { + type: 'lens', + input: lensEmbeddableInput, + }, + path: '#/create', + }); + } + } catch (error) { + if (error.name !== 'AbortError') { + coreServices.notifications.toasts.addWarning( + i18n.translate('dashboard.noDataviews.esqlRequestWarningMessage', { + defaultMessage: 'Unable to load columns. {errorMessage}', + values: { errorMessage: error.message }, + }) + ); + } + } + } + }, [abortController, lensHelpersAsync.value]); + const AnalyticsNoDataPage = withSuspense( React.lazy(() => importPromise.then(({ AnalyticsNoDataPage: NoDataPage }) => { @@ -54,7 +146,7 @@ export const DashboardAppNoDataPage = ({ return ( - + ); }; diff --git a/src/plugins/dashboard/public/plugin.tsx b/src/plugins/dashboard/public/plugin.tsx index b7a920eb08ce37..a8e7cd96f38dbd 100644 --- a/src/plugins/dashboard/public/plugin.tsx +++ b/src/plugins/dashboard/public/plugin.tsx @@ -27,6 +27,7 @@ import { type CoreStart, } from '@kbn/core/public'; import type { DataPublicPluginSetup, DataPublicPluginStart } from '@kbn/data-plugin/public'; +import type { LensPublicSetup, LensPublicStart } from '@kbn/lens-plugin/public'; import type { DataViewEditorStart } from '@kbn/data-view-editor-plugin/public'; import type { EmbeddableSetup, EmbeddableStart } from '@kbn/embeddable-plugin/public'; import { FieldFormatsStart } from '@kbn/field-formats-plugin/public/plugin'; @@ -96,6 +97,7 @@ export interface DashboardSetupDependencies { urlForwarding: UrlForwardingSetup; unifiedSearch: UnifiedSearchPublicPluginStart; observabilityAIAssistant?: ObservabilityAIAssistantPublicSetup; + lens?: LensPublicSetup; } export interface DashboardStartDependencies { @@ -120,6 +122,7 @@ export interface DashboardStartDependencies { customBranding: CustomBrandingStart; serverless?: ServerlessPluginStart; noDataPage?: NoDataPagePluginStart; + lens?: LensPublicStart; observabilityAIAssistant?: ObservabilityAIAssistantPublicStart; } diff --git a/src/plugins/dashboard/public/services/kibana_services.ts b/src/plugins/dashboard/public/services/kibana_services.ts index e8b164d47b4134..e3fde8c37c2a9d 100644 --- a/src/plugins/dashboard/public/services/kibana_services.ts +++ b/src/plugins/dashboard/public/services/kibana_services.ts @@ -18,6 +18,7 @@ import type { FieldFormatsStart } from '@kbn/field-formats-plugin/public/plugin' import type { NavigationPublicPluginStart } from '@kbn/navigation-plugin/public'; import type { NoDataPagePluginStart } from '@kbn/no-data-page-plugin/public'; import type { ObservabilityAIAssistantPublicStart } from '@kbn/observability-ai-assistant-plugin/public'; +import type { LensPublicStart } from '@kbn/lens-plugin/public'; import type { PresentationUtilPluginStart } from '@kbn/presentation-util-plugin/public'; import type { SavedObjectTaggingOssPluginStart } from '@kbn/saved-objects-tagging-oss-plugin/public'; import type { ScreenshotModePluginStart } from '@kbn/screenshot-mode-plugin/public'; @@ -40,6 +41,7 @@ export let fieldFormatService: FieldFormatsStart; export let navigationService: NavigationPublicPluginStart; export let noDataPageService: NoDataPagePluginStart | undefined; export let observabilityAssistantService: ObservabilityAIAssistantPublicStart | undefined; +export let lensService: LensPublicStart | undefined; export let presentationUtilService: PresentationUtilPluginStart; export let savedObjectsTaggingService: SavedObjectTaggingOssPluginStart | undefined; export let screenshotModeService: ScreenshotModePluginStart; @@ -63,6 +65,7 @@ export const setKibanaServices = (kibanaCore: CoreStart, deps: DashboardStartDep navigationService = deps.navigation; noDataPageService = deps.noDataPage; observabilityAssistantService = deps.observabilityAIAssistant; + lensService = deps.lens; presentationUtilService = deps.presentationUtil; savedObjectsTaggingService = deps.savedObjectsTaggingOss; serverlessService = deps.serverless; diff --git a/src/plugins/dashboard/tsconfig.json b/src/plugins/dashboard/tsconfig.json index 57125918ef3fc3..3e95675ea64c3a 100644 --- a/src/plugins/dashboard/tsconfig.json +++ b/src/plugins/dashboard/tsconfig.json @@ -80,6 +80,7 @@ "@kbn/content-management-favorites-public", "@kbn/core-custom-branding-browser-mocks", "@kbn/core-mount-utils-browser", + "@kbn/visualization-utils", ], "exclude": ["target/**/*"] } diff --git a/src/plugins/data_view_editor/public/components/preview_panel/preview_panel.tsx b/src/plugins/data_view_editor/public/components/preview_panel/preview_panel.tsx index 62de4668899908..44322d92a42b35 100644 --- a/src/plugins/data_view_editor/public/components/preview_panel/preview_panel.tsx +++ b/src/plugins/data_view_editor/public/components/preview_panel/preview_panel.tsx @@ -86,17 +86,18 @@ export const PreviewPanel = ({ type, allowHidden, title = '', matchedIndices$ }: query={title} /> - {Boolean(title) && currentlyVisibleIndices.length > 0 && ( - setViewMode(id as ViewMode)} - /> - )} + {Boolean(title) && + (matched.exactMatchedIndices.length > 0 || matched.partialMatchedIndices.length > 0) && ( + setViewMode(id as ViewMode)} + /> + )} {indicesListContent} ); diff --git a/src/plugins/discover/common/data_types/logs/constants.ts b/src/plugins/discover/common/data_types/logs/constants.ts index 18259dcc56b282..a9ca3697763f9c 100644 --- a/src/plugins/discover/common/data_types/logs/constants.ts +++ b/src/plugins/discover/common/data_types/logs/constants.ts @@ -7,64 +7,4 @@ * License v3.0 only", or the "Server Side Public License, v 1". */ -import { fieldConstants } from '@kbn/discover-utils'; -import { SmartFieldGridColumnOptions } from './display_options'; - -export * from '@kbn/discover-utils/src/field_constants'; - -export const LOGS_EXPLORER_PROFILE_ID = 'logs-explorer'; - -// Virtual column fields -export const CONTENT_FIELD = 'content'; -export const RESOURCE_FIELD = 'resource'; - -// Sizing -export const DATA_GRID_COLUMN_WIDTH_SMALL = 240; -export const DATA_GRID_COLUMN_WIDTH_MEDIUM = 320; -export const ACTIONS_COLUMN_WIDTH = 80; - -export const RESOURCE_FIELD_CONFIGURATION: SmartFieldGridColumnOptions = { - type: 'smart-field', - smartField: RESOURCE_FIELD, - fallbackFields: [fieldConstants.HOST_NAME_FIELD, fieldConstants.SERVICE_NAME_FIELD], - width: DATA_GRID_COLUMN_WIDTH_MEDIUM, -}; - -export const CONTENT_FIELD_CONFIGURATION: SmartFieldGridColumnOptions = { - type: 'smart-field', - smartField: CONTENT_FIELD, - fallbackFields: [fieldConstants.MESSAGE_FIELD], -}; - -export const SMART_FALLBACK_FIELDS = { - [CONTENT_FIELD]: CONTENT_FIELD_CONFIGURATION, - [RESOURCE_FIELD]: RESOURCE_FIELD_CONFIGURATION, -}; - -// UI preferences -export const DEFAULT_COLUMNS = [RESOURCE_FIELD_CONFIGURATION, CONTENT_FIELD_CONFIGURATION]; -export const DEFAULT_ROWS_PER_PAGE = 100; - -// List of prefixes which needs to be filtered out for Display in Content Column -export const FILTER_OUT_FIELDS_PREFIXES_FOR_CONTENT = [ - '_', // Filter fields like '_id', '_score' - '@timestamp', - 'agent.', - 'elastic_agent.', - 'data_stream.', - 'ecs.', - 'host.', - 'container.', - 'cloud.', - 'kubernetes.', - 'orchestrator.', - 'log.', - 'service.', -]; - -export const DEFAULT_ALLOWED_DATA_VIEWS = ['logs', 'auditbeat', 'filebeat', 'winlogbeat']; -export const DEFAULT_ALLOWED_LOGS_DATA_VIEWS = ['logs', 'auditbeat', 'filebeat', 'winlogbeat']; - -export const LOG_LEVEL_FIELDS = ['log.level', 'log_level']; -export const SERVICE_NAME_FIELDS = ['service.name', 'service_name']; -export const AGENT_NAME_FIELD = 'agent.name'; +export * from '@kbn/discover-utils/src/data_types/logs/constants'; diff --git a/src/plugins/discover/public/components/data_types/logs/service_name_cell.tsx b/src/plugins/discover/public/components/data_types/logs/service_name_cell.tsx index cd94cd609dc692..3d543f7f0c954f 100644 --- a/src/plugins/discover/public/components/data_types/logs/service_name_cell.tsx +++ b/src/plugins/discover/public/components/data_types/logs/service_name_cell.tsx @@ -15,9 +15,10 @@ import type { DataGridCellValueElementProps } from '@kbn/unified-data-table'; import { css } from '@emotion/react'; import { getFieldValue } from '@kbn/discover-utils'; import { euiThemeVars } from '@kbn/ui-theme'; +import { ServiceNameBadgeWithActions } from '@kbn/discover-contextual-components'; +import { useDiscoverServices } from '../../../hooks/use_discover_services'; import { CellRenderersExtensionParams } from '../../../context_awareness'; import { AGENT_NAME_FIELD } from '../../../../common/data_types/logs/constants'; -import { ServiceNameBadgeWithActions } from './service_name_badge_with_actions'; const AgentIcon = dynamic(() => import('@kbn/custom-icons/src/components/agent_icon')); const dataTestSubj = 'serviceNameCell'; @@ -28,6 +29,7 @@ const agentIconStyle = css` export const getServiceNameCell = (serviceNameField: string, { actions }: CellRenderersExtensionParams) => (props: DataGridCellValueElementProps) => { + const { core, share } = useDiscoverServices(); const serviceNameValue = getFieldValue(props.row, serviceNameField) as string; const agentName = getFieldValue(props.row, AGENT_NAME_FIELD) as AgentName; @@ -47,6 +49,8 @@ export const getServiceNameCell = icon={getIcon} value={serviceNameValue} property={serviceNameField} + core={core} + share={share} /> ); }; diff --git a/src/plugins/discover/public/components/data_types/logs/summary_column/index.tsx b/src/plugins/discover/public/components/data_types/logs/summary_column/index.tsx index 20fe4380199f33..dbcef4f558b336 100644 --- a/src/plugins/discover/public/components/data_types/logs/summary_column/index.tsx +++ b/src/plugins/discover/public/components/data_types/logs/summary_column/index.tsx @@ -8,13 +8,11 @@ */ import React from 'react'; -import { dynamic } from '@kbn/shared-ux-utility'; import { getShouldShowFieldHandler } from '@kbn/discover-utils'; import { DataView } from '@kbn/data-views-plugin/common'; +import { SummaryColumnProps } from '@kbn/discover-contextual-components'; import { CellRenderersExtensionParams } from '../../../../context_awareness'; -import type { SummaryColumnProps } from './summary_column'; - -const SummaryColumn = dynamic(() => import('./summary_column')); +import { SummaryColumn } from './summary_column'; export type SummaryColumnGetterDeps = CellRenderersExtensionParams; @@ -22,7 +20,7 @@ export const getSummaryColumn = (params: SummaryColumnGetterDeps) => { const { actions, dataView, density, rowHeight } = params; const shouldShowFieldHandler = createGetShouldShowFieldHandler(dataView); - return (props: SummaryColumnProps) => ( + return (props: Omit) => ( { - const { isDetails } = props; - - if (isDetails) { - return ; - } - - return ; +import { AllSummaryColumnProps } from '@kbn/discover-contextual-components'; +import { useDiscoverServices } from '../../../../hooks/use_discover_services'; + +const LazySummaryColumn = dynamic( + () => + import( + '@kbn/discover-contextual-components/src/data_types/logs/components/summary_column/summary_column' + ) +); + +export const SummaryColumn = (props: Omit) => { + const { share, core } = useDiscoverServices(); + return ; }; - -// eslint-disable-next-line import/no-default-export -export default SummaryColumn; - -const SummaryCell = ({ - density: maybeNullishDensity, - rowHeight: maybeNullishRowHeight, - ...props -}: SummaryColumnProps & SummaryColumnFactoryDeps) => { - const { onFilter, row } = props; - - const density = maybeNullishDensity ?? DataGridDensity.COMPACT; - const isCompressed = density === DataGridDensity.COMPACT; - - const rowHeight = maybeNullishRowHeight ?? ROWS_HEIGHT_OPTIONS.single; - const isSingleLine = rowHeight === ROWS_HEIGHT_OPTIONS.single || rowHeight === 1; - - const resourceFields = createResourceFields(row); - const shouldRenderResource = resourceFields.length > 0; - - return isSingleLine ? ( - - {shouldRenderResource && ( - - )} - - - ) : ( - <> - {shouldRenderResource && ( - - )} - - - ); -}; - -const SummaryCellPopover = (props: SummaryColumnProps & SummaryColumnFactoryDeps) => { - const { row, dataView, fieldFormats, onFilter, closePopover } = props; - - const resourceFields = createResourceFields(row); - const shouldRenderResource = resourceFields.length > 0; - - const documentOverview = getLogDocumentOverview(row, { dataView, fieldFormats }); - const { field, value } = getMessageFieldWithFallbacks(documentOverview); - const shouldRenderContent = Boolean(field && value); - - const shouldRenderSource = !shouldRenderContent; - - return ( - - - {shouldRenderResource && ( - - - {resourceLabel} - - - - )} - - - {contentLabel} - - {shouldRenderContent && ( - - - {field} - - - {value} - - - )} - {shouldRenderSource && ( - - - {jsonLabel} - - - - )} - - - ); -}; - -const singleLineResourceCss = { - flexGrow: 0, - lineHeight: 'normal', - marginTop: -1, -}; - -const multiLineResourceCss = { display: 'inline-flex' }; diff --git a/src/plugins/discover/public/components/data_types/logs/summary_column/utils.tsx b/src/plugins/discover/public/components/data_types/logs/summary_column/utils.tsx deleted file mode 100644 index 470ec8a0f86fa4..00000000000000 --- a/src/plugins/discover/public/components/data_types/logs/summary_column/utils.tsx +++ /dev/null @@ -1,126 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the "Elastic License - * 2.0", the "GNU Affero General Public License v3.0 only", and the "Server Side - * Public License v 1"; you may not use this file except in compliance with, at - * your election, the "Elastic License 2.0", the "GNU Affero General Public - * License v3.0 only", or the "Server Side Public License, v 1". - */ - -import { getFieldValue, LogDocument, ResourceFields } from '@kbn/discover-utils/src'; -import { DataTableRecord } from '@kbn/discover-utils'; -import { dynamic } from '@kbn/shared-ux-utility'; -import React from 'react'; -import { css } from '@emotion/react'; -import { AgentName } from '@kbn/elastic-agent-utils'; -import { euiThemeVars } from '@kbn/ui-theme'; -import { getAvailableResourceFields } from '../../../../utils/get_available_resource_fields'; -import * as constants from '../../../../../common/data_types/logs/constants'; -import { ServiceNameBadgeWithActions } from '../service_name_badge_with_actions'; -import { FieldBadgeWithActions, FieldBadgeWithActionsProps } from '../cell_actions_popover'; - -/** - * getUnformattedResourceFields definitions - */ -export const getUnformattedResourceFields = (doc: LogDocument): ResourceFields => { - const serviceName = getFieldValue(doc, constants.SERVICE_NAME_FIELD); - const hostName = getFieldValue(doc, constants.HOST_NAME_FIELD); - const agentName = getFieldValue(doc, constants.AGENT_NAME_FIELD); - const orchestratorClusterName = getFieldValue(doc, constants.ORCHESTRATOR_CLUSTER_NAME_FIELD); - const orchestratorResourceId = getFieldValue(doc, constants.ORCHESTRATOR_RESOURCE_ID_FIELD); - const orchestratorNamespace = getFieldValue(doc, constants.ORCHESTRATOR_NAMESPACE_FIELD); - const containerName = getFieldValue(doc, constants.CONTAINER_NAME_FIELD); - const containerId = getFieldValue(doc, constants.CONTAINER_ID_FIELD); - const cloudInstanceId = getFieldValue(doc, constants.CLOUD_INSTANCE_ID_FIELD); - - return { - [constants.SERVICE_NAME_FIELD]: serviceName, - [constants.HOST_NAME_FIELD]: hostName, - [constants.AGENT_NAME_FIELD]: agentName, - [constants.ORCHESTRATOR_CLUSTER_NAME_FIELD]: orchestratorClusterName, - [constants.ORCHESTRATOR_RESOURCE_ID_FIELD]: orchestratorResourceId, - [constants.ORCHESTRATOR_NAMESPACE_FIELD]: orchestratorNamespace, - [constants.CONTAINER_NAME_FIELD]: containerName, - [constants.CONTAINER_ID_FIELD]: containerId, - [constants.CLOUD_INSTANCE_ID_FIELD]: cloudInstanceId, - }; -}; - -/** - * createResourceFields definitions - */ -const AgentIcon = dynamic(() => import('@kbn/custom-icons/src/components/agent_icon')); - -const resourceCustomComponentsMap: Partial< - Record> -> = { - [constants.SERVICE_NAME_FIELD]: ServiceNameBadgeWithActions, -}; - -export interface ResourceFieldDescriptor { - ResourceBadge: React.ComponentType; - Icon?: () => JSX.Element; - name: keyof ResourceFields; - value: string; -} - -export const createResourceFields = (row: DataTableRecord): ResourceFieldDescriptor[] => { - const resourceDoc = getUnformattedResourceFields(row as LogDocument); - - const availableResourceFields = getAvailableResourceFields(resourceDoc); - - const resourceFields = availableResourceFields.map((name) => ({ - name, - value: resourceDoc[name] as string, - ResourceBadge: resourceCustomComponentsMap[name] ?? FieldBadgeWithActions, - ...(name === constants.SERVICE_NAME_FIELD && { - Icon: () => ( - - ), - }), - })); - - return resourceFields; -}; - -/** - * formatJsonDocumentForContent definitions - */ -export const formatJsonDocumentForContent = (row: DataTableRecord) => { - const flattenedResult: DataTableRecord['flattened'] = {}; - const rawFieldResult: DataTableRecord['raw']['fields'] = {}; - const { raw, flattened } = row; - const { fields } = raw; - - // We need 2 loops here for flattened and raw.fields. Flattened contains all fields, - // whereas raw.fields only contains certain fields excluding _ignored - for (const fieldName in flattened) { - if (isFieldAllowed(fieldName) && flattened[fieldName]) { - flattenedResult[fieldName] = flattened[fieldName]; - } - } - - for (const fieldName in fields) { - if (isFieldAllowed(fieldName) && fields[fieldName]) { - rawFieldResult[fieldName] = fields[fieldName]; - } - } - - return { - ...row, - flattened: flattenedResult, - raw: { - ...raw, - fields: rawFieldResult, - }, - }; -}; - -const isFieldAllowed = (field: string) => - !constants.FILTER_OUT_FIELDS_PREFIXES_FOR_CONTENT.some((prefix) => field.startsWith(prefix)); diff --git a/src/plugins/discover/public/components/data_types/logs/translations.tsx b/src/plugins/discover/public/components/data_types/logs/translations.tsx deleted file mode 100644 index bbc39022bd5031..00000000000000 --- a/src/plugins/discover/public/components/data_types/logs/translations.tsx +++ /dev/null @@ -1,305 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the "Elastic License - * 2.0", the "GNU Affero General Public License v3.0 only", and the "Server Side - * Public License v 1"; you may not use this file except in compliance with, at - * your election, the "Elastic License 2.0", the "GNU Affero General Public - * License v3.0 only", or the "Server Side Public License, v 1". - */ - -import React from 'react'; -import { i18n } from '@kbn/i18n'; -import { EuiCode } from '@elastic/eui'; -import { FormattedMessage } from '@kbn/i18n-react'; - -export const flyoutContentLabel = i18n.translate('discover.logs.flyoutDetail.label.message', { - defaultMessage: 'Content breakdown', -}); - -export const jsonLabel = i18n.translate('discover.logs.dataTable.header.popover.json', { - defaultMessage: 'JSON', -}); - -export const contentLabel = i18n.translate('discover.logs.dataTable.header.popover.content', { - defaultMessage: 'Content', -}); - -export const resourceLabel = i18n.translate('discover.logs.dataTable.header.popover.resource', { - defaultMessage: 'Resource', -}); - -export const actionsLabel = i18n.translate('discover.logs.dataTable.header.popover.actions', { - defaultMessage: 'Actions', -}); - -export const actionsLabelLowerCase = i18n.translate( - 'discover.logs.dataTable.header.popover.actions.lowercase', - { - defaultMessage: 'actions', - } -); - -export const flyoutServiceLabel = i18n.translate('discover.logs.flyoutDetail.label.service', { - defaultMessage: 'Service', -}); - -export const flyoutTraceLabel = i18n.translate('discover.logs.flyoutDetail.label.trace', { - defaultMessage: 'Trace', -}); - -export const flyoutHostNameLabel = i18n.translate('discover.logs.flyoutDetail.label.hostName', { - defaultMessage: 'Host name', -}); - -export const serviceInfraAccordionTitle = i18n.translate( - 'discover.logs.flyoutDetail.accordion.title.serviceInfra', - { - defaultMessage: 'Service & Infrastructure', - } -); - -export const cloudAccordionTitle = i18n.translate( - 'discover.logs.flyoutDetail.accordion.title.cloud', - { - defaultMessage: 'Cloud', - } -); - -export const otherAccordionTitle = i18n.translate( - 'discover.logs.flyoutDetail.accordion.title.other', - { - defaultMessage: 'Other', - } -); - -export const flyoutOrchestratorClusterNameLabel = i18n.translate( - 'discover.logs.flyoutDetail.label.orchestratorClusterName', - { - defaultMessage: 'Orchestrator cluster Name', - } -); - -export const flyoutOrchestratorResourceIdLabel = i18n.translate( - 'discover.logs.flyoutDetail.label.orchestratorResourceId', - { - defaultMessage: 'Orchestrator resource ID', - } -); - -export const flyoutCloudProviderLabel = i18n.translate( - 'discover.logs.flyoutDetail.label.cloudProvider', - { - defaultMessage: 'Cloud provider', - } -); - -export const flyoutCloudRegionLabel = i18n.translate( - 'discover.logs.flyoutDetail.label.cloudRegion', - { - defaultMessage: 'Cloud region', - } -); - -export const flyoutCloudAvailabilityZoneLabel = i18n.translate( - 'discover.logs.flyoutDetail.label.cloudAvailabilityZone', - { - defaultMessage: 'Cloud availability zone', - } -); - -export const flyoutCloudProjectIdLabel = i18n.translate( - 'discover.logs.flyoutDetail.label.cloudProjectId', - { - defaultMessage: 'Cloud project ID', - } -); - -export const flyoutCloudInstanceIdLabel = i18n.translate( - 'discover.logs.flyoutDetail.label.cloudInstanceId', - { - defaultMessage: 'Cloud instance ID', - } -); - -export const flyoutLogPathFileLabel = i18n.translate( - 'discover.logs.flyoutDetail.label.logPathFile', - { - defaultMessage: 'Log path file', - } -); - -export const flyoutNamespaceLabel = i18n.translate('discover.logs.flyoutDetail.label.namespace', { - defaultMessage: 'Namespace', -}); - -export const flyoutDatasetLabel = i18n.translate('discover.logs.flyoutDetail.label.dataset', { - defaultMessage: 'Dataset', -}); - -export const flyoutShipperLabel = i18n.translate('discover.logs.flyoutDetail.label.shipper', { - defaultMessage: 'Shipper', -}); - -export const actionFilterForText = (text: string) => - i18n.translate('discover.logs.flyoutDetail.value.hover.filterFor', { - defaultMessage: 'Filter for this {value}', - values: { - value: text, - }, - }); - -export const actionFilterOutText = (text: string) => - i18n.translate('discover.logs.flyoutDetail.value.hover.filterOut', { - defaultMessage: 'Filter out this {value}', - values: { - value: text, - }, - }); - -export const filterOutText = i18n.translate('discover.logs.popoverAction.filterOut', { - defaultMessage: 'Filter out', -}); - -export const filterForText = i18n.translate('discover.logs.popoverAction.filterFor', { - defaultMessage: 'Filter for', -}); - -export const flyoutHoverActionFilterForFieldPresentText = i18n.translate( - 'discover.logs.flyoutDetail.value.hover.filterForFieldPresent', - { - defaultMessage: 'Filter for field present', - } -); - -export const flyoutHoverActionToggleColumnText = i18n.translate( - 'discover.logs.flyoutDetail.value.hover.toggleColumn', - { - defaultMessage: 'Toggle column in table', - } -); - -export const flyoutHoverActionCopyToClipboardText = i18n.translate( - 'discover.logs.flyoutDetail.value.hover.copyToClipboard', - { - defaultMessage: 'Copy to clipboard', - } -); - -export const copyValueText = i18n.translate('discover.logs.popoverAction.copyValue', { - defaultMessage: 'Copy value', -}); - -export const copyValueAriaText = (fieldName: string) => - i18n.translate('discover.logs.popoverAction.copyValueAriaText', { - defaultMessage: 'Copy value of {fieldName}', - values: { - fieldName, - }, - }); - -export const flyoutAccordionShowMoreText = (count: number) => - i18n.translate('discover.logs.flyoutDetail.section.showMore', { - defaultMessage: '+ {hiddenCount} more', - values: { - hiddenCount: count, - }, - }); - -export const openCellActionPopoverAriaText = i18n.translate( - 'discover.logs.popoverAction.openPopover', - { - defaultMessage: 'Open popover', - } -); - -export const closeCellActionPopoverText = i18n.translate( - 'discover.logs.popoverAction.closePopover', - { - defaultMessage: 'Close popover', - } -); - -export const contentHeaderTooltipParagraph1 = ( - log.level, - message: message, - }} - /> -); - -export const contentHeaderTooltipParagraph2 = i18n.translate( - 'discover.logs.dataTable.header.content.tooltip.paragraph2', - { - defaultMessage: 'When the message field is empty, one of the following is displayed:', - } -); - -export const resourceHeaderTooltipParagraph = i18n.translate( - 'discover.logs.dataTable.header.resource.tooltip.paragraph', - { - defaultMessage: "Fields that provide information on the document's source, such as:", - } -); - -export const actionsHeaderTooltipParagraph = i18n.translate( - 'discover.logs.dataTable.header.actions.tooltip.paragraph', - { - defaultMessage: 'Fields that provide actionable information, such as:', - } -); - -export const actionsHeaderTooltipExpandAction = i18n.translate( - 'discover.logs.dataTable.header.actions.tooltip.expand', - { defaultMessage: 'Expand log details' } -); - -export const actionsHeaderTooltipDegradedAction = ( - - _ignored - - ), - }} - /> -); - -export const actionsHeaderTooltipStacktraceAction = i18n.translate( - 'discover.logs.dataTable.header.actions.tooltip.stacktrace', - { defaultMessage: 'Access to available stacktraces based on:' } -); - -export const degradedDocButtonLabelWhenPresent = i18n.translate( - 'discover.logs.dataTable.controlColumn.actions.button.degradedDocPresent', - { - defaultMessage: - "This document couldn't be parsed correctly. Not all fields are properly populated", - } -); - -export const degradedDocButtonLabelWhenNotPresent = i18n.translate( - 'discover.logs.dataTable.controlColumn.actions.button.degradedDocNotPresent', - { - defaultMessage: 'All fields in this document were parsed correctly', - } -); - -export const stacktraceAvailableControlButton = i18n.translate( - 'discover.logs.dataTable.controlColumn.actions.button.stacktrace.available', - { - defaultMessage: 'Stacktraces available', - } -); - -export const stacktraceNotAvailableControlButton = i18n.translate( - 'discover.logs.dataTable.controlColumn.actions.button.stacktrace.notAvailable', - { - defaultMessage: 'Stacktraces not available', - } -); diff --git a/src/plugins/discover/public/context_awareness/profile_providers/common/logs_data_source_profile/accessors/get_cell_renderers.tsx b/src/plugins/discover/public/context_awareness/profile_providers/common/logs_data_source_profile/accessors/get_cell_renderers.tsx index 7e13baf8ddcf98..68349aeefa09ae 100644 --- a/src/plugins/discover/public/context_awareness/profile_providers/common/logs_data_source_profile/accessors/get_cell_renderers.tsx +++ b/src/plugins/discover/public/context_awareness/profile_providers/common/logs_data_source_profile/accessors/get_cell_renderers.tsx @@ -8,12 +8,12 @@ */ import { SOURCE_COLUMN } from '@kbn/unified-data-table'; +import { getLogLevelBadgeCell } from '@kbn/discover-contextual-components'; import { getSummaryColumn } from '../../../../../components/data_types/logs/summary_column'; import { LOG_LEVEL_FIELDS, SERVICE_NAME_FIELDS, } from '../../../../../../common/data_types/logs/constants'; -import { getLogLevelBadgeCell } from '../../../../../components/data_types/logs/log_level_badge_cell'; import { getServiceNameCell } from '../../../../../components/data_types/logs/service_name_cell'; import type { DataSourceProfileProvider } from '../../../../profiles'; diff --git a/src/plugins/discover/public/embeddable/components/saved_search_grid.tsx b/src/plugins/discover/public/embeddable/components/saved_search_grid.tsx index 23e06062d166b6..e45ad009db898a 100644 --- a/src/plugins/discover/public/embeddable/components/saved_search_grid.tsx +++ b/src/plugins/discover/public/embeddable/components/saved_search_grid.tsx @@ -9,7 +9,7 @@ import React, { useCallback, useMemo, useState } from 'react'; import type { DataTableRecord } from '@kbn/discover-utils/types'; -import { AggregateQuery, Query } from '@kbn/es-query'; +import type { AggregateQuery, Query, Filter } from '@kbn/es-query'; import type { SearchResponseWarning } from '@kbn/search-response-warnings'; import { MAX_DOC_FIELDS_DISPLAYED, SHOW_MULTIFIELDS } from '@kbn/discover-utils'; import { @@ -30,7 +30,8 @@ import { useProfileAccessor } from '../../context_awareness'; interface DiscoverGridEmbeddableProps extends Omit { sampleSizeState: number; // a required prop totalHitCount?: number; - query?: AggregateQuery | Query; + query: AggregateQuery | Query | undefined; + filters: Filter[] | undefined; interceptedWarnings?: SearchResponseWarning[]; onAddColumn: (column: string) => void; onRemoveColumn: (column: string) => void; @@ -65,6 +66,7 @@ export function DiscoverGridEmbeddable(props: DiscoverGridEmbeddableProps) { onClose={() => setExpandedDoc(undefined)} setExpandedDoc={setExpandedDoc} query={props.query} + filters={props.filters} /> ), [ @@ -73,6 +75,7 @@ export function DiscoverGridEmbeddable(props: DiscoverGridEmbeddableProps) { props.onFilter, props.onRemoveColumn, props.query, + props.filters, props.savedSearchId, ] ); diff --git a/src/plugins/discover/public/embeddable/components/search_embeddable_grid_component.tsx b/src/plugins/discover/public/embeddable/components/search_embeddable_grid_component.tsx index 50f26bcf974b3c..44d3c1685cbfef 100644 --- a/src/plugins/discover/public/embeddable/components/search_embeddable_grid_component.tsx +++ b/src/plugins/discover/public/embeddable/components/search_embeddable_grid_component.tsx @@ -17,7 +17,6 @@ import { SORT_DEFAULT_ORDER_SETTING, isLegacyTableEnabled, } from '@kbn/discover-utils'; -import { Filter } from '@kbn/es-query'; import { FetchContext, useBatchedOptionalPublishingSubjects, @@ -27,7 +26,6 @@ import { SortOrder } from '@kbn/saved-search-plugin/public'; import { SearchResponseIncompleteWarning } from '@kbn/search-response-warnings/src/types'; import { DataGridDensity, DataLoadingState, useColumns } from '@kbn/unified-data-table'; import { DocViewFilterFn } from '@kbn/unified-doc-viewer/types'; - import { DiscoverGridSettings } from '@kbn/saved-search-plugin/common'; import useObservable from 'react-use/lib/useObservable'; import { DiscoverDocTableEmbeddable } from '../../components/doc_table/create_doc_table_embeddable'; @@ -69,8 +67,8 @@ export function SearchEmbeddableGridComponent({ savedSearch, savedSearchId, interceptedWarnings, - query, - filters, + apiQuery, + apiFilters, fetchContext, rows, totalHitCount, @@ -90,6 +88,12 @@ export function SearchEmbeddableGridComponent({ stateManager.grid ); + // `api.query$` and `api.filters$` are the initial values from the saved search SO (as of now) + // `fetchContext.query` and `fetchContext.filters` are Dashboard's query and filters + + const savedSearchQuery = apiQuery; + const savedSearchFilters = apiFilters; + const [panelTitle, panelDescription, savedSearchTitle, savedSearchDescription] = useBatchedOptionalPublishingSubjects( api.panelTitle, @@ -137,7 +141,10 @@ export function SearchEmbeddableGridComponent({ settings: grid, }); - const dataSource = useMemo(() => createDataSource({ dataView, query }), [dataView, query]); + const dataSource = useMemo( + () => createDataSource({ dataView, query: savedSearchQuery }), + [dataView, savedSearchQuery] + ); const timeRange = useMemo( () => (fetchContext ? getTimeRangeFromFetchContext(fetchContext) : undefined), [fetchContext] @@ -146,8 +153,8 @@ export function SearchEmbeddableGridComponent({ const cellActionsMetadata = useAdditionalCellActions({ dataSource, dataView, - query, - filters, + query: savedSearchQuery, + filters: savedSearchFilters, timeRange, }); @@ -229,7 +236,7 @@ export function SearchEmbeddableGridComponent({ { dailyEvents, }) ); - // @ts-expect-error incomplete mock implementation const { dailyEvents } = await fetch({ soClient: soClientMock }); expect(dailyEvents).toHaveLength(5); const intersectingEntry = dailyEvents.find( diff --git a/src/plugins/kibana_usage_collection/server/collectors/common/counters.ts b/src/plugins/kibana_usage_collection/server/collectors/common/counters.ts index 9300ddcb959aa3..df0ca67a851987 100644 --- a/src/plugins/kibana_usage_collection/server/collectors/common/counters.ts +++ b/src/plugins/kibana_usage_collection/server/collectors/common/counters.ts @@ -30,7 +30,7 @@ export function createCounterFetcher( filter: string, transform: (counters: CounterEvent[]) => T ) { - return async ({ soClient }: CollectorFetchContext) => { + return async ({ soClient }: Pick) => { const finder = soClient.createPointInTimeFinder({ type: USAGE_COUNTERS_SAVED_OBJECT_TYPE, namespaces: ['*'], diff --git a/src/plugins/kibana_usage_collection/server/collectors/core/fetch_deprecated_api_counters.ts b/src/plugins/kibana_usage_collection/server/collectors/core/fetch_deprecated_api_counters.ts new file mode 100644 index 00000000000000..1c90b23e40b16d --- /dev/null +++ b/src/plugins/kibana_usage_collection/server/collectors/core/fetch_deprecated_api_counters.ts @@ -0,0 +1,69 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the "Elastic License + * 2.0", the "GNU Affero General Public License v3.0 only", and the "Server Side + * Public License v 1"; you may not use this file except in compliance with, at + * your election, the "Elastic License 2.0", the "GNU Affero General Public + * License v3.0 only", or the "Server Side Public License, v 1". + */ + +import type { Logger } from '@kbn/logging'; +import type { CoreDeprecatedApiUsageStats } from '@kbn/core-usage-data-server'; +import { USAGE_COUNTERS_SAVED_OBJECT_TYPE } from '@kbn/usage-collection-plugin/server'; + +import { createCounterFetcher, type CounterEvent } from '../common/counters'; + +const DEPRECATED_API_COUNTERS_FILTER = `${USAGE_COUNTERS_SAVED_OBJECT_TYPE}.attributes.counterType: deprecated_api_call\\:*`; + +const mergeCounter = (counter: CounterEvent, acc?: CoreDeprecatedApiUsageStats) => { + if (acc && acc?.apiId !== counter.counterName) { + throw new Error( + `Failed to merge mismatching counterNames: ${acc.apiId} with ${counter.counterName}` + ); + } + const isMarkedCounter = counter.counterType.endsWith(':marked_as_resolved'); + + const finalCounter = { + apiId: counter.counterName, + apiTotalCalls: 0, + apiLastCalledAt: 'unknown', + totalMarkedAsResolved: 0, + markedAsResolvedLastCalledAt: 'unknown', + ...(acc || {}), + }; + + if (isMarkedCounter) { + return finalCounter; + } + + const isResolvedCounter = counter.counterType.endsWith(':resolved'); + const totalKey = isResolvedCounter ? 'totalMarkedAsResolved' : 'apiTotalCalls'; + const lastUpdatedKey = isResolvedCounter ? 'markedAsResolvedLastCalledAt' : 'apiLastCalledAt'; + + const newPayload = { + [totalKey]: (finalCounter[totalKey] || 0) + counter.total, + [lastUpdatedKey]: counter.lastUpdatedAt, + }; + + return { + ...finalCounter, + ...newPayload, + }; +}; + +function mergeCounters(counters: CounterEvent[]): CoreDeprecatedApiUsageStats[] { + const mergedCounters = counters.reduce((acc, counter) => { + const { counterName } = counter; + const existingCounter = acc[counterName]; + + acc[counterName] = mergeCounter(counter, existingCounter); + + return acc; + }, {} as Record); + + return Object.values(mergedCounters); +} + +export const fetchDeprecatedApiCounterStats = (logger: Logger) => { + return createCounterFetcher(logger, DEPRECATED_API_COUNTERS_FILTER, mergeCounters); +}; diff --git a/src/plugins/kibana_usage_collection/server/collectors/core/index.ts b/src/plugins/kibana_usage_collection/server/collectors/core/index.ts index 0e0f783b0f847a..e298560893ccb9 100644 --- a/src/plugins/kibana_usage_collection/server/collectors/core/index.ts +++ b/src/plugins/kibana_usage_collection/server/collectors/core/index.ts @@ -8,3 +8,4 @@ */ export { registerCoreUsageCollector } from './core_usage_collector'; +export { fetchDeprecatedApiCounterStats } from './fetch_deprecated_api_counters'; diff --git a/src/plugins/kibana_usage_collection/server/collectors/index.ts b/src/plugins/kibana_usage_collection/server/collectors/index.ts index ef5287324ee59c..c22fb3b5697f83 100644 --- a/src/plugins/kibana_usage_collection/server/collectors/index.ts +++ b/src/plugins/kibana_usage_collection/server/collectors/index.ts @@ -17,7 +17,7 @@ export { export { registerOpsStatsCollector } from './ops_stats'; export { registerCloudProviderUsageCollector } from './cloud'; export { registerCspCollector } from './csp'; -export { registerCoreUsageCollector } from './core'; +export { registerCoreUsageCollector, fetchDeprecatedApiCounterStats } from './core'; export { registerLocalizationUsageCollector } from './localization'; export { registerConfigUsageCollector } from './config_usage'; export { registerUiCountersUsageCollector } from './ui_counters'; diff --git a/src/plugins/kibana_usage_collection/server/plugin.ts b/src/plugins/kibana_usage_collection/server/plugin.ts index bbfc010c0e0650..48fb1c6ff7b9b2 100644 --- a/src/plugins/kibana_usage_collection/server/plugin.ts +++ b/src/plugins/kibana_usage_collection/server/plugin.ts @@ -43,6 +43,7 @@ import { registerUsageCountersUsageCollector, registerSavedObjectsCountUsageCollector, registerEventLoopDelaysCollector, + fetchDeprecatedApiCounterStats, } from './collectors'; interface KibanaUsageCollectionPluginsDepsSetup { @@ -74,6 +75,10 @@ export class KibanaUsageCollectionPlugin implements Plugin { registerEbtCounters(coreSetup.analytics, usageCollection); this.eventLoopUsageCounter = usageCollection.createUsageCounter('eventLoop'); coreSetup.coreUsageData.registerUsageCounter(usageCollection.createUsageCounter('core')); + const deprecatedUsageFetch = fetchDeprecatedApiCounterStats( + this.logger.get('deprecated-api-usage') + ); + coreSetup.coreUsageData.registerDeprecatedUsageFetch(deprecatedUsageFetch); this.registerUsageCollectors( usageCollection, coreSetup, diff --git a/src/plugins/navigation/public/top_nav_menu/top_nav_menu.tsx b/src/plugins/navigation/public/top_nav_menu/top_nav_menu.tsx index 0d42b7c8f241a9..6a3dabd9a0ceb2 100644 --- a/src/plugins/navigation/public/top_nav_menu/top_nav_menu.tsx +++ b/src/plugins/navigation/public/top_nav_menu/top_nav_menu.tsx @@ -10,14 +10,15 @@ import React, { ReactElement } from 'react'; import classNames from 'classnames'; -import { MountPoint } from '@kbn/core/public'; +import type { MountPoint } from '@kbn/core/public'; import { MountPointPortal } from '@kbn/react-kibana-mount'; -import { UnifiedSearchPublicPluginStart } from '@kbn/unified-search-plugin/public'; -import { StatefulSearchBarProps } from '@kbn/unified-search-plugin/public'; -import { AggregateQuery, Query } from '@kbn/es-query'; -import { TopNavMenuData } from './top_nav_menu_data'; +import type { UnifiedSearchPublicPluginStart } from '@kbn/unified-search-plugin/public'; +import type { StatefulSearchBarProps } from '@kbn/unified-search-plugin/public'; +import type { AggregateQuery, Query } from '@kbn/es-query'; +import type { EuiBreakpointSize } from '@elastic/eui'; +import type { TopNavMenuData } from './top_nav_menu_data'; import { TopNavMenuItems } from './top_nav_menu_items'; -import { TopNavMenuBadgeProps, TopNavMenuBadges } from './top_nav_menu_badges'; +import { type TopNavMenuBadgeProps, TopNavMenuBadges } from './top_nav_menu_badges'; export type TopNavMenuProps = Omit< StatefulSearchBarProps, @@ -51,6 +52,11 @@ export type TopNavMenuProps = Omit< * ``` */ setMenuMountPoint?: (menuMount: MountPoint | undefined) => void; + + /** + * A list of named breakpoints at which to show the popover version. If not provided, it will use the default set of ['xs', 's'] that is internally provided by EUI. + */ + popoverBreakpoints?: EuiBreakpointSize[]; }; /* @@ -76,7 +82,13 @@ export function TopNavMenu( } function renderMenu(className: string): ReactElement | null { - return ; + return ( + + ); } function renderSearchBar(): ReactElement | null { diff --git a/src/plugins/navigation/public/top_nav_menu/top_nav_menu_items.tsx b/src/plugins/navigation/public/top_nav_menu/top_nav_menu_items.tsx index 48179f30ec276c..e8d118dadff7d1 100644 --- a/src/plugins/navigation/public/top_nav_menu/top_nav_menu_items.tsx +++ b/src/plugins/navigation/public/top_nav_menu/top_nav_menu_items.tsx @@ -7,21 +7,30 @@ * License v3.0 only", or the "Server Side Public License, v 1". */ -import { EuiHeaderLinks } from '@elastic/eui'; +import { EuiBreakpointSize, EuiHeaderLinks } from '@elastic/eui'; import React from 'react'; import type { TopNavMenuData } from './top_nav_menu_data'; import { TopNavMenuItem } from './top_nav_menu_item'; +interface TopNavMenuItemsProps { + config: TopNavMenuData[] | undefined; + className?: string; + popoverBreakpoints?: EuiBreakpointSize[]; +} + export const TopNavMenuItems = ({ config, className, -}: { - config: TopNavMenuData[] | undefined; - className?: string; -}) => { + popoverBreakpoints, +}: TopNavMenuItemsProps) => { if (!config || config.length === 0) return null; return ( - + {config.map((menuItem: TopNavMenuData, i: number) => { return ; })} diff --git a/src/plugins/saved_objects_management/public/management_section/objects_table/__snapshots__/saved_objects_table.test.tsx.snap b/src/plugins/saved_objects_management/public/management_section/objects_table/__snapshots__/saved_objects_table.test.tsx.snap index 92bae41b22e589..c0035886e6b99b 100644 --- a/src/plugins/saved_objects_management/public/management_section/objects_table/__snapshots__/saved_objects_table.test.tsx.snap +++ b/src/plugins/saved_objects_management/public/management_section/objects_table/__snapshots__/saved_objects_table.test.tsx.snap @@ -28,6 +28,12 @@ exports[`SavedObjectsTable delete should show a confirm modal 1`] = ` "name": "search", "namespaceType": "single", }, + Object { + "displayName": "tag", + "hidden": false, + "name": "tag", + "namespaceType": "single", + }, ] } isDeleting={false} @@ -53,7 +59,7 @@ exports[`SavedObjectsTable delete should show a confirm modal 1`] = ` exports[`SavedObjectsTable export should allow the user to choose when exporting all 1`] = `
diff --git a/src/plugins/saved_objects_management/public/management_section/objects_table/saved_objects_table.test.tsx b/src/plugins/saved_objects_management/public/management_section/objects_table/saved_objects_table.test.tsx index bdb47099f17bbb..f53cadc7b2f21e 100644 --- a/src/plugins/saved_objects_management/public/management_section/objects_table/saved_objects_table.test.tsx +++ b/src/plugins/saved_objects_management/public/management_section/objects_table/saved_objects_table.test.tsx @@ -51,7 +51,9 @@ const convertType = (type: string): SavedObjectManagementTypeInfo => ({ namespaceType: 'single', }); -const allowedTypes = ['index-pattern', 'visualization', 'dashboard', 'search'].map(convertType); +const allowedTypes = ['index-pattern', 'visualization', 'dashboard', 'search', 'tag'].map( + convertType +); const allSavedObjects = [ { @@ -82,6 +84,13 @@ const allSavedObjects = [ title: `MyViz`, }, }, + { + id: '5', + type: 'tag', + attributes: { + title: `HelloWorldTag`, + }, + }, ]; describe('SavedObjectsTable', () => { @@ -129,6 +138,7 @@ describe('SavedObjectsTable', () => { visualization: 0, dashboard: 0, search: 0, + tag: 0, }); defaultProps = { @@ -148,7 +158,7 @@ describe('SavedObjectsTable', () => { }; findObjectsMock.mockImplementation(() => ({ - total: 4, + total: 5, saved_objects: [ { id: '1', @@ -199,6 +209,14 @@ describe('SavedObjectsTable', () => { }, }, }, + { + id: '5', + type: 'tag', + meta: { + title: `HelloWorldTag`, + icon: 'tag', + }, + }, ], })); }); @@ -451,7 +469,7 @@ describe('SavedObjectsTable', () => { component.update(); await component.instance().getRelationships('search', '1'); - const savedObjectTypes = ['index-pattern', 'visualization', 'dashboard', 'search']; + const savedObjectTypes = ['index-pattern', 'visualization', 'dashboard', 'search', 'tag']; expect(getRelationshipsMock).toHaveBeenCalledWith(http, 'search', '1', savedObjectTypes); }); diff --git a/src/plugins/saved_objects_management/public/management_section/objects_table/saved_objects_table.tsx b/src/plugins/saved_objects_management/public/management_section/objects_table/saved_objects_table.tsx index 44249d30d345b7..5842701ad25a76 100644 --- a/src/plugins/saved_objects_management/public/management_section/objects_table/saved_objects_table.tsx +++ b/src/plugins/saved_objects_management/public/management_section/objects_table/saved_objects_table.tsx @@ -688,7 +688,10 @@ export class SavedObjectsTable extends Component ({ + const filtersWithoutTags = allowedTypes.filter((t) => t.name !== 'tag'); + const itemsWithoutTags = savedObjects.filter((t) => t.type !== 'tag'); + + const filterOptions = filtersWithoutTags.map((type) => ({ value: type.displayName, name: type.displayName, view: `${type.displayName} (${savedObjectCounts[type.name] || 0})`, @@ -733,7 +736,7 @@ export class SavedObjectsTable extends Component { - return aggregateReportTypes - .filter(({ reportType }) => reportType) - .map(({ reportType, label }) => { - return { id: reportType, label, 'data-test-subj': `${reportType}-radioOption` }; - }) as EuiRadioGroupOption[]; + return aggregateReportTypes.reduce((acc, { reportType, label }) => { + if (reportType) { + acc.push({ + id: reportType, + label, + 'data-test-subj': `${reportType}-radioOption`, + }); + } + return acc; + }, []); }, [aggregateReportTypes]); const [selectedRadio, setSelectedRadio] = useState( @@ -62,6 +67,7 @@ const ExportContentUi = ({ const { generateExportButton, helpText, + warnings = [], renderCopyURLButton, generateExport, generateExportUrl, @@ -168,42 +174,56 @@ const ExportContentUi = ({ return ( 0 ? 'warning' : 'primary'} onClick={getReport} data-test-subj="generateReportButton" isLoading={isCreatingExport} > - {generateExportButton} + {generateExportButton ?? ( + + )} ); - }, [generateExportButton, getReport, isCreatingExport, isDirty]); + }, [ + generateExportButton, + getReport, + isCreatingExport, + isDirty, + renderCopyURLButton, + warnings.length, + ]); const renderRadioOptions = () => { if (radioOptions.length > 1) { return ( - - setSelectedRadio(id as SupportedExportTypes)} - name="image reporting radio group" - idSelected={selectedRadio} - legend={{ - children: , - }} - /> - + <> + + + setSelectedRadio(id as SupportedExportTypes)} + name="image reporting radio group" + idSelected={selectedRadio} + legend={{ + children: , + }} + /> + + ); } }; - const renderHelpText = () => { - const showHelpText = publicAPIEnabled && isDirty; + const renderDirtyWarning = () => { return ( - showHelpText && ( + renderCopyURLButton && + publicAPIEnabled && + isDirty && ( <> - + } @@ -218,19 +238,35 @@ const ExportContentUi = ({ ); }; + const renderWarnings = (warning: { title: string; message: string }) => ( + <> + + + {warning.message} + + + ); + return ( <> - <>{helpText} - - <>{renderRadioOptions()} - {renderHelpText()} - + + {helpText ?? ( + + )} + + {renderRadioOptions()} + {renderDirtyWarning()} + {warnings.map(renderWarnings)} + - <>{renderLayoutOptionsSwitch()} - <>{showCopyURLButton()} - <>{renderGenerateReportButton()} + {renderLayoutOptionsSwitch()} + {showCopyURLButton()} + {renderGenerateReportButton()} ); diff --git a/src/plugins/share/public/components/tabs/link/link_content.tsx b/src/plugins/share/public/components/tabs/link/link_content.tsx index 389080cc37296b..0871599a524ba4 100644 --- a/src/plugins/share/public/components/tabs/link/link_content.tsx +++ b/src/plugins/share/public/components/tabs/link/link_content.tsx @@ -138,6 +138,7 @@ export const LinkContent = ({ } diff --git a/src/plugins/share/public/types.ts b/src/plugins/share/public/types.ts index 5c727dc2d299c2..930b1b1d5f1277 100644 --- a/src/plugins/share/public/types.ts +++ b/src/plugins/share/public/types.ts @@ -132,11 +132,12 @@ export interface ShareMenuItemV2 extends ShareMenuItemBase { layoutOption?: 'print'; generateCopyUrl?: URL; renderCopyURLButton?: boolean; + warnings?: Array<{ title: string; message: string }>; } export interface ShareMenuProviderV2 { readonly id: string; - getShareMenuItems: (context: ShareContext) => Array>; + getShareMenuItems: (context: ShareContext) => ShareMenuItemV2[]; } export interface ShareMenuProviderLegacy { readonly id: string; diff --git a/src/plugins/telemetry/schema/oss_plugins.json b/src/plugins/telemetry/schema/oss_plugins.json index a3e46f56841356..c71718cfaa5a6c 100644 --- a/src/plugins/telemetry/schema/oss_plugins.json +++ b/src/plugins/telemetry/schema/oss_plugins.json @@ -2098,7 +2098,7 @@ } } }, - "enterpriseSearchRelevance": { + "searchInferenceEndpoints": { "properties": { "appId": { "type": "keyword", diff --git a/src/plugins/unified_doc_viewer/kibana.jsonc b/src/plugins/unified_doc_viewer/kibana.jsonc index 56ea8951e3a2d8..6bd1b738c0ccbe 100644 --- a/src/plugins/unified_doc_viewer/kibana.jsonc +++ b/src/plugins/unified_doc_viewer/kibana.jsonc @@ -12,3 +12,4 @@ "optionalPlugins": ["fieldsMetadata"] } } + \ No newline at end of file diff --git a/src/plugins/unified_doc_viewer/public/components/doc_viewer_source/source.test.tsx b/src/plugins/unified_doc_viewer/public/components/doc_viewer_source/source.test.tsx index 5cd4d8b7ba00b2..67c4dd65a6634f 100644 --- a/src/plugins/unified_doc_viewer/public/components/doc_viewer_source/source.test.tsx +++ b/src/plugins/unified_doc_viewer/public/components/doc_viewer_source/source.test.tsx @@ -103,5 +103,7 @@ describe('Source Viewer component', () => { ); const jsonCodeEditor = comp.find(JsonCodeEditorCommon); expect(jsonCodeEditor).not.toBe(null); + expect(jsonCodeEditor.props().jsonValue).toContain('_source'); + expect(jsonCodeEditor.props().jsonValue).not.toContain('_score'); }); }); diff --git a/src/plugins/unified_doc_viewer/public/components/doc_viewer_source/source.tsx b/src/plugins/unified_doc_viewer/public/components/doc_viewer_source/source.tsx index 0dbaabb4ba55ad..5b4ba36cd03f1c 100644 --- a/src/plugins/unified_doc_viewer/public/components/doc_viewer_source/source.tsx +++ b/src/plugins/unified_doc_viewer/public/components/doc_viewer_source/source.tsx @@ -18,6 +18,7 @@ import type { DataView } from '@kbn/data-views-plugin/public'; import type { DataTableRecord } from '@kbn/discover-utils/types'; import { ElasticRequestState } from '@kbn/unified-doc-viewer'; import { isLegacyTableEnabled, SEARCH_FIELDS_FROM_SOURCE } from '@kbn/discover-utils'; +import { omit } from 'lodash'; import { getUnifiedDocViewerServices } from '../../plugin'; import { useEsDocSearch } from '../../hooks'; import { getHeight, DEFAULT_MARGIN_BOTTOM } from './get_height'; @@ -70,7 +71,7 @@ export const DocViewerSource = ({ useEffect(() => { if (requestState === ElasticRequestState.Found && hit) { - setJsonValue(JSON.stringify(hit.raw, undefined, 2)); + setJsonValue(JSON.stringify(omit(hit.raw, '_score'), undefined, 2)); } }, [requestState, hit]); diff --git a/test/analytics/plugins/analytics_ftr_helpers/server/plugin.ts b/test/analytics/plugins/analytics_ftr_helpers/server/plugin.ts index d4bf140aa4e628..f599f5651374b7 100644 --- a/test/analytics/plugins/analytics_ftr_helpers/server/plugin.ts +++ b/test/analytics/plugins/analytics_ftr_helpers/server/plugin.ts @@ -14,7 +14,7 @@ import { fetchEvents } from '../common/fetch_events'; import { CustomShipper } from './custom_shipper'; export class AnalyticsFTRHelpers implements Plugin { - public setup({ analytics, http }: CoreSetup, deps: {}) { + public setup({ analytics, http }: CoreSetup, _deps: {}) { const { optIn, registerShipper } = analytics; const events$ = new ReplaySubject(); @@ -31,7 +31,7 @@ export class AnalyticsFTRHelpers implements Plugin { }), }, }, - (context, req, res) => { + (_context, req, res) => { const { consent } = req.query; optIn({ global: { enabled: consent } }); @@ -67,7 +67,7 @@ export class AnalyticsFTRHelpers implements Plugin { }), }, }, - async (context, req, res) => { + async (_context, req, res) => { const { takeNumberOfEvents, ...options } = req.query; const events = await fetchEvents(events$, takeNumberOfEvents, options); return res.ok({ body: events }); @@ -82,10 +82,25 @@ export class AnalyticsFTRHelpers implements Plugin { eventTypes: schema.arrayOf(schema.string()), withTimeoutMs: schema.number(), fromTimestamp: schema.maybe(schema.string()), + filters: schema.maybe( + schema.recordOf( + schema.string(), + schema.recordOf( + schema.oneOf([ + schema.literal('eq'), + schema.literal('gte'), + schema.literal('gt'), + schema.literal('lte'), + schema.literal('lt'), + ]), + schema.any() + ) + ) + ), }), }, }, - async (context, req, res) => { + async (_context, req, res) => { const events = await fetchEvents(events$, Number.MAX_SAFE_INTEGER, req.query); return res.ok({ body: { count: events.length } }); } diff --git a/test/analytics/services/kibana_ebt.ts b/test/analytics/services/kibana_ebt.ts index f2b635dcbdbbe3..925bdece221d3b 100644 --- a/test/analytics/services/kibana_ebt.ts +++ b/test/analytics/services/kibana_ebt.ts @@ -28,7 +28,7 @@ export function KibanaEBTServerProvider({ getService }: FtrProviderContext): EBT setOptIn, getEvents: async ( takeNumberOfEvents, - { eventTypes = [], withTimeoutMs, fromTimestamp } = {} + { eventTypes = [], withTimeoutMs, fromTimestamp, filters } = {} ) => { await setOptIn(true); const resp = await supertest @@ -38,6 +38,7 @@ export function KibanaEBTServerProvider({ getService }: FtrProviderContext): EBT eventTypes: JSON.stringify(eventTypes), withTimeoutMs, fromTimestamp, + filters: JSON.stringify(filters), }) .set('kbn-xsrf', 'xxx') .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') @@ -45,11 +46,16 @@ export function KibanaEBTServerProvider({ getService }: FtrProviderContext): EBT return resp.body; }, - getEventCount: async ({ eventTypes = [], withTimeoutMs, fromTimestamp }) => { + getEventCount: async ({ eventTypes = [], withTimeoutMs, fromTimestamp, filters }) => { await setOptIn(true); const resp = await supertest .get(`/internal/analytics_ftr_helpers/count_events`) - .query({ eventTypes: JSON.stringify(eventTypes), withTimeoutMs, fromTimestamp }) + .query({ + eventTypes: JSON.stringify(eventTypes), + withTimeoutMs, + fromTimestamp, + filters: JSON.stringify(filters), + }) .set('kbn-xsrf', 'xxx') .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .expect(200); diff --git a/test/analytics/tests/analytics_from_the_server.ts b/test/analytics/tests/analytics_from_the_server.ts index af15d083419a32..bb1df0735107e8 100644 --- a/test/analytics/tests/analytics_from_the_server.ts +++ b/test/analytics/tests/analytics_from_the_server.ts @@ -203,6 +203,30 @@ export default function ({ getService }: FtrProviderContext) { }); expect(eventCount).to.be(1); }); + it('should return 0 events when filtering by invalid properties', async () => { + const eventCount = await ebtServerHelper.getEventCount({ + withTimeoutMs: 500, + eventTypes: ['test-plugin-lifecycle'], + filters: { + 'properties.plugin': { + eq: 'analyticsPluginB', + }, + }, + }); + expect(eventCount).to.be(0); + }); + it('should return 1 event when filtering by valid properties', async () => { + const eventCount = await ebtServerHelper.getEventCount({ + withTimeoutMs: 500, + eventTypes: ['test-plugin-lifecycle'], + filters: { + 'properties.step': { + eq: 'start', + }, + }, + }); + expect(eventCount).to.be(1); + }); }); }); }); diff --git a/test/api_integration/apis/custom_integration/integrations.ts b/test/api_integration/apis/custom_integration/integrations.ts index 26a8777e23800a..e04a119aa06ea4 100644 --- a/test/api_integration/apis/custom_integration/integrations.ts +++ b/test/api_integration/apis/custom_integration/integrations.ts @@ -25,7 +25,7 @@ export default function ({ getService }: FtrProviderContext) { expect(resp.body).to.be.an('array'); - expect(resp.body.length).to.be(55); + expect(resp.body.length).to.be(21); // Test for sample data card expect(resp.body.findIndex((c: { id: string }) => c.id === 'sample_data_all')).to.be.above( diff --git a/test/functional/apps/console/_misc_console_behavior.ts b/test/functional/apps/console/_misc_console_behavior.ts index 9da5ea362fde3a..fc53b6b37fb518 100644 --- a/test/functional/apps/console/_misc_console_behavior.ts +++ b/test/functional/apps/console/_misc_console_behavior.ts @@ -18,9 +18,7 @@ export default function ({ getService, getPageObjects }: FtrProviderContext) { const browser = getService('browser'); const PageObjects = getPageObjects(['common', 'console', 'header']); - // Failing: See https://github.com/elastic/kibana/issues/193868 - // Failing: See https://github.com/elastic/kibana/issues/193868 - describe.skip('misc console behavior', function testMiscConsoleBehavior() { + describe('misc console behavior', function testMiscConsoleBehavior() { before(async () => { await browser.setWindowSize(1200, 800); await PageObjects.common.navigateToApp('console'); @@ -156,7 +154,8 @@ export default function ({ getService, getPageObjects }: FtrProviderContext) { await PageObjects.console.openConsole(); }); - describe('customizable font size', () => { + // Failing: See https://github.com/elastic/kibana/issues/193868 + describe.skip('customizable font size', () => { it('should allow the font size to be customized', async () => { await PageObjects.console.openConfig(); await PageObjects.console.setFontSizeSetting(20); diff --git a/test/functional/apps/dashboard/group4/dashboard_listing.ts b/test/functional/apps/dashboard/group4/dashboard_listing.ts index e45016df5cfc2e..9f11f181bf51ef 100644 --- a/test/functional/apps/dashboard/group4/dashboard_listing.ts +++ b/test/functional/apps/dashboard/group4/dashboard_listing.ts @@ -17,8 +17,10 @@ export default function ({ getService, getPageObjects }: FtrProviderContext) { const listingTable = getService('listingTable'); const dashboardAddPanel = getService('dashboardAddPanel'); const testSubjects = getService('testSubjects'); + const retry = getService('retry'); - describe('dashboard listing page', function describeIndexTests() { + // Failing: See https://github.com/elastic/kibana/issues/192564 + describe.skip('dashboard listing page', function describeIndexTests() { const dashboardName = 'Dashboard Listing Test'; before(async function () { @@ -271,8 +273,12 @@ export default function ({ getService, getPageObjects }: FtrProviderContext) { await listingTable.clickItemLink('dashboard', DASHBOARD_NAME); await dashboard.waitForRenderComplete(); await dashboard.gotoDashboardLandingPage(); - const views2 = await getViewsCount(); - expect(views2).to.be(2); + + // it might take a bit for the view to be counted + await retry.try(async () => { + const views2 = await getViewsCount(); + expect(views2).to.be(2); + }); }); }); }); diff --git a/test/functional/apps/dashboard/group6/dashboard_esql_no_data.ts b/test/functional/apps/dashboard/group6/dashboard_esql_no_data.ts index 148cb95a82b110..333ac7f0153975 100644 --- a/test/functional/apps/dashboard/group6/dashboard_esql_no_data.ts +++ b/test/functional/apps/dashboard/group6/dashboard_esql_no_data.ts @@ -6,14 +6,16 @@ * your election, the "Elastic License 2.0", the "GNU Affero General Public * License v3.0 only", or the "Server Side Public License, v 1". */ +import expect from '@kbn/expect'; import { FtrProviderContext } from '../../../ftr_provider_context'; export default function ({ getService, getPageObjects }: FtrProviderContext) { const kibanaServer = getService('kibanaServer'); const testSubjects = getService('testSubjects'); - const esql = getService('esql'); - const PageObjects = getPageObjects(['discover', 'dashboard']); + const panelActions = getService('dashboardPanelActions'); + const monacoEditor = getService('monacoEditor'); + const PageObjects = getPageObjects(['dashboard']); describe('No Data Views: Try ES|QL', () => { before(async () => { @@ -26,8 +28,12 @@ export default function ({ getService, getPageObjects }: FtrProviderContext) { await testSubjects.existOrFail('noDataViewsPrompt'); await testSubjects.click('tryESQLLink'); - await PageObjects.discover.expectOnDiscover(); - await esql.expectEsqlStatement('FROM logs* | LIMIT 10'); + await PageObjects.dashboard.expectOnDashboard('New Dashboard'); + expect(await testSubjects.exists('lnsVisualizationContainer')).to.be(true); + + await panelActions.clickInlineEdit(); + const editorValue = await monacoEditor.getCodeEditorValue(); + expect(editorValue).to.eql(`FROM logs* | LIMIT 10`); }); }); } diff --git a/test/functional/apps/discover/group2_data_grid1/_data_grid_context.ts b/test/functional/apps/discover/group2_data_grid1/_data_grid_context.ts index 30c8b0da3f53ac..504217bb1a752c 100644 --- a/test/functional/apps/discover/group2_data_grid1/_data_grid_context.ts +++ b/test/functional/apps/discover/group2_data_grid1/_data_grid_context.ts @@ -104,6 +104,9 @@ export default function ({ getService, getPageObjects }: FtrProviderContext) { it('navigates to context view from embeddable', async () => { await common.navigateToApp('discover'); + await header.waitUntilLoadingHasFinished(); + await filterBar.addFilter({ field: 'extension.raw', operation: 'is', value: 'jpg' }); + await header.waitUntilLoadingHasFinished(); await discover.saveSearch('my search'); await header.waitUntilLoadingHasFinished(); @@ -134,6 +137,7 @@ export default function ({ getService, getPageObjects }: FtrProviderContext) { log.debug('document table length', nrOfDocs); return nrOfDocs === 6; }); + await filterBar.hasFilter('extension.raw', 'jpg', false); }); }); } diff --git a/test/functional/apps/discover/group3/_lens_vis.ts b/test/functional/apps/discover/group3/_lens_vis.ts index 321486a40238ee..db526fe9786105 100644 --- a/test/functional/apps/discover/group3/_lens_vis.ts +++ b/test/functional/apps/discover/group3/_lens_vis.ts @@ -110,7 +110,8 @@ export default function ({ getService, getPageObjects }: FtrProviderContext) { return seriesType; } - describe('discover lens vis', function () { + // Failing: See https://github.com/elastic/kibana/issues/197342 + describe.skip('discover lens vis', function () { before(async () => { await security.testUser.setRoles(['kibana_admin', 'test_logstash_reader']); await esArchiver.loadIfNeeded('test/functional/fixtures/es_archiver/logstash_functional'); diff --git a/test/plugin_functional/test_suites/core/deprecations.ts b/test/plugin_functional/test_suites/core/deprecations.ts index 081209e6c7dce1..b41adc7ffefa55 100644 --- a/test/plugin_functional/test_suites/core/deprecations.ts +++ b/test/plugin_functional/test_suites/core/deprecations.ts @@ -151,7 +151,7 @@ export default function ({ getService, getPageObjects }: PluginFunctionalProvide }); expect(resolveResult).to.eql({ - reason: 'This deprecation cannot be resolved automatically.', + reason: 'This deprecation cannot be resolved automatically or marked as resolved.', status: 'fail', }); }); diff --git a/tsconfig.base.json b/tsconfig.base.json index 5028780367b9c1..02adec454d2406 100644 --- a/tsconfig.base.json +++ b/tsconfig.base.json @@ -764,6 +764,8 @@ "@kbn/dev-utils/*": ["packages/kbn-dev-utils/*"], "@kbn/developer-examples-plugin": ["examples/developer_examples"], "@kbn/developer-examples-plugin/*": ["examples/developer_examples/*"], + "@kbn/discover-contextual-components": ["packages/kbn-discover-contextual-components"], + "@kbn/discover-contextual-components/*": ["packages/kbn-discover-contextual-components/*"], "@kbn/discover-customization-examples-plugin": ["examples/discover_customization_examples"], "@kbn/discover-customization-examples-plugin/*": ["examples/discover_customization_examples/*"], "@kbn/discover-enhanced-plugin": ["x-pack/plugins/discover_enhanced"], @@ -1452,6 +1454,8 @@ "@kbn/resolver-test-plugin/*": ["x-pack/test/plugin_functional/plugins/resolver_test/*"], "@kbn/response-ops-feature-flag-service": ["packages/response-ops/feature_flag_service"], "@kbn/response-ops-feature-flag-service/*": ["packages/response-ops/feature_flag_service/*"], + "@kbn/response-ops-rule-params": ["packages/response-ops/rule_params"], + "@kbn/response-ops-rule-params/*": ["packages/response-ops/rule_params/*"], "@kbn/response-stream-plugin": ["examples/response_stream"], "@kbn/response-stream-plugin/*": ["examples/response_stream/*"], "@kbn/rison": ["packages/kbn-rison"], diff --git a/versions.json b/versions.json index ff0e6d254f24e6..ac2bcf4de9b8f7 100644 --- a/versions.json +++ b/versions.json @@ -24,7 +24,7 @@ "previousMajor": true }, { - "version": "7.17.25", + "version": "7.17.26", "branch": "7.17" } ] diff --git a/x-pack/packages/index-management/index_management_shared_types/src/services/extensions_service.ts b/x-pack/packages/index-management/index_management_shared_types/src/services/extensions_service.ts index 98d981752e5842..434f18f1fa1ef1 100644 --- a/x-pack/packages/index-management/index_management_shared_types/src/services/extensions_service.ts +++ b/x-pack/packages/index-management/index_management_shared_types/src/services/extensions_service.ts @@ -31,7 +31,7 @@ export interface IndexBadge { color: EuiBadgeProps['color']; } export interface IndexDetailsPageRoute { - renderRoute: (indexName: string) => string; + renderRoute: (indexName: string, detailsTabId?: string) => string; } export interface EmptyListContent { @@ -72,5 +72,5 @@ export interface ExtensionsSetup { // sets content to render below the docs link on the mappings tab of the index page setIndexMappingsContent(content: IndexContent): void; // sets index details page route - setIndexDetailsPageRoute(route: IndexDetailsPageRoute): void; + setIndexDetailsPageRoute(route: IndexDetailsPageRoute, detailsTabId?: string): void; } diff --git a/x-pack/packages/kbn-ai-assistant-common/src/utils/filter_scopes.ts b/x-pack/packages/kbn-ai-assistant-common/src/utils/filter_scopes.ts index ff8f627b10dac0..03c3aae1dbd0cf 100644 --- a/x-pack/packages/kbn-ai-assistant-common/src/utils/filter_scopes.ts +++ b/x-pack/packages/kbn-ai-assistant-common/src/utils/filter_scopes.ts @@ -7,11 +7,15 @@ import type { AssistantScope } from '../types'; -export function filterScopes(scope?: AssistantScope) { +export function filterScopes( + scopeFilters?: AssistantScope[] +) { return function (value: T): boolean { - if (!scope || !value) { + if (!scopeFilters || !value) { return true; } - return value?.scopes ? value.scopes.includes(scope) || value.scopes.includes('all') : true; + return value?.scopes + ? value.scopes.some((scope) => [...scopeFilters, 'all'].includes(scope)) + : true; }; } diff --git a/x-pack/packages/kbn-ai-assistant/src/conversation/conversation_view.tsx b/x-pack/packages/kbn-ai-assistant/src/conversation/conversation_view.tsx index b7d5831e14f945..fe71a9585dd1e9 100644 --- a/x-pack/packages/kbn-ai-assistant/src/conversation/conversation_view.tsx +++ b/x-pack/packages/kbn-ai-assistant/src/conversation/conversation_view.tsx @@ -10,6 +10,7 @@ import { euiThemeVars } from '@kbn/ui-theme'; import React, { useEffect, useState } from 'react'; import ReactDOM from 'react-dom'; import type { AssistantScope } from '@kbn/ai-assistant-common'; +import { isEqual } from 'lodash'; import { useKibana } from '../hooks/use_kibana'; import { ConversationList, ChatBody, ChatInlineEditingContent } from '../chat'; import { useConversationKey } from '../hooks/use_conversation_key'; @@ -27,7 +28,7 @@ interface ConversationViewProps { navigateToConversation: (nextConversationId?: string) => void; getConversationHref?: (conversationId: string) => string; newConversationHref?: string; - scope?: AssistantScope; + scopes?: AssistantScope[]; } export const ConversationView: React.FC = ({ @@ -35,7 +36,7 @@ export const ConversationView: React.FC = ({ navigateToConversation, getConversationHref, newConversationHref, - scope, + scopes, }) => { const { euiTheme } = useEuiTheme(); @@ -61,10 +62,10 @@ export const ConversationView: React.FC = ({ ); useEffect(() => { - if (scope) { - service.setScope(scope); + if (scopes && !isEqual(scopes, service.getScopes())) { + service.setScopes(scopes); } - }, [scope, service]); + }, [scopes, service]); const { key: bodyKey, updateConversationIdInPlace } = useConversationKey(conversationId); diff --git a/x-pack/packages/kbn-ai-assistant/src/hooks/__storybook_mocks__/use_conversation.ts b/x-pack/packages/kbn-ai-assistant/src/hooks/__storybook_mocks__/use_conversation.ts index 8bc8f54e9ac8d5..a619164517e298 100644 --- a/x-pack/packages/kbn-ai-assistant/src/hooks/__storybook_mocks__/use_conversation.ts +++ b/x-pack/packages/kbn-ai-assistant/src/hooks/__storybook_mocks__/use_conversation.ts @@ -15,6 +15,6 @@ export function useConversation() { stop: () => {}, messages: [], saveTitle: () => {}, - scope: 'all', + scopes: ['all'], }; } diff --git a/x-pack/packages/kbn-ai-assistant/src/hooks/index.ts b/x-pack/packages/kbn-ai-assistant/src/hooks/index.ts index 41bb8a4906c11e..ddfa6c415140a1 100644 --- a/x-pack/packages/kbn-ai-assistant/src/hooks/index.ts +++ b/x-pack/packages/kbn-ai-assistant/src/hooks/index.ts @@ -8,4 +8,4 @@ export * from './use_ai_assistant_app_service'; export * from './use_ai_assistant_chat_service'; export * from './use_knowledge_base'; -export * from './use_scope'; +export * from './use_scopes'; diff --git a/x-pack/packages/kbn-ai-assistant/src/hooks/use_conversation.test.tsx b/x-pack/packages/kbn-ai-assistant/src/hooks/use_conversation.test.tsx index 02c6018a4216ce..dffca3addd34e1 100644 --- a/x-pack/packages/kbn-ai-assistant/src/hooks/use_conversation.test.tsx +++ b/x-pack/packages/kbn-ai-assistant/src/hooks/use_conversation.test.tsx @@ -55,9 +55,9 @@ const mockService: MockedService = { predefinedConversation$: new Observable(), }, navigate: jest.fn().mockReturnValue(of()), - scope$: new BehaviorSubject('all') as MockedService['scope$'], - setScope: jest.fn(), - getScope: jest.fn(), + scope$: new BehaviorSubject(['all']) as MockedService['scope$'], + setScopes: jest.fn(), + getScopes: jest.fn(), }; const mockChatService = createMockChatService(); diff --git a/x-pack/packages/kbn-ai-assistant/src/hooks/use_conversation.ts b/x-pack/packages/kbn-ai-assistant/src/hooks/use_conversation.ts index b40507a09719e5..d65fa19991334d 100644 --- a/x-pack/packages/kbn-ai-assistant/src/hooks/use_conversation.ts +++ b/x-pack/packages/kbn-ai-assistant/src/hooks/use_conversation.ts @@ -20,7 +20,7 @@ import { useAIAssistantAppService } from './use_ai_assistant_app_service'; import { useKibana } from './use_kibana'; import { useOnce } from './use_once'; import { useAbortableAsync } from './use_abortable_async'; -import { useScope } from './use_scope'; +import { useScopes } from './use_scopes'; function createNewConversation({ title = EMPTY_CONVERSATION_TITLE, @@ -62,7 +62,7 @@ export function useConversation({ onConversationUpdate, }: UseConversationProps): UseConversationResult { const service = useAIAssistantAppService(); - const scope = useScope(); + const scopes = useScopes(); const { services: { @@ -122,7 +122,7 @@ export function useConversation({ onConversationUpdate?.({ conversation: event.conversation }); }, persist: true, - scope, + scopes, }); const [displayedConversationId, setDisplayedConversationId] = useState(initialConversationId); diff --git a/x-pack/packages/kbn-ai-assistant/src/hooks/use_scope.ts b/x-pack/packages/kbn-ai-assistant/src/hooks/use_scopes.ts similarity index 79% rename from x-pack/packages/kbn-ai-assistant/src/hooks/use_scope.ts rename to x-pack/packages/kbn-ai-assistant/src/hooks/use_scopes.ts index ed752e50112937..0a8bdeed3c823a 100644 --- a/x-pack/packages/kbn-ai-assistant/src/hooks/use_scope.ts +++ b/x-pack/packages/kbn-ai-assistant/src/hooks/use_scopes.ts @@ -8,8 +8,8 @@ import { useObservable } from 'react-use/lib'; import { useAIAssistantAppService } from './use_ai_assistant_app_service'; -export const useScope = () => { +export const useScopes = () => { const service = useAIAssistantAppService(); - const scope = useObservable(service.scope$); - return scope || 'all'; + const scopes = useObservable(service.scope$); + return scopes || ['all']; }; diff --git a/x-pack/packages/kbn-ai-assistant/src/utils/create_mock_chat_service.ts b/x-pack/packages/kbn-ai-assistant/src/utils/create_mock_chat_service.ts index d7c332dc042d3b..7913b3ce78957f 100644 --- a/x-pack/packages/kbn-ai-assistant/src/utils/create_mock_chat_service.ts +++ b/x-pack/packages/kbn-ai-assistant/src/utils/create_mock_chat_service.ts @@ -32,7 +32,7 @@ export const createMockChatService = (): MockedChatService => { content: '', }, }), - getScope: jest.fn(), + getScopes: jest.fn(), }; return mockChatService; }; diff --git a/x-pack/packages/kbn-elastic-assistant/impl/assistant/api/conversations/use_fetch_current_user_conversations.test.tsx b/x-pack/packages/kbn-elastic-assistant/impl/assistant/api/conversations/use_fetch_current_user_conversations.test.tsx index 652764212e9965..f10c7d07a35d69 100644 --- a/x-pack/packages/kbn-elastic-assistant/impl/assistant/api/conversations/use_fetch_current_user_conversations.test.tsx +++ b/x-pack/packages/kbn-elastic-assistant/impl/assistant/api/conversations/use_fetch_current_user_conversations.test.tsx @@ -52,7 +52,7 @@ describe('useFetchCurrentUserConversations', () => { method: 'GET', query: { page: 1, - perPage: 100, + per_page: 99, }, version: '2023-10-31', signal: undefined, diff --git a/x-pack/packages/kbn-elastic-assistant/impl/assistant/api/conversations/use_fetch_current_user_conversations.ts b/x-pack/packages/kbn-elastic-assistant/impl/assistant/api/conversations/use_fetch_current_user_conversations.ts index 68612e3e223978..9006ca387e0865 100644 --- a/x-pack/packages/kbn-elastic-assistant/impl/assistant/api/conversations/use_fetch_current_user_conversations.ts +++ b/x-pack/packages/kbn-elastic-assistant/impl/assistant/api/conversations/use_fetch_current_user_conversations.ts @@ -15,7 +15,7 @@ import { Conversation } from '../../../assistant_context/types'; export interface FetchConversationsResponse { page: number; - perPage: number; + per_page: number; total: number; data: Conversation[]; } @@ -40,13 +40,13 @@ export interface UseFetchCurrentUserConversationsParams { */ const query = { page: 1, - perPage: 100, + per_page: 99, }; export const CONVERSATIONS_QUERY_KEYS = [ ELASTIC_AI_ASSISTANT_CONVERSATIONS_URL_FIND, query.page, - query.perPage, + query.per_page, API_VERSIONS.public.v1, ]; @@ -69,7 +69,7 @@ export const useFetchCurrentUserConversations = ({ { select: (data) => onFetch(data), keepPreviousData: true, - initialData: { page: 1, perPage: 100, total: 0, data: [] }, + initialData: { ...query, total: 0, data: [] }, refetchOnWindowFocus, enabled: isAssistantEnabled, } diff --git a/x-pack/packages/kbn-elastic-assistant/impl/assistant/conversations/conversation_settings/translations.ts b/x-pack/packages/kbn-elastic-assistant/impl/assistant/conversations/conversation_settings/translations.ts index 55852fc2a1badf..529631574e6f7d 100644 --- a/x-pack/packages/kbn-elastic-assistant/impl/assistant/conversations/conversation_settings/translations.ts +++ b/x-pack/packages/kbn-elastic-assistant/impl/assistant/conversations/conversation_settings/translations.ts @@ -59,7 +59,7 @@ export const SETTINGS_PROMPT_HELP_TEXT_TITLE = i18n.translate( export const STREAMING_TITLE = i18n.translate( 'xpack.elasticAssistant.assistant.conversations.settings.streamingTitle', { - defaultMessage: 'STREAMING', + defaultMessage: 'Streaming', } ); diff --git a/x-pack/packages/kbn-elastic-assistant/impl/assistant/helpers.test.ts b/x-pack/packages/kbn-elastic-assistant/impl/assistant/helpers.test.ts index 5559e273f06b59..26609dea821644 100644 --- a/x-pack/packages/kbn-elastic-assistant/impl/assistant/helpers.test.ts +++ b/x-pack/packages/kbn-elastic-assistant/impl/assistant/helpers.test.ts @@ -110,7 +110,7 @@ describe('helpers', () => { }; const conversationsData = { page: 1, - perPage: 10, + per_page: 10, total: 2, data: Object.values(baseConversations).map((c) => c), }; diff --git a/x-pack/packages/kbn-elastic-assistant/impl/assistant/settings/assistant_settings_management.tsx b/x-pack/packages/kbn-elastic-assistant/impl/assistant/settings/assistant_settings_management.tsx index 12b26da336e728..c0dc9046952574 100644 --- a/x-pack/packages/kbn-elastic-assistant/impl/assistant/settings/assistant_settings_management.tsx +++ b/x-pack/packages/kbn-elastic-assistant/impl/assistant/settings/assistant_settings_management.tsx @@ -37,7 +37,7 @@ interface Props { dataViews: DataViewsContract; selectedConversation: Conversation; onTabChange?: (tabId: string) => void; - currentTab?: SettingsTabs; + currentTab: SettingsTabs; } /** @@ -65,14 +65,14 @@ export const AssistantSettingsManagement: React.FC = React.memo( const tabsConfig = useMemo( () => [ - { - id: CONNECTORS_TAB, - label: i18n.CONNECTORS_MENU_ITEM, - }, { id: CONVERSATIONS_TAB, label: i18n.CONVERSATIONS_MENU_ITEM, }, + { + id: CONNECTORS_TAB, + label: i18n.CONNECTORS_MENU_ITEM, + }, { id: SYSTEM_PROMPTS_TAB, label: i18n.SYSTEM_PROMPTS_MENU_ITEM, diff --git a/x-pack/packages/kbn-elastic-assistant/impl/assistant/settings/settings_context_menu/settings_context_menu.tsx b/x-pack/packages/kbn-elastic-assistant/impl/assistant/settings/settings_context_menu/settings_context_menu.tsx index 3a19a686430064..62184cb4bbafe4 100644 --- a/x-pack/packages/kbn-elastic-assistant/impl/assistant/settings/settings_context_menu/settings_context_menu.tsx +++ b/x-pack/packages/kbn-elastic-assistant/impl/assistant/settings/settings_context_menu/settings_context_menu.tsx @@ -12,12 +12,14 @@ import { EuiContextMenuPanel, EuiContextMenuItem, EuiConfirmModal, + EuiIcon, EuiNotificationBadge, EuiPopover, EuiButtonIcon, } from '@elastic/eui'; import { css } from '@emotion/react'; import { euiThemeVars } from '@kbn/ui-theme'; +import { KnowledgeBaseTour } from '../../../tour/knowledge_base'; import { AnonymizationSettingsManagement } from '../../../data_anonymization/settings/anonymization_settings_management'; import { useAssistantContext } from '../../../..'; import * as i18n from '../../assistant_header/translations'; @@ -68,6 +70,7 @@ export const SettingsContextMenu: React.FC = React.memo( () => navigateToApp('management', { path: 'kibana/securityAiAssistantManagement', + openInNewTab: true, }), [navigateToApp] ); @@ -81,6 +84,7 @@ export const SettingsContextMenu: React.FC = React.memo( () => navigateToApp('management', { path: `kibana/securityAiAssistantManagement?tab=${KNOWLEDGE_BASE_TAB}`, + openInNewTab: true, }), [navigateToApp] ); @@ -101,6 +105,13 @@ export const SettingsContextMenu: React.FC = React.memo( data-test-subj={'ai-assistant-settings'} > {i18n.AI_ASSISTANT_SETTINGS} + , = React.memo( data-test-subj={'knowledge-base'} > {i18n.KNOWLEDGE_BASE} + , = React.memo( <> + + + } isOpen={isPopoverOpen} closePopover={closePopover} diff --git a/x-pack/packages/kbn-elastic-assistant/impl/knowledge_base/knowledge_base_settings_management/index.tsx b/x-pack/packages/kbn-elastic-assistant/impl/knowledge_base/knowledge_base_settings_management/index.tsx index b199039b4efae9..e3a86c62d1222d 100644 --- a/x-pack/packages/kbn-elastic-assistant/impl/knowledge_base/knowledge_base_settings_management/index.tsx +++ b/x-pack/packages/kbn-elastic-assistant/impl/knowledge_base/knowledge_base_settings_management/index.tsx @@ -30,6 +30,7 @@ import { } from '@kbn/elastic-assistant-common'; import { css } from '@emotion/react'; import { DataViewsContract } from '@kbn/data-views-plugin/public'; +import { KnowledgeBaseTour } from '../../tour/knowledge_base'; import { AlertsSettingsManagement } from '../../assistant/settings/alerts_settings/alerts_settings_management'; import { useKnowledgeBaseEntries } from '../../assistant/api/knowledge_base/entries/use_knowledge_base_entries'; import { useAssistantContext } from '../../assistant_context'; @@ -295,7 +296,6 @@ export const KnowledgeBaseSettingsManagement: React.FC = React.memo(({ d ); } - return ( <> @@ -412,6 +412,7 @@ export const KnowledgeBaseSettingsManagement: React.FC = React.memo(({ d

{i18n.DELETE_ENTRY_CONFIRMATION_CONTENT}

)} + ); }); diff --git a/x-pack/packages/kbn-elastic-assistant/impl/tour/const.ts b/x-pack/packages/kbn-elastic-assistant/impl/tour/const.ts new file mode 100644 index 00000000000000..1c79500792ba68 --- /dev/null +++ b/x-pack/packages/kbn-elastic-assistant/impl/tour/const.ts @@ -0,0 +1,10 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +export const NEW_FEATURES_TOUR_STORAGE_KEYS = { + KNOWLEDGE_BASE: 'elasticAssistant.knowledgeBase.newFeaturesTour.v8.16', +}; diff --git a/x-pack/packages/kbn-elastic-assistant/impl/tour/knowledge_base/index.test.tsx b/x-pack/packages/kbn-elastic-assistant/impl/tour/knowledge_base/index.test.tsx new file mode 100644 index 00000000000000..4dfd4657212f8e --- /dev/null +++ b/x-pack/packages/kbn-elastic-assistant/impl/tour/knowledge_base/index.test.tsx @@ -0,0 +1,142 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import React from 'react'; + +import { render, screen } from '@testing-library/react'; +import { EuiTourStepProps } from '@elastic/eui'; +import useLocalStorage from 'react-use/lib/useLocalStorage'; +import { KnowledgeBaseTour } from '.'; +import { TestProviders } from '../../mock/test_providers/test_providers'; +import { useAssistantContext } from '../../..'; +jest.mock('../../..'); +jest.mock('react-use/lib/useLocalStorage'); +jest.mock('@elastic/eui', () => { + const original = jest.requireActual('@elastic/eui'); + return { + ...original, + EuiTourStep: ({ children, panelProps }: EuiTourStepProps) => + children ? ( +
{children}
+ ) : ( +
+ ), + }; +}); + +describe('Attack discovery tour', () => { + const persistToLocalStorage = jest.fn(); + const navigateToApp = jest.fn(); + beforeEach(() => { + jest.clearAllMocks(); + (useAssistantContext as jest.Mock).mockReturnValue({ + navigateToApp, + assistantFeatures: { + assistantKnowledgeBaseByDefault: true, + }, + }); + jest.mocked(useLocalStorage).mockReturnValue([ + { + currentTourStep: 1, + isTourActive: true, + }, + persistToLocalStorage, + ] as unknown as ReturnType); + }); + + it('should not render any tour steps when tour is not activated', () => { + jest.mocked(useLocalStorage).mockReturnValue([ + { + currentTourStep: 1, + isTourActive: false, + }, + persistToLocalStorage, + ] as unknown as ReturnType); + render( + +

{'Hello world'}

+ , + { + wrapper: TestProviders, + } + ); + expect(screen.queryByTestId('knowledgeBase-tour-step-1')).toBeNull(); + expect(screen.queryByTestId('knowledgeBase-tour-step-2')).toBeNull(); + }); + + it('should not render any tour steps when knowledge base feature flag is not activated', () => { + (useAssistantContext as jest.Mock).mockReturnValue({ + navigateToApp, + assistantFeatures: { + assistantKnowledgeBaseByDefault: false, + }, + }); + render( + +

{'Hello world'}

+ , + { + wrapper: TestProviders, + } + ); + expect(screen.queryByTestId('knowledgeBase-tour-step-1')).toBeNull(); + expect(screen.queryByTestId('knowledgeBase-tour-step-2')).toBeNull(); + }); + + it('should not render any tour steps when tour is on step 2 and page is not knowledge base', () => { + jest.mocked(useLocalStorage).mockReturnValue([ + { + currentTourStep: 2, + isTourActive: true, + }, + persistToLocalStorage, + ] as unknown as ReturnType); + render( + +

{'Hello world'}

+ , + { + wrapper: TestProviders, + } + ); + expect(screen.queryByTestId('knowledgeBase-tour-step-1')).toBeNull(); + }); + + it('should render tour step 1 when element is mounted', async () => { + const { getByTestId } = render( + +

{'Hello world'}

+ , + { + wrapper: TestProviders, + } + ); + + expect(getByTestId('knowledgeBase-tour-step-1')).toBeInTheDocument(); + }); + + it('should render tour video when tour is on step 2 and page is knowledge base', () => { + jest.mocked(useLocalStorage).mockReturnValue([ + { + currentTourStep: 2, + isTourActive: true, + }, + persistToLocalStorage, + ] as unknown as ReturnType); + const { getByTestId } = render(, { + wrapper: TestProviders, + }); + expect(screen.queryByTestId('knowledgeBase-tour-step-1')).toBeNull(); + expect(getByTestId('knowledgeBase-tour-step-2')).toBeInTheDocument(); + }); + + it('should advance to tour step 2 when page is knowledge base', () => { + render(, { wrapper: TestProviders }); + const nextStep = persistToLocalStorage.mock.calls[0][0]; + expect(nextStep()).toEqual({ isTourActive: true, currentTourStep: 2 }); + }); +}); diff --git a/x-pack/packages/kbn-elastic-assistant/impl/tour/knowledge_base/index.tsx b/x-pack/packages/kbn-elastic-assistant/impl/tour/knowledge_base/index.tsx new file mode 100644 index 00000000000000..f7ef0252147c01 --- /dev/null +++ b/x-pack/packages/kbn-elastic-assistant/impl/tour/knowledge_base/index.tsx @@ -0,0 +1,137 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +/* + * The knowledge base tour for 8.14 + * + * */ + +import React, { useCallback, useEffect, useMemo, useState } from 'react'; +import { EuiButton, EuiButtonEmpty, EuiTourStep, EuiTourStepProps } from '@elastic/eui'; +import useLocalStorage from 'react-use/lib/useLocalStorage'; +import { KNOWLEDGE_BASE_TAB } from '../../assistant/settings/const'; +import { useAssistantContext } from '../../..'; +import { VideoToast } from './video_toast'; +import { NEW_FEATURES_TOUR_STORAGE_KEYS } from '../const'; +import { knowledgeBaseTourStepOne, tourConfig } from './step_config'; +import * as i18n from './translations'; + +interface TourState { + currentTourStep: number; + isTourActive: boolean; +} +const KnowledgeBaseTourComp: React.FC<{ + children?: EuiTourStepProps['children']; + isKbSettingsPage?: boolean; +}> = ({ children, isKbSettingsPage = false }) => { + const { + navigateToApp, + assistantFeatures: { assistantKnowledgeBaseByDefault: enableKnowledgeBaseByDefault }, + } = useAssistantContext(); + + const [tourState, setTourState] = useLocalStorage( + NEW_FEATURES_TOUR_STORAGE_KEYS.KNOWLEDGE_BASE, + tourConfig + ); + + const advanceToVideoStep = useCallback( + () => + setTourState((prev = tourConfig) => ({ + ...prev, + currentTourStep: 2, + })), + [setTourState] + ); + + useEffect(() => { + if (tourState?.isTourActive && isKbSettingsPage) { + advanceToVideoStep(); + } + }, [advanceToVideoStep, isKbSettingsPage, tourState?.isTourActive]); + + const finishTour = useCallback( + () => + setTourState((prev = tourConfig) => ({ + ...prev, + isTourActive: false, + })), + [setTourState] + ); + + const navigateToKnowledgeBase = useCallback( + () => + navigateToApp('management', { + path: `kibana/securityAiAssistantManagement?tab=${KNOWLEDGE_BASE_TAB}`, + }), + [navigateToApp] + ); + + const nextStep = useCallback(() => { + if (tourState?.currentTourStep === 1) { + navigateToKnowledgeBase(); + advanceToVideoStep(); + } + }, [tourState?.currentTourStep, navigateToKnowledgeBase, advanceToVideoStep]); + + const footerAction = useMemo( + () => [ + // if exit, set tour to the video step without navigating to the page + + {i18n.KNOWLEDGE_BASE_TOUR_EXIT} + , + // if next, set tour to the video step and navigate to the page + + {i18n.KNOWLEDGE_BASE_TRY_IT} + , + ], + [advanceToVideoStep, nextStep] + ); + + const isTestAutomation = + // @ts-ignore + window.Cypress != null || // TODO: temporary workaround to disable the tour when running in Cypress, because the tour breaks other projects Cypress tests + navigator.webdriver === true; // TODO: temporary workaround to disable the tour when running in the FTR, because the tour breaks other projects FTR tests + + const [isTimerExhausted, setIsTimerExhausted] = useState(false); + + useEffect(() => { + const timer = setTimeout(() => { + setIsTimerExhausted(true); + }, 1000); + + return () => clearTimeout(timer); + }, []); + + if (!enableKnowledgeBaseByDefault || isTestAutomation || !tourState?.isTourActive) { + return children ?? null; + } + + return tourState?.currentTourStep === 1 && children ? ( + + {children} + + ) : isKbSettingsPage ? ( + + ) : ( + children ?? null + ); +}; + +export const KnowledgeBaseTour = React.memo(KnowledgeBaseTourComp); diff --git a/x-pack/plugins/security_solution/public/attack_discovery/tour/overview.gif b/x-pack/packages/kbn-elastic-assistant/impl/tour/knowledge_base/overview.gif similarity index 100% rename from x-pack/plugins/security_solution/public/attack_discovery/tour/overview.gif rename to x-pack/packages/kbn-elastic-assistant/impl/tour/knowledge_base/overview.gif diff --git a/x-pack/plugins/security_solution/public/attack_discovery/tour/step_config.tsx b/x-pack/packages/kbn-elastic-assistant/impl/tour/knowledge_base/step_config.tsx similarity index 52% rename from x-pack/plugins/security_solution/public/attack_discovery/tour/step_config.tsx rename to x-pack/packages/kbn-elastic-assistant/impl/tour/knowledge_base/step_config.tsx index 6984cbd8542dfa..bd54fab3fbc42d 100644 --- a/x-pack/plugins/security_solution/public/attack_discovery/tour/step_config.tsx +++ b/x-pack/packages/kbn-elastic-assistant/impl/tour/knowledge_base/step_config.tsx @@ -7,14 +7,9 @@ import * as i18n from './translations'; -export const ATTACK_DISCOVERY_TOUR_CONFIG_ANCHORS = { - NAV_LINK: 'solutionSideNavItemLink-attack_discovery', -}; - -export const attackDiscoveryTourStepOne = { - title: i18n.ATTACK_DISCOVERY_TOUR_ATTACK_DISCOVERY_TITLE, - content: i18n.ATTACK_DISCOVERY_TOUR_ATTACK_DISCOVERY_DESC, - anchor: ATTACK_DISCOVERY_TOUR_CONFIG_ANCHORS.NAV_LINK, +export const knowledgeBaseTourStepOne = { + title: i18n.KNOWLEDGE_BASE_TOUR_KNOWLEDGE_BASE_TITLE, + content: i18n.KNOWLEDGE_BASE_TOUR_KNOWLEDGE_BASE_DESC, }; export const tourConfig = { diff --git a/x-pack/packages/kbn-elastic-assistant/impl/tour/knowledge_base/translations.ts b/x-pack/packages/kbn-elastic-assistant/impl/tour/knowledge_base/translations.ts new file mode 100644 index 00000000000000..4008b5425e848e --- /dev/null +++ b/x-pack/packages/kbn-elastic-assistant/impl/tour/knowledge_base/translations.ts @@ -0,0 +1,59 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { i18n } from '@kbn/i18n'; + +export const KNOWLEDGE_BASE_TOUR_KNOWLEDGE_BASE_TITLE = i18n.translate( + 'xpack.elasticAssistant.knowledgeBase.tour.navStep.title', + { + defaultMessage: 'New: Custom Knowledge Sources', + } +); + +export const KNOWLEDGE_BASE_TOUR_KNOWLEDGE_BASE_DESC = i18n.translate( + 'xpack.elasticAssistant.knowledgeBase.tour.navStep.desc', + { + defaultMessage: + 'Access the new settings menu to add custom data sources for use within the AI Assistant.', + } +); + +export const KNOWLEDGE_BASE_TOUR_VIDEO_STEP_TITLE = i18n.translate( + 'xpack.elasticAssistant.knowledgeBase.tour.videoStep.title', + { + defaultMessage: 'Introducing Custom Knowledge Sources', + } +); + +export const KNOWLEDGE_BASE_TOUR_VIDEO_STEP_DESC = i18n.translate( + 'xpack.elasticAssistant.knowledgeBase.tour.videoStep.desc', + { + defaultMessage: + 'Custom knowledge sources enable you to receive bespoke, tailored responses from the AI Assistant. Watch this video to learn how to add your own data sources and explore examples of how they can be applied in a security operations context.', + } +); + +export const KNOWLEDGE_BASE_TOUR_EXIT = i18n.translate( + 'xpack.elasticAssistant.knowledgeBase.tour.exit', + { + defaultMessage: 'Close', + } +); + +export const KNOWLEDGE_BASE_TRY_IT = i18n.translate( + 'xpack.elasticAssistant.knowledgeBase.tour.tryIt', + { + defaultMessage: 'Try it', + } +); + +export const WATCH_OVERVIEW_VIDEO = i18n.translate( + 'xpack.elasticAssistant.knowledgeBase.tour.video', + { + defaultMessage: 'Watch overview video', + } +); diff --git a/x-pack/plugins/security_solution/public/attack_discovery/tour/video_toast.test.tsx b/x-pack/packages/kbn-elastic-assistant/impl/tour/knowledge_base/video_toast.test.tsx similarity index 96% rename from x-pack/plugins/security_solution/public/attack_discovery/tour/video_toast.test.tsx rename to x-pack/packages/kbn-elastic-assistant/impl/tour/knowledge_base/video_toast.test.tsx index 18c5d852e0343a..89979efd63fef2 100644 --- a/x-pack/plugins/security_solution/public/attack_discovery/tour/video_toast.test.tsx +++ b/x-pack/packages/kbn-elastic-assistant/impl/tour/knowledge_base/video_toast.test.tsx @@ -20,7 +20,7 @@ describe('VideoToast', () => { jest.restoreAllMocks(); }); it('should render the video toast', () => { - const videoToast = screen.getByTestId('attackDiscovery-tour-step-2'); + const videoToast = screen.getByTestId('knowledgeBase-tour-step-2'); expect(videoToast).toBeInTheDocument(); }); diff --git a/x-pack/plugins/security_solution/public/attack_discovery/tour/video_toast.tsx b/x-pack/packages/kbn-elastic-assistant/impl/tour/knowledge_base/video_toast.tsx similarity index 72% rename from x-pack/plugins/security_solution/public/attack_discovery/tour/video_toast.tsx rename to x-pack/packages/kbn-elastic-assistant/impl/tour/knowledge_base/video_toast.tsx index ae44027fa801df..b1b2bfe02a1eb4 100644 --- a/x-pack/plugins/security_solution/public/attack_discovery/tour/video_toast.tsx +++ b/x-pack/packages/kbn-elastic-assistant/impl/tour/knowledge_base/video_toast.tsx @@ -19,6 +19,8 @@ import * as i18n from './translations'; import theGif from './overview.gif'; const VIDEO_CONTENT_WIDTH = 250; +// TODO before removing assistantKnowledgeBaseByDefault feature flag +// update the VIDEO_PAGE to the correct URL const VIDEO_PAGE = `https://videos.elastic.co/watch/BrDaDBAAvdygvemFKNAkBW`; const VideoComponent: React.FC<{ onClose: () => void }> = ({ onClose }) => { @@ -28,11 +30,17 @@ const VideoComponent: React.FC<{ onClose: () => void }> = ({ onClose }) => { return ( -
- +
+ void }> = ({ onClose }) => { />

- {i18n.ATTACK_DISCOVERY_TOUR_VIDEO_STEP_TITLE} + {i18n.KNOWLEDGE_BASE_TOUR_VIDEO_STEP_TITLE}

-

{i18n.ATTACK_DISCOVERY_TOUR_VIDEO_STEP_DESC}

+

{i18n.KNOWLEDGE_BASE_TOUR_VIDEO_STEP_DESC}

 diff --git a/x-pack/packages/kbn-elastic-assistant/tsconfig.json b/x-pack/packages/kbn-elastic-assistant/tsconfig.json index f1dde6cbeafeec..15009c7f702a55 100644 --- a/x-pack/packages/kbn-elastic-assistant/tsconfig.json +++ b/x-pack/packages/kbn-elastic-assistant/tsconfig.json @@ -5,7 +5,8 @@ "types": [ "jest", "node", - "react" + "react", + "@kbn/ambient-ui-types" ] }, "include": [ diff --git a/x-pack/packages/kbn-entities-schema/src/schema/entity.test.ts b/x-pack/packages/kbn-entities-schema/src/schema/entity.test.ts index c8ef7163713387..000edeadbcf833 100644 --- a/x-pack/packages/kbn-entities-schema/src/schema/entity.test.ts +++ b/x-pack/packages/kbn-entities-schema/src/schema/entity.test.ts @@ -9,19 +9,15 @@ import { entityLatestSchema, entityMetadataSchema } from './entity'; const entity = { entity: { - lastSeenTimestamp: '2024-08-06T17:03:50.722Z', - schemaVersion: 'v1', - definitionVersion: '999.999.999', - displayName: 'message_processor', - identityFields: ['log.logger', 'event.category'], + last_seen_timestamp: '2024-08-06T17:03:50.722Z', + schema_version: 'v1', + definition_version: '999.999.999', + display_name: 'message_processor', + identity_fields: ['log.logger', 'event.category'], id: '6UHVPiduEC2qk6rMjs1Jzg==', - metrics: { - logRate: 100, - errorRate: 0, - }, type: 'service', - firstSeenTimestamp: '2024-08-06T16:50:00.000Z', - definitionId: 'admin-console-services', + metrics: {}, + definition_id: 'admin-console-services', }, }; @@ -47,7 +43,7 @@ const metadata = { ingested: '2024-08-06T17:06:24.444700Z', category: '', }, - sourceIndex: ['kbn-data-forge-fake_stack.message_processor-2024-08-01'], + source_index: ['kbn-data-forge-fake_stack.message_processor-2024-08-01'], log: { logger: 'message_processor', }, diff --git a/x-pack/packages/kbn-entities-schema/src/schema/entity.ts b/x-pack/packages/kbn-entities-schema/src/schema/entity.ts index 3eb87a797ef214..9ab02e0931d9cb 100644 --- a/x-pack/packages/kbn-entities-schema/src/schema/entity.ts +++ b/x-pack/packages/kbn-entities-schema/src/schema/entity.ts @@ -11,12 +11,12 @@ import { arrayOfStringsSchema } from './common'; export const entityBaseSchema = z.object({ id: z.string(), type: z.string(), - identityFields: arrayOfStringsSchema, - displayName: z.string(), + identity_fields: arrayOfStringsSchema, + display_name: z.string(), metrics: z.record(z.string(), z.number()), - definitionVersion: z.string(), - schemaVersion: z.string(), - definitionId: z.string(), + definition_version: z.string(), + schema_version: z.string(), + definition_id: z.string(), }); export interface MetadataRecord { @@ -34,15 +34,8 @@ export const entityLatestSchema = z .object({ entity: entityBaseSchema.merge( z.object({ - lastSeenTimestamp: z.string(), + last_seen_timestamp: z.string(), }) ), }) .and(entityMetadataSchema); - -export const entityHistorySchema = z - .object({ - '@timestamp': z.string(), - entity: entityBaseSchema, - }) - .and(entityMetadataSchema); diff --git a/x-pack/packages/ml/trained_models_utils/src/constants/trained_models.ts b/x-pack/packages/ml/trained_models_utils/src/constants/trained_models.ts index 9fd3483771a9fc..c2eb7d0ed8ef31 100644 --- a/x-pack/packages/ml/trained_models_utils/src/constants/trained_models.ts +++ b/x-pack/packages/ml/trained_models_utils/src/constants/trained_models.ts @@ -287,6 +287,16 @@ export type InferenceServiceSettings = }; }; } + | { + service: 'watsonxai'; + service_settings: { + api_key: string; + url: string; + model_id: string; + project_id: string; + api_version: string; + }; + } | { service: 'amazonbedrock'; service_settings: { diff --git a/x-pack/packages/observability/logs_overview/src/components/discover_link/discover_link.tsx b/x-pack/packages/observability/logs_overview/src/components/discover_link/discover_link.tsx index fe108289985a93..676468c2f4a32f 100644 --- a/x-pack/packages/observability/logs_overview/src/components/discover_link/discover_link.tsx +++ b/x-pack/packages/observability/logs_overview/src/components/discover_link/discover_link.tsx @@ -13,11 +13,17 @@ import { i18n } from '@kbn/i18n'; import { getRouterLinkProps } from '@kbn/router-utils'; import type { SharePluginStart } from '@kbn/share-plugin/public'; import React, { useCallback, useMemo } from 'react'; -import type { IndexNameLogsSourceConfiguration } from '../../utils/logs_source'; +import type { ResolvedIndexNameLogsSourceConfiguration } from '../../utils/logs_source'; +interface LinkFilter { + filter: QueryDslQueryContainer; + meta?: { + name?: string; + }; +} export interface DiscoverLinkProps { - documentFilters?: QueryDslQueryContainer[]; - logsSource: IndexNameLogsSourceConfiguration; + documentFilters?: LinkFilter[]; + logsSource: ResolvedIndexNameLogsSourceConfiguration; timeRange: { start: string; end: string; @@ -46,10 +52,10 @@ export const DiscoverLink = React.memo( filters: documentFilters?.map((filter) => buildCustomFilter( logsSource.indexName, - filter, + filter.filter, false, false, - categorizedLogsFilterLabel, + filter.meta?.name ?? categorizedLogsFilterLabel, FilterStateStore.APP_STATE ) ), diff --git a/x-pack/packages/observability/logs_overview/src/components/log_categories/log_categories.tsx b/x-pack/packages/observability/logs_overview/src/components/log_categories/log_categories.tsx index 62046678272819..1ce45ca6b37278 100644 --- a/x-pack/packages/observability/logs_overview/src/components/log_categories/log_categories.tsx +++ b/x-pack/packages/observability/logs_overview/src/components/log_categories/log_categories.tsx @@ -14,7 +14,12 @@ import { categorizeLogsService, createCategorizeLogsServiceImplementations, } from '../../services/categorize_logs_service'; -import { IndexNameLogsSourceConfiguration } from '../../utils/logs_source'; +import { + categoryDetailsService, + createCategoryDetailsServiceImplementations, +} from '../../services/category_details_service'; +import { LogCategory } from '../../types'; +import { ResolvedIndexNameLogsSourceConfiguration } from '../../utils/logs_source'; import { LogCategoriesErrorContent } from './log_categories_error_content'; import { LogCategoriesLoadingContent } from './log_categories_loading_content'; import { @@ -25,7 +30,7 @@ import { export interface LogCategoriesProps { dependencies: LogCategoriesDependencies; documentFilters?: QueryDslQueryContainer[]; - logsSource: IndexNameLogsSourceConfiguration; + logsSource: ResolvedIndexNameLogsSourceConfiguration; // The time range could be made optional if we want to support an internal // time range picker timeRange: { @@ -61,12 +66,49 @@ export const LogCategories: React.FC = ({ } ); + const [categoryDetailsServiceState, sendToCategoryDetailsService] = useMachine( + categoryDetailsService.provide( + createCategoryDetailsServiceImplementations({ search: dependencies.search }) + ), + { + inspect: consoleInspector, + input: { + index: logsSource.indexName, + startTimestamp: timeRange.start, + endTimestamp: timeRange.end, + timeField: logsSource.timestampField, + messageField: logsSource.messageField, + additionalFilters: documentFilters, + dataView: logsSource.dataView, + }, + } + ); + const cancelOperation = useCallback(() => { sendToCategorizeLogsService({ type: 'cancel', }); }, [sendToCategorizeLogsService]); + const closeFlyout = useCallback(() => { + sendToCategoryDetailsService({ + type: 'setExpandedCategory', + category: null, + rowIndex: null, + }); + }, [sendToCategoryDetailsService]); + + const openFlyout = useCallback( + (category: LogCategory | null, rowIndex: number | null) => { + sendToCategoryDetailsService({ + type: 'setExpandedCategory', + category, + rowIndex, + }); + }, + [sendToCategoryDetailsService] + ); + if (categorizeLogsServiceState.matches('done')) { return ( = ({ logCategories={categorizeLogsServiceState.context.categories} logsSource={logsSource} timeRange={timeRange} + categoryDetailsServiceState={categoryDetailsServiceState} + onCloseFlyout={closeFlyout} + onOpenFlyout={openFlyout} /> ); } else if (categorizeLogsServiceState.matches('failed')) { diff --git a/x-pack/packages/observability/logs_overview/src/components/log_categories/log_categories_control_bar.tsx b/x-pack/packages/observability/logs_overview/src/components/log_categories/log_categories_control_bar.tsx index 4538b0ec2fd5d5..7c13ac14463204 100644 --- a/x-pack/packages/observability/logs_overview/src/components/log_categories/log_categories_control_bar.tsx +++ b/x-pack/packages/observability/logs_overview/src/components/log_categories/log_categories_control_bar.tsx @@ -8,13 +8,13 @@ import type { QueryDslQueryContainer } from '@elastic/elasticsearch/lib/api/types'; import { EuiFlexGroup, EuiFlexItem } from '@elastic/eui'; import type { SharePluginStart } from '@kbn/share-plugin/public'; -import React from 'react'; -import type { IndexNameLogsSourceConfiguration } from '../../utils/logs_source'; +import React, { useMemo } from 'react'; +import type { ResolvedIndexNameLogsSourceConfiguration } from '../../utils/logs_source'; import { DiscoverLink } from '../discover_link'; export interface LogCategoriesControlBarProps { documentFilters?: QueryDslQueryContainer[]; - logsSource: IndexNameLogsSourceConfiguration; + logsSource: ResolvedIndexNameLogsSourceConfiguration; timeRange: { start: string; end: string; @@ -28,12 +28,17 @@ export interface LogCategoriesControlBarDependencies { export const LogCategoriesControlBar: React.FC = React.memo( ({ dependencies, documentFilters, logsSource, timeRange }) => { + const linkFilters = useMemo( + () => documentFilters?.map((filter) => ({ filter })), + [documentFilters] + ); + return ( diff --git a/x-pack/packages/observability/logs_overview/src/components/log_categories/log_categories_grid.tsx b/x-pack/packages/observability/logs_overview/src/components/log_categories/log_categories_grid.tsx index d9e960685de99e..badd316371ec66 100644 --- a/x-pack/packages/observability/logs_overview/src/components/log_categories/log_categories_grid.tsx +++ b/x-pack/packages/observability/logs_overview/src/components/log_categories/log_categories_grid.tsx @@ -25,10 +25,14 @@ import { logCategoriesGridColumns, renderLogCategoriesGridCell, } from './log_categories_grid_cell'; +import { createLogCategoriesGridControlColumns } from './log_categories_grid_control_columns'; export interface LogCategoriesGridProps { dependencies: LogCategoriesGridDependencies; logCategories: LogCategory[]; + expandedRowIndex: number | null; + onOpenFlyout: (category: LogCategory, rowIndex: number) => void; + onCloseFlyout: () => void; } export type LogCategoriesGridDependencies = LogCategoriesGridCellDependencies; @@ -36,6 +40,9 @@ export type LogCategoriesGridDependencies = LogCategoriesGridCellDependencies; export const LogCategoriesGrid: React.FC = ({ dependencies, logCategories, + expandedRowIndex, + onOpenFlyout, + onCloseFlyout, }) => { const [gridState, dispatchGridEvent] = useMachine(gridStateService, { input: { @@ -93,6 +100,11 @@ export const LogCategoriesGrid: React.FC = ({ onSort: (sortingColumns) => dispatchGridEvent({ type: 'changeSortingColumns', sortingColumns }), }} + leadingControlColumns={createLogCategoriesGridControlColumns({ + expandedRowIndex, + onOpenFlyout, + onCloseFlyout, + })} /> ); }; diff --git a/x-pack/packages/observability/logs_overview/src/components/log_categories/log_categories_grid_cell.tsx b/x-pack/packages/observability/logs_overview/src/components/log_categories/log_categories_grid_cell.tsx index d6ab4969eaf7bc..7e40d192df2270 100644 --- a/x-pack/packages/observability/logs_overview/src/components/log_categories/log_categories_grid_cell.tsx +++ b/x-pack/packages/observability/logs_overview/src/components/log_categories/log_categories_grid_cell.tsx @@ -83,7 +83,7 @@ export type LogCategoriesGridColumnId = (typeof logCategoriesGridColumns)[number const cellContextKey = 'cellContext'; -const getCellContext = (cellContext: object): LogCategoriesGridCellContext => +export const getCellContext = (cellContext: object): LogCategoriesGridCellContext => (cellContextKey in cellContext ? cellContext[cellContextKey] : {}) as LogCategoriesGridCellContext; diff --git a/x-pack/packages/observability/logs_overview/src/components/log_categories/log_categories_grid_control_columns.tsx b/x-pack/packages/observability/logs_overview/src/components/log_categories/log_categories_grid_control_columns.tsx new file mode 100644 index 00000000000000..546754ae1cc5b2 --- /dev/null +++ b/x-pack/packages/observability/logs_overview/src/components/log_categories/log_categories_grid_control_columns.tsx @@ -0,0 +1,45 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { EuiScreenReaderOnly } from '@elastic/eui'; +import { i18n } from '@kbn/i18n'; +import React from 'react'; +import { LogCategory } from '../../types'; +import { createLogCategoriesGridExpandButton } from './log_categories_grid_expand_button'; + +const DEFAULT_CONTROL_COLUMN_WIDTH = 40; + +interface ControlColumnsProps { + expandedRowIndex: number | null; + onOpenFlyout: (category: LogCategory, rowIndex: number) => void; + onCloseFlyout: () => void; +} + +export const createLogCategoriesGridControlColumns = (props: ControlColumnsProps) => { + const { expandedRowIndex, onOpenFlyout, onCloseFlyout } = props; + + return [ + { + id: 'toggleFlyout', + width: DEFAULT_CONTROL_COLUMN_WIDTH, + headerCellRender: () => ( + + + {i18n.translate('xpack.observabilityLogsOverview.controlColumnHeader', { + defaultMessage: 'Control column', + })} + + + ), + rowCellRender: createLogCategoriesGridExpandButton({ + expandedRowIndex, + onOpenFlyout, + onCloseFlyout, + }), + }, + ]; +}; diff --git a/x-pack/packages/observability/logs_overview/src/components/log_categories/log_categories_grid_expand_button.tsx b/x-pack/packages/observability/logs_overview/src/components/log_categories/log_categories_grid_expand_button.tsx new file mode 100644 index 00000000000000..34c8e72e2d91ab --- /dev/null +++ b/x-pack/packages/observability/logs_overview/src/components/log_categories/log_categories_grid_expand_button.tsx @@ -0,0 +1,71 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { EuiButtonIcon, EuiToolTip, RenderCellValue } from '@elastic/eui'; +import { i18n } from '@kbn/i18n'; +import React, { useCallback } from 'react'; +import { LogCategory } from '../../types'; +import { getCellContext } from './log_categories_grid_cell'; + +interface CreateLogCategoriesGridExpandButtonProps { + expandedRowIndex: number | null; + onOpenFlyout: (category: LogCategory, rowIndex: number) => void; + onCloseFlyout: () => void; +} + +export const createLogCategoriesGridExpandButton = + ({ + expandedRowIndex, + onOpenFlyout, + onCloseFlyout, + }: CreateLogCategoriesGridExpandButtonProps): RenderCellValue => + (props) => { + const { rowIndex } = props; + const { logCategories } = getCellContext(props); + const logCategory = logCategories[rowIndex]; + const isCurrentRowExpanded = expandedRowIndex === rowIndex; + const onClickHandler = useCallback(() => { + if (isCurrentRowExpanded) { + onCloseFlyout(); + } else { + onOpenFlyout(logCategory, rowIndex); + } + }, [isCurrentRowExpanded, logCategory, rowIndex]); + + return ( + + ); + }; + +interface ExpandButtonProps { + isCurrentRowExpanded: boolean; + onClickHandler: () => void; +} + +const ExpandButton: React.FC = ({ isCurrentRowExpanded, onClickHandler }) => { + return ( + + + + ); +}; + +const buttonLabel = i18n.translate( + 'xpack.observabilityLogsOverview.logCategoriesGrid.controlColumns.toggleFlyout', + { + defaultMessage: 'Toggle flyout with details', + } +); diff --git a/x-pack/packages/observability/logs_overview/src/components/log_categories/log_categories_grid_pattern_cell.tsx b/x-pack/packages/observability/logs_overview/src/components/log_categories/log_categories_grid_pattern_cell.tsx index d507487a99e3c7..7507ab5b23f44f 100644 --- a/x-pack/packages/observability/logs_overview/src/components/log_categories/log_categories_grid_pattern_cell.tsx +++ b/x-pack/packages/observability/logs_overview/src/components/log_categories/log_categories_grid_pattern_cell.tsx @@ -5,11 +5,11 @@ * 2.0. */ -import { EuiDataGridColumn, useEuiTheme } from '@elastic/eui'; -import { css } from '@emotion/react'; +import { EuiDataGridColumn } from '@elastic/eui'; import { i18n } from '@kbn/i18n'; -import React, { useMemo } from 'react'; +import React from 'react'; import { LogCategory } from '../../types'; +import { LogCategoryPattern } from '../shared/log_category_pattern'; export const logCategoriesGridPatternColumn = { id: 'pattern' as const, @@ -27,34 +27,5 @@ export interface LogCategoriesGridPatternCellProps { export const LogCategoriesGridPatternCell: React.FC = ({ logCategory, }) => { - const theme = useEuiTheme(); - const { euiTheme } = theme; - const termsList = useMemo(() => logCategory.terms.split(' '), [logCategory.terms]); - - const commonStyle = css` - display: inline-block; - font-family: ${euiTheme.font.familyCode}; - margin-right: ${euiTheme.size.xs}; - `; - - const termStyle = css` - ${commonStyle}; - `; - - const separatorStyle = css` - ${commonStyle}; - color: ${euiTheme.colors.successText}; - `; - - return ( - 
-      
*

-      {termsList.map((term, index) => (
-        
-          
{term}

-          
*

-        
-      ))}
-
- ); + return ; }; diff --git a/x-pack/packages/observability/logs_overview/src/components/log_categories/log_categories_result_content.tsx b/x-pack/packages/observability/logs_overview/src/components/log_categories/log_categories_result_content.tsx index e16bdda7cb44ae..c2b1a0989c2ec9 100644 --- a/x-pack/packages/observability/logs_overview/src/components/log_categories/log_categories_result_content.tsx +++ b/x-pack/packages/observability/logs_overview/src/components/log_categories/log_categories_result_content.tsx @@ -9,8 +9,14 @@ import type { QueryDslQueryContainer } from '@elastic/elasticsearch/lib/api/type import { EuiEmptyPrompt, EuiFlexGroup, EuiFlexItem } from '@elastic/eui'; import { i18n } from '@kbn/i18n'; import React from 'react'; +import { StateFrom } from 'xstate5'; +import { categoryDetailsService } from '../../services/category_details_service'; import { LogCategory } from '../../types'; -import { IndexNameLogsSourceConfiguration } from '../../utils/logs_source'; +import { ResolvedIndexNameLogsSourceConfiguration } from '../../utils/logs_source'; +import { + LogCategoriesFlyoutDependencies, + LogCategoryDetailsFlyout, +} from '../log_category_details/log_category_details_flyout'; import { LogCategoriesControlBar, LogCategoriesControlBarDependencies, @@ -21,15 +27,19 @@ export interface LogCategoriesResultContentProps { dependencies: LogCategoriesResultContentDependencies; documentFilters?: QueryDslQueryContainer[]; logCategories: LogCategory[]; - logsSource: IndexNameLogsSourceConfiguration; + logsSource: ResolvedIndexNameLogsSourceConfiguration; timeRange: { start: string; end: string; }; + categoryDetailsServiceState: StateFrom; + onCloseFlyout: () => void; + onOpenFlyout: (category: LogCategory, rowIndex: number) => void; } export type LogCategoriesResultContentDependencies = LogCategoriesControlBarDependencies & - LogCategoriesGridDependencies; + LogCategoriesGridDependencies & + LogCategoriesFlyoutDependencies; export const LogCategoriesResultContent: React.FC = ({ dependencies, @@ -37,6 +47,9 @@ export const LogCategoriesResultContent: React.FC { if (logCategories.length === 0) { return ; @@ -52,7 +65,24 @@ export const LogCategoriesResultContent: React.FC - + + {categoryDetailsServiceState.context.expandedCategory && ( + + )} ); diff --git a/x-pack/packages/observability/logs_overview/src/components/log_category_details/log_category_details_error_content.tsx b/x-pack/packages/observability/logs_overview/src/components/log_category_details/log_category_details_error_content.tsx new file mode 100644 index 00000000000000..509d35b0068e51 --- /dev/null +++ b/x-pack/packages/observability/logs_overview/src/components/log_category_details/log_category_details_error_content.tsx @@ -0,0 +1,41 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { EuiCodeBlock, EuiEmptyPrompt } from '@elastic/eui'; +import { i18n } from '@kbn/i18n'; +import React from 'react'; + +export interface LogCategoryDetailsErrorContentProps { + error?: Error; + title: string; +} + +export const LogCategoryDetailsErrorContent: React.FC = ({ + error, + title, +}) => { + return ( + {title}} + body={ + +

{error?.stack ?? error?.toString() ?? unknownErrorDescription}

+ + } + layout="vertical" + /> + ); +}; + +const unknownErrorDescription = i18n.translate( + 'xpack.observabilityLogsOverview.logCategoryDetails.unknownErrorDescription', + { + defaultMessage: 'An unspecified error occurred.', + } +); diff --git a/x-pack/packages/observability/logs_overview/src/components/log_category_details/log_category_details_flyout.tsx b/x-pack/packages/observability/logs_overview/src/components/log_category_details/log_category_details_flyout.tsx new file mode 100644 index 00000000000000..2f478c771dbfa0 --- /dev/null +++ b/x-pack/packages/observability/logs_overview/src/components/log_category_details/log_category_details_flyout.tsx @@ -0,0 +1,139 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { + EuiFlexGroup, + EuiFlexItem, + EuiFlyout, + EuiFlyoutBody, + EuiFlyoutHeader, + EuiSpacer, + EuiTitle, + useGeneratedHtmlId, +} from '@elastic/eui'; +import React, { useMemo } from 'react'; +import { FormattedMessage } from '@kbn/i18n-react'; +import { StateFrom } from 'xstate5'; +import { i18n } from '@kbn/i18n'; +import { QueryDslQueryContainer } from '@kbn/data-views-plugin/common/types'; +import { LogCategory } from '../../types'; +import { LogCategoryPattern } from '../shared/log_category_pattern'; +import { categoryDetailsService } from '../../services/category_details_service'; +import { + LogCategoryDocumentExamplesTable, + LogCategoryDocumentExamplesTableDependencies, +} from './log_category_document_examples_table'; +import { type ResolvedIndexNameLogsSourceConfiguration } from '../../utils/logs_source'; +import { LogCategoryDetailsLoadingContent } from './log_category_details_loading_content'; +import { LogCategoryDetailsErrorContent } from './log_category_details_error_content'; +import { DiscoverLink } from '../discover_link'; +import { createCategoryQuery } from '../../services/categorize_logs_service/queries'; + +export type LogCategoriesFlyoutDependencies = LogCategoryDocumentExamplesTableDependencies; + +interface LogCategoryDetailsFlyoutProps { + onCloseFlyout: () => void; + logCategory: LogCategory; + categoryDetailsServiceState: StateFrom; + dependencies: LogCategoriesFlyoutDependencies; + logsSource: ResolvedIndexNameLogsSourceConfiguration; + documentFilters?: QueryDslQueryContainer[]; + timeRange: { + start: string; + end: string; + }; +} + +export const LogCategoryDetailsFlyout: React.FC = ({ + onCloseFlyout, + logCategory, + categoryDetailsServiceState, + dependencies, + logsSource, + documentFilters, + timeRange, +}) => { + const flyoutTitleId = useGeneratedHtmlId({ + prefix: 'flyoutTitle', + }); + + const linkFilters = useMemo(() => { + return [ + ...(documentFilters ? documentFilters.map((filter) => ({ filter })) : []), + { + filter: createCategoryQuery(logsSource.messageField)(logCategory.terms), + meta: { + name: i18n.translate( + 'xpack.observabilityLogsOverview.logCategoryDetailsFlyout.discoverLinkFilterName', + { + defaultMessage: 'Category: {terms}', + values: { + terms: logCategory.terms, + }, + } + ), + }, + }, + ]; + }, [documentFilters, logCategory.terms, logsSource.messageField]); + + return ( + onCloseFlyout()} aria-labelledby={flyoutTitleId}> + + + + +

+ +

+ + + + + + + + + + + {categoryDetailsServiceState.matches({ hasCategory: 'fetchingDocuments' }) ? ( + + ) : categoryDetailsServiceState.matches({ hasCategory: 'error' }) ? ( + + ) : ( + + )} + + + ); +}; diff --git a/x-pack/packages/observability/logs_overview/src/components/log_category_details/log_category_details_loading_content.tsx b/x-pack/packages/observability/logs_overview/src/components/log_category_details/log_category_details_loading_content.tsx new file mode 100644 index 00000000000000..fd6aa50a382212 --- /dev/null +++ b/x-pack/packages/observability/logs_overview/src/components/log_category_details/log_category_details_loading_content.tsx @@ -0,0 +1,19 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { EuiEmptyPrompt, EuiLoadingSpinner } from '@elastic/eui'; +import React from 'react'; + +interface LogCategoryDetailsLoadingContentProps { + message: string; +} + +export const LogCategoryDetailsLoadingContent: React.FC = ({ + message, +}) => { + return } title={

{message}

} />; +}; diff --git a/x-pack/packages/observability/logs_overview/src/components/log_category_details/log_category_document_examples_table.tsx b/x-pack/packages/observability/logs_overview/src/components/log_category_details/log_category_document_examples_table.tsx new file mode 100644 index 00000000000000..6b43fa86fe49ec --- /dev/null +++ b/x-pack/packages/observability/logs_overview/src/components/log_category_details/log_category_document_examples_table.tsx @@ -0,0 +1,151 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { EuiBasicTable, EuiBasicTableColumn, EuiSpacer, EuiText } from '@elastic/eui'; +import React, { useMemo } from 'react'; +import { i18n } from '@kbn/i18n'; +import { DataGridDensity, ROWS_HEIGHT_OPTIONS } from '@kbn/unified-data-table'; +import moment from 'moment'; +import type { SettingsStart } from '@kbn/core-ui-settings-browser'; +import type { FieldFormatsStart } from '@kbn/field-formats-plugin/public'; +import type { SharePluginStart } from '@kbn/share-plugin/public'; +import { CoreStart } from '@kbn/core-lifecycle-browser'; +import { getLogLevelBadgeCell, LazySummaryColumn } from '@kbn/discover-contextual-components'; +import type { LogCategoryDocument } from '../../services/category_details_service/types'; +import { type ResolvedIndexNameLogsSourceConfiguration } from '../../utils/logs_source'; + +export interface LogCategoryDocumentExamplesTableDependencies { + core: CoreStart; + uiSettings: SettingsStart; + fieldFormats: FieldFormatsStart; + share: SharePluginStart; +} + +export interface LogCategoryDocumentExamplesTableProps { + dependencies: LogCategoryDocumentExamplesTableDependencies; + categoryDocuments: LogCategoryDocument[]; + logsSource: ResolvedIndexNameLogsSourceConfiguration; +} + +const TimestampCell = ({ + dependencies, + timestamp, +}: { + dependencies: LogCategoryDocumentExamplesTableDependencies; + timestamp?: string | number; +}) => { + const dateFormat = useMemo( + () => dependencies.uiSettings.client.get('dateFormat'), + [dependencies.uiSettings.client] + ); + if (!timestamp) return null; + + if (dateFormat) { + return <>{moment(timestamp).format(dateFormat)}; + } else { + return <>{timestamp}; + } +}; + +const LogLevelBadgeCell = getLogLevelBadgeCell('log.level'); + +export const LogCategoryDocumentExamplesTable: React.FC = ({ + categoryDocuments, + dependencies, + logsSource, +}) => { + const columns: Array> = [ + { + field: 'row', + name: 'Timestamp', + width: '25%', + render: (row: any) => { + return ( + + ); + }, + }, + { + field: 'row', + name: 'Log level', + width: '10%', + render: (row: any) => { + return ( + {}} + closePopover={() => {}} + /> + ); + }, + }, + { + field: 'row', + name: 'Summary', + width: '65%', + render: (row: any) => { + return ( + {}} + closePopover={() => {}} + density={DataGridDensity.COMPACT} + rowHeight={ROWS_HEIGHT_OPTIONS.single} + shouldShowFieldHandler={() => false} + core={dependencies.core} + share={dependencies.share} + /> + ); + }, + }, + ]; + return ( + <> + + {i18n.translate( + 'xpack.observabilityLogsOverview.logCategoryDocumentExamplesTable.documentCountText', + { + defaultMessage: 'Displaying the latest {documentsCount} documents.', + values: { + documentsCount: categoryDocuments.length, + }, + } + )} + + + + + ); +}; diff --git a/x-pack/packages/observability/logs_overview/src/components/logs_overview/logs_overview.tsx b/x-pack/packages/observability/logs_overview/src/components/logs_overview/logs_overview.tsx index 988656eb1571e2..77535228f7af66 100644 --- a/x-pack/packages/observability/logs_overview/src/components/logs_overview/logs_overview.tsx +++ b/x-pack/packages/observability/logs_overview/src/components/logs_overview/logs_overview.tsx @@ -9,6 +9,7 @@ import { QueryDslQueryContainer } from '@elastic/elasticsearch/lib/api/types'; import { type LogsDataAccessPluginStart } from '@kbn/logs-data-access-plugin/public'; import React from 'react'; import useAsync from 'react-use/lib/useAsync'; +import { DataViewsContract } from '@kbn/data-views-plugin/public'; import { LogsSourceConfiguration, normalizeLogsSource } from '../../utils/logs_source'; import { LogCategories, LogCategoriesDependencies } from '../log_categories'; import { LogsOverviewErrorContent } from './logs_overview_error_content'; @@ -26,6 +27,7 @@ export interface LogsOverviewProps { export type LogsOverviewDependencies = LogCategoriesDependencies & { logsDataAccess: LogsDataAccessPluginStart; + dataViews: DataViewsContract; }; export const LogsOverview: React.FC = React.memo( @@ -36,8 +38,12 @@ export const LogsOverview: React.FC = React.memo( timeRange, }) => { const normalizedLogsSource = useAsync( - () => normalizeLogsSource({ logsDataAccess: dependencies.logsDataAccess })(logsSource), - [dependencies.logsDataAccess, logsSource] + () => + normalizeLogsSource({ + logsDataAccess: dependencies.logsDataAccess, + dataViewsService: dependencies.dataViews, + })(logsSource), + [dependencies.dataViews, dependencies.logsDataAccess, logsSource] ); if (normalizedLogsSource.loading) { diff --git a/x-pack/packages/observability/logs_overview/src/components/shared/log_category_pattern.tsx b/x-pack/packages/observability/logs_overview/src/components/shared/log_category_pattern.tsx new file mode 100644 index 00000000000000..8a8deb5918324b --- /dev/null +++ b/x-pack/packages/observability/logs_overview/src/components/shared/log_category_pattern.tsx @@ -0,0 +1,50 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { useEuiTheme } from '@elastic/eui'; +import { useMemo } from 'react'; +import { css } from '@emotion/react'; +import React from 'react'; +import { getLogCategoryTerms } from '../../utils/log_category'; +import { LogCategory } from '../../types'; + +interface LogCategoryPatternProps { + logCategory: LogCategory; +} + +export const LogCategoryPattern: React.FC = ({ logCategory }) => { + const theme = useEuiTheme(); + const { euiTheme } = theme; + const termsList = useMemo(() => getLogCategoryTerms(logCategory), [logCategory]); + + const commonStyle = css` + display: inline-block; + font-family: ${euiTheme.font.familyCode}; + margin-right: ${euiTheme.size.xs}; + `; + + const termStyle = css` + ${commonStyle}; + `; + + const separatorStyle = css` + ${commonStyle}; + color: ${euiTheme.colors.successText}; + `; + + return ( + 
+      
*

+      {termsList.map((term, index) => (
+        
+          
{term}

+          
*

+        
+      ))}
+
+ ); +}; diff --git a/x-pack/packages/observability/logs_overview/src/services/category_details_service/category_details_service.ts b/x-pack/packages/observability/logs_overview/src/services/category_details_service/category_details_service.ts new file mode 100644 index 00000000000000..958f7175486003 --- /dev/null +++ b/x-pack/packages/observability/logs_overview/src/services/category_details_service/category_details_service.ts @@ -0,0 +1,191 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { MachineImplementationsFrom, assign, setup } from 'xstate5'; +import { LogCategory } from '../../types'; +import { getPlaceholderFor } from '../../utils/xstate5_utils'; +import { + CategoryDetailsServiceDependencies, + LogCategoryDocument, + LogCategoryDetailsParams, +} from './types'; +import { getCategoryDocuments } from './category_documents'; + +export const categoryDetailsService = setup({ + types: { + input: {} as LogCategoryDetailsParams, + output: {} as { + categoryDocuments: LogCategoryDocument[] | null; + }, + context: {} as { + parameters: LogCategoryDetailsParams; + error?: Error; + expandedRowIndex: number | null; + expandedCategory: LogCategory | null; + categoryDocuments: LogCategoryDocument[]; + }, + events: {} as + | { + type: 'cancel'; + } + | { + type: 'setExpandedCategory'; + rowIndex: number | null; + category: LogCategory | null; + }, + }, + actors: { + getCategoryDocuments: getPlaceholderFor(getCategoryDocuments), + }, + actions: { + storeCategory: assign( + ({ context, event }, params: { category: LogCategory | null; rowIndex: number | null }) => ({ + expandedCategory: params.category, + expandedRowIndex: params.rowIndex, + }) + ), + storeDocuments: assign( + ({ context, event }, params: { categoryDocuments: LogCategoryDocument[] }) => ({ + categoryDocuments: params.categoryDocuments, + }) + ), + storeError: assign((_, params: { error: unknown }) => ({ + error: params.error instanceof Error ? params.error : new Error(String(params.error)), + })), + }, + guards: { + hasCategory: (_guardArgs, params: { expandedCategory: LogCategory | null }) => + params.expandedCategory !== null, + hasDocumentExamples: ( + _guardArgs, + params: { categoryDocuments: LogCategoryDocument[] | null } + ) => params.categoryDocuments !== null && params.categoryDocuments.length > 0, + }, +}).createMachine({ + /** @xstate-layout N4IgpgJg5mDOIC5QGMCGAXMUD2AnAlgF5gAy2UsAdMtgK4B26+9UAItsrQLZiOwDEEbPTCVmAN2wBrUWkw4CxMhWp1GzNh2690sBBI4Z8wgNoAGALrmLiUAAdssfE2G2QAD0QBmMwA5KACy+AQFmob4AjABMwQBsADQgAJ6IkYEAnJkA7FmxZlERmQGxAL4liXJYeESk5FQ0DEws7Jw8fILCogYy1BhVirUqDerNWm26+vSScsb01iYRNkggDk4u9G6eCD7+QSFhftFxiSkIvgCsWZSxEVlRsbFZ52Zm515lFX0KNcr1ak2aVo6ARCERiKbSWRfapKOqqRoaFraPiTaZGUyWExRJb2RzOWabbx+QLBULhI7FE7eWL+F45GnRPIRZkfECVb6wob-RFjYH8MC4XB4Sh2AA2GAAZnguL15DDBn8EaMgSiDDMMVZLG5VvjXMstjsSftyTFKclEOdzgFKF5zukvA8zBFnl50udWez5b94SNAcjdPw0PRkGBRdZtXj1oTtsS9mTDqaEuaEBF8udKFkIr5fK6olkzOksgEPdCBt6JWB0MgABYaADKqC4YsgAGFS-g4B0wd0oXKBg2m6LW+24OHljqo-rEMzbpQos8-K7fC9CknTrF0rEbbb0oVMoWIgF3eU2e3OVQK1XaywB82IG2+x2BAKhbgReL0FLcDLPf3G3eH36J8x1xNYCSnFNmSuecXhzdJlydTcqQQLJfHSOc0PyLJN3SMxYiPEtH3PShLxret-yHe8RwEIMQzDLVx0jcDQC2GdoIXOCENXZDsyiOcAiiKJ0iiPDLi8V1CKA4jSOvKAACUwC4VBmA0QDvk7UEughHpfxqBSlJUlg1OqUcGNA3UNggrMs347IjzdaIvGQwSvECXI8k3Z43gEiJJI5BUSMrMiWH05T6FU6j+UFYUxUlaVZSksBQsMqBjIIUycRWJi9RY6dIn8KIAjsu1zkc5CAmiG1fBiaIzB8B0QmPT4iICmSNGS8KjMi2jQxArKwJyjw8pswriocqInOTLwIi3ASD1yQpswCd5WXobAIDgNxdPPCMBss3KEAAWjXRBDvTfcLsu9Jlr8r04WGAEkXGeBGL26MBOQzIt2ut4cwmirCt8W6yzhNqbwo4dH0216LOjTMIjnBdYhK1DYgdHjihtZbUIdWIXJuYGflBoLZI6iKoZe8zJwOw9KtGt1kbuTcsmQrwi0oeCQjzZ5blwt1Cek5TKN22GIIKZbAgKC45pyLyeLwtz4Kyabs1QgWAs0kXqaGhBxdcnzpaE2XXmch0MORmaBJeLwjbKMogA */ + id: 'logCategoryDetails', + context: ({ input }) => ({ + expandedCategory: null, + expandedRowIndex: null, + categoryDocuments: [], + parameters: input, + }), + initial: 'idle', + states: { + idle: { + on: { + setExpandedCategory: { + target: 'checkingCategoryState', + actions: [ + { + type: 'storeCategory', + params: ({ event }) => event, + }, + ], + }, + }, + }, + checkingCategoryState: { + always: [ + { + guard: { + type: 'hasCategory', + params: ({ event, context }) => { + return { + expandedCategory: context.expandedCategory, + }; + }, + }, + target: '#hasCategory.fetchingDocuments', + }, + { target: 'idle' }, + ], + }, + hasCategory: { + id: 'hasCategory', + initial: 'fetchingDocuments', + on: { + setExpandedCategory: { + target: 'checkingCategoryState', + actions: [ + { + type: 'storeCategory', + params: ({ event }) => event, + }, + ], + }, + }, + states: { + fetchingDocuments: { + invoke: { + src: 'getCategoryDocuments', + id: 'fetchCategoryDocumentExamples', + input: ({ context }) => ({ + ...context.parameters, + categoryTerms: context.expandedCategory!.terms, + }), + onDone: [ + { + guard: { + type: 'hasDocumentExamples', + params: ({ event }) => { + return event.output; + }, + }, + target: 'hasData', + actions: [ + { + type: 'storeDocuments', + params: ({ event }) => { + return event.output; + }, + }, + ], + }, + { + target: 'noData', + actions: [ + { + type: 'storeDocuments', + params: ({ event }) => { + return { categoryDocuments: [] }; + }, + }, + ], + }, + ], + onError: { + target: 'error', + actions: [ + { + type: 'storeError', + params: ({ event }) => ({ error: event.error }), + }, + ], + }, + }, + }, + hasData: {}, + noData: {}, + error: {}, + }, + }, + }, + output: ({ context }) => ({ + categoryDocuments: context.categoryDocuments, + }), +}); + +export const createCategoryDetailsServiceImplementations = ({ + search, +}: CategoryDetailsServiceDependencies): MachineImplementationsFrom< + typeof categoryDetailsService +> => ({ + actors: { + getCategoryDocuments: getCategoryDocuments({ search }), + }, +}); diff --git a/x-pack/packages/observability/logs_overview/src/services/category_details_service/category_documents.ts b/x-pack/packages/observability/logs_overview/src/services/category_details_service/category_documents.ts new file mode 100644 index 00000000000000..b513fa79fc686a --- /dev/null +++ b/x-pack/packages/observability/logs_overview/src/services/category_details_service/category_documents.ts @@ -0,0 +1,63 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { ISearchGeneric } from '@kbn/search-types'; +import { fromPromise } from 'xstate5'; +import { lastValueFrom } from 'rxjs'; +import { flattenHit } from '@kbn/data-service'; +import { LogCategoryDocument, LogCategoryDocumentsParams } from './types'; +import { createGetLogCategoryDocumentsRequestParams } from './queries'; + +export const getCategoryDocuments = ({ search }: { search: ISearchGeneric }) => + fromPromise< + { + categoryDocuments: LogCategoryDocument[]; + }, + LogCategoryDocumentsParams + >( + async ({ + input: { + index, + endTimestamp, + startTimestamp, + timeField, + messageField, + categoryTerms, + additionalFilters = [], + dataView, + }, + signal, + }) => { + const requestParams = createGetLogCategoryDocumentsRequestParams({ + index, + timeField, + messageField, + startTimestamp, + endTimestamp, + additionalFilters, + categoryTerms, + }); + + const { rawResponse } = await lastValueFrom( + search({ params: requestParams }, { abortSignal: signal }) + ); + + const categoryDocuments: LogCategoryDocument[] = + rawResponse.hits?.hits.map((hit) => { + return { + row: { + raw: hit._source, + flattened: flattenHit(hit, dataView), + }, + }; + }) ?? []; + + return { + categoryDocuments, + }; + } + ); diff --git a/x-pack/test_serverless/functional/test_suites/security/cypress/screens/landing_page.ts b/x-pack/packages/observability/logs_overview/src/services/category_details_service/index.ts similarity index 76% rename from x-pack/test_serverless/functional/test_suites/security/cypress/screens/landing_page.ts rename to x-pack/packages/observability/logs_overview/src/services/category_details_service/index.ts index 5b7450bd0492d5..5df79dbab2cbd9 100644 --- a/x-pack/test_serverless/functional/test_suites/security/cypress/screens/landing_page.ts +++ b/x-pack/packages/observability/logs_overview/src/services/category_details_service/index.ts @@ -5,4 +5,4 @@ * 2.0. */ -export const LEFT_NAVIGATION = '[data-test-subj="securitySolutionNavHeading"]'; +export * from './category_details_service'; diff --git a/x-pack/packages/observability/logs_overview/src/services/category_details_service/queries.ts b/x-pack/packages/observability/logs_overview/src/services/category_details_service/queries.ts new file mode 100644 index 00000000000000..cd1053077c3340 --- /dev/null +++ b/x-pack/packages/observability/logs_overview/src/services/category_details_service/queries.ts @@ -0,0 +1,58 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { QueryDslQueryContainer } from '@elastic/elasticsearch/lib/api/types'; +import { createCategoryQuery } from '../categorize_logs_service/queries'; + +export const createGetLogCategoryDocumentsRequestParams = ({ + index, + timeField, + messageField, + startTimestamp, + endTimestamp, + additionalFilters = [], + categoryTerms = '', + documentCount = 20, +}: { + startTimestamp: string; + endTimestamp: string; + index: string; + timeField: string; + messageField: string; + additionalFilters?: QueryDslQueryContainer[]; + categoryTerms?: string; + documentCount?: number; +}) => { + return { + index, + size: documentCount, + track_total_hits: false, + sort: [{ [timeField]: { order: 'desc' } }], + query: { + bool: { + filter: [ + { + exists: { + field: messageField, + }, + }, + { + range: { + [timeField]: { + gte: startTimestamp, + lte: endTimestamp, + format: 'strict_date_time', + }, + }, + }, + createCategoryQuery(messageField)(categoryTerms), + ...additionalFilters, + ], + }, + }, + }; +}; diff --git a/x-pack/packages/observability/logs_overview/src/services/category_details_service/types.ts b/x-pack/packages/observability/logs_overview/src/services/category_details_service/types.ts new file mode 100644 index 00000000000000..72369275578e36 --- /dev/null +++ b/x-pack/packages/observability/logs_overview/src/services/category_details_service/types.ts @@ -0,0 +1,31 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { QueryDslQueryContainer } from '@elastic/elasticsearch/lib/api/types'; +import { ISearchGeneric } from '@kbn/search-types'; +import { type DataView } from '@kbn/data-views-plugin/common'; +import type { DataTableRecord } from '@kbn/discover-utils'; + +export interface LogCategoryDocument { + row: Pick; +} + +export interface LogCategoryDetailsParams { + additionalFilters: QueryDslQueryContainer[]; + endTimestamp: string; + index: string; + messageField: string; + startTimestamp: string; + timeField: string; + dataView: DataView; +} + +export interface CategoryDetailsServiceDependencies { + search: ISearchGeneric; +} + +export type LogCategoryDocumentsParams = LogCategoryDetailsParams & { categoryTerms: string }; diff --git a/x-pack/packages/observability/logs_overview/src/utils/log_category.ts b/x-pack/packages/observability/logs_overview/src/utils/log_category.ts new file mode 100644 index 00000000000000..3a5e72522d78e4 --- /dev/null +++ b/x-pack/packages/observability/logs_overview/src/utils/log_category.ts @@ -0,0 +1,12 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { LogCategory } from '../types'; + +export const getLogCategoryTerms = (logCategory: LogCategory) => { + return logCategory.terms.split(' '); +}; diff --git a/x-pack/packages/observability/logs_overview/src/utils/logs_source.ts b/x-pack/packages/observability/logs_overview/src/utils/logs_source.ts index 0c8767c8702d4c..15c318766be0e5 100644 --- a/x-pack/packages/observability/logs_overview/src/utils/logs_source.ts +++ b/x-pack/packages/observability/logs_overview/src/utils/logs_source.ts @@ -5,7 +5,7 @@ * 2.0. */ -import { type AbstractDataView } from '@kbn/data-views-plugin/common'; +import { type DataViewsContract, type DataView } from '@kbn/data-views-plugin/common'; import { LogsDataAccessPluginStart } from '@kbn/logs-data-access-plugin/public'; export type LogsSourceConfiguration = @@ -28,33 +28,68 @@ export interface IndexNameLogsSourceConfiguration { export interface DataViewLogsSourceConfiguration { type: 'data_view'; - dataView: AbstractDataView; + dataView: DataView; messageField?: string; } +export type ResolvedIndexNameLogsSourceConfiguration = IndexNameLogsSourceConfiguration & { + dataView: DataView; +}; + export const normalizeLogsSource = - ({ logsDataAccess }: { logsDataAccess: LogsDataAccessPluginStart }) => - async (logsSource: LogsSourceConfiguration): Promise => { + ({ + logsDataAccess, + dataViewsService, + }: { + logsDataAccess: LogsDataAccessPluginStart; + dataViewsService: DataViewsContract; + }) => + async ( + logsSource: LogsSourceConfiguration + ): Promise => { switch (logsSource.type) { case 'index_name': - return logsSource; + return { + ...logsSource, + dataView: await getDataViewForLogSource(logsSource, dataViewsService), + }; case 'shared_setting': const logSourcesFromSharedSettings = await logsDataAccess.services.logSourcesService.getLogSources(); - return { - type: 'index_name', + const sharedSettingLogsSource = { + type: 'index_name' as const, indexName: logSourcesFromSharedSettings .map((logSource) => logSource.indexPattern) .join(','), timestampField: logsSource.timestampField ?? '@timestamp', messageField: logsSource.messageField ?? 'message', }; - case 'data_view': return { - type: 'index_name', + ...sharedSettingLogsSource, + dataView: await getDataViewForLogSource(sharedSettingLogsSource, dataViewsService), + }; + case 'data_view': + const dataViewLogsSource = { + type: 'index_name' as const, indexName: logsSource.dataView.getIndexPattern(), timestampField: logsSource.dataView.timeFieldName ?? '@timestamp', messageField: logsSource.messageField ?? 'message', }; + return { + ...dataViewLogsSource, + dataView: logsSource.dataView, + }; } }; + +// Ad-hoc Data View +const getDataViewForLogSource = async ( + logSourceConfiguration: IndexNameLogsSourceConfiguration, + dataViewsService: DataViewsContract +) => { + const dataView = await dataViewsService.create({ + title: logSourceConfiguration.indexName, + timeFieldName: logSourceConfiguration.timestampField, + }); + return dataView; +}; diff --git a/x-pack/packages/observability/logs_overview/tsconfig.json b/x-pack/packages/observability/logs_overview/tsconfig.json index 886062ae8855fd..29595ce0162fe2 100644 --- a/x-pack/packages/observability/logs_overview/tsconfig.json +++ b/x-pack/packages/observability/logs_overview/tsconfig.json @@ -31,9 +31,15 @@ "@kbn/ml-random-sampler-utils", "@kbn/zod", "@kbn/calculate-auto", - "@kbn/discover-plugin", "@kbn/es-query", "@kbn/router-utils", "@kbn/share-plugin", + "@kbn/field-formats-plugin", + "@kbn/data-service", + "@kbn/discover-utils", + "@kbn/discover-plugin", + "@kbn/unified-data-table", + "@kbn/discover-contextual-components", + "@kbn/core-lifecycle-browser", ] } diff --git a/x-pack/packages/security-solution/side_nav/src/solution_side_nav.test.tsx b/x-pack/packages/security-solution/side_nav/src/solution_side_nav.test.tsx index 91ba09202a13eb..b5db8e66f10dd0 100644 --- a/x-pack/packages/security-solution/side_nav/src/solution_side_nav.test.tsx +++ b/x-pack/packages/security-solution/side_nav/src/solution_side_nav.test.tsx @@ -167,11 +167,5 @@ describe('SolutionSideNav', () => { expect(result.queryByTestId('solutionSideNavPanel')).toBeInTheDocument(); expect(result.getByText('Users')).toBeInTheDocument(); }); - - it('should call onMount when function is provided', () => { - const onMount = jest.fn(); - renderNav({ onMount }); - expect(onMount).toHaveBeenCalled(); - }); }); }); diff --git a/x-pack/packages/security-solution/side_nav/src/solution_side_nav.tsx b/x-pack/packages/security-solution/side_nav/src/solution_side_nav.tsx index 1615df71011f7a..0b06dfd75169a5 100644 --- a/x-pack/packages/security-solution/side_nav/src/solution_side_nav.tsx +++ b/x-pack/packages/security-solution/side_nav/src/solution_side_nav.tsx @@ -5,7 +5,7 @@ * 2.0. */ -import React, { useCallback, useEffect, useMemo, useRef, useState } from 'react'; +import React, { useCallback, useMemo, useRef, useState } from 'react'; import { EuiListGroup, EuiFlexGroup, @@ -50,7 +50,6 @@ export interface SolutionSideNavProps { * e.g.: usageCollection?.reportUiCounter?.bind(null, appId) * */ tracker?: Tracker; - onMount?: () => void; } type ActivePanelNav = string | null; /** @@ -63,7 +62,6 @@ export const SolutionSideNav: React.FC = React.memo(functi panelBottomOffset, panelTopOffset, tracker, - onMount, }) { const isMobileSize = useIsWithinBreakpoints(['xs', 's']); @@ -75,10 +73,6 @@ export const SolutionSideNav: React.FC = React.memo(functi setActivePanelNavId(id); }; - useEffect(() => { - if (onMount) onMount(); - }, [onMount]); - const onClosePanelNav = useCallback(() => { activePanelNavIdRef.current = null; setActivePanelNavId(null); diff --git a/x-pack/plugins/actions/common/index.ts b/x-pack/plugins/actions/common/index.ts index b56f6c61238c29..336ff003962a09 100644 --- a/x-pack/plugins/actions/common/index.ts +++ b/x-pack/plugins/actions/common/index.ts @@ -15,6 +15,7 @@ export * from './mustache_template'; export * from './validate_email_addresses'; export * from './connector_feature_config'; export * from './execution_log_types'; +export * from './validate_empty_strings'; export const BASE_ACTION_API_PATH = '/api/actions'; export const INTERNAL_BASE_ACTION_API_PATH = '/internal/actions'; diff --git a/x-pack/plugins/actions/common/routes/connector/apis/create/index.ts b/x-pack/plugins/actions/common/routes/connector/apis/create/index.ts new file mode 100644 index 00000000000000..a40970eadc099a --- /dev/null +++ b/x-pack/plugins/actions/common/routes/connector/apis/create/index.ts @@ -0,0 +1,21 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +export { + createConnectorRequestParamsSchema, + createConnectorRequestBodySchema, +} from './schemas/latest'; +export type { CreateConnectorRequestParams, CreateConnectorRequestBody } from './types/latest'; + +export { + createConnectorRequestParamsSchema as createConnectorRequestParamsSchemaV1, + createConnectorRequestBodySchema as createConnectorRequestBodySchemaV1, +} from './schemas/v1'; +export type { + CreateConnectorRequestParams as CreateConnectorRequestParamsV1, + CreateConnectorRequestBody as CreateConnectorRequestBodyV1, +} from './types/v1'; diff --git a/x-pack/test_serverless/functional/test_suites/security/cypress/screens/index.ts b/x-pack/plugins/actions/common/routes/connector/apis/create/schemas/latest.ts similarity index 88% rename from x-pack/test_serverless/functional/test_suites/security/cypress/screens/index.ts rename to x-pack/plugins/actions/common/routes/connector/apis/create/schemas/latest.ts index 194bf6301191a6..25300c97a6d2e1 100644 --- a/x-pack/test_serverless/functional/test_suites/security/cypress/screens/index.ts +++ b/x-pack/plugins/actions/common/routes/connector/apis/create/schemas/latest.ts @@ -5,4 +5,4 @@ * 2.0. */ -export * from './landing_page'; +export * from './v1'; diff --git a/x-pack/plugins/actions/common/routes/connector/apis/create/schemas/v1.ts b/x-pack/plugins/actions/common/routes/connector/apis/create/schemas/v1.ts new file mode 100644 index 00000000000000..ec74ba1a9279fc --- /dev/null +++ b/x-pack/plugins/actions/common/routes/connector/apis/create/schemas/v1.ts @@ -0,0 +1,32 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { schema } from '@kbn/config-schema'; +import { validateEmptyStrings } from '../../../../../validate_empty_strings'; + +export const createConnectorRequestParamsSchema = schema.maybe( + schema.object({ + id: schema.maybe(schema.string({ meta: { description: 'An identifier for the connector.' } })), + }) +); + +export const createConnectorRequestBodySchema = schema.object({ + name: schema.string({ + validate: validateEmptyStrings, + meta: { description: 'The display name for the connector.' }, + }), + connector_type_id: schema.string({ + validate: validateEmptyStrings, + meta: { description: 'The type of connector.' }, + }), + config: schema.recordOf(schema.string(), schema.any({ validate: validateEmptyStrings }), { + defaultValue: {}, + }), + secrets: schema.recordOf(schema.string(), schema.any({ validate: validateEmptyStrings }), { + defaultValue: {}, + }), +}); diff --git a/x-pack/plugins/actions/server/routes/connector/get/transforms/transform_connector_response/latest.ts b/x-pack/plugins/actions/common/routes/connector/apis/create/types/latest.ts similarity index 82% rename from x-pack/plugins/actions/server/routes/connector/get/transforms/transform_connector_response/latest.ts rename to x-pack/plugins/actions/common/routes/connector/apis/create/types/latest.ts index 8a64b2c81df0c6..25300c97a6d2e1 100644 --- a/x-pack/plugins/actions/server/routes/connector/get/transforms/transform_connector_response/latest.ts +++ b/x-pack/plugins/actions/common/routes/connector/apis/create/types/latest.ts @@ -5,4 +5,4 @@ * 2.0. */ -export { transformGetConnectorResponse } from './v1'; +export * from './v1'; diff --git a/x-pack/plugins/actions/common/routes/connector/apis/create/types/v1.ts b/x-pack/plugins/actions/common/routes/connector/apis/create/types/v1.ts new file mode 100644 index 00000000000000..2166ee5a712a6b --- /dev/null +++ b/x-pack/plugins/actions/common/routes/connector/apis/create/types/v1.ts @@ -0,0 +1,12 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import type { TypeOf } from '@kbn/config-schema'; +import { createConnectorRequestParamsSchemaV1, createConnectorRequestBodySchemaV1 } from '..'; + +export type CreateConnectorRequestParams = TypeOf; +export type CreateConnectorRequestBody = TypeOf; diff --git a/x-pack/plugins/actions/server/actions_client/actions_client.ts b/x-pack/plugins/actions/server/actions_client/actions_client.ts index edad072acbca6a..de029ed2acf542 100644 --- a/x-pack/plugins/actions/server/actions_client/actions_client.ts +++ b/x-pack/plugins/actions/server/actions_client/actions_client.ts @@ -14,9 +14,7 @@ import { compact, uniq } from 'lodash'; import { IScopedClusterClient, SavedObjectsClientContract, - SavedObjectAttributes, KibanaRequest, - SavedObjectsUtils, Logger, } from '@kbn/core/server'; import { AuditLogger } from '@kbn/security-plugin/server'; @@ -29,6 +27,7 @@ import { get } from '../application/connector/methods/get'; import { getAll, getAllSystemConnectors } from '../application/connector/methods/get_all'; import { update } from '../application/connector/methods/update'; import { listTypes } from '../application/connector/methods/list_types'; +import { create } from '../application/connector/methods/create'; import { execute } from '../application/connector/methods/execute'; import { GetGlobalExecutionKPIParams, @@ -36,15 +35,7 @@ import { IExecutionLogResult, } from '../../common'; import { ActionTypeRegistry } from '../action_type_registry'; -import { - validateConfig, - validateSecrets, - ActionExecutorContract, - validateConnector, - ActionExecutionSource, - parseDate, - tryCatch, -} from '../lib'; +import { ActionExecutorContract, ActionExecutionSource, parseDate } from '../lib'; import { ActionResult, RawAction, @@ -94,20 +85,11 @@ import { import { connectorFromSavedObject, isConnectorDeprecated } from '../application/connector/lib'; import { ListTypesParams } from '../application/connector/methods/list_types/types'; import { ConnectorUpdateParams } from '../application/connector/methods/update/types'; -import { ConnectorUpdate } from '../application/connector/methods/update/types/types'; +import { ConnectorCreateParams } from '../application/connector/methods/create/types'; import { isPreconfigured } from '../lib/is_preconfigured'; import { isSystemAction } from '../lib/is_system_action'; import { ConnectorExecuteParams } from '../application/connector/methods/execute/types'; -interface Action extends ConnectorUpdate { - actionTypeId: string; -} - -export interface CreateOptions { - action: Action; - options?: { id?: string }; -} - export interface ConstructorOptions { logger: Logger; kibanaIndices: string[]; @@ -187,156 +169,10 @@ export class ActionsClient { * Create an action */ public async create({ - action: { actionTypeId, name, config, secrets }, + action, options, - }: CreateOptions): Promise { - const id = options?.id || SavedObjectsUtils.generateId(); - - try { - await this.context.authorization.ensureAuthorized({ - operation: 'create', - actionTypeId, - }); - } catch (error) { - this.context.auditLogger?.log( - connectorAuditEvent({ - action: ConnectorAuditAction.CREATE, - savedObject: { type: 'action', id }, - error, - }) - ); - throw error; - } - - const foundInMemoryConnector = this.context.inMemoryConnectors.find( - (connector) => connector.id === id - ); - - if ( - this.context.actionTypeRegistry.isSystemActionType(actionTypeId) || - foundInMemoryConnector?.isSystemAction - ) { - throw Boom.badRequest( - i18n.translate('xpack.actions.serverSideErrors.systemActionCreationForbidden', { - defaultMessage: 'System action creation is forbidden. Action type: {actionTypeId}.', - values: { - actionTypeId, - }, - }) - ); - } - - if (foundInMemoryConnector?.isPreconfigured) { - throw Boom.badRequest( - i18n.translate('xpack.actions.serverSideErrors.predefinedIdConnectorAlreadyExists', { - defaultMessage: 'This {id} already exists in a preconfigured action.', - values: { - id, - }, - }) - ); - } - - const actionType = this.context.actionTypeRegistry.get(actionTypeId); - const configurationUtilities = this.context.actionTypeRegistry.getUtils(); - const validatedActionTypeConfig = validateConfig(actionType, config, { - configurationUtilities, - }); - const validatedActionTypeSecrets = validateSecrets(actionType, secrets, { - configurationUtilities, - }); - if (actionType.validate?.connector) { - validateConnector(actionType, { config, secrets }); - } - this.context.actionTypeRegistry.ensureActionTypeEnabled(actionTypeId); - - const hookServices: HookServices = { - scopedClusterClient: this.context.scopedClusterClient, - }; - - if (actionType.preSaveHook) { - try { - await actionType.preSaveHook({ - connectorId: id, - config, - secrets, - logger: this.context.logger, - request: this.context.request, - services: hookServices, - isUpdate: false, - }); - } catch (error) { - this.context.auditLogger?.log( - connectorAuditEvent({ - action: ConnectorAuditAction.CREATE, - savedObject: { type: 'action', id }, - error, - }) - ); - throw error; - } - } - - this.context.auditLogger?.log( - connectorAuditEvent({ - action: ConnectorAuditAction.CREATE, - savedObject: { type: 'action', id }, - outcome: 'unknown', - }) - ); - - const result = await tryCatch( - async () => - await this.context.unsecuredSavedObjectsClient.create( - 'action', - { - actionTypeId, - name, - isMissingSecrets: false, - config: validatedActionTypeConfig as SavedObjectAttributes, - secrets: validatedActionTypeSecrets as SavedObjectAttributes, - }, - { id } - ) - ); - - const wasSuccessful = !(result instanceof Error); - const label = `connectorId: "${id}"; type: ${actionTypeId}`; - const tags = ['post-save-hook', id]; - - if (actionType.postSaveHook) { - try { - await actionType.postSaveHook({ - connectorId: id, - config, - secrets, - logger: this.context.logger, - request: this.context.request, - services: hookServices, - isUpdate: false, - wasSuccessful, - }); - } catch (err) { - this.context.logger.error(`postSaveHook create error for ${label}: ${err.message}`, { - tags, - }); - } - } - - if (!wasSuccessful) { - throw result; - } - - return { - id: result.id, - actionTypeId: result.attributes.actionTypeId, - isMissingSecrets: result.attributes.isMissingSecrets, - name: result.attributes.name, - config: result.attributes.config, - isPreconfigured: false, - isSystemAction: false, - isDeprecated: isConnectorDeprecated(result.attributes), - }; + }: Omit): Promise { + return create({ context: this.context, action, options }); } /** diff --git a/x-pack/plugins/actions/server/application/connector/methods/create/create.ts b/x-pack/plugins/actions/server/application/connector/methods/create/create.ts new file mode 100644 index 00000000000000..3032b38cb36f2d --- /dev/null +++ b/x-pack/plugins/actions/server/application/connector/methods/create/create.ts @@ -0,0 +1,170 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import Boom from '@hapi/boom'; +import { i18n } from '@kbn/i18n'; +import { SavedObjectAttributes, SavedObjectsUtils } from '@kbn/core/server'; +import { ConnectorCreateParams } from './types'; +import { ConnectorAuditAction, connectorAuditEvent } from '../../../../lib/audit_events'; +import { validateConfig, validateConnector, validateSecrets } from '../../../../lib'; +import { isConnectorDeprecated } from '../../lib'; +import { HookServices, ActionResult } from '../../../../types'; +import { tryCatch } from '../../../../lib'; + +export async function create({ + context, + action: { actionTypeId, name, config, secrets }, + options, +}: ConnectorCreateParams): Promise { + const id = options?.id || SavedObjectsUtils.generateId(); + + try { + await context.authorization.ensureAuthorized({ + operation: 'create', + actionTypeId, + }); + } catch (error) { + context.auditLogger?.log( + connectorAuditEvent({ + action: ConnectorAuditAction.CREATE, + savedObject: { type: 'action', id }, + error, + }) + ); + throw error; + } + + const foundInMemoryConnector = context.inMemoryConnectors.find( + (connector) => connector.id === id + ); + + if ( + context.actionTypeRegistry.isSystemActionType(actionTypeId) || + foundInMemoryConnector?.isSystemAction + ) { + throw Boom.badRequest( + i18n.translate('xpack.actions.serverSideErrors.systemActionCreationForbidden', { + defaultMessage: 'System action creation is forbidden. Action type: {actionTypeId}.', + values: { + actionTypeId, + }, + }) + ); + } + + if (foundInMemoryConnector?.isPreconfigured) { + throw Boom.badRequest( + i18n.translate('xpack.actions.serverSideErrors.predefinedIdConnectorAlreadyExists', { + defaultMessage: 'This {id} already exists in a preconfigured action.', + values: { + id, + }, + }) + ); + } + + const actionType = context.actionTypeRegistry.get(actionTypeId); + const configurationUtilities = context.actionTypeRegistry.getUtils(); + const validatedActionTypeConfig = validateConfig(actionType, config, { + configurationUtilities, + }); + const validatedActionTypeSecrets = validateSecrets(actionType, secrets, { + configurationUtilities, + }); + if (actionType.validate?.connector) { + validateConnector(actionType, { config, secrets }); + } + context.actionTypeRegistry.ensureActionTypeEnabled(actionTypeId); + + const hookServices: HookServices = { + scopedClusterClient: context.scopedClusterClient, + }; + + if (actionType.preSaveHook) { + try { + await actionType.preSaveHook({ + connectorId: id, + config, + secrets, + logger: context.logger, + request: context.request, + services: hookServices, + isUpdate: false, + }); + } catch (error) { + context.auditLogger?.log( + connectorAuditEvent({ + action: ConnectorAuditAction.CREATE, + savedObject: { type: 'action', id }, + error, + }) + ); + throw error; + } + } + + context.auditLogger?.log( + connectorAuditEvent({ + action: ConnectorAuditAction.CREATE, + savedObject: { type: 'action', id }, + outcome: 'unknown', + }) + ); + + const result = await tryCatch( + async () => + await context.unsecuredSavedObjectsClient.create( + 'action', + { + actionTypeId, + name, + isMissingSecrets: false, + config: validatedActionTypeConfig as SavedObjectAttributes, + secrets: validatedActionTypeSecrets as SavedObjectAttributes, + }, + { id } + ) + ); + + const wasSuccessful = !(result instanceof Error); + const label = `connectorId: "${id}"; type: ${actionTypeId}`; + const tags = ['post-save-hook', id]; + + if (actionType.postSaveHook) { + try { + await actionType.postSaveHook({ + connectorId: id, + config, + secrets, + logger: context.logger, + request: context.request, + services: hookServices, + isUpdate: false, + wasSuccessful, + }); + } catch (err) { + context.logger.error(`postSaveHook create error for ${label}: ${err.message}`, { + tags, + }); + } + } + + if (!wasSuccessful) { + throw result; + } + + return { + id: result.id, + actionTypeId: result.attributes.actionTypeId, + isMissingSecrets: result.attributes.isMissingSecrets, + name: result.attributes.name, + config: result.attributes.config, + isPreconfigured: false, + isSystemAction: false, + isDeprecated: isConnectorDeprecated(result.attributes), + }; +} diff --git a/x-pack/test_serverless/functional/test_suites/security/cypress/tasks/navigation.ts b/x-pack/plugins/actions/server/application/connector/methods/create/index.ts similarity index 73% rename from x-pack/test_serverless/functional/test_suites/security/cypress/tasks/navigation.ts rename to x-pack/plugins/actions/server/application/connector/methods/create/index.ts index af00f418747c54..97fcd17a794990 100644 --- a/x-pack/test_serverless/functional/test_suites/security/cypress/tasks/navigation.ts +++ b/x-pack/plugins/actions/server/application/connector/methods/create/index.ts @@ -5,6 +5,4 @@ * 2.0. */ -export const navigatesToLandingPage = () => { - cy.visit('/app/security/get_started'); -}; +export { create } from './create'; diff --git a/x-pack/plugins/actions/server/application/connector/methods/create/types/index.ts b/x-pack/plugins/actions/server/application/connector/methods/create/types/index.ts new file mode 100644 index 00000000000000..707a3fd770f2dc --- /dev/null +++ b/x-pack/plugins/actions/server/application/connector/methods/create/types/index.ts @@ -0,0 +1,8 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +export type { ConnectorCreateParams } from './types'; diff --git a/x-pack/plugins/actions/server/application/connector/methods/create/types/types.ts b/x-pack/plugins/actions/server/application/connector/methods/create/types/types.ts new file mode 100644 index 00000000000000..2dc68d59ebe47f --- /dev/null +++ b/x-pack/plugins/actions/server/application/connector/methods/create/types/types.ts @@ -0,0 +1,22 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { SavedObjectAttributes } from '@kbn/core/server'; +import { ActionsClientContext } from '../../../../../actions_client'; + +export interface ConnectorCreate { + actionTypeId: string; + name: string; + config: SavedObjectAttributes; + secrets: SavedObjectAttributes; +} + +export interface ConnectorCreateParams { + context: ActionsClientContext; + action: ConnectorCreate; + options?: { id?: string }; +} diff --git a/x-pack/plugins/actions/server/routes/connector/common_transforms/index.ts b/x-pack/plugins/actions/server/routes/connector/common_transforms/index.ts new file mode 100644 index 00000000000000..0e26b4ee295a68 --- /dev/null +++ b/x-pack/plugins/actions/server/routes/connector/common_transforms/index.ts @@ -0,0 +1,10 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +export { transformConnectorResponse } from './transform_connector_response/latest'; + +export { transformConnectorResponse as transformConnectorResponseV1 } from './transform_connector_response/v1'; diff --git a/x-pack/plugins/actions/server/routes/connector/common_transforms/transform_connector_response/latest.ts b/x-pack/plugins/actions/server/routes/connector/common_transforms/transform_connector_response/latest.ts new file mode 100644 index 00000000000000..99b38410e71a83 --- /dev/null +++ b/x-pack/plugins/actions/server/routes/connector/common_transforms/transform_connector_response/latest.ts @@ -0,0 +1,8 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +export { transformConnectorResponse } from './v1'; diff --git a/x-pack/plugins/actions/server/routes/connector/get/transforms/transform_connector_response/v1.ts b/x-pack/plugins/actions/server/routes/connector/common_transforms/transform_connector_response/v1.ts similarity index 73% rename from x-pack/plugins/actions/server/routes/connector/get/transforms/transform_connector_response/v1.ts rename to x-pack/plugins/actions/server/routes/connector/common_transforms/transform_connector_response/v1.ts index ab6f6332280d1f..08b32a10e7e458 100644 --- a/x-pack/plugins/actions/server/routes/connector/get/transforms/transform_connector_response/v1.ts +++ b/x-pack/plugins/actions/server/routes/connector/common_transforms/transform_connector_response/v1.ts @@ -5,10 +5,10 @@ * 2.0. */ -import { ConnectorResponseV1 } from '../../../../../../common/routes/connector/response'; -import { Connector } from '../../../../../application/connector/types'; +import { ConnectorResponseV1 } from '../../../../../common/routes/connector/response'; +import { Connector } from '../../../../application/connector/types'; -export const transformGetConnectorResponse = ({ +export const transformConnectorResponse = ({ actionTypeId, isPreconfigured, isMissingSecrets, diff --git a/x-pack/plugins/actions/server/routes/create.test.ts b/x-pack/plugins/actions/server/routes/connector/create/create.test.ts similarity index 84% rename from x-pack/plugins/actions/server/routes/create.test.ts rename to x-pack/plugins/actions/server/routes/connector/create/create.test.ts index 7d9c7fd1a5899b..0f97015bd4f013 100644 --- a/x-pack/plugins/actions/server/routes/create.test.ts +++ b/x-pack/plugins/actions/server/routes/connector/create/create.test.ts @@ -5,15 +5,16 @@ * 2.0. */ -import { createActionRoute, bodySchema } from './create'; +import { createConnectorRoute } from './create'; import { httpServiceMock } from '@kbn/core/server/mocks'; -import { licenseStateMock } from '../lib/license_state.mock'; -import { mockHandlerArguments } from './legacy/_mock_handler_arguments'; -import { verifyAccessAndContext } from './verify_access_and_context'; +import { licenseStateMock } from '../../../lib/license_state.mock'; +import { mockHandlerArguments } from '../../legacy/_mock_handler_arguments'; +import { verifyAccessAndContext } from '../../verify_access_and_context'; import { omit } from 'lodash'; -import { actionsClientMock } from '../actions_client/actions_client.mock'; +import { actionsClientMock } from '../../../actions_client/actions_client.mock'; +import { createConnectorRequestBodySchemaV1 } from '../../../../common/routes/connector/apis/create'; -jest.mock('./verify_access_and_context', () => ({ +jest.mock('../../verify_access_and_context', () => ({ verifyAccessAndContext: jest.fn(), })); @@ -22,12 +23,12 @@ beforeEach(() => { (verifyAccessAndContext as jest.Mock).mockImplementation((license, handler) => handler); }); -describe('createActionRoute', () => { +describe('createConnectorRoute', () => { it('creates an action with proper parameters', async () => { const licenseState = licenseStateMock.create(); const router = httpServiceMock.createRouter(); - createActionRoute(router, licenseState); + createConnectorRoute(router, licenseState); const [config, handler] = router.post.mock.calls[0]; @@ -103,7 +104,7 @@ describe('createActionRoute', () => { const licenseState = licenseStateMock.create(); const router = httpServiceMock.createRouter(); - createActionRoute(router, licenseState); + createConnectorRoute(router, licenseState); const [, handler] = router.post.mock.calls[0]; @@ -144,7 +145,7 @@ describe('createActionRoute', () => { throw new Error('OMG'); }); - createActionRoute(router, licenseState); + createConnectorRoute(router, licenseState); const [, handler] = router.post.mock.calls[0]; @@ -182,8 +183,8 @@ describe('createActionRoute', () => { config: { foo: ' ' }, secrets: {}, }; - expect(() => bodySchema.validate(body)).toThrowErrorMatchingInlineSnapshot( - `"[config.foo]: value '' is not valid"` - ); + expect(() => + createConnectorRequestBodySchemaV1.validate(body) + ).toThrowErrorMatchingInlineSnapshot(`"[config.foo]: value '' is not valid"`); }); }); diff --git a/x-pack/plugins/actions/server/routes/connector/create/create.ts b/x-pack/plugins/actions/server/routes/connector/create/create.ts new file mode 100644 index 00000000000000..cd5073506c03f5 --- /dev/null +++ b/x-pack/plugins/actions/server/routes/connector/create/create.ts @@ -0,0 +1,58 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { IRouter } from '@kbn/core/server'; +import { ActionsRequestHandlerContext } from '../../../types'; +import { ILicenseState } from '../../../lib'; +import { BASE_ACTION_API_PATH } from '../../../../common'; +import { verifyAccessAndContext } from '../../verify_access_and_context'; +import { connectorResponseSchemaV1 } from '../../../../common/routes/connector/response'; +import { transformConnectorResponseV1 } from '../common_transforms'; +import { + createConnectorRequestParamsSchemaV1, + createConnectorRequestBodySchemaV1, +} from '../../../../common/routes/connector/apis/create'; +import { transformCreateConnectorBodyV1 } from './transforms'; + +export const createConnectorRoute = ( + router: IRouter, + licenseState: ILicenseState +) => { + router.post( + { + path: `${BASE_ACTION_API_PATH}/connector/{id?}`, + options: { + access: 'public', + summary: 'Create a connector', + tags: ['oas-tag:connectors'], + }, + validate: { + request: { + params: createConnectorRequestParamsSchemaV1, + body: createConnectorRequestBodySchemaV1, + }, + response: { + 200: { + description: 'Indicates a successful call.', + body: () => connectorResponseSchemaV1, + }, + }, + }, + }, + router.handleLegacyErrors( + verifyAccessAndContext(licenseState, async function (context, req, res) { + const actionsClient = (await context.actions).getActionsClient(); + const action = transformCreateConnectorBodyV1(req.body); + return res.ok({ + body: transformConnectorResponseV1( + await actionsClient.create({ action, options: req.params }) + ), + }); + }) + ) + ); +}; diff --git a/x-pack/plugins/actions/server/routes/connector/create/index.ts b/x-pack/plugins/actions/server/routes/connector/create/index.ts new file mode 100644 index 00000000000000..47f4f6a55eb716 --- /dev/null +++ b/x-pack/plugins/actions/server/routes/connector/create/index.ts @@ -0,0 +1,8 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +export { createConnectorRoute } from './create'; diff --git a/x-pack/plugins/actions/server/routes/connector/create/transforms/index.ts b/x-pack/plugins/actions/server/routes/connector/create/transforms/index.ts new file mode 100644 index 00000000000000..76f6e098f0564a --- /dev/null +++ b/x-pack/plugins/actions/server/routes/connector/create/transforms/index.ts @@ -0,0 +1,10 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +export { transformCreateConnectorBody } from './transform_connector_body/latest'; + +export { transformCreateConnectorBody as transformCreateConnectorBodyV1 } from './transform_connector_body/v1'; diff --git a/x-pack/plugins/actions/server/routes/connector/create/transforms/transform_connector_body/latest.ts b/x-pack/plugins/actions/server/routes/connector/create/transforms/transform_connector_body/latest.ts new file mode 100644 index 00000000000000..4584455ddf5c25 --- /dev/null +++ b/x-pack/plugins/actions/server/routes/connector/create/transforms/transform_connector_body/latest.ts @@ -0,0 +1,8 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +export { transformCreateConnectorBody } from './v1'; diff --git a/x-pack/plugins/actions/server/routes/connector/create/transforms/transform_connector_body/v1.ts b/x-pack/plugins/actions/server/routes/connector/create/transforms/transform_connector_body/v1.ts new file mode 100644 index 00000000000000..07d7a5e7afa4ce --- /dev/null +++ b/x-pack/plugins/actions/server/routes/connector/create/transforms/transform_connector_body/v1.ts @@ -0,0 +1,21 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { ConnectorCreateParams } from '../../../../../application/connector/methods/create/types'; +import { CreateConnectorRequestBodyV1 } from '../../../../../../common/routes/connector/apis/create'; + +export const transformCreateConnectorBody = ({ + connector_type_id: actionTypeId, + name, + config, + secrets, +}: CreateConnectorRequestBodyV1): ConnectorCreateParams['action'] => ({ + actionTypeId, + name, + config, + secrets, +}); diff --git a/x-pack/plugins/actions/server/routes/connector/get/get.ts b/x-pack/plugins/actions/server/routes/connector/get/get.ts index 686b54655c8927..eaab31594ba1bf 100644 --- a/x-pack/plugins/actions/server/routes/connector/get/get.ts +++ b/x-pack/plugins/actions/server/routes/connector/get/get.ts @@ -11,7 +11,7 @@ import { GetConnectorParamsV1, } from '../../../../common/routes/connector/apis/get'; import { connectorResponseSchemaV1 } from '../../../../common/routes/connector/response'; -import { transformGetConnectorResponseV1 } from './transforms'; +import { transformConnectorResponseV1 } from '../common_transforms'; import { ILicenseState } from '../../../lib'; import { BASE_ACTION_API_PATH } from '../../../../common'; import { ActionsRequestHandlerContext } from '../../../types'; @@ -46,7 +46,7 @@ export const getConnectorRoute = ( const actionsClient = (await context.actions).getActionsClient(); const { id }: GetConnectorParamsV1 = req.params; return res.ok({ - body: transformGetConnectorResponseV1(await actionsClient.get({ id })), + body: transformConnectorResponseV1(await actionsClient.get({ id })), }); }) ) diff --git a/x-pack/plugins/actions/server/routes/create.ts b/x-pack/plugins/actions/server/routes/create.ts deleted file mode 100644 index 25962701918a51..00000000000000 --- a/x-pack/plugins/actions/server/routes/create.ts +++ /dev/null @@ -1,98 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { schema } from '@kbn/config-schema'; -import { IRouter } from '@kbn/core/server'; -import { ActionResult, ActionsRequestHandlerContext } from '../types'; -import { ILicenseState } from '../lib'; -import { BASE_ACTION_API_PATH, RewriteRequestCase, RewriteResponseCase } from '../../common'; -import { verifyAccessAndContext } from './verify_access_and_context'; -import { CreateOptions } from '../actions_client'; -import { connectorResponseSchemaV1 } from '../../common/routes/connector/response'; -import { validateEmptyStrings } from '../../common/validate_empty_strings'; - -export const bodySchema = schema.object({ - name: schema.string({ - validate: validateEmptyStrings, - meta: { description: 'The display name for the connector.' }, - }), - connector_type_id: schema.string({ - validate: validateEmptyStrings, - meta: { description: 'The type of connector.' }, - }), - config: schema.recordOf(schema.string(), schema.any({ validate: validateEmptyStrings }), { - defaultValue: {}, - }), - secrets: schema.recordOf(schema.string(), schema.any({ validate: validateEmptyStrings }), { - defaultValue: {}, - }), -}); - -const rewriteBodyReq: RewriteRequestCase = ({ - connector_type_id: actionTypeId, - name, - config, - secrets, -}) => ({ actionTypeId, name, config, secrets }); -const rewriteBodyRes: RewriteResponseCase = ({ - actionTypeId, - isPreconfigured, - isDeprecated, - isMissingSecrets, - isSystemAction, - ...res -}) => ({ - ...res, - connector_type_id: actionTypeId, - is_preconfigured: isPreconfigured, - is_deprecated: isDeprecated, - is_missing_secrets: isMissingSecrets, - is_system_action: isSystemAction, -}); - -export const createActionRoute = ( - router: IRouter, - licenseState: ILicenseState -) => { - router.post( - { - path: `${BASE_ACTION_API_PATH}/connector/{id?}`, - options: { - access: 'public', - summary: 'Create a connector', - tags: ['oas-tag:connectors'], - }, - validate: { - request: { - params: schema.maybe( - schema.object({ - id: schema.maybe( - schema.string({ meta: { description: 'An identifier for the connector.' } }) - ), - }) - ), - body: bodySchema, - }, - response: { - 200: { - description: 'Indicates a successful call.', - body: () => connectorResponseSchemaV1, - }, - }, - }, - }, - router.handleLegacyErrors( - verifyAccessAndContext(licenseState, async function (context, req, res) { - const actionsClient = (await context.actions).getActionsClient(); - const action = rewriteBodyReq(req.body); - return res.ok({ - body: rewriteBodyRes(await actionsClient.create({ action, options: req.params })), - }); - }) - ) - ); -}; diff --git a/x-pack/plugins/actions/server/routes/index.ts b/x-pack/plugins/actions/server/routes/index.ts index 5ea804d1ce47e0..39efe6619176ba 100644 --- a/x-pack/plugins/actions/server/routes/index.ts +++ b/x-pack/plugins/actions/server/routes/index.ts @@ -13,7 +13,7 @@ import { listTypesRoute } from './connector/list_types'; import { listTypesWithSystemRoute } from './connector/list_types_system'; import { ILicenseState } from '../lib'; import { ActionsRequestHandlerContext } from '../types'; -import { createActionRoute } from './create'; +import { createConnectorRoute } from './connector/create'; import { deleteConnectorRoute } from './connector/delete'; import { executeConnectorRoute } from './connector/execute'; import { getConnectorRoute } from './connector/get'; @@ -36,7 +36,7 @@ export function defineRoutes(opts: RouteOptions) { defineLegacyRoutes(router, licenseState, usageCounter); - createActionRoute(router, licenseState); + createConnectorRoute(router, licenseState); deleteConnectorRoute(router, licenseState); getConnectorRoute(router, licenseState); getAllConnectorsRoute(router, licenseState); diff --git a/x-pack/plugins/actions/server/routes/legacy/create.ts b/x-pack/plugins/actions/server/routes/legacy/create.ts index 6da0d25c2e59c5..f667a9e003a77c 100644 --- a/x-pack/plugins/actions/server/routes/legacy/create.ts +++ b/x-pack/plugins/actions/server/routes/legacy/create.ts @@ -38,6 +38,7 @@ export const createActionRoute = ( access: 'public', summary: `Create a connector`, tags: ['oas-tag:connectors'], + // @ts-expect-error TODO(https://github.com/elastic/kibana/issues/196095): Replace {RouteDeprecationInfo} deprecated: true, }, validate: { diff --git a/x-pack/plugins/actions/server/routes/legacy/delete.ts b/x-pack/plugins/actions/server/routes/legacy/delete.ts index 2204095e038012..c7e1e985cc6f03 100644 --- a/x-pack/plugins/actions/server/routes/legacy/delete.ts +++ b/x-pack/plugins/actions/server/routes/legacy/delete.ts @@ -32,6 +32,7 @@ export const deleteActionRoute = ( summary: `Delete a connector`, description: 'WARNING: When you delete a connector, it cannot be recovered.', tags: ['oas-tag:connectors'], + // @ts-expect-error TODO(https://github.com/elastic/kibana/issues/196095): Replace {RouteDeprecationInfo} deprecated: true, }, validate: { diff --git a/x-pack/plugins/actions/server/routes/legacy/execute.ts b/x-pack/plugins/actions/server/routes/legacy/execute.ts index 8083f884c11869..71b04262075d47 100644 --- a/x-pack/plugins/actions/server/routes/legacy/execute.ts +++ b/x-pack/plugins/actions/server/routes/legacy/execute.ts @@ -37,6 +37,7 @@ export const executeActionRoute = ( options: { access: 'public', summary: `Run a connector`, + // @ts-expect-error TODO(https://github.com/elastic/kibana/issues/196095): Replace {RouteDeprecationInfo} deprecated: true, tags: ['oas-tag:connectors'], }, diff --git a/x-pack/plugins/actions/server/routes/legacy/get.ts b/x-pack/plugins/actions/server/routes/legacy/get.ts index 2adf6413b9248b..571849ccaf4780 100644 --- a/x-pack/plugins/actions/server/routes/legacy/get.ts +++ b/x-pack/plugins/actions/server/routes/legacy/get.ts @@ -31,6 +31,7 @@ export const getActionRoute = ( options: { access: 'public', summary: `Get connector information`, + // @ts-expect-error TODO(https://github.com/elastic/kibana/issues/196095): Replace {RouteDeprecationInfo} deprecated: true, tags: ['oas-tag:connectors'], }, diff --git a/x-pack/plugins/actions/server/routes/legacy/get_all.ts b/x-pack/plugins/actions/server/routes/legacy/get_all.ts index 04ba20f4fb3c8a..f0a17acb96691d 100644 --- a/x-pack/plugins/actions/server/routes/legacy/get_all.ts +++ b/x-pack/plugins/actions/server/routes/legacy/get_all.ts @@ -23,6 +23,7 @@ export const getAllActionRoute = ( options: { access: 'public', summary: `Get all connectors`, + // @ts-expect-error TODO(https://github.com/elastic/kibana/issues/196095): Replace {RouteDeprecationInfo} deprecated: true, tags: ['oas-tag:connectors'], }, diff --git a/x-pack/plugins/actions/server/routes/legacy/list_action_types.ts b/x-pack/plugins/actions/server/routes/legacy/list_action_types.ts index f42cd7479286c3..cc3e9c23f240dc 100644 --- a/x-pack/plugins/actions/server/routes/legacy/list_action_types.ts +++ b/x-pack/plugins/actions/server/routes/legacy/list_action_types.ts @@ -27,6 +27,7 @@ export const listActionTypesRoute = ( options: { access: 'public', summary: `Get connector types`, + // @ts-expect-error TODO(https://github.com/elastic/kibana/issues/196095): Replace {RouteDeprecationInfo} deprecated: true, tags: ['oas-tag:connectors'], }, diff --git a/x-pack/plugins/actions/server/routes/legacy/update.ts b/x-pack/plugins/actions/server/routes/legacy/update.ts index 81106c2cdc73b8..0bf1ec7ece55d8 100644 --- a/x-pack/plugins/actions/server/routes/legacy/update.ts +++ b/x-pack/plugins/actions/server/routes/legacy/update.ts @@ -37,6 +37,7 @@ export const updateActionRoute = ( options: { access: 'public', summary: `Update a connector`, + // @ts-expect-error TODO(https://github.com/elastic/kibana/issues/196095): Replace {RouteDeprecationInfo} deprecated: true, tags: ['oas-tag:connectors'], }, diff --git a/x-pack/plugins/aiops/public/application/utils/search_utils.ts b/x-pack/plugins/aiops/public/application/utils/search_utils.ts index 533303436fa92f..442ce910dd8281 100644 --- a/x-pack/plugins/aiops/public/application/utils/search_utils.ts +++ b/x-pack/plugins/aiops/public/application/utils/search_utils.ts @@ -13,23 +13,14 @@ import type { IUiSettingsClient } from '@kbn/core/public'; import { getEsQueryConfig, SearchSource } from '@kbn/data-plugin/common'; import type { SavedSearch } from '@kbn/saved-search-plugin/public'; import type { FilterManager } from '@kbn/data-plugin/public'; -import { isQuery, mapAndFlattenFilters } from '@kbn/data-plugin/public'; -import type { Query, Filter, AggregateQuery } from '@kbn/es-query'; -import { - fromKueryExpression, - toElasticsearchQuery, - buildQueryFromFilters, - buildEsQuery, -} from '@kbn/es-query'; +import { mapAndFlattenFilters } from '@kbn/data-plugin/public'; +import type { Query, Filter } from '@kbn/es-query'; +import { buildEsQuery } from '@kbn/es-query'; import type { QueryDslQueryContainer } from '@elastic/elasticsearch/lib/api/typesWithBodyKey'; import type { DataView } from '@kbn/data-views-plugin/public'; import type { SimpleSavedObject } from '@kbn/core/public'; import { isPopulatedObject } from '@kbn/ml-is-populated-object'; -import { - getDefaultDSLQuery, - type SearchQueryLanguage, - SEARCH_QUERY_LANGUAGE, -} from '@kbn/ml-query-utils'; +import { getDefaultDSLQuery, type SearchQueryLanguage } from '@kbn/ml-query-utils'; export type SavedSearchSavedObject = SimpleSavedObject; @@ -67,51 +58,6 @@ export function getQueryFromSavedSearchObject(savedSearch: SavedSearchSavedObjec return parsed; } -/** - * Create an Elasticsearch query that combines both lucene/kql query string and filters - * Should also form a valid query if only the query or filters is provided - */ -export function createMergedEsQuery( - query?: Query | AggregateQuery, - filters?: Filter[], - dataView?: DataView, - uiSettings?: IUiSettingsClient -) { - let combinedQuery: QueryDslQueryContainer = getDefaultDSLQuery(); - - // FIXME: Add support for AggregateQuery type #150091 - if (isQuery(query) && query.language === SEARCH_QUERY_LANGUAGE.KUERY) { - const ast = fromKueryExpression(query.query); - if (query.query !== '') { - combinedQuery = toElasticsearchQuery(ast, dataView); - } - if (combinedQuery.bool !== undefined) { - const filterQuery = buildQueryFromFilters(filters, dataView); - - if (!Array.isArray(combinedQuery.bool.filter)) { - combinedQuery.bool.filter = - combinedQuery.bool.filter === undefined ? [] : [combinedQuery.bool.filter]; - } - - if (!Array.isArray(combinedQuery.bool.must_not)) { - combinedQuery.bool.must_not = - combinedQuery.bool.must_not === undefined ? [] : [combinedQuery.bool.must_not]; - } - - combinedQuery.bool.filter = [...combinedQuery.bool.filter, ...filterQuery.filter]; - combinedQuery.bool.must_not = [...combinedQuery.bool.must_not, ...filterQuery.must_not]; - } - } else { - combinedQuery = buildEsQuery( - dataView, - query ? [query] : [], - filters ? filters : [], - uiSettings ? getEsQueryConfig(uiSettings) : undefined - ); - } - return combinedQuery; -} - function getSavedSearchSource(savedSearch: SavedSearch) { return savedSearch && 'searchSource' in savedSearch && @@ -174,11 +120,11 @@ export function getEsQueryFromSavedSearch({ if (!savedSearch && userQuery) { if (filterManager && userFilters) filterManager.addFilters(userFilters); - const combinedQuery = createMergedEsQuery( + const combinedQuery = buildEsQuery( + dataView, userQuery, Array.isArray(userFilters) ? userFilters : [], - dataView, - uiSettings + uiSettings ? getEsQueryConfig(uiSettings) : undefined ); return { @@ -199,11 +145,11 @@ export function getEsQueryFromSavedSearch({ if (filterManager) filterManager.setFilters(currentFilters); if (globalFilters) filterManager?.addFilters(globalFilters); - const combinedQuery = createMergedEsQuery( + const combinedQuery = buildEsQuery( + dataView, currentQuery, filterManager ? filterManager?.getFilters() : currentFilters, - dataView, - uiSettings + uiSettings ? getEsQueryConfig(uiSettings) : undefined ); return { diff --git a/x-pack/plugins/aiops/public/components/change_point_detection/change_point_detection_context.tsx b/x-pack/plugins/aiops/public/components/change_point_detection/change_point_detection_context.tsx index 45ef73c5dd7b5e..4c429e2fd2976c 100644 --- a/x-pack/plugins/aiops/public/components/change_point_detection/change_point_detection_context.tsx +++ b/x-pack/plugins/aiops/public/components/change_point_detection/change_point_detection_context.tsx @@ -9,7 +9,7 @@ import type { FC, PropsWithChildren } from 'react'; import React, { createContext, useCallback, useContext, useEffect, useMemo, useState } from 'react'; import { type DataViewField } from '@kbn/data-views-plugin/public'; import { startWith } from 'rxjs'; -import type { Filter, Query } from '@kbn/es-query'; +import { buildEsQuery, type Filter, type Query } from '@kbn/es-query'; import { usePageUrlState } from '@kbn/ml-url-state'; import { useTimefilter } from '@kbn/ml-date-picker'; import { ES_FIELD_TYPES } from '@kbn/field-types'; @@ -17,12 +17,10 @@ import { type QueryDslQueryContainer } from '@kbn/data-views-plugin/common/types import type { TimeBuckets, TimeBucketsInterval } from '@kbn/ml-time-buckets'; import { useTimeBuckets } from '@kbn/ml-time-buckets'; import { createDefaultQuery } from '@kbn/aiops-common/create_default_query'; +import { getEsQueryConfig } from '@kbn/data-service'; import { useFilterQueryUpdates } from '../../hooks/use_filters_query'; import { type ChangePointType, DEFAULT_AGG_FUNCTION } from './constants'; -import { - createMergedEsQuery, - getEsQueryFromSavedSearch, -} from '../../application/utils/search_utils'; +import { getEsQueryFromSavedSearch } from '../../application/utils/search_utils'; import { useAiopsAppContext } from '../../hooks/use_aiops_app_context'; import { useDataSource } from '../../hooks/use_data_source'; @@ -261,7 +259,12 @@ export const ChangePointDetectionContextProvider: FC> ); const combinedQuery = useMemo(() => { - const mergedQuery = createMergedEsQuery(resultQuery, resultFilters, dataView, uiSettings); + const mergedQuery = buildEsQuery( + dataView, + resultQuery, + resultFilters, + uiSettings ? getEsQueryConfig(uiSettings) : undefined + ); const to = searchBounds.max?.valueOf(); const from = searchBounds.min?.valueOf(); const timeRange = to !== undefined && from !== undefined ? { from, to } : undefined; diff --git a/x-pack/plugins/aiops/public/components/log_categorization/log_categorization_for_embeddable/log_categorization_for_discover.tsx b/x-pack/plugins/aiops/public/components/log_categorization/log_categorization_for_embeddable/log_categorization_for_discover.tsx index db2135e94ab74a..5bf415c5ccfc95 100644 --- a/x-pack/plugins/aiops/public/components/log_categorization/log_categorization_for_embeddable/log_categorization_for_discover.tsx +++ b/x-pack/plugins/aiops/public/components/log_categorization/log_categorization_for_embeddable/log_categorization_for_discover.tsx @@ -12,7 +12,7 @@ import { EuiFlexGroup, EuiFlexItem, EuiSpacer, useEuiPaddingSize } from '@elasti import type { DataViewField } from '@kbn/data-views-plugin/public'; import { i18n } from '@kbn/i18n'; import type { Filter } from '@kbn/es-query'; -import { buildEmptyFilter } from '@kbn/es-query'; +import { buildEmptyFilter, buildEsQuery } from '@kbn/es-query'; import { usePageUrlState } from '@kbn/ml-url-state'; import type { FieldValidationResults } from '@kbn/ml-category-validator'; @@ -24,11 +24,11 @@ import type { EmbeddablePatternAnalysisInput } from '@kbn/aiops-log-pattern-anal import { css } from '@emotion/react'; import { useTableState } from '@kbn/ml-in-memory-table/hooks/use_table_state'; import useMountedState from 'react-use/lib/useMountedState'; +import { getEsQueryConfig } from '@kbn/data-service'; import { type LogCategorizationPageUrlState, getDefaultLogCategorizationAppState, } from '../../../application/url_state/log_pattern_analysis'; -import { createMergedEsQuery } from '../../../application/utils/search_utils'; import { useData } from '../../../hooks/use_data'; import { useSearch } from '../../../hooks/use_search'; import { useAiopsAppContext } from '../../../hooks/use_aiops_app_context'; @@ -90,7 +90,12 @@ export const LogCategorizationDiscover: FC = ( const [stateFromUrl] = usePageUrlState( 'logCategorization', getDefaultLogCategorizationAppState({ - searchQuery: createMergedEsQuery(query, filters, dataView, uiSettings), + searchQuery: buildEsQuery( + dataView, + query ?? [], + filters ?? [], + uiSettings ? getEsQueryConfig(uiSettings) : undefined + ), }) ); const [selectedCategories, setSelectedCategories] = useState([]); diff --git a/x-pack/plugins/aiops/public/components/log_categorization/log_categorization_for_embeddable/log_categorization_for_embeddable.tsx b/x-pack/plugins/aiops/public/components/log_categorization/log_categorization_for_embeddable/log_categorization_for_embeddable.tsx index 9178ac74286641..5ca3cd947f7fe4 100644 --- a/x-pack/plugins/aiops/public/components/log_categorization/log_categorization_for_embeddable/log_categorization_for_embeddable.tsx +++ b/x-pack/plugins/aiops/public/components/log_categorization/log_categorization_for_embeddable/log_categorization_for_embeddable.tsx @@ -10,7 +10,7 @@ import React, { useState, useEffect, useCallback } from 'react'; import { i18n } from '@kbn/i18n'; import type { Filter } from '@kbn/es-query'; -import { buildEmptyFilter } from '@kbn/es-query'; +import { buildEmptyFilter, buildEsQuery } from '@kbn/es-query'; import type { FieldValidationResults } from '@kbn/ml-category-validator'; import type { Category } from '@kbn/aiops-log-pattern-analysis/types'; @@ -21,11 +21,11 @@ import { useTableState } from '@kbn/ml-in-memory-table/hooks/use_table_state'; import { AIOPS_ANALYSIS_RUN_ORIGIN } from '@kbn/aiops-common/constants'; import datemath from '@elastic/datemath'; import useMountedState from 'react-use/lib/useMountedState'; +import { getEsQueryConfig } from '@kbn/data-service'; import { useFilterQueryUpdates } from '../../../hooks/use_filters_query'; import type { PatternAnalysisProps } from '../../../shared_components/pattern_analysis'; import { useSearch } from '../../../hooks/use_search'; import { getDefaultLogCategorizationAppState } from '../../../application/url_state/log_pattern_analysis'; -import { createMergedEsQuery } from '../../../application/utils/search_utils'; import { useData } from '../../../hooks/use_data'; import { useAiopsAppContext } from '../../../hooks/use_aiops_app_context'; @@ -86,7 +86,12 @@ export const LogCategorizationEmbeddable: FC = }); const appState = getDefaultLogCategorizationAppState({ - searchQuery: createMergedEsQuery(query, filters, dataView, uiSettings), + searchQuery: buildEsQuery( + dataView, + query ?? [], + filters ?? [], + uiSettings ? getEsQueryConfig(uiSettings) : undefined + ), filters, }); const { searchQuery } = useSearch({ dataView, savedSearch: savedSearch ?? null }, appState, true); diff --git a/x-pack/plugins/aiops/public/components/log_categorization/log_categorization_for_flyout.tsx b/x-pack/plugins/aiops/public/components/log_categorization/log_categorization_for_flyout.tsx index 2036c5d3a24e95..203950cbf39714 100644 --- a/x-pack/plugins/aiops/public/components/log_categorization/log_categorization_for_flyout.tsx +++ b/x-pack/plugins/aiops/public/components/log_categorization/log_categorization_for_flyout.tsx @@ -33,11 +33,12 @@ import type { CategorizationAdditionalFilter } from '@kbn/aiops-log-pattern-anal import type { Category } from '@kbn/aiops-log-pattern-analysis/types'; import { useTableState } from '@kbn/ml-in-memory-table/hooks/use_table_state'; +import { buildEsQuery } from '@kbn/es-query'; +import { getEsQueryConfig } from '@kbn/data-service'; import { type LogCategorizationPageUrlState, getDefaultLogCategorizationAppState, } from '../../application/url_state/log_pattern_analysis'; -import { createMergedEsQuery } from '../../application/utils/search_utils'; import { useData } from '../../hooks/use_data'; import { useSearch } from '../../hooks/use_search'; import { useAiopsAppContext } from '../../hooks/use_aiops_app_context'; @@ -100,7 +101,12 @@ export const LogCategorizationFlyout: FC = ({ const [stateFromUrl] = usePageUrlState( 'logCategorization', getDefaultLogCategorizationAppState({ - searchQuery: createMergedEsQuery(query, filters, dataView, uiSettings), + searchQuery: buildEsQuery( + dataView, + query ?? [], + filters ?? [], + uiSettings ? getEsQueryConfig(uiSettings) : undefined + ), }) ); const [selectedCategories, setSelectedCategories] = useState([]); diff --git a/x-pack/plugins/aiops/public/components/search_panel/search_panel.tsx b/x-pack/plugins/aiops/public/components/search_panel/search_panel.tsx index e80bfbf31d8433..b3c5adc7c4ed9a 100644 --- a/x-pack/plugins/aiops/public/components/search_panel/search_panel.tsx +++ b/x-pack/plugins/aiops/public/components/search_panel/search_panel.tsx @@ -9,13 +9,13 @@ import type { FC } from 'react'; import React, { useEffect, useState } from 'react'; import { EuiFlexItem, EuiFlexGroup } from '@elastic/eui'; import { i18n } from '@kbn/i18n'; -import type { Query, Filter } from '@kbn/es-query'; +import { type Query, type Filter, buildEsQuery } from '@kbn/es-query'; import type { TimeRange } from '@kbn/es-query'; import type { DataViewField } from '@kbn/data-views-plugin/public'; import type { SearchQueryLanguage } from '@kbn/ml-query-utils'; +import { getEsQueryConfig } from '@kbn/data-service'; import { useAiopsAppContext } from '../../hooks/use_aiops_app_context'; import { useDataSource } from '../../hooks/use_data_source'; -import { createMergedEsQuery } from '../../application/utils/search_utils'; interface Props { searchString: Query['query']; searchQuery: Query['query']; @@ -66,11 +66,11 @@ export const SearchPanel: FC = ({ searchString, searchQueryLanguage, setS queryManager.filterManager.setFilters(mergedFilters); } - const combinedQuery = createMergedEsQuery( + const combinedQuery = buildEsQuery( + dataView, mergedQuery, queryManager.filterManager.getFilters() ?? [], - dataView, - uiSettings + uiSettings ? getEsQueryConfig(uiSettings) : undefined ); setSearchParams({ diff --git a/x-pack/plugins/aiops/public/embeddables/change_point_chart/embeddable_chart_component_wrapper.tsx b/x-pack/plugins/aiops/public/embeddables/change_point_chart/embeddable_chart_component_wrapper.tsx index d95fcca4cbbfff..69da4be087a14c 100644 --- a/x-pack/plugins/aiops/public/embeddables/change_point_chart/embeddable_chart_component_wrapper.tsx +++ b/x-pack/plugins/aiops/public/embeddables/change_point_chart/embeddable_chart_component_wrapper.tsx @@ -9,6 +9,8 @@ import type { FC } from 'react'; import React, { useEffect, useMemo } from 'react'; import { css } from '@emotion/react'; import { CHANGE_POINT_DETECTION_VIEW_TYPE } from '@kbn/aiops-change-point-detection/constants'; +import { getEsQueryConfig } from '@kbn/data-service'; +import { buildEsQuery } from '@kbn/es-query'; import type { ChangePointDetectionProps } from '../../shared_components/change_point_detection'; import { ChangePointsTable } from '../../components/change_point_detection/change_points_table'; import { @@ -18,7 +20,6 @@ import { import { useFilterQueryUpdates } from '../../hooks/use_filters_query'; import { useDataSource } from '../../hooks/use_data_source'; import { useAiopsAppContext } from '../../hooks/use_aiops_app_context'; -import { createMergedEsQuery } from '../../application/utils/search_utils'; import { useChangePointResults } from '../../components/change_point_detection/use_change_point_agg_request'; import { ChartsGrid } from '../../components/change_point_detection/charts_grid'; import { NoChangePointsWarning } from '../../components/change_point_detection/no_change_points_warning'; @@ -62,15 +63,13 @@ export const ChartGridEmbeddableWrapper: FC = ({ const { uiSettings } = useAiopsAppContext(); const combinedQuery = useMemo(() => { - const mergedQuery = createMergedEsQuery(query, filters, dataView, uiSettings); - if (!Array.isArray(mergedQuery.bool?.filter)) { - if (!mergedQuery.bool) { - mergedQuery.bool = {}; - } - mergedQuery.bool.filter = []; - } - - mergedQuery.bool!.filter.push({ + const mergedQuery = buildEsQuery( + dataView, + query, + filters, + uiSettings ? getEsQueryConfig(uiSettings) : undefined + ); + mergedQuery.bool.filter.push({ range: { [dataView.timeFieldName!]: { from: searchBounds.min?.valueOf(), diff --git a/x-pack/plugins/aiops/public/hooks/use_search.ts b/x-pack/plugins/aiops/public/hooks/use_search.ts index 060e87dab59c5a..14d8b6124eabb1 100644 --- a/x-pack/plugins/aiops/public/hooks/use_search.ts +++ b/x-pack/plugins/aiops/public/hooks/use_search.ts @@ -9,14 +9,14 @@ import { useMemo } from 'react'; import type { DataView } from '@kbn/data-views-plugin/public'; import type { SavedSearch } from '@kbn/saved-search-plugin/public'; -import { isQuery } from '@kbn/data-plugin/public'; +import { getEsQueryConfig, isQuery } from '@kbn/data-plugin/public'; +import { buildEsQuery } from '@kbn/es-query'; import { getEsQueryFromSavedSearch } from '../application/utils/search_utils'; import { isDefaultSearchQuery, type AiOpsIndexBasedAppState, } from '../application/url_state/common'; -import { createMergedEsQuery } from '../application/utils/search_utils'; import { useAiopsAppContext } from './use_aiops_app_context'; @@ -66,7 +66,12 @@ export const useSearch = ( (isDefaultSearchQuery(searchQuery) || searchQuery === undefined) && isQuery(query) ) { - searchQuery = createMergedEsQuery(query, aiopsListState.filters, dataView, uiSettings); + searchQuery = buildEsQuery( + dataView, + query, + aiopsListState.filters ?? [], + uiSettings ? getEsQueryConfig(uiSettings) : undefined + ); } return { diff --git a/x-pack/plugins/alerting/common/routes/backfill/response/schemas/v1.ts b/x-pack/plugins/alerting/common/routes/backfill/response/schemas/v1.ts index 268ef7f5e90d1a..5da51d53dddbb3 100644 --- a/x-pack/plugins/alerting/common/routes/backfill/response/schemas/v1.ts +++ b/x-pack/plugins/alerting/common/routes/backfill/response/schemas/v1.ts @@ -6,6 +6,7 @@ */ import { schema } from '@kbn/config-schema'; +import { ruleParamsSchemaV1 } from '@kbn/response-ops-rule-params'; import { adHocRunStatus } from '../../../../constants'; export const statusSchema = schema.oneOf([ @@ -26,7 +27,7 @@ export const backfillResponseSchema = schema.object({ name: schema.string(), tags: schema.arrayOf(schema.string()), rule_type_id: schema.string(), - params: schema.recordOf(schema.string(), schema.maybe(schema.any())), + params: ruleParamsSchemaV1, api_key_owner: schema.nullable(schema.string()), api_key_created_by_user: schema.maybe(schema.nullable(schema.boolean())), consumer: schema.string(), diff --git a/x-pack/plugins/alerting/common/routes/rule/apis/create/schemas/v1.ts b/x-pack/plugins/alerting/common/routes/rule/apis/create/schemas/v1.ts index d9157850bfd8d6..e70df7f9dc73f1 100644 --- a/x-pack/plugins/alerting/common/routes/rule/apis/create/schemas/v1.ts +++ b/x-pack/plugins/alerting/common/routes/rule/apis/create/schemas/v1.ts @@ -6,6 +6,7 @@ */ import { schema } from '@kbn/config-schema'; +import { ruleParamsSchemaWithDefaultValueV1 } from '@kbn/response-ops-rule-params'; import { validateDurationV1, validateHoursV1, validateTimezoneV1 } from '../../../validation'; import { notifyWhenSchemaV1, alertDelaySchemaV1 } from '../../../response'; import { alertsFilterQuerySchemaV1 } from '../../../../alerts_filter_query'; @@ -166,10 +167,7 @@ export const createBodySchema = schema.object({ }) ) ), - params: schema.recordOf(schema.string(), schema.maybe(schema.any()), { - defaultValue: {}, - meta: { description: 'The parameters for the rule.' }, - }), + params: ruleParamsSchemaWithDefaultValueV1, schedule: schema.object( { interval: schema.string({ diff --git a/x-pack/plugins/alerting/common/routes/rule/apis/update/schemas/v1.ts b/x-pack/plugins/alerting/common/routes/rule/apis/update/schemas/v1.ts index e83e26f119595a..b838d21e5cc03a 100644 --- a/x-pack/plugins/alerting/common/routes/rule/apis/update/schemas/v1.ts +++ b/x-pack/plugins/alerting/common/routes/rule/apis/update/schemas/v1.ts @@ -6,6 +6,7 @@ */ import { schema } from '@kbn/config-schema'; +import { ruleParamsSchemaWithDefaultValueV1 } from '@kbn/response-ops-rule-params'; import { validateDurationV1, validateHoursV1, validateTimezoneV1 } from '../../../validation'; import { notifyWhenSchemaV1, alertDelaySchemaV1 } from '../../../response'; import { alertsFilterQuerySchemaV1 } from '../../../../alerts_filter_query'; @@ -152,10 +153,7 @@ export const updateBodySchema = schema.object({ }) ) ), - params: schema.recordOf(schema.string(), schema.any(), { - defaultValue: {}, - meta: { description: 'The parameters for the rule.' }, - }), + params: ruleParamsSchemaWithDefaultValueV1, actions: schema.arrayOf(actionSchema, { defaultValue: [] }), notify_when: schema.maybe(schema.nullable(notifyWhenSchemaV1)), alert_delay: schema.maybe(alertDelaySchemaV1), diff --git a/x-pack/plugins/alerting/common/routes/rule/response/index.ts b/x-pack/plugins/alerting/common/routes/rule/response/index.ts index 8c784e744d4730..1c7632ad28988b 100644 --- a/x-pack/plugins/alerting/common/routes/rule/response/index.ts +++ b/x-pack/plugins/alerting/common/routes/rule/response/index.ts @@ -6,7 +6,6 @@ */ export { - ruleParamsSchema, actionParamsSchema, mappedParamsSchema, ruleExecutionStatusSchema, @@ -18,16 +17,9 @@ export { scheduleIdsSchema, } from './schemas/latest'; -export type { - RuleParams, - RuleResponse, - RuleSnoozeSchedule, - RuleLastRun, - Monitoring, -} from './types/latest'; +export type { RuleResponse, RuleSnoozeSchedule, RuleLastRun, Monitoring } from './types/latest'; export { - ruleParamsSchema as ruleParamsSchemaV1, actionParamsSchema as actionParamsSchemaV1, mappedParamsSchema as mappedParamsSchemaV1, ruleExecutionStatusSchema as ruleExecutionStatusSchemaV1, @@ -41,9 +33,14 @@ export { } from './schemas/v1'; export type { - RuleParams as RuleParamsV1, RuleResponse as RuleResponseV1, RuleSnoozeSchedule as RuleSnoozeScheduleV1, RuleLastRun as RuleLastRunV1, Monitoring as MonitoringV1, } from './types/v1'; + +export { ruleParamsSchemaV1 } from '@kbn/response-ops-rule-params'; +export { ruleParamsSchema } from '@kbn/response-ops-rule-params'; + +export type { RuleParamsV1 } from '@kbn/response-ops-rule-params'; +export type { RuleParams } from '@kbn/response-ops-rule-params'; diff --git a/x-pack/plugins/alerting/common/routes/rule/response/schemas/v1.ts b/x-pack/plugins/alerting/common/routes/rule/response/schemas/v1.ts index 29488b98d6ca83..069aca001d14f1 100644 --- a/x-pack/plugins/alerting/common/routes/rule/response/schemas/v1.ts +++ b/x-pack/plugins/alerting/common/routes/rule/response/schemas/v1.ts @@ -6,6 +6,7 @@ */ import { schema } from '@kbn/config-schema'; +import { ruleParamsSchemaV1 } from '@kbn/response-ops-rule-params'; import { rRuleResponseSchemaV1 } from '../../../r_rule'; import { alertsFilterQuerySchemaV1 } from '../../../alerts_filter_query'; import { @@ -18,9 +19,6 @@ import { import { validateNotifyWhenV1 } from '../../validation'; import { flappingSchemaV1 } from '../../common'; -export const ruleParamsSchema = schema.recordOf(schema.string(), schema.maybe(schema.any()), { - meta: { description: 'The parameters for the rule.' }, -}); export const actionParamsSchema = schema.recordOf(schema.string(), schema.maybe(schema.any()), { meta: { description: @@ -497,7 +495,7 @@ export const ruleResponseSchema = schema.object({ }), schedule: intervalScheduleSchema, actions: schema.arrayOf(actionSchema), - params: ruleParamsSchema, + params: ruleParamsSchemaV1, mapped_params: schema.maybe(mappedParamsSchema), scheduled_task_id: schema.maybe( schema.string({ diff --git a/x-pack/plugins/alerting/common/routes/rule/response/types/v1.ts b/x-pack/plugins/alerting/common/routes/rule/response/types/v1.ts index e9a37eea1fe727..e32a56a302e630 100644 --- a/x-pack/plugins/alerting/common/routes/rule/response/types/v1.ts +++ b/x-pack/plugins/alerting/common/routes/rule/response/types/v1.ts @@ -6,22 +6,21 @@ */ import type { TypeOf } from '@kbn/config-schema'; +import { RuleParamsV1 } from '@kbn/response-ops-rule-params'; import { - ruleParamsSchemaV1, ruleResponseSchemaV1, ruleSnoozeScheduleSchemaV1, ruleLastRunSchemaV1, monitoringSchemaV1, } from '..'; -export type RuleParams = TypeOf; export type RuleSnoozeSchedule = TypeOf; export type RuleLastRun = TypeOf; export type Monitoring = TypeOf; type RuleResponseSchemaType = TypeOf; -export interface RuleResponse { +export interface RuleResponse { id: RuleResponseSchemaType['id']; enabled: RuleResponseSchemaType['enabled']; name: RuleResponseSchemaType['name']; diff --git a/x-pack/plugins/alerting/server/application/backfill/result/schemas/index.ts b/x-pack/plugins/alerting/server/application/backfill/result/schemas/index.ts index de3cc5926a4aec..b454d41dd40ca7 100644 --- a/x-pack/plugins/alerting/server/application/backfill/result/schemas/index.ts +++ b/x-pack/plugins/alerting/server/application/backfill/result/schemas/index.ts @@ -6,6 +6,7 @@ */ import { schema } from '@kbn/config-schema'; +import { ruleParamsSchema } from '@kbn/response-ops-rule-params'; import { adHocRunStatus } from '../../../../../common/constants'; export const statusSchema = schema.oneOf([ @@ -32,7 +33,7 @@ export const backfillSchema = schema.object({ name: schema.string(), tags: schema.arrayOf(schema.string()), alertTypeId: schema.string(), - params: schema.recordOf(schema.string(), schema.maybe(schema.any())), + params: ruleParamsSchema, apiKeyOwner: schema.nullable(schema.string()), apiKeyCreatedByUser: schema.maybe(schema.nullable(schema.boolean())), consumer: schema.string(), diff --git a/x-pack/plugins/alerting/server/application/rule/methods/create/schemas/create_rule_data_schema.ts b/x-pack/plugins/alerting/server/application/rule/methods/create/schemas/create_rule_data_schema.ts index 0672d7929fdb2e..e2cf0da359b0a9 100644 --- a/x-pack/plugins/alerting/server/application/rule/methods/create/schemas/create_rule_data_schema.ts +++ b/x-pack/plugins/alerting/server/application/rule/methods/create/schemas/create_rule_data_schema.ts @@ -6,6 +6,7 @@ */ import { schema } from '@kbn/config-schema'; +import { ruleParamsSchemaWithDefaultValue } from '@kbn/response-ops-rule-params'; import { validateDuration } from '../../../validation'; import { notifyWhenSchema, @@ -23,7 +24,7 @@ export const createRuleDataSchema = schema.object( consumer: schema.string(), tags: schema.arrayOf(schema.string(), { defaultValue: [] }), throttle: schema.maybe(schema.nullable(schema.string({ validate: validateDuration }))), - params: schema.recordOf(schema.string(), schema.maybe(schema.any()), { defaultValue: {} }), + params: ruleParamsSchemaWithDefaultValue, schedule: schema.object({ interval: schema.string({ validate: validateDuration }), }), diff --git a/x-pack/plugins/alerting/server/application/rule/methods/update/schemas/update_rule_data_schema.ts b/x-pack/plugins/alerting/server/application/rule/methods/update/schemas/update_rule_data_schema.ts index 0c4a1df45d44ec..9c0bf1666f8461 100644 --- a/x-pack/plugins/alerting/server/application/rule/methods/update/schemas/update_rule_data_schema.ts +++ b/x-pack/plugins/alerting/server/application/rule/methods/update/schemas/update_rule_data_schema.ts @@ -6,6 +6,7 @@ */ import { schema } from '@kbn/config-schema'; +import { ruleParamsSchemaWithDefaultValue } from '@kbn/response-ops-rule-params'; import { validateDuration } from '../../../validation'; import { notifyWhenSchema, @@ -23,7 +24,7 @@ export const updateRuleDataSchema = schema.object( interval: schema.string({ validate: validateDuration }), }), throttle: schema.maybe(schema.nullable(schema.string({ validate: validateDuration }))), - params: schema.recordOf(schema.string(), schema.maybe(schema.any()), { defaultValue: {} }), + params: ruleParamsSchemaWithDefaultValue, actions: schema.arrayOf(actionRequestSchema, { defaultValue: [] }), systemActions: schema.maybe(schema.arrayOf(systemActionRequestSchema, { defaultValue: [] })), notifyWhen: schema.maybe(schema.nullable(notifyWhenSchema)), diff --git a/x-pack/plugins/alerting/server/application/rule/schemas/rule_schemas.ts b/x-pack/plugins/alerting/server/application/rule/schemas/rule_schemas.ts index 7f9fcb1bd5377c..da91ceb727d2c6 100644 --- a/x-pack/plugins/alerting/server/application/rule/schemas/rule_schemas.ts +++ b/x-pack/plugins/alerting/server/application/rule/schemas/rule_schemas.ts @@ -6,6 +6,7 @@ */ import { schema } from '@kbn/config-schema'; +import { ruleParamsSchema } from '@kbn/response-ops-rule-params'; import { ruleLastRunOutcomeValues, ruleExecutionStatusValues, @@ -18,7 +19,6 @@ import { notifyWhenSchema } from './notify_when_schema'; import { actionSchema, systemActionSchema } from './action_schemas'; import { flappingSchema } from './flapping_schema'; -export const ruleParamsSchema = schema.recordOf(schema.string(), schema.maybe(schema.any())); export const mappedParamsSchema = schema.recordOf(schema.string(), schema.maybe(schema.any())); export const intervalScheduleSchema = schema.object({ diff --git a/x-pack/plugins/alerting/server/application/rule/types/rule.ts b/x-pack/plugins/alerting/server/application/rule/types/rule.ts index 0b1177d31e1f76..2e5cad45cf92f0 100644 --- a/x-pack/plugins/alerting/server/application/rule/types/rule.ts +++ b/x-pack/plugins/alerting/server/application/rule/types/rule.ts @@ -6,6 +6,7 @@ */ import { TypeOf } from '@kbn/config-schema'; +import { ruleParamsSchema } from '@kbn/response-ops-rule-params'; import { ruleNotifyWhen, ruleLastRunOutcomeValues, @@ -14,7 +15,6 @@ import { ruleExecutionStatusWarningReason, } from '../constants'; import { - ruleParamsSchema, snoozeScheduleSchema, ruleExecutionStatusSchema, ruleLastRunSchema, diff --git a/x-pack/plugins/alerting/server/routes/index.ts b/x-pack/plugins/alerting/server/routes/index.ts index 97fdf8c90f8d69..1a274692cefe49 100644 --- a/x-pack/plugins/alerting/server/routes/index.ts +++ b/x-pack/plugins/alerting/server/routes/index.ts @@ -20,7 +20,8 @@ import { deleteRuleRoute } from './rule/apis/delete/delete_rule_route'; import { aggregateRulesRoute } from './rule/apis/aggregate/aggregate_rules_route'; import { disableRuleRoute } from './rule/apis/disable/disable_rule_route'; import { enableRuleRoute } from './rule/apis/enable/enable_rule_route'; -import { findRulesRoute, findInternalRulesRoute } from './rule/apis/find/find_rules_route'; +import { findRulesRoute } from './rule/apis/find/find_rules_route'; +import { findInternalRulesRoute } from './rule/apis/find/find_internal_rules_route'; import { getRuleAlertSummaryRoute } from './get_rule_alert_summary'; import { getRuleExecutionLogRoute } from './get_rule_execution_log'; import { getGlobalExecutionLogRoute } from './get_global_execution_logs'; diff --git a/x-pack/plugins/alerting/server/routes/legacy/create.ts b/x-pack/plugins/alerting/server/routes/legacy/create.ts index d8505fdc8453df..333877b7df49ec 100644 --- a/x-pack/plugins/alerting/server/routes/legacy/create.ts +++ b/x-pack/plugins/alerting/server/routes/legacy/create.ts @@ -65,6 +65,7 @@ export const createAlertRoute = ({ access: isServerless ? 'internal' : 'public', summary: 'Create an alert', tags: ['oas-tag:alerting'], + // @ts-expect-error TODO(https://github.com/elastic/kibana/issues/196095): Replace {RouteDeprecationInfo} deprecated: true, }, }, diff --git a/x-pack/plugins/alerting/server/routes/legacy/delete.ts b/x-pack/plugins/alerting/server/routes/legacy/delete.ts index f931af10ccbbfa..2b63de9e4ee738 100644 --- a/x-pack/plugins/alerting/server/routes/legacy/delete.ts +++ b/x-pack/plugins/alerting/server/routes/legacy/delete.ts @@ -33,6 +33,7 @@ export const deleteAlertRoute = ( access: isServerless ? 'internal' : 'public', summary: 'Delete an alert', tags: ['oas-tag:alerting'], + // @ts-expect-error TODO(https://github.com/elastic/kibana/issues/196095): Replace {RouteDeprecationInfo} deprecated: true, }, }, diff --git a/x-pack/plugins/alerting/server/routes/legacy/disable.ts b/x-pack/plugins/alerting/server/routes/legacy/disable.ts index 486bef89dd1971..0c6f3cf062a0c0 100644 --- a/x-pack/plugins/alerting/server/routes/legacy/disable.ts +++ b/x-pack/plugins/alerting/server/routes/legacy/disable.ts @@ -34,6 +34,7 @@ export const disableAlertRoute = ( access: isServerless ? 'internal' : 'public', summary: 'Disable an alert', tags: ['oas-tag:alerting'], + // @ts-expect-error TODO(https://github.com/elastic/kibana/issues/196095): Replace {RouteDeprecationInfo} deprecated: true, }, }, diff --git a/x-pack/plugins/alerting/server/routes/legacy/enable.ts b/x-pack/plugins/alerting/server/routes/legacy/enable.ts index c5076b3de1a540..d52eaa784f670e 100644 --- a/x-pack/plugins/alerting/server/routes/legacy/enable.ts +++ b/x-pack/plugins/alerting/server/routes/legacy/enable.ts @@ -35,6 +35,7 @@ export const enableAlertRoute = ( access: isServerless ? 'internal' : 'public', summary: 'Enable an alert', tags: ['oas-tag:alerting'], + // @ts-expect-error TODO(https://github.com/elastic/kibana/issues/196095): Replace {RouteDeprecationInfo} deprecated: true, }, }, diff --git a/x-pack/plugins/alerting/server/routes/legacy/find.ts b/x-pack/plugins/alerting/server/routes/legacy/find.ts index ad85f3c7333b01..fa309ae51f2e49 100644 --- a/x-pack/plugins/alerting/server/routes/legacy/find.ts +++ b/x-pack/plugins/alerting/server/routes/legacy/find.ts @@ -79,6 +79,7 @@ export const findAlertRoute = ( tags: ['oas-tag:alerting'], description: 'Gets a paginated set of alerts. Alert `params` are stored as a flattened field type and analyzed as keywords. As alerts change in Kibana, the results on each page of the response also change. Use the find API for traditional paginated results, but avoid using it to export large amounts of data.', + // @ts-expect-error TODO(https://github.com/elastic/kibana/issues/196095): Replace {RouteDeprecationInfo} deprecated: true, }, }, diff --git a/x-pack/plugins/alerting/server/routes/legacy/get.ts b/x-pack/plugins/alerting/server/routes/legacy/get.ts index 8437b888f7c0f5..e5eff52bf02d6c 100644 --- a/x-pack/plugins/alerting/server/routes/legacy/get.ts +++ b/x-pack/plugins/alerting/server/routes/legacy/get.ts @@ -33,6 +33,7 @@ export const getAlertRoute = ( access: isServerless ? 'internal' : 'public', summary: 'Get an alert', tags: ['oas-tag:alerting'], + // @ts-expect-error TODO(https://github.com/elastic/kibana/issues/196095): Replace {RouteDeprecationInfo} deprecated: true, }, }, diff --git a/x-pack/plugins/alerting/server/routes/legacy/get_alert_instance_summary.ts b/x-pack/plugins/alerting/server/routes/legacy/get_alert_instance_summary.ts index fd1fae64b538fd..58a75dd68dce71 100644 --- a/x-pack/plugins/alerting/server/routes/legacy/get_alert_instance_summary.ts +++ b/x-pack/plugins/alerting/server/routes/legacy/get_alert_instance_summary.ts @@ -44,6 +44,7 @@ export const getAlertInstanceSummaryRoute = ( access: isServerless ? 'internal' : 'public', summary: 'Get an alert summary', tags: ['oas-tag:alerting'], + // @ts-expect-error TODO(https://github.com/elastic/kibana/issues/196095): Replace {RouteDeprecationInfo} deprecated: true, }, }, diff --git a/x-pack/plugins/alerting/server/routes/legacy/get_alert_state.ts b/x-pack/plugins/alerting/server/routes/legacy/get_alert_state.ts index 5943ab7203599a..e952ef8719667d 100644 --- a/x-pack/plugins/alerting/server/routes/legacy/get_alert_state.ts +++ b/x-pack/plugins/alerting/server/routes/legacy/get_alert_state.ts @@ -33,6 +33,7 @@ export const getAlertStateRoute = ( access: isServerless ? 'internal' : 'public', summary: 'Get the state of an alert', tags: ['oas-tag:alerting'], + // @ts-expect-error TODO(https://github.com/elastic/kibana/issues/196095): Replace {RouteDeprecationInfo} deprecated: true, }, }, diff --git a/x-pack/plugins/alerting/server/routes/legacy/health.ts b/x-pack/plugins/alerting/server/routes/legacy/health.ts index 90bfda371932a2..8f67767941fd23 100644 --- a/x-pack/plugins/alerting/server/routes/legacy/health.ts +++ b/x-pack/plugins/alerting/server/routes/legacy/health.ts @@ -29,6 +29,7 @@ export function healthRoute( access: isServerless ? 'internal' : 'public', summary: 'Get the alerting framework health', tags: ['oas-tag:alerting'], + // @ts-expect-error TODO(https://github.com/elastic/kibana/issues/196095): Replace {RouteDeprecationInfo} deprecated: true, }, }, diff --git a/x-pack/plugins/alerting/server/routes/legacy/list_alert_types.ts b/x-pack/plugins/alerting/server/routes/legacy/list_alert_types.ts index 6668ff219ade04..35d6a7efeeee3c 100644 --- a/x-pack/plugins/alerting/server/routes/legacy/list_alert_types.ts +++ b/x-pack/plugins/alerting/server/routes/legacy/list_alert_types.ts @@ -25,6 +25,7 @@ export const listAlertTypesRoute = ( access: isServerless ? 'internal' : 'public', summary: 'Get the alert types', tags: ['oas-tag:alerting'], + // @ts-expect-error TODO(https://github.com/elastic/kibana/issues/196095): Replace {RouteDeprecationInfo} deprecated: true, }, }, diff --git a/x-pack/plugins/alerting/server/routes/legacy/mute_all.ts b/x-pack/plugins/alerting/server/routes/legacy/mute_all.ts index eaa989dc8fb6a8..5c4fc1542ef5b7 100644 --- a/x-pack/plugins/alerting/server/routes/legacy/mute_all.ts +++ b/x-pack/plugins/alerting/server/routes/legacy/mute_all.ts @@ -34,6 +34,7 @@ export const muteAllAlertRoute = ( access: isServerless ? 'internal' : 'public', summary: 'Mute all alert instances', tags: ['oas-tag:alerting'], + // @ts-expect-error TODO(https://github.com/elastic/kibana/issues/196095): Replace {RouteDeprecationInfo} deprecated: true, }, }, diff --git a/x-pack/plugins/alerting/server/routes/legacy/mute_instance.ts b/x-pack/plugins/alerting/server/routes/legacy/mute_instance.ts index c309dd36b7744c..ab0b52d41de299 100644 --- a/x-pack/plugins/alerting/server/routes/legacy/mute_instance.ts +++ b/x-pack/plugins/alerting/server/routes/legacy/mute_instance.ts @@ -37,6 +37,7 @@ export const muteAlertInstanceRoute = ( access: isServerless ? 'internal' : 'public', summary: 'Mute an alert', tags: ['oas-tag:alerting'], + // @ts-expect-error TODO(https://github.com/elastic/kibana/issues/196095): Replace {RouteDeprecationInfo} deprecated: true, }, }, diff --git a/x-pack/plugins/alerting/server/routes/legacy/unmute_all.ts b/x-pack/plugins/alerting/server/routes/legacy/unmute_all.ts index 70dfd65e33c792..0681e7d2cf01ed 100644 --- a/x-pack/plugins/alerting/server/routes/legacy/unmute_all.ts +++ b/x-pack/plugins/alerting/server/routes/legacy/unmute_all.ts @@ -34,6 +34,7 @@ export const unmuteAllAlertRoute = ( access: isServerless ? 'internal' : 'public', summary: 'Unmute all alert instances', tags: ['oas-tag:alerting'], + // @ts-expect-error TODO(https://github.com/elastic/kibana/issues/196095): Replace {RouteDeprecationInfo} deprecated: true, }, }, diff --git a/x-pack/plugins/alerting/server/routes/legacy/unmute_instance.ts b/x-pack/plugins/alerting/server/routes/legacy/unmute_instance.ts index 7990539d6c20d1..1101a2b5092e76 100644 --- a/x-pack/plugins/alerting/server/routes/legacy/unmute_instance.ts +++ b/x-pack/plugins/alerting/server/routes/legacy/unmute_instance.ts @@ -35,6 +35,7 @@ export const unmuteAlertInstanceRoute = ( access: isServerless ? 'internal' : 'public', summary: 'Unmute an alert', tags: ['oas-tag:alerting'], + // @ts-expect-error TODO(https://github.com/elastic/kibana/issues/196095): Replace {RouteDeprecationInfo} deprecated: true, }, }, diff --git a/x-pack/plugins/alerting/server/routes/legacy/update.ts b/x-pack/plugins/alerting/server/routes/legacy/update.ts index b65579e17b0875..01adeb5c634dcc 100644 --- a/x-pack/plugins/alerting/server/routes/legacy/update.ts +++ b/x-pack/plugins/alerting/server/routes/legacy/update.ts @@ -61,6 +61,7 @@ export const updateAlertRoute = ( access: isServerless ? 'internal' : 'public', summary: 'Update an alert', tags: ['oas-tag:alerting'], + // @ts-expect-error TODO(https://github.com/elastic/kibana/issues/196095): Replace {RouteDeprecationInfo} deprecated: true, }, }, diff --git a/x-pack/plugins/alerting/server/routes/legacy/update_api_key.ts b/x-pack/plugins/alerting/server/routes/legacy/update_api_key.ts index 06c466333967c3..30c51d3cdcf5c6 100644 --- a/x-pack/plugins/alerting/server/routes/legacy/update_api_key.ts +++ b/x-pack/plugins/alerting/server/routes/legacy/update_api_key.ts @@ -35,6 +35,7 @@ export const updateApiKeyRoute = ( access: isServerless ? 'internal' : 'public', summary: 'Update the API key for an alert', tags: ['oas-tag:alerting'], + // @ts-expect-error TODO(https://github.com/elastic/kibana/issues/196095): Replace {RouteDeprecationInfo} deprecated: true, }, }, diff --git a/x-pack/plugins/alerting/server/routes/rule/apis/find/find_internal_rules_route.test.ts b/x-pack/plugins/alerting/server/routes/rule/apis/find/find_internal_rules_route.test.ts new file mode 100644 index 00000000000000..46ff2e8e96e128 --- /dev/null +++ b/x-pack/plugins/alerting/server/routes/rule/apis/find/find_internal_rules_route.test.ts @@ -0,0 +1,36 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ +import { httpServiceMock } from '@kbn/core/server/mocks'; +import { licenseStateMock } from '../../../../lib/license_state.mock'; +import { findInternalRulesRoute } from './find_internal_rules_route'; + +jest.mock('../../../../lib/license_api_access', () => ({ + verifyApiAccess: jest.fn(), +})); + +jest.mock('../../../lib/track_legacy_terminology', () => ({ + trackLegacyTerminology: jest.fn(), +})); + +beforeEach(() => { + jest.resetAllMocks(); +}); + +describe('findInternalRulesRoute', () => { + it('registers the route without public access', async () => { + const licenseState = licenseStateMock.create(); + const router = httpServiceMock.createRouter(); + + findInternalRulesRoute(router, licenseState); + expect(router.post).toHaveBeenCalledWith( + expect.not.objectContaining({ + options: expect.objectContaining({ access: 'public' }), + }), + expect.any(Function) + ); + }); +}); diff --git a/x-pack/plugins/alerting/server/routes/rule/apis/find/find_internal_rules_route.ts b/x-pack/plugins/alerting/server/routes/rule/apis/find/find_internal_rules_route.ts new file mode 100644 index 00000000000000..8ff8ce59192cfd --- /dev/null +++ b/x-pack/plugins/alerting/server/routes/rule/apis/find/find_internal_rules_route.ts @@ -0,0 +1,87 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { IRouter } from '@kbn/core/server'; +import { UsageCounter } from '@kbn/usage-collection-plugin/server'; +import type { + FindRulesRequestQueryV1, + FindRulesResponseV1, +} from '../../../../../common/routes/rule/apis/find'; +import { findRulesRequestQuerySchemaV1 } from '../../../../../common/routes/rule/apis/find'; +import { RuleParamsV1 } from '../../../../../common/routes/rule/response'; +import { ILicenseState } from '../../../../lib'; +import { + AlertingRequestHandlerContext, + INTERNAL_ALERTING_API_FIND_RULES_PATH, +} from '../../../../types'; +import { verifyAccessAndContext } from '../../../lib'; +import { trackLegacyTerminology } from '../../../lib/track_legacy_terminology'; +import { transformFindRulesBodyV1, transformFindRulesResponseV1 } from './transforms'; + +export const findInternalRulesRoute = ( + router: IRouter, + licenseState: ILicenseState, + usageCounter?: UsageCounter +) => { + router.post( + { + path: INTERNAL_ALERTING_API_FIND_RULES_PATH, + options: { access: 'internal' }, + validate: { + body: findRulesRequestQuerySchemaV1, + }, + }, + router.handleLegacyErrors( + verifyAccessAndContext(licenseState, async function (context, req, res) { + const rulesClient = (await context.alerting).getRulesClient(); + + const body: FindRulesRequestQueryV1 = req.body; + + trackLegacyTerminology( + [req.body.search, req.body.search_fields, req.body.sort_field].filter( + Boolean + ) as string[], + usageCounter + ); + + const options = transformFindRulesBodyV1({ + ...body, + has_reference: body.has_reference || undefined, + search_fields: searchFieldsAsArray(body.search_fields), + }); + + if (req.body.fields) { + usageCounter?.incrementCounter({ + counterName: `alertingFieldsUsage`, + counterType: 'alertingFieldsUsage', + incrementBy: 1, + }); + } + + const findResult = await rulesClient.find({ + options, + excludeFromPublicApi: false, + includeSnoozeData: true, + }); + + const responseBody: FindRulesResponseV1['body'] = + transformFindRulesResponseV1(findResult, options.fields); + + return res.ok({ + body: responseBody, + }); + }) + ) + ); +}; + +function searchFieldsAsArray(searchFields: string | string[] | undefined): string[] | undefined { + if (!searchFields) { + return; + } + return Array.isArray(searchFields) ? searchFields : [searchFields]; +} diff --git a/x-pack/plugins/alerting/server/routes/rule/apis/find/find_rules_route.test.ts b/x-pack/plugins/alerting/server/routes/rule/apis/find/find_rules_route.test.ts index 4e3c9b635ec3ac..0e1f07a5ce5430 100644 --- a/x-pack/plugins/alerting/server/routes/rule/apis/find/find_rules_route.test.ts +++ b/x-pack/plugins/alerting/server/routes/rule/apis/find/find_rules_route.test.ts @@ -30,6 +30,18 @@ beforeEach(() => { }); describe('findRulesRoute', () => { + it('registers the route with public access', async () => { + const licenseState = licenseStateMock.create(); + const router = httpServiceMock.createRouter(); + + findRulesRoute(router, licenseState); + expect(router.get).toHaveBeenCalledWith( + expect.objectContaining({ + options: expect.objectContaining({ access: 'public' }), + }), + expect.any(Function) + ); + }); it('finds rules with proper parameters', async () => { const licenseState = licenseStateMock.create(); const router = httpServiceMock.createRouter(); diff --git a/x-pack/plugins/alerting/server/routes/rule/apis/find/find_rules_route.ts b/x-pack/plugins/alerting/server/routes/rule/apis/find/find_rules_route.ts index b4384e9d8f4efa..90afde8f208134 100644 --- a/x-pack/plugins/alerting/server/routes/rule/apis/find/find_rules_route.ts +++ b/x-pack/plugins/alerting/server/routes/rule/apis/find/find_rules_route.ts @@ -7,40 +7,26 @@ import { IRouter } from '@kbn/core/server'; import { UsageCounter } from '@kbn/usage-collection-plugin/server'; -import { ILicenseState } from '../../../../lib'; -import { verifyAccessAndContext } from '../../../lib'; -import { findRulesRequestQuerySchemaV1 } from '../../../../../common/routes/rule/apis/find'; import type { FindRulesRequestQueryV1, FindRulesResponseV1, } from '../../../../../common/routes/rule/apis/find'; +import { findRulesRequestQuerySchemaV1 } from '../../../../../common/routes/rule/apis/find'; import { RuleParamsV1, ruleResponseSchemaV1 } from '../../../../../common/routes/rule/response'; -import { - AlertingRequestHandlerContext, - BASE_ALERTING_API_PATH, - INTERNAL_ALERTING_API_FIND_RULES_PATH, -} from '../../../../types'; +import { ILicenseState } from '../../../../lib'; +import { AlertingRequestHandlerContext, BASE_ALERTING_API_PATH } from '../../../../types'; +import { verifyAccessAndContext } from '../../../lib'; import { trackLegacyTerminology } from '../../../lib/track_legacy_terminology'; import { transformFindRulesBodyV1, transformFindRulesResponseV1 } from './transforms'; -interface BuildFindRulesRouteParams { - licenseState: ILicenseState; - path: string; - router: IRouter; - excludeFromPublicApi?: boolean; - usageCounter?: UsageCounter; -} - -const buildFindRulesRoute = ({ - licenseState, - path, - router, - excludeFromPublicApi = false, - usageCounter, -}: BuildFindRulesRouteParams) => { +export const findRulesRoute = ( + router: IRouter, + licenseState: ILicenseState, + usageCounter?: UsageCounter +) => { router.get( { - path, + path: `${BASE_ALERTING_API_PATH}/rules/_find`, options: { access: 'public', summary: 'Get information about rules', @@ -91,7 +77,7 @@ const buildFindRulesRoute = ({ const findResult = await rulesClient.find({ options, - excludeFromPublicApi, + excludeFromPublicApi: true, includeSnoozeData: true, }); @@ -104,86 +90,6 @@ const buildFindRulesRoute = ({ }) ) ); - if (path === INTERNAL_ALERTING_API_FIND_RULES_PATH) { - router.post( - { - path, - options: { access: 'internal' }, - validate: { - body: findRulesRequestQuerySchemaV1, - }, - }, - router.handleLegacyErrors( - verifyAccessAndContext(licenseState, async function (context, req, res) { - const rulesClient = (await context.alerting).getRulesClient(); - - const body: FindRulesRequestQueryV1 = req.body; - - trackLegacyTerminology( - [req.body.search, req.body.search_fields, req.body.sort_field].filter( - Boolean - ) as string[], - usageCounter - ); - - const options = transformFindRulesBodyV1({ - ...body, - has_reference: body.has_reference || undefined, - search_fields: searchFieldsAsArray(body.search_fields), - }); - - if (req.body.fields) { - usageCounter?.incrementCounter({ - counterName: `alertingFieldsUsage`, - counterType: 'alertingFieldsUsage', - incrementBy: 1, - }); - } - - const findResult = await rulesClient.find({ - options, - excludeFromPublicApi, - includeSnoozeData: true, - }); - - const responseBody: FindRulesResponseV1['body'] = - transformFindRulesResponseV1(findResult, options.fields); - - return res.ok({ - body: responseBody, - }); - }) - ) - ); - } -}; - -export const findRulesRoute = ( - router: IRouter, - licenseState: ILicenseState, - usageCounter?: UsageCounter -) => { - buildFindRulesRoute({ - excludeFromPublicApi: true, - licenseState, - path: `${BASE_ALERTING_API_PATH}/rules/_find`, - router, - usageCounter, - }); -}; - -export const findInternalRulesRoute = ( - router: IRouter, - licenseState: ILicenseState, - usageCounter?: UsageCounter -) => { - buildFindRulesRoute({ - excludeFromPublicApi: false, - licenseState, - path: INTERNAL_ALERTING_API_FIND_RULES_PATH, - router, - usageCounter, - }); }; function searchFieldsAsArray(searchFields: string | string[] | undefined): string[] | undefined { diff --git a/x-pack/plugins/alerting/tsconfig.json b/x-pack/plugins/alerting/tsconfig.json index c0951663a8489f..eefc1999b26d53 100644 --- a/x-pack/plugins/alerting/tsconfig.json +++ b/x-pack/plugins/alerting/tsconfig.json @@ -73,7 +73,8 @@ "@kbn/core-security-server", "@kbn/core-http-server", "@kbn/zod", - "@kbn/core-saved-objects-base-server-internal" + "@kbn/core-saved-objects-base-server-internal", + "@kbn/response-ops-rule-params" ], "exclude": [ "target/**/*" diff --git a/x-pack/plugins/cases/server/routes/api/comments/get_all_comment.ts b/x-pack/plugins/cases/server/routes/api/comments/get_all_comment.ts index a33b638f5310e4..6e8ac79bffec9b 100644 --- a/x-pack/plugins/cases/server/routes/api/comments/get_all_comment.ts +++ b/x-pack/plugins/cases/server/routes/api/comments/get_all_comment.ts @@ -31,6 +31,7 @@ export const getAllCommentsRoute = createCasesRoute({ summary: `Gets all case comments`, tags: ['oas-tag:cases'], // description: 'You must have `read` privileges for the **Cases** feature in the **Management**, **Observability**, or **Security** section of the Kibana feature privileges, depending on the owner of the cases with the comments you\'re seeking.', + // @ts-expect-error TODO(https://github.com/elastic/kibana/issues/196095): Replace {RouteDeprecationInfo} deprecated: true, }, handler: async ({ context, request, response }) => { diff --git a/x-pack/plugins/cases/server/routes/api/stats/get_status.ts b/x-pack/plugins/cases/server/routes/api/stats/get_status.ts index 07d02c0b6713f9..dce369e4a0f45e 100644 --- a/x-pack/plugins/cases/server/routes/api/stats/get_status.ts +++ b/x-pack/plugins/cases/server/routes/api/stats/get_status.ts @@ -26,6 +26,7 @@ export const getStatusRoute: CaseRoute = createCasesRoute({ description: 'Returns the number of cases that are open, closed, and in progress in the default space.', // You must have `read` privileges for the **Cases** feature in the **Management**, **Observability**, or **Security** section of the Kibana feature privileges, depending on the owner of the cases you're seeking. + // @ts-expect-error TODO(https://github.com/elastic/kibana/issues/196095): Replace {RouteDeprecationInfo} deprecated: true, }, handler: async ({ context, request, response }) => { diff --git a/x-pack/plugins/cases/server/routes/api/user_actions/get_all_user_actions.ts b/x-pack/plugins/cases/server/routes/api/user_actions/get_all_user_actions.ts index 5edc7a261b3c48..17fe0dcdb9012e 100644 --- a/x-pack/plugins/cases/server/routes/api/user_actions/get_all_user_actions.ts +++ b/x-pack/plugins/cases/server/routes/api/user_actions/get_all_user_actions.ts @@ -30,6 +30,7 @@ export const getUserActionsRoute = createCasesRoute({ description: `Returns all user activity for a case.`, // You must have `read` privileges for the **Cases** feature in the **Management**, **Observability**, or **Security** section of the Kibana feature privileges, depending on the owner of the case you're seeking. tags: ['oas-tag:cases'], + // @ts-expect-error TODO(https://github.com/elastic/kibana/issues/196095): Replace {RouteDeprecationInfo} deprecated: true, }, handler: async ({ context, request, response }) => { diff --git a/x-pack/plugins/cloud_security_posture/public/components/fleet_extensions/setup_technology_selector/use_setup_technology.test.ts b/x-pack/plugins/cloud_security_posture/public/components/fleet_extensions/setup_technology_selector/use_setup_technology.test.ts index 9d1c0b9bae32e8..8bf3984f62faa3 100644 --- a/x-pack/plugins/cloud_security_posture/public/components/fleet_extensions/setup_technology_selector/use_setup_technology.test.ts +++ b/x-pack/plugins/cloud_security_posture/public/components/fleet_extensions/setup_technology_selector/use_setup_technology.test.ts @@ -64,10 +64,14 @@ describe('useSetupTechnology', () => { }); it('calls handleSetupTechnologyChange when setupTechnology changes', () => { + const inputPackage = { + type: 'someType', + policy_template: 'somePolicyTemplate', + } as NewPackagePolicyInput; const handleSetupTechnologyChangeMock = jest.fn(); const { result } = renderHook(() => useSetupTechnology({ - input: { type: 'someType' } as NewPackagePolicyInput, + input: inputPackage, handleSetupTechnologyChange: handleSetupTechnologyChangeMock, }) ); @@ -79,7 +83,10 @@ describe('useSetupTechnology', () => { }); expect(result.current.setupTechnology).toBe(SetupTechnology.AGENTLESS); - expect(handleSetupTechnologyChangeMock).toHaveBeenCalledWith(SetupTechnology.AGENTLESS); + expect(handleSetupTechnologyChangeMock).toHaveBeenCalledWith( + SetupTechnology.AGENTLESS, + inputPackage.policy_template + ); }); }); diff --git a/x-pack/plugins/cloud_security_posture/public/components/fleet_extensions/setup_technology_selector/use_setup_technology.ts b/x-pack/plugins/cloud_security_posture/public/components/fleet_extensions/setup_technology_selector/use_setup_technology.ts index e18119c3a39dee..3f68fb87f26392 100644 --- a/x-pack/plugins/cloud_security_posture/public/components/fleet_extensions/setup_technology_selector/use_setup_technology.ts +++ b/x-pack/plugins/cloud_security_posture/public/components/fleet_extensions/setup_technology_selector/use_setup_technology.ts @@ -18,7 +18,7 @@ export const useSetupTechnology = ({ }: { input: NewPackagePolicyInput; isAgentlessEnabled?: boolean; - handleSetupTechnologyChange?: (value: SetupTechnology) => void; + handleSetupTechnologyChange?: (value: SetupTechnology, policyTemplateName?: string) => void; isEditPage?: boolean; }) => { const isCspmAws = input.type === CLOUDBEAT_AWS; @@ -34,7 +34,7 @@ export const useSetupTechnology = ({ const updateSetupTechnology = (value: SetupTechnology) => { setSetupTechnology(value); if (handleSetupTechnologyChange) { - handleSetupTechnologyChange(value); + handleSetupTechnologyChange(value, input.policy_template); } }; diff --git a/x-pack/plugins/data_usage/public/app/components/data_usage_metrics.tsx b/x-pack/plugins/data_usage/public/app/components/data_usage_metrics.tsx index 48b6566df9e660..929ebf7a024904 100644 --- a/x-pack/plugins/data_usage/public/app/components/data_usage_metrics.tsx +++ b/x-pack/plugins/data_usage/public/app/components/data_usage_metrics.tsx @@ -8,6 +8,7 @@ import React, { useCallback, useEffect, useMemo, useState } from 'react'; import { css } from '@emotion/react'; import { EuiFlexGroup, EuiFlexItem, EuiLoadingElastic } from '@elastic/eui'; +import { i18n } from '@kbn/i18n'; import { Charts } from './charts'; import { useBreadcrumbs } from '../../utils/use_breadcrumbs'; import { useKibanaContextForPlugin } from '../../utils/use_kibana'; @@ -29,7 +30,7 @@ const FlexItemWithCss = ({ children }: { children: React.ReactNode }) => ( export const DataUsageMetrics = () => { const { - services: { chrome, appParams }, + services: { chrome, appParams, notifications }, } = useKibanaContextForPlugin(); useBreadcrumbs([{ text: PLUGIN_NAME }], appParams, chrome); @@ -43,10 +44,15 @@ export const DataUsageMetrics = () => { setUrlDateRangeFilter, } = useDataUsageMetricsUrlParams(); - const { data: dataStreams, isFetching: isFetchingDataStreams } = useGetDataUsageDataStreams({ + const { + error: errorFetchingDataStreams, + data: dataStreams, + isFetching: isFetchingDataStreams, + } = useGetDataUsageDataStreams({ selectedDataStreams: dataStreamsFromUrl, options: { enabled: true, + retry: false, }, }); @@ -93,6 +99,7 @@ export const DataUsageMetrics = () => { const { dateRangePickerState, onRefreshChange, onTimeChange } = useDateRangePicker(); const { + error: errorFetchingDataUsageMetrics, data, isFetching, isFetched, @@ -157,6 +164,23 @@ export const DataUsageMetrics = () => { onChangeMetricTypesFilter, ]); + if (errorFetchingDataUsageMetrics) { + notifications.toasts.addDanger({ + title: i18n.translate('xpack.dataUsage.getMetrics.addFailure.toast.title', { + defaultMessage: 'Error getting usage metrics', + }), + text: errorFetchingDataUsageMetrics.message, + }); + } + if (errorFetchingDataStreams) { + notifications.toasts.addDanger({ + title: i18n.translate('xpack.dataUsage.getDataStreams.addFailure.toast.title', { + defaultMessage: 'Error getting data streams', + }), + text: errorFetchingDataStreams.message, + }); + } + return ( diff --git a/x-pack/plugins/data_usage/public/hooks/use_get_data_streams.ts b/x-pack/plugins/data_usage/public/hooks/use_get_data_streams.ts index 35f53c49e2c284..598acca3c1faf8 100644 --- a/x-pack/plugins/data_usage/public/hooks/use_get_data_streams.ts +++ b/x-pack/plugins/data_usage/public/hooks/use_get_data_streams.ts @@ -6,7 +6,6 @@ */ import type { UseQueryOptions, UseQueryResult } from '@tanstack/react-query'; -import { i18n } from '@kbn/i18n'; import { useQuery } from '@tanstack/react-query'; import type { IHttpFetchError } from '@kbn/core-http-browser'; import { DATA_USAGE_DATA_STREAMS_API_ROUTE } from '../../common'; @@ -33,22 +32,19 @@ export const useGetDataUsageDataStreams = ({ options?: UseQueryOptions; }): UseQueryResult => { const http = useKibanaContextForPlugin().services.http; - const { - services: { notifications }, - } = useKibanaContextForPlugin(); return useQuery({ queryKey: ['get-data-usage-data-streams'], ...options, keepPreviousData: true, queryFn: async () => { - const dataStreamsResponse = await http.get( - DATA_USAGE_DATA_STREAMS_API_ROUTE, - { + const dataStreamsResponse = await http + .get(DATA_USAGE_DATA_STREAMS_API_ROUTE, { version: '1', - // query: {}, - } - ); + }) + .catch((error) => { + throw error.body; + }); const augmentedDataStreamsBasedOnSelectedItems = dataStreamsResponse.reduce<{ selected: GetDataUsageDataStreamsResponse; @@ -87,13 +83,5 @@ export const useGetDataUsageDataStreams = ({ : PAGING_PARAMS.default ); }, - onError: (error: IHttpFetchError) => { - notifications.toasts.addDanger({ - title: i18n.translate('xpack.dataUsage.getDataStreams.addFailure.toast.title', { - defaultMessage: 'Error getting data streams', - }), - text: error.message, - }); - }, }); }; diff --git a/x-pack/plugins/data_usage/public/hooks/use_get_usage_metrics.ts b/x-pack/plugins/data_usage/public/hooks/use_get_usage_metrics.ts index bbd0f5d8aa02fb..7e7406d72b9c0b 100644 --- a/x-pack/plugins/data_usage/public/hooks/use_get_usage_metrics.ts +++ b/x-pack/plugins/data_usage/public/hooks/use_get_usage_metrics.ts @@ -6,7 +6,6 @@ */ import type { UseQueryOptions, UseQueryResult } from '@tanstack/react-query'; -import { i18n } from '@kbn/i18n'; import { useQuery } from '@tanstack/react-query'; import type { IHttpFetchError } from '@kbn/core-http-browser'; import { UsageMetricsRequestBody, UsageMetricsResponseSchemaBody } from '../../common/rest_types'; @@ -23,33 +22,26 @@ export const useGetDataUsageMetrics = ( options: UseQueryOptions> = {} ): UseQueryResult> => { const http = useKibanaContextForPlugin().services.http; - const { - services: { notifications }, - } = useKibanaContextForPlugin(); return useQuery>({ queryKey: ['get-data-usage-metrics', body], ...options, keepPreviousData: true, queryFn: async ({ signal }) => { - return http.post(DATA_USAGE_METRICS_API_ROUTE, { - signal, - version: '1', - body: JSON.stringify({ - from: body.from, - to: body.to, - metricTypes: body.metricTypes, - dataStreams: body.dataStreams, - }), - }); - }, - onError: (error: IHttpFetchError) => { - notifications.toasts.addDanger({ - title: i18n.translate('xpack.dataUsage.getMetrics.addFailure.toast.title', { - defaultMessage: 'Error getting usage metrics', - }), - text: error.message, - }); + return http + .post(DATA_USAGE_METRICS_API_ROUTE, { + signal, + version: '1', + body: JSON.stringify({ + from: body.from, + to: body.to, + metricTypes: body.metricTypes, + dataStreams: body.dataStreams, + }), + }) + .catch((error) => { + throw error.body; + }); }, }); }; diff --git a/x-pack/plugins/data_usage/server/routes/error_handler.ts b/x-pack/plugins/data_usage/server/routes/error_handler.ts index 122df5e72b130b..b889d12674db52 100644 --- a/x-pack/plugins/data_usage/server/routes/error_handler.ts +++ b/x-pack/plugins/data_usage/server/routes/error_handler.ts @@ -8,6 +8,7 @@ import type { IKibanaResponse, KibanaResponseFactory, Logger } from '@kbn/core/server'; import { CustomHttpRequestError } from '../utils/custom_http_request_error'; import { BaseError } from '../common/errors'; +import { AutoOpsError } from '../services/errors'; export class NotFoundError extends BaseError {} @@ -31,6 +32,13 @@ export const errorHandler = ( }); } + if (error instanceof AutoOpsError) { + return res.customError({ + statusCode: 503, + body: error, + }); + } + if (error instanceof NotFoundError) { return res.notFound({ body: error }); } diff --git a/x-pack/plugins/data_usage/server/services/autoops_api.ts b/x-pack/plugins/data_usage/server/services/autoops_api.ts index ece0ec86116f24..e5ffe24c6167ab 100644 --- a/x-pack/plugins/data_usage/server/services/autoops_api.ts +++ b/x-pack/plugins/data_usage/server/services/autoops_api.ts @@ -18,7 +18,11 @@ import { } from '../../common/rest_types'; import { AppContextService } from './app_context'; import { AutoOpsConfig } from '../types'; +import { AutoOpsError } from './errors'; +const AGENT_CREATION_FAILED_ERROR = 'AutoOps API could not create the autoops agent'; +const AUTO_OPS_AGENT_CREATION_PREFIX = '[AutoOps API] Creating autoops agent failed'; +const AUTO_OPS_MISSING_CONFIG_ERROR = 'Missing autoops configuration'; export class AutoOpsAPIService { constructor(private appContextService: AppContextService) {} public async autoOpsUsageMetricsAPI(requestBody: UsageMetricsRequestBody) { @@ -34,8 +38,8 @@ export class AutoOpsAPIService { const autoopsConfig = this.appContextService.getConfig()?.autoops; if (!autoopsConfig) { - logger.error('[AutoOps API] Missing autoops configuration', errorMetadata); - throw new Error('missing autoops configuration'); + logger.error(`[AutoOps API] ${AUTO_OPS_MISSING_CONFIG_ERROR}`, errorMetadata); + throw new AutoOpsError(AUTO_OPS_MISSING_CONFIG_ERROR); } logger.debug( @@ -86,7 +90,7 @@ export class AutoOpsAPIService { (error: Error | AxiosError) => { if (!axios.isAxiosError(error)) { logger.error( - `[AutoOps API] Creating autoops failed with an error ${error} ${requestConfigDebugStatus}`, + `${AUTO_OPS_AGENT_CREATION_PREFIX} with an error ${error} ${requestConfigDebugStatus}`, errorMetadataWithRequestConfig ); throw new Error(withRequestIdMessage(error.message)); @@ -97,7 +101,7 @@ export class AutoOpsAPIService { if (error.response) { // The request was made and the server responded with a status code and error data logger.error( - `[AutoOps API] Creating autoops failed because the AutoOps API responding with a status code that falls out of the range of 2xx: ${JSON.stringify( + `${AUTO_OPS_AGENT_CREATION_PREFIX} because the AutoOps API responded with a status code that falls out of the range of 2xx: ${JSON.stringify( error.response.status )}} ${JSON.stringify(error.response.data)}} ${requestConfigDebugStatus}`, { @@ -111,30 +115,26 @@ export class AutoOpsAPIService { }, } ); - throw new Error( - withRequestIdMessage(`the AutoOps API could not create the autoops agent`) - ); + throw new AutoOpsError(withRequestIdMessage(AGENT_CREATION_FAILED_ERROR)); } else if (error.request) { // The request was made but no response was received logger.error( - `[AutoOps API] Creating autoops agent failed while sending the request to the AutoOps API: ${errorLogCodeCause} ${requestConfigDebugStatus}`, + `${AUTO_OPS_AGENT_CREATION_PREFIX} while sending the request to the AutoOps API: ${errorLogCodeCause} ${requestConfigDebugStatus}`, errorMetadataWithRequestConfig ); throw new Error(withRequestIdMessage(`no response received from the AutoOps API`)); } else { // Something happened in setting up the request that triggered an Error logger.error( - `[AutoOps API] Creating autoops agent failed to be created ${errorLogCodeCause} ${requestConfigDebugStatus}`, + `${AUTO_OPS_AGENT_CREATION_PREFIX} to be created ${errorLogCodeCause} ${requestConfigDebugStatus}`, errorMetadataWithRequestConfig ); - throw new Error( - withRequestIdMessage('the AutoOps API could not create the autoops agent') - ); + throw new AutoOpsError(withRequestIdMessage(AGENT_CREATION_FAILED_ERROR)); } } ); - logger.debug(`[AutoOps API] Created an autoops agent ${response}`); + logger.debug(`[AutoOps API] Successfully created an autoops agent ${response}`); return response; } diff --git a/x-pack/plugins/data_usage/server/services/errors.ts b/x-pack/plugins/data_usage/server/services/errors.ts new file mode 100644 index 00000000000000..0574e2a3c75fbb --- /dev/null +++ b/x-pack/plugins/data_usage/server/services/errors.ts @@ -0,0 +1,10 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { BaseError } from '../common/errors'; + +export class AutoOpsError extends BaseError {} diff --git a/x-pack/plugins/data_usage/server/services/index.ts b/x-pack/plugins/data_usage/server/services/index.ts index 4026891180a78d..9ccd08861a26cc 100644 --- a/x-pack/plugins/data_usage/server/services/index.ts +++ b/x-pack/plugins/data_usage/server/services/index.ts @@ -4,10 +4,12 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ +import { ValidationError } from '@kbn/config-schema'; import { AppContextService } from './app_context'; import { AutoOpsAPIService } from './autoops_api'; import type { DataUsageContext } from '../types'; import { MetricTypes } from '../../common/rest_types'; +import { AutoOpsError } from './errors'; export class DataUsageService { private appContextService: AppContextService; @@ -32,12 +34,20 @@ export class DataUsageService { metricTypes: MetricTypes[]; dataStreams: string[]; }) { - const response = await this.autoOpsAPIService.autoOpsUsageMetricsAPI({ - from, - to, - metricTypes, - dataStreams, - }); - return response.data; + try { + const response = await this.autoOpsAPIService.autoOpsUsageMetricsAPI({ + from, + to, + metricTypes, + dataStreams, + }); + return response.data; + } catch (error) { + if (error instanceof ValidationError) { + throw new AutoOpsError(error.message); + } + + throw error; + } } } diff --git a/x-pack/plugins/data_visualizer/public/application/file_data_visualizer/components/file_contents/file_contents.tsx b/x-pack/plugins/data_visualizer/public/application/file_data_visualizer/components/file_contents/file_contents.tsx index 412423a0ba0d83..e5dfe56065bad9 100644 --- a/x-pack/plugins/data_visualizer/public/application/file_data_visualizer/components/file_contents/file_contents.tsx +++ b/x-pack/plugins/data_visualizer/public/application/file_data_visualizer/components/file_contents/file_contents.tsx @@ -18,9 +18,10 @@ import { EuiSwitch, } from '@elastic/eui'; -import type { FindFileStructureResponse } from '@kbn/file-upload-plugin/common'; +import { TIKA_PREVIEW_CHARS, type FindFileStructureResponse } from '@kbn/file-upload-plugin/common'; import useMountedState from 'react-use/lib/useMountedState'; import { i18n } from '@kbn/i18n'; +import { FILE_FORMATS } from '../../../../../common/constants'; import { EDITOR_MODE, JsonEditor } from '../json_editor'; import { useGrokHighlighter } from './use_text_parser'; import { LINE_LIMIT } from './grok_highlighter'; @@ -132,13 +133,23 @@ export const FileContents: FC = ({ - + {format === FILE_FORMATS.TIKA ? ( + + ) : ( + + )} diff --git a/x-pack/plugins/data_visualizer/public/application/file_data_visualizer/components/file_data_visualizer_view/tika_analyzer.ts b/x-pack/plugins/data_visualizer/public/application/file_data_visualizer/components/file_data_visualizer_view/tika_analyzer.ts index 181999b39f22d5..aeaf9682b25a81 100644 --- a/x-pack/plugins/data_visualizer/public/application/file_data_visualizer/components/file_data_visualizer_view/tika_analyzer.ts +++ b/x-pack/plugins/data_visualizer/public/application/file_data_visualizer/components/file_data_visualizer_view/tika_analyzer.ts @@ -98,6 +98,8 @@ export async function analyzeTikaFile( attachment: { field: 'data', remove_binary: true, + // unlimited character count + indexed_chars: -1, }, }, ], diff --git a/x-pack/plugins/data_visualizer/public/application/index_data_visualizer/hooks/esql/use_esql_overall_stats_data.ts b/x-pack/plugins/data_visualizer/public/application/index_data_visualizer/hooks/esql/use_esql_overall_stats_data.ts index 21fbb8c3c11e7f..3d023a6fc38118 100644 --- a/x-pack/plugins/data_visualizer/public/application/index_data_visualizer/hooks/esql/use_esql_overall_stats_data.ts +++ b/x-pack/plugins/data_visualizer/public/application/index_data_visualizer/hooks/esql/use_esql_overall_stats_data.ts @@ -91,7 +91,8 @@ const getESQLDocumentCountStats = async ( ` | EVAL _timestamp_= TO_DOUBLE(DATE_TRUNC(${intervalMs} millisecond, ${getSafeESQLName( timeFieldName )})) - | stats rows = count(*) by _timestamp_` + | stats rows = count(*) by _timestamp_ + | LIMIT 1000` ); const request = { diff --git a/x-pack/plugins/data_visualizer/server/routes.ts b/x-pack/plugins/data_visualizer/server/routes.ts index e04ba7521bfa4d..2b2a347034b870 100644 --- a/x-pack/plugins/data_visualizer/server/routes.ts +++ b/x-pack/plugins/data_visualizer/server/routes.ts @@ -96,9 +96,9 @@ export function routes(coreSetup: CoreSetup, logger: Logger) const filteredInferenceEndpoints = endpoints.filter((endpoint) => { return ( - endpoint.task_type === 'sparse_embedding' || endpoint.task_type === 'text_embedding' - // TODO: add this back in when the fix has made it into es in 8.16 - // && endpoint.service_settings.num_allocations > 0 + (endpoint.task_type === 'sparse_embedding' || + endpoint.task_type === 'text_embedding') && + endpoint.service_settings.num_allocations >= 0 ); }); diff --git a/x-pack/plugins/elastic_assistant/scripts/create_conversations.js b/x-pack/plugins/elastic_assistant/scripts/create_conversations.js new file mode 100644 index 00000000000000..b08f1419af0c96 --- /dev/null +++ b/x-pack/plugins/elastic_assistant/scripts/create_conversations.js @@ -0,0 +1,9 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +require('../../../../src/setup_node_env'); +require('./create_conversations_script').create(); diff --git a/x-pack/plugins/elastic_assistant/scripts/create_conversations_script.ts b/x-pack/plugins/elastic_assistant/scripts/create_conversations_script.ts new file mode 100644 index 00000000000000..2fd388e299f6f6 --- /dev/null +++ b/x-pack/plugins/elastic_assistant/scripts/create_conversations_script.ts @@ -0,0 +1,165 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { randomBytes } from 'node:crypto'; +import yargs from 'yargs/yargs'; +import { ToolingLog } from '@kbn/tooling-log'; +import axios from 'axios'; +import { + API_VERSIONS, + ConversationCreateProps, + ELASTIC_AI_ASSISTANT_CONVERSATIONS_URL, +} from '@kbn/elastic-assistant-common'; +import pLimit from 'p-limit'; +import { getCreateConversationSchemaMock } from '../server/__mocks__/conversations_schema.mock'; + +/** + * Developer script for creating conversations. + * node x-pack/plugins/elastic_assistant/scripts/create_conversations + */ +export const create = async () => { + const logger = new ToolingLog({ + level: 'info', + writeTo: process.stdout, + }); + const argv = yargs(process.argv.slice(2)) + .option('count', { + type: 'number', + description: 'Number of conversations to create', + default: 100, + }) + .option('kibana', { + type: 'string', + description: 'Kibana url including auth', + default: `http://elastic:changeme@localhost:5601`, + }) + .parse(); + const kibanaUrl = removeTrailingSlash(argv.kibana); + const count = Number(argv.count); + logger.info(`Kibana URL: ${kibanaUrl}`); + const connectorsApiUrl = `${kibanaUrl}/api/actions/connectors`; + const conversationsCreateUrl = `${kibanaUrl}${ELASTIC_AI_ASSISTANT_CONVERSATIONS_URL}`; + + try { + logger.info(`Fetching available connectors...`); + const { data: connectors } = await axios.get(connectorsApiUrl, { + headers: requestHeaders, + }); + const aiConnectors = connectors.filter( + ({ connector_type_id: connectorTypeId }: { connector_type_id: string }) => + AllowedActionTypeIds.includes(connectorTypeId) + ); + if (aiConnectors.length === 0) { + throw new Error('No AI connectors found, create an AI connector to use this script'); + } + + logger.info(`Creating ${count} conversations...`); + if (count > 999) { + logger.info(`This may take a couple of minutes...`); + } + + const promises = Array.from({ length: count }, (_, i) => + limit(() => + retryRequest( + () => + axios.post( + conversationsCreateUrl, + getCreateConversationSchemaMock({ + ...getMockConversationContent(), + apiConfig: { + actionTypeId: aiConnectors[0].connector_type_id, + connectorId: aiConnectors[0].id, + }, + }), + { headers: requestHeaders } + ), + 3, // Retry up to 3 times + 1000 // Delay of 1 second between retries + ) + ) + ); + + const results = await Promise.allSettled(promises); + + const successfulResults = results.filter((result) => result.status === 'fulfilled'); + const errorResults = results.filter( + (result) => result.status === 'rejected' + ) as PromiseRejectedResult[]; + const conversationsCreated = successfulResults.length; + + if (count > conversationsCreated) { + const errorExample = + errorResults.length > 0 ? errorResults[0]?.reason?.message ?? 'unknown' : 'unknown'; + throw new Error( + `Failed to create all conversations. Expected count: ${count}, Created count: ${conversationsCreated}. Reason: ${errorExample}` + ); + } + logger.info(`Successfully created ${successfulResults.length} conversations.`); + } catch (e) { + logger.error(e); + } +}; +// Set the concurrency limit (e.g., 50 requests at a time) +const limit = pLimit(50); + +// Retry helper function +const retryRequest = async ( + fn: () => Promise, + retries: number = 3, + delay: number = 1000 +): Promise => { + try { + return await fn(); + } catch (e) { + if (retries > 0) { + await new Promise((res) => setTimeout(res, delay)); + return retryRequest(fn, retries - 1, delay); + } + throw e; // If retries are exhausted, throw the error + } +}; + +const getMockConversationContent = (): Partial => ({ + title: `A ${randomBytes(4).toString('hex')} title`, + isDefault: false, + messages: [ + { + content: 'Hello robot', + role: 'user', + timestamp: '2019-12-13T16:40:33.400Z', + traceData: { + traceId: '1', + transactionId: '2', + }, + }, + { + content: 'Hello human', + role: 'assistant', + timestamp: '2019-12-13T16:41:33.400Z', + traceData: { + traceId: '3', + transactionId: '4', + }, + }, + ], +}); + +export const AllowedActionTypeIds = ['.bedrock', '.gen-ai', '.gemini']; + +const requestHeaders = { + 'kbn-xsrf': 'xxx', + 'Content-Type': 'application/json', + 'elastic-api-version': API_VERSIONS.public.v1, +}; + +function removeTrailingSlash(url: string) { + if (url.endsWith('/')) { + return url.slice(0, -1); + } else { + return url; + } +} diff --git a/x-pack/plugins/elastic_assistant/server/__mocks__/conversations_schema.mock.ts b/x-pack/plugins/elastic_assistant/server/__mocks__/conversations_schema.mock.ts index 7594839bd21b4b..278dfc9fe829be 100644 --- a/x-pack/plugins/elastic_assistant/server/__mocks__/conversations_schema.mock.ts +++ b/x-pack/plugins/elastic_assistant/server/__mocks__/conversations_schema.mock.ts @@ -60,7 +60,9 @@ export const getConversationSearchEsMock = () => { return searchResponse; }; -export const getCreateConversationSchemaMock = (): ConversationCreateProps => ({ +export const getCreateConversationSchemaMock = ( + rest?: Partial +): ConversationCreateProps => ({ title: 'Welcome', apiConfig: { actionTypeId: '.gen-ai', @@ -82,6 +84,7 @@ export const getCreateConversationSchemaMock = (): ConversationCreateProps => ({ }, ], category: 'assistant', + ...rest, }); export const getUpdateConversationSchemaMock = ( diff --git a/x-pack/plugins/elastic_assistant/server/ai_assistant_data_clients/find.ts b/x-pack/plugins/elastic_assistant/server/ai_assistant_data_clients/find.ts index 101354a6802b7b..9f37e45250a9ca 100644 --- a/x-pack/plugins/elastic_assistant/server/ai_assistant_data_clients/find.ts +++ b/x-pack/plugins/elastic_assistant/server/ai_assistant_data_clients/find.ts @@ -9,6 +9,7 @@ import { AggregationsAggregationContainer, MappingRuntimeFields, Sort, + SearchResponse, } from '@elastic/elasticsearch/lib/api/types'; import { ElasticsearchClient, Logger } from '@kbn/core/server'; @@ -27,6 +28,10 @@ interface FindOptions { runtimeMappings?: MappingRuntimeFields | undefined; logger: Logger; aggs?: Record; + mSearch?: { + filter: string; + perPage: number; + }; } export interface FindResponse { @@ -47,6 +52,7 @@ export const findDocuments = async ({ sortOrder, logger, aggs, + mSearch, }: FindOptions): Promise> => { const query = getQueryFilter({ filter }); let sort: Sort | undefined; @@ -61,28 +67,78 @@ export const findDocuments = async ({ }; } try { - const response = await esClient.search({ - body: { - query, - track_total_hits: true, - sort, - }, - _source: true, - from: (page - 1) * perPage, + if (mSearch == null) { + const response = await esClient.search({ + body: { + query, + track_total_hits: true, + sort, + }, + _source: true, + from: (page - 1) * perPage, + ignore_unavailable: true, + index, + seq_no_primary_term: true, + size: perPage, + aggs, + }); + + return { + data: response, + page, + perPage, + total: + (typeof response.hits.total === 'number' + ? response.hits.total + : response.hits.total?.value) ?? 0, + }; + } + const mSearchQueryBody = { + body: [ + { index }, + { + query, + size: perPage, + aggs, + seq_no_primary_term: true, + from: (page - 1) * perPage, + sort, + _source: true, + }, + { index }, + { + query: getQueryFilter({ filter: mSearch.filter }), + size: mSearch.perPage, + aggs, + seq_no_primary_term: true, + from: (page - 1) * mSearch.perPage, + sort, + _source: true, + }, + ], ignore_unavailable: true, index, - seq_no_primary_term: true, - size: perPage, - aggs, + }; + const response = await esClient.msearch>(mSearchQueryBody); + let responseStats: Omit, 'hits'> = { + took: 0, + _shards: { total: 0, successful: 0, skipped: 0, failed: 0 }, + timed_out: false, + }; + // flatten the results of the combined find queries into a single array of hits: + const results = response.responses.flatMap((res) => { + const mResponse = res as SearchResponse; + const { hits, ...responseBody } = mResponse; + // assign whatever the last stats are, they are only used for type + responseStats = { ...responseStats, ...responseBody }; + return hits?.hits ?? []; }); + return { - data: response, + data: { ...responseStats, hits: { hits: results } }, page, - perPage, - total: - (typeof response.hits.total === 'number' - ? response.hits.total // This format is to be removed in 8.0 - : response.hits.total?.value) ?? 0, + perPage: perPage + mSearch.perPage, + total: results.length, }; } catch (err) { logger.error(`Error fetching documents: ${err}`); diff --git a/x-pack/plugins/elastic_assistant/server/ai_assistant_data_clients/index.ts b/x-pack/plugins/elastic_assistant/server/ai_assistant_data_clients/index.ts index cc74e1f03d3d9b..706e4444488d97 100644 --- a/x-pack/plugins/elastic_assistant/server/ai_assistant_data_clients/index.ts +++ b/x-pack/plugins/elastic_assistant/server/ai_assistant_data_clients/index.ts @@ -100,6 +100,7 @@ export class AIAssistantDataClient { filter, fields, aggs, + mSearch, }: { perPage: number; page: number; @@ -108,6 +109,10 @@ export class AIAssistantDataClient { filter?: string; fields?: string[]; aggs?: Record; + mSearch?: { + filter: string; + perPage: number; + }; }): Promise>> => { const esClient = await this.options.elasticsearchClientPromise; return findDocuments({ @@ -121,6 +126,7 @@ export class AIAssistantDataClient { sortOrder: sortOrder as estypes.SortOrder, logger: this.options.logger, aggs, + mSearch, }); }; } diff --git a/x-pack/plugins/elastic_assistant/server/lib/data_stream/documents_data_writer.ts b/x-pack/plugins/elastic_assistant/server/lib/data_stream/documents_data_writer.ts index 87ec80568dbdd9..32b579fdeb71a2 100644 --- a/x-pack/plugins/elastic_assistant/server/lib/data_stream/documents_data_writer.ts +++ b/x-pack/plugins/elastic_assistant/server/lib/data_stream/documents_data_writer.ts @@ -117,8 +117,13 @@ export class DocumentsDataWriter implements DocumentsDataWriter { { bool: { must_not: { - exists: { - field: 'users', + nested: { + path: 'users', + query: { + exists: { + field: 'users', + }, + }, }, }, }, diff --git a/x-pack/plugins/elastic_assistant/server/routes/knowledge_base/entries/bulk_actions_route.ts b/x-pack/plugins/elastic_assistant/server/routes/knowledge_base/entries/bulk_actions_route.ts index ce3f0c8c92693b..cfb23030107565 100644 --- a/x-pack/plugins/elastic_assistant/server/routes/knowledge_base/entries/bulk_actions_route.ts +++ b/x-pack/plugins/elastic_assistant/server/routes/knowledge_base/entries/bulk_actions_route.ts @@ -28,12 +28,16 @@ import { } from '../../../ai_assistant_data_clients/knowledge_base/types'; import { ElasticAssistantPluginRouter } from '../../../types'; import { buildResponse } from '../../utils'; -import { transformESSearchToKnowledgeBaseEntry } from '../../../ai_assistant_data_clients/knowledge_base/transforms'; +import { + transformESSearchToKnowledgeBaseEntry, + transformESToKnowledgeBase, +} from '../../../ai_assistant_data_clients/knowledge_base/transforms'; import { getUpdateScript, transformToCreateSchema, transformToUpdateSchema, } from '../../../ai_assistant_data_clients/knowledge_base/create_knowledge_base_entry'; +import { getKBUserFilter } from './utils'; export interface BulkOperationError { message: string; @@ -179,8 +183,19 @@ export const bulkActionKnowledgeBaseEntriesRoute = (router: ElasticAssistantPlug const spaceId = ctx.elasticAssistant.getSpaceId(); // Authenticated user null check completed in `performChecks()` above const authenticatedUser = ctx.elasticAssistant.getCurrentUser() as AuthenticatedUser; + const userFilter = getKBUserFilter(authenticatedUser); + const manageGlobalKnowledgeBaseAIAssistant = + kbDataClient?.options.manageGlobalKnowledgeBaseAIAssistant; if (body.create && body.create.length > 0) { + // RBAC validation + body.create.forEach((entry) => { + const isGlobal = entry.users != null && entry.users.length === 0; + if (isGlobal && !manageGlobalKnowledgeBaseAIAssistant) { + throw new Error(`User lacks privileges to create global knowledge base entries`); + } + }); + const result = await kbDataClient?.findDocuments({ perPage: 100, page: 1, @@ -199,6 +214,44 @@ export const bulkActionKnowledgeBaseEntriesRoute = (router: ElasticAssistantPlug } } + const validateDocumentsModification = async ( + documentIds: string[], + operation: 'delete' | 'update' + ) => { + if (!documentIds.length) { + return; + } + const documentsFilter = documentIds.map((id) => `_id:${id}`).join(' OR '); + const entries = await kbDataClient?.findDocuments({ + page: 1, + perPage: 100, + filter: `${documentsFilter} AND ${userFilter}`, + }); + const availableEntries = entries + ? transformESSearchToKnowledgeBaseEntry(entries.data) + : []; + availableEntries.forEach((entry) => { + // RBAC validation + const isGlobal = entry.users != null && entry.users.length === 0; + if (isGlobal && !manageGlobalKnowledgeBaseAIAssistant) { + throw new Error( + `User lacks privileges to ${operation} global knowledge base entries` + ); + } + }); + const availableIds = availableEntries.map((doc) => doc.id); + const nonAvailableIds = documentIds.filter((id) => !availableIds.includes(id)); + if (nonAvailableIds.length > 0) { + throw new Error(`Could not find documents to ${operation}: ${nonAvailableIds}.`); + } + }; + + await validateDocumentsModification(body.delete?.ids ?? [], 'delete'); + await validateDocumentsModification( + body.update?.map((entry) => entry.id) ?? [], + 'update' + ); + const writer = await kbDataClient?.getWriter(); const changedAt = new Date().toISOString(); const { @@ -214,11 +267,11 @@ export const bulkActionKnowledgeBaseEntriesRoute = (router: ElasticAssistantPlug spaceId, user: authenticatedUser, entry, + global: entry.users != null && entry.users.length === 0, }) ), documentsToDelete: body.delete?.ids, documentsToUpdate: body.update?.map((entry) => - // TODO: KB-RBAC check, required when users != null as entry will either be created globally if empty transformToUpdateSchema({ user: authenticatedUser, updatedAt: changedAt, @@ -241,9 +294,10 @@ export const bulkActionKnowledgeBaseEntriesRoute = (router: ElasticAssistantPlug return buildBulkResponse(response, { // @ts-ignore-next-line TS2322 - updated: docsUpdated, + updated: transformESToKnowledgeBase(docsUpdated), created: created?.data ? transformESSearchToKnowledgeBaseEntry(created?.data) : [], deleted: docsDeleted ?? [], + skipped: [], errors, }); } catch (err) { diff --git a/x-pack/plugins/elastic_assistant/server/routes/user_conversations/create_route.ts b/x-pack/plugins/elastic_assistant/server/routes/user_conversations/create_route.ts index f997121f95aa8a..b92ad5462963ea 100644 --- a/x-pack/plugins/elastic_assistant/server/routes/user_conversations/create_route.ts +++ b/x-pack/plugins/elastic_assistant/server/routes/user_conversations/create_route.ts @@ -14,6 +14,7 @@ import { API_VERSIONS, } from '@kbn/elastic-assistant-common'; import { buildRouteValidationWithZod } from '@kbn/elastic-assistant-common/impl/schemas/common'; + import { ElasticAssistantPluginRouter } from '../../types'; import { buildResponse } from '../utils'; import { performChecks } from '../helpers'; @@ -54,23 +55,6 @@ export const createConversationRoute = (router: ElasticAssistantPluginRouter): v } const dataClient = await ctx.elasticAssistant.getAIAssistantConversationsDataClient(); - const currentUser = ctx.elasticAssistant.getCurrentUser(); - const userFilter = currentUser?.username - ? `name: "${currentUser?.username}"` - : `id: "${currentUser?.profile_uid}"`; - const result = await dataClient?.findDocuments({ - perPage: 100, - page: 1, - filter: `users:{ ${userFilter} } AND title:${request.body.title}`, - fields: ['title'], - }); - if (result?.data != null && result.total > 0) { - return assistantResponse.error({ - statusCode: 409, - body: `conversation title: "${request.body.title}" already exists`, - }); - } - const createdConversation = await dataClient?.createConversation({ conversation: request.body, }); diff --git a/x-pack/plugins/elastic_assistant/server/routes/user_conversations/find_route.ts b/x-pack/plugins/elastic_assistant/server/routes/user_conversations/find_route.ts index 6a2c3afc413740..e7ce80039beb00 100644 --- a/x-pack/plugins/elastic_assistant/server/routes/user_conversations/find_route.ts +++ b/x-pack/plugins/elastic_assistant/server/routes/user_conversations/find_route.ts @@ -61,13 +61,24 @@ export const findUserConversationsRoute = (router: ElasticAssistantPluginRouter) const userFilter = currentUser?.username ? `name: "${currentUser?.username}"` : `id: "${currentUser?.profile_uid}"`; + + const MAX_CONVERSATION_TOTAL = query.per_page; + // TODO remove once we have pagination https://github.com/elastic/kibana/issues/192714 + // do a separate search for default conversations and non-default conversations to ensure defaults always get included + // MUST MATCH THE LENGTH OF BASE_SECURITY_CONVERSATIONS from 'x-pack/plugins/security_solution/public/assistant/content/conversations/index.tsx' + const MAX_DEFAULT_CONVERSATION_TOTAL = 7; + const nonDefaultSize = MAX_CONVERSATION_TOTAL - MAX_DEFAULT_CONVERSATION_TOTAL; const result = await dataClient?.findDocuments({ - perPage: query.per_page, + perPage: nonDefaultSize, page: query.page, sortField: query.sort_field, sortOrder: query.sort_order, - filter: `users:{ ${userFilter} }${additionalFilter}`, + filter: `users:{ ${userFilter} }${additionalFilter} and not is_default: true`, fields: query.fields, + mSearch: { + filter: `users:{ ${userFilter} }${additionalFilter} and is_default: true`, + perPage: MAX_DEFAULT_CONVERSATION_TOTAL, + }, }); if (result) { diff --git a/x-pack/plugins/encrypted_saved_objects/server/routes/key_rotation.test.ts b/x-pack/plugins/encrypted_saved_objects/server/routes/key_rotation.test.ts index f387e94e809906..b0bdc9b98a86dd 100644 --- a/x-pack/plugins/encrypted_saved_objects/server/routes/key_rotation.test.ts +++ b/x-pack/plugins/encrypted_saved_objects/server/routes/key_rotation.test.ts @@ -7,7 +7,7 @@ import { Type } from '@kbn/config-schema'; import type { IRouter, RequestHandler, RequestHandlerContext, RouteConfig } from '@kbn/core/server'; -import { kibanaResponseFactory } from '@kbn/core/server'; +import { kibanaResponseFactory, ReservedPrivilegesSet } from '@kbn/core/server'; import { httpServerMock } from '@kbn/core/server/mocks'; import { routeDefinitionParamsMock } from './index.mock'; @@ -43,9 +43,14 @@ describe('Key rotation routes', () => { }); it('correctly defines route.', () => { + expect(routeConfig.security).toEqual({ + authz: { + requiredPrivileges: [ReservedPrivilegesSet.superuser], + }, + }); expect(routeConfig.options).toEqual({ access: 'public', - tags: ['access:rotateEncryptionKey', 'oas-tag:saved objects'], + tags: ['oas-tag:saved objects'], summary: `Rotate a key for encrypted saved objects`, description: `If a saved object cannot be decrypted using the primary encryption key, Kibana attempts to decrypt it using the specified decryption-only keys. In most of the cases this overhead is negligible, but if you're dealing with a large number of saved objects and experiencing performance issues, you may want to rotate the encryption key. NOTE: Bulk key rotation can consume a considerable amount of resources and hence only user with a superuser role can trigger it.`, @@ -96,7 +101,7 @@ describe('Key rotation routes', () => { expect(config.options).toEqual({ access: 'internal', - tags: ['access:rotateEncryptionKey', 'oas-tag:saved objects'], + tags: ['oas-tag:saved objects'], summary: `Rotate a key for encrypted saved objects`, description: `If a saved object cannot be decrypted using the primary encryption key, Kibana attempts to decrypt it using the specified decryption-only keys. In most of the cases this overhead is negligible, but if you're dealing with a large number of saved objects and experiencing performance issues, you may want to rotate the encryption key. NOTE: Bulk key rotation can consume a considerable amount of resources and hence only user with a superuser role can trigger it.`, diff --git a/x-pack/plugins/encrypted_saved_objects/server/routes/key_rotation.ts b/x-pack/plugins/encrypted_saved_objects/server/routes/key_rotation.ts index 272e74c3a69cbe..46df83a187c3b6 100644 --- a/x-pack/plugins/encrypted_saved_objects/server/routes/key_rotation.ts +++ b/x-pack/plugins/encrypted_saved_objects/server/routes/key_rotation.ts @@ -6,6 +6,7 @@ */ import { schema } from '@kbn/config-schema'; +import { ReservedPrivilegesSet } from '@kbn/core/server'; import type { RouteDefinitionParams } from '.'; @@ -39,9 +40,14 @@ export function defineKeyRotationRoutes({ type: schema.maybe(schema.string()), }), }, + security: { + authz: { + requiredPrivileges: [ReservedPrivilegesSet.superuser], + }, + }, options: { - tags: ['access:rotateEncryptionKey', 'oas-tag:saved objects'], access: buildFlavor === 'serverless' ? 'internal' : 'public', + tags: ['oas-tag:saved objects'], summary: `Rotate a key for encrypted saved objects`, description: `If a saved object cannot be decrypted using the primary encryption key, Kibana attempts to decrypt it using the specified decryption-only keys. In most of the cases this overhead is negligible, but if you're dealing with a large number of saved objects and experiencing performance issues, you may want to rotate the encryption key. NOTE: Bulk key rotation can consume a considerable amount of resources and hence only user with a superuser role can trigger it.`, diff --git a/x-pack/plugins/enterprise_search/common/utils/licensing.test.ts b/x-pack/plugins/enterprise_search/common/utils/licensing.test.ts new file mode 100644 index 00000000000000..7b5fbc3088984b --- /dev/null +++ b/x-pack/plugins/enterprise_search/common/utils/licensing.test.ts @@ -0,0 +1,96 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import type { ILicense } from '@kbn/licensing-plugin/public'; + +import { hasEnterpriseLicense } from './licensing'; + +describe('licensing utils', () => { + const baseLicense: ILicense = { + isActive: true, + type: 'trial', + isAvailable: true, + signature: 'fake', + toJSON: jest.fn(), + getUnavailableReason: jest.fn().mockReturnValue(undefined), + hasAtLeast: jest.fn().mockReturnValue(false), + check: jest.fn().mockReturnValue({ state: 'valid' }), + getFeature: jest.fn().mockReturnValue({ isAvailable: false, isEnabled: false }), + }; + describe('hasEnterpriseLicense', () => { + let license: ILicense; + beforeEach(() => { + jest.resetAllMocks(); + license = { + ...baseLicense, + }; + }); + it('returns true for active enterprise license', () => { + license.type = 'enterprise'; + + expect(hasEnterpriseLicense(license)).toEqual(true); + }); + it('returns true for active trial license', () => { + expect(hasEnterpriseLicense(license)).toEqual(true); + }); + it('returns false for active basic license', () => { + license.type = 'basic'; + + expect(hasEnterpriseLicense(license)).toEqual(false); + }); + it('returns false for active gold license', () => { + license.type = 'gold'; + + expect(hasEnterpriseLicense(license)).toEqual(false); + }); + it('returns false for active platinum license', () => { + license.type = 'platinum'; + + expect(hasEnterpriseLicense(license)).toEqual(false); + }); + it('returns false for inactive enterprise license', () => { + license.type = 'enterprise'; + license.isActive = false; + + expect(hasEnterpriseLicense(license)).toEqual(false); + }); + it('returns false for inactive trial license', () => { + license.isActive = false; + + expect(hasEnterpriseLicense(license)).toEqual(false); + }); + it('returns false for inactive basic license', () => { + license.type = 'basic'; + license.isActive = false; + + expect(hasEnterpriseLicense(license)).toEqual(false); + }); + it('returns false for inactive gold license', () => { + license.type = 'gold'; + license.isActive = false; + + expect(hasEnterpriseLicense(license)).toEqual(false); + }); + it('returns false for inactive platinum license', () => { + license.type = 'platinum'; + license.isActive = false; + + expect(hasEnterpriseLicense(license)).toEqual(false); + }); + it('returns false for active license is missing type', () => { + delete license.type; + + expect(hasEnterpriseLicense(license)).toEqual(false); + }); + it('returns false for null license', () => { + expect(hasEnterpriseLicense(null)).toEqual(false); + }); + it('returns false for undefined license', () => { + expect(hasEnterpriseLicense(undefined)).toEqual(false); + }); + }); +}); diff --git a/x-pack/plugins/enterprise_search/common/utils/licensing.ts b/x-pack/plugins/enterprise_search/common/utils/licensing.ts new file mode 100644 index 00000000000000..a78e603b3650d9 --- /dev/null +++ b/x-pack/plugins/enterprise_search/common/utils/licensing.ts @@ -0,0 +1,16 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import type { ILicense } from '@kbn/licensing-plugin/public'; + +/* hasEnterpriseLicense return if the given license is an active `enterprise` or `trial` license + */ +export function hasEnterpriseLicense(license: ILicense | null | undefined): boolean { + if (license === undefined || license === null) return false; + const qualifyingLicenses = ['enterprise', 'trial']; + return license.isActive && qualifyingLicenses.includes(license?.type ?? ''); +} diff --git a/x-pack/plugins/enterprise_search/public/applications/enterprise_search_content/components/connector_detail/components/docker_instructions_step.tsx b/x-pack/plugins/enterprise_search/public/applications/enterprise_search_content/components/connector_detail/components/docker_instructions_step.tsx index c3415b781c471c..46e79984447299 100644 --- a/x-pack/plugins/enterprise_search/public/applications/enterprise_search_content/components/connector_detail/components/docker_instructions_step.tsx +++ b/x-pack/plugins/enterprise_search/public/applications/enterprise_search_content/components/connector_detail/components/docker_instructions_step.tsx @@ -7,7 +7,14 @@ import React, { useEffect } from 'react'; -import { EuiAccordion, EuiAccordionProps, EuiCode, EuiSpacer, EuiText } from '@elastic/eui'; +import { + EuiAccordion, + EuiAccordionProps, + EuiSpacer, + EuiText, + EuiLink, + EuiCode, +} from '@elastic/eui'; import { i18n } from '@kbn/i18n'; import { FormattedMessage } from '@kbn/i18n-react'; @@ -43,6 +50,16 @@ export const DockerInstructionsStep: React.FC = ({ } }, [isWaitingForConnector]); + const configYamlContent = getConnectorTemplate({ + apiKeyData, + connectorData: { id: connectorId, service_type: serviceType }, + host: elasticsearchUrl, + }); + + const escapedConfigYamlContent = configYamlContent.replace(/"/g, '\\"').replace(/\$/g, '\\$'); + + const createConfigCommand = `mkdir -p "$HOME/elastic-connectors" && echo "${escapedConfigYamlContent}" > "$HOME/elastic-connectors/config.yml"`; + return ( <> = ({ forceState={isOpen} buttonContent={ -

+

{i18n.translate( - 'xpack.enterpriseSearch.connectorDeployment.p.downloadConfigurationLabel', + 'xpack.enterpriseSearch.connectorDeployment.dockerInstructionsHeading', { - defaultMessage: - 'You can either download the configuration file manually or run the following command', + defaultMessage: 'Docker instructions', } )} -

+

} > - /connectors' - } - /> + +

+ {i18n.translate('xpack.enterpriseSearch.connectorDeployment.p.dockerInstallationNote', { + defaultMessage: 'Make sure you have Docker installed on your machine.', + })} +

+ + + +
+ {i18n.translate('xpack.enterpriseSearch.connectorDeployment.p.createConfigFileLabel', { + defaultMessage: 'Create configuration file', + })} +
+

+ {i18n.translate( + 'xpack.enterpriseSearch.connectorDeployment.p.createConfigFileInstructions', + { + defaultMessage: + 'You need a configuration file with your Elasticsearch and connector details. In your terminal, run the following command to create the config.yml file:', + } + )} +

+ + +

config.yml, + directory: $HOME/elastic-connectors, + }} + /> +

+

+ --output, + exampleConfigLink: ( + + {i18n.translate( + 'xpack.enterpriseSearch.connectorDeployment.exampleConfigLinkText', + { + defaultMessage: 'example config file', + } + )} + + ), }} />

- config.yml, - }} - /> - - - - + +
+ {i18n.translate('xpack.enterpriseSearch.connectorDeployment.p.runContainerLabel', { + defaultMessage: 'Run container', + })} +

{i18n.translate( 'xpack.enterpriseSearch.connectorDeployment.p.runTheFollowingCommandLabel', { - defaultMessage: - 'Run the following command in your terminal. Make sure you have Docker installed on your machine', + defaultMessage: 'Run the following command to start the container:', } )}

diff --git a/x-pack/plugins/enterprise_search/public/applications/enterprise_search_content/components/connector_detail/components/generated_config_fields.tsx b/x-pack/plugins/enterprise_search/public/applications/enterprise_search_content/components/connector_detail/components/generated_config_fields.tsx index 50deb269e5629e..133c15f97f61c3 100644 --- a/x-pack/plugins/enterprise_search/public/applications/enterprise_search_content/components/connector_detail/components/generated_config_fields.tsx +++ b/x-pack/plugins/enterprise_search/public/applications/enterprise_search_content/components/connector_detail/components/generated_config_fields.tsx @@ -121,6 +121,8 @@ export const GeneratedConfigFields: React.FC = ({ = ({ > = ({ {connector.index_name && ( = ({ return ( <> - -

- {i18n.translate( - 'xpack.enterpriseSearch.connectorDeployment.p.addTheFollowingConfigurationLabel', - { - defaultMessage: 'Clone or download the repo to your local machine', - } - )} -

- - - git clone https://github.com/elastic/connectors    - {i18n.translate('xpack.enterpriseSearch.connectorDeployment.orLabel', { - defaultMessage: 'or', - })} -     - - - - {i18n.translate('xpack.enterpriseSearch.connectorDeployment.goToSourceButtonLabel', { - defaultMessage: 'Go to Source', - })} - - - - - - - setIsOpen(isOpen === 'closed' ? 'open' : 'closed')} forceState={isOpen} buttonContent={ - -

- - {i18n.translate( - 'xpack.enterpriseSearch.connectorDeployment.configYamlCodeBlockLabel', - { defaultMessage: 'config.yml' } - )} - - ), - }} - /> -

+ +
+ {i18n.translate('xpack.enterpriseSearch.connectorDeployment.runFromSourceTitle', { + defaultMessage: 'Run connector service from source', + })} +
} > + + +
+ {i18n.translate('xpack.enterpriseSearch.connectorDeployment.p.cloneRepositoryLabel', { + defaultMessage: 'Clone the repository', + })} +
+

+ {i18n.translate( + 'xpack.enterpriseSearch.connectorDeployment.p.addTheFollowingConfigurationLabel', + { + defaultMessage: 'First, you need to clone or download the repo:', + } + )} +

+ + + git clone https://github.com/elastic/connectors    + {i18n.translate('xpack.enterpriseSearch.connectorDeployment.orLabel', { + defaultMessage: 'or', + })} +     + + + + {i18n.translate('xpack.enterpriseSearch.connectorDeployment.goToSourceButtonLabel', { + defaultMessage: 'Download source', + })} + + + + + + + +
+ {i18n.translate('xpack.enterpriseSearch.connectorDeployment.p.createConfigFileLabel', { + defaultMessage: 'Create configuration file', + })} +
+

+ {i18n.translate('xpack.enterpriseSearch.connectorDeployment.p.navigateToRootLabel', { + defaultMessage: + 'Navigate to the root of your cloned repository and create a configuration file:', + })} +

+ + + + + +
+ {i18n.translate('xpack.enterpriseSearch.connectorDeployment.p.populateConfigLabel', { + defaultMessage: 'Populate configuration file', + })} +
+

+ + {i18n.translate( + 'xpack.enterpriseSearch.connectorDeployment.configYamlCodeBlockLabel', + { defaultMessage: 'config.yml' } + )} + + ), + }} + /> +

+ = ({ host: elasticsearchUrl, })} /> - +

- {i18n.translate('xpack.enterpriseSearch.connectorDeployment.p.compileAndRunLabel', { - defaultMessage: 'Compile and run', + + {i18n.translate( + 'xpack.enterpriseSearch.connectorDeployment.exampleConfigFileLinkLabel', + { defaultMessage: 'example file' } + )} + + ), + }} + /> +

+ + + +
+ {i18n.translate('xpack.enterpriseSearch.connectorDeployment.p.compileAndRunTitle', { + defaultMessage: 'Run the connector service', })} +
+

+ {i18n.translate( + 'xpack.enterpriseSearch.connectorDeployment.p.compileAndRunInstructions', + { + defaultMessage: 'Finally, compile and run the connector service source code:', + } + )}

- + = ({ make run `} /> + ); diff --git a/x-pack/plugins/enterprise_search/public/applications/enterprise_search_content/components/connector_detail/deployment.tsx b/x-pack/plugins/enterprise_search/public/applications/enterprise_search_content/components/connector_detail/deployment.tsx index e3bd0e867af3da..2a617a87df8bc9 100644 --- a/x-pack/plugins/enterprise_search/public/applications/enterprise_search_content/components/connector_detail/deployment.tsx +++ b/x-pack/plugins/enterprise_search/public/applications/enterprise_search_content/components/connector_detail/deployment.tsx @@ -134,7 +134,7 @@ export const ConnectorDeployment: React.FC = () => { @@ -176,7 +176,7 @@ export const ConnectorDeployment: React.FC = () => { title: i18n.translate( 'xpack.enterpriseSearch.content.connector_detail.configurationConnector.steps.generateApiKey.title', { - defaultMessage: 'Configure index and API key', + defaultMessage: 'Create index and generate API key', } ), titleSize: 'xs', diff --git a/x-pack/plugins/enterprise_search/public/applications/enterprise_search_content/components/connectors/create_connector/components/choose_connector_selectable.tsx b/x-pack/plugins/enterprise_search/public/applications/enterprise_search_content/components/connectors/create_connector/components/choose_connector_selectable.tsx index 6c5505a22f81e5..7019fcbb71e3f8 100644 --- a/x-pack/plugins/enterprise_search/public/applications/enterprise_search_content/components/connectors/create_connector/components/choose_connector_selectable.tsx +++ b/x-pack/plugins/enterprise_search/public/applications/enterprise_search_content/components/connectors/create_connector/components/choose_connector_selectable.tsx @@ -5,7 +5,7 @@ * 2.0. */ -import React, { useCallback, useEffect, useMemo, useState } from 'react'; +import React, { useEffect, useMemo, useState } from 'react'; import { useActions, useValues } from 'kea'; @@ -13,14 +13,16 @@ import { EuiBadge, EuiFlexItem, EuiIcon, - EuiInputPopover, - EuiSelectable, - EuiSelectableOption, + EuiComboBox, + EuiComboBoxOptionOption, + EuiFlexGroup, + EuiText, useEuiTheme, } from '@elastic/eui'; import { i18n } from '@kbn/i18n'; +import connectorLogo from '../../../../../../assets/images/connector.svg'; import { KibanaLogic } from '../../../../../shared/kibana'; import { NewConnectorLogic } from '../../../new_index/method_connector/new_connector_logic'; import { SelfManagePreference } from '../create_connector'; @@ -36,9 +38,39 @@ export const ChooseConnectorSelectable: React.FC selfManaged, }) => { const { euiTheme } = useEuiTheme(); - const [isOpen, setIsOpen] = useState(false); + const [selectedOption, setSelectedOption] = useState>>( + [] + ); + const renderOption = ( + option: EuiComboBoxOptionOption, + searchValue: string, + contentClassName: string + ) => { + const { _append, key, label, _prepend } = option as EuiComboBoxOptionOption & { + _append: JSX.Element[]; + _prepend: JSX.Element; + }; + return ( + + + {_prepend} + + + {label} + + + + {_append} + + ); + }; const [selectableOptions, selectableSetOptions] = useState< - Array> + Array> >([]); const { connectorTypes } = useValues(KibanaLogic); const allConnectors = useMemo( @@ -50,9 +82,9 @@ export const ChooseConnectorSelectable: React.FC const getInitialOptions = () => { return allConnectors.map((connector, key) => { - const append: JSX.Element[] = []; + const _append: JSX.Element[] = []; if (connector.isTechPreview) { - append.push( + _append.push( {i18n.translate( 'xpack.enterpriseSearch.createConnector.chooseConnectorSelectable.thechPreviewBadgeLabel', @@ -62,7 +94,7 @@ export const ChooseConnectorSelectable: React.FC ); } if (connector.isBeta) { - append.push( + _append.push( {i18n.translate( 'xpack.enterpriseSearch.createConnector.chooseConnectorSelectable.BetaBadgeLabel', @@ -74,7 +106,7 @@ export const ChooseConnectorSelectable: React.FC ); } if (selfManaged === 'native' && !connector.isNative) { - append.push( + _append.push( {i18n.translate( 'xpack.enterpriseSearch.createConnector.chooseConnectorSelectable.OnlySelfManagedBadgeLabel', @@ -85,12 +117,11 @@ export const ChooseConnectorSelectable: React.FC ); } - return { - append, + _append, + _prepend: , key: key.toString(), label: connector.name, - prepend: , }; }); }; @@ -100,73 +131,35 @@ export const ChooseConnectorSelectable: React.FC useEffect(() => { selectableSetOptions(initialOptions); }, [selfManaged]); - const [searchValue, setSearchValue] = useState(''); - - const openPopover = useCallback(() => { - setIsOpen(true); - }, []); - const closePopover = useCallback(() => { - setIsOpen(false); - }, []); return ( - } + singleSelection + fullWidth + placeholder={i18n.translate( + 'xpack.enterpriseSearch.createConnector.chooseConnectorSelectable.placeholder.text', + { defaultMessage: 'Choose a data source' } + )} options={selectableOptions} - onChange={(newOptions, _, changedOption) => { - selectableSetOptions(newOptions); - closePopover(); - if (changedOption.checked === 'on') { - const keySelected = Number(changedOption.key); - setSelectedConnector(allConnectors[keySelected]); - setSearchValue(allConnectors[keySelected].name); - } else { + selectedOptions={selectedOption} + onChange={(selectedItem) => { + setSelectedOption(selectedItem); + if (selectedItem.length === 0) { setSelectedConnector(null); - setSearchValue(''); + return; } + const keySelected = Number(selectedItem[0].key); + setSelectedConnector(allConnectors[keySelected]); }} - listProps={{ - isVirtualized: true, - rowHeight: Number(euiTheme.base * 3), - showIcons: false, - }} - singleSelection - searchable - searchProps={{ - fullWidth: true, - isClearable: true, - onChange: (value) => { - if (value !== selectedConnector?.name) { - setSearchValue(value); - } - }, - onClick: openPopover, - onFocus: openPopover, - placeholder: i18n.translate( - 'xpack.enterpriseSearch.createConnector.chooseConnectorSelectable.placeholder.text', - { defaultMessage: 'Choose a data source' } - ), - value: searchValue, - }} - > - {(list, search) => ( - - {list} - - )} - + renderOption={renderOption} + rowHeight={(euiTheme.base / 2) * 5} + /> ); }; diff --git a/x-pack/plugins/enterprise_search/public/applications/enterprise_search_content/components/connectors/create_connector/components/connector_description_popover.tsx b/x-pack/plugins/enterprise_search/public/applications/enterprise_search_content/components/connectors/create_connector/components/connector_description_popover.tsx index b19a5ac8ddba5d..9e0aed3fa75f0a 100644 --- a/x-pack/plugins/enterprise_search/public/applications/enterprise_search_content/components/connectors/create_connector/components/connector_description_popover.tsx +++ b/x-pack/plugins/enterprise_search/public/applications/enterprise_search_content/components/connectors/create_connector/components/connector_description_popover.tsx @@ -19,7 +19,7 @@ import { } from '@elastic/eui'; import { i18n } from '@kbn/i18n'; -import connectorLogo from '../../../../../../assets/images/connector_logo_network_drive_version.svg'; +import connectorLogo from '../../../../../../assets/images/connector.svg'; const nativePopoverPanels = [ { @@ -27,7 +27,7 @@ const nativePopoverPanels = [ 'xpack.enterpriseSearch.connectorDescriptionPopover.connectorDescriptionBadge.native.chooseADataSourceLabel', { defaultMessage: 'Choose a data source you would like to sync' } ), - icons: [], + icons: [], id: 'native-choose-source', }, { @@ -35,7 +35,7 @@ const nativePopoverPanels = [ 'xpack.enterpriseSearch.connectorDescriptionPopover.connectorDescriptionBadge.native.configureConnectorLabel', { defaultMessage: 'Configure your connector using our Kibana UI' } ), - icons: [, ], + icons: [, ], id: 'native-configure-connector', }, ]; @@ -46,7 +46,7 @@ const connectorClientPopoverPanels = [ 'xpack.enterpriseSearch.connectorDescriptionPopover.connectorDescriptionBadge.client.chooseADataSourceLabel', { defaultMessage: 'Choose a data source you would like to sync' } ), - icons: [], + icons: [], id: 'client-choose-source', }, { @@ -58,9 +58,9 @@ const connectorClientPopoverPanels = [ } ), icons: [ - , - , - , + , + , + , ], id: 'client-deploy', }, @@ -72,11 +72,11 @@ const connectorClientPopoverPanels = [ } ), icons: [ - , - , - , - , - , + , + , + , + , + , ], id: 'client-configure-connector', }, diff --git a/x-pack/plugins/enterprise_search/public/applications/enterprise_search_content/components/connectors/create_connector/components/manual_configuration_flyout.tsx b/x-pack/plugins/enterprise_search/public/applications/enterprise_search_content/components/connectors/create_connector/components/manual_configuration_flyout.tsx index 6fc80ec3a81f14..98bea7ed62f70c 100644 --- a/x-pack/plugins/enterprise_search/public/applications/enterprise_search_content/components/connectors/create_connector/components/manual_configuration_flyout.tsx +++ b/x-pack/plugins/enterprise_search/public/applications/enterprise_search_content/components/connectors/create_connector/components/manual_configuration_flyout.tsx @@ -41,7 +41,14 @@ import { SelfManagePreference } from '../create_connector'; const CLI_LABEL = i18n.translate( 'xpack.enterpriseSearch.createConnector.manualConfiguration.cliLabel', { - defaultMessage: 'CLI', + defaultMessage: 'Command-line interface', + } +); + +const CLI_LINK_TEXT = i18n.translate( + 'xpack.enterpriseSearch.createConnector.manualConfiguration.cliLinkText', + { + defaultMessage: 'Connectors CLI', } ); @@ -87,7 +94,7 @@ export const ManualConfigurationFlyout: React.FC

@@ -142,7 +149,7 @@ export const ManualConfigurationFlyout: React.FC 'xpack.enterpriseSearch.createConnector.manualConfiguration.p.connectorNameDescription', { defaultMessage: - 'You will be redirected to the connector page to configure the rest of your connector', + "You'll be redirected to the connector page to complete your configuration.", } )}

@@ -199,7 +206,7 @@ export const ManualConfigurationFlyout: React.FC

target="_blank" external > - {CLI_LABEL} + {CLI_LINK_TEXT} ), myIndex: my-index, + configFile: config.yml, }} />

diff --git a/x-pack/plugins/enterprise_search/public/applications/enterprise_search_content/components/connectors/create_connector/finish_up_step.tsx b/x-pack/plugins/enterprise_search/public/applications/enterprise_search_content/components/connectors/create_connector/finish_up_step.tsx index 28d5387ae4b707..c2f27bde804080 100644 --- a/x-pack/plugins/enterprise_search/public/applications/enterprise_search_content/components/connectors/create_connector/finish_up_step.tsx +++ b/x-pack/plugins/enterprise_search/public/applications/enterprise_search_content/components/connectors/create_connector/finish_up_step.tsx @@ -30,13 +30,15 @@ import { i18n } from '@kbn/i18n'; import { useKibana } from '@kbn/kibana-react-plugin/public'; -import { APPLICATIONS_PLUGIN } from '../../../../../../common/constants'; +import { APPLICATIONS_PLUGIN, ELASTICSEARCH_PLUGIN } from '../../../../../../common/constants'; import { KibanaDeps } from '../../../../../../common/types'; import { PLAYGROUND_PATH } from '../../../../applications/routes'; import { generateEncodedPath } from '../../../../shared/encode_path_params'; +import { HttpLogic } from '../../../../shared/http'; import { KibanaLogic } from '../../../../shared/kibana'; +import { DEV_TOOLS_CONSOLE_PATH } from '../../../routes'; import { CONNECTOR_DETAIL_TAB_PATH } from '../../../routes'; import { ConnectorDetailTabId } from '../../connector_detail/connector_detail'; @@ -62,6 +64,9 @@ export const FinishUpStep: React.FC = ({ title }) => { const { startSync } = useActions(SyncsLogic); const isSyncing = isWaitingForSync || isSyncingProp; + + const { http } = useValues(HttpLogic); + const { application } = useValues(KibanaLogic); useEffect(() => { setTimeout(() => { window.scrollTo({ @@ -307,7 +312,9 @@ export const FinishUpStep: React.FC = ({ title }) => { 'Use your favorite language client to query your data in your app', } )} - onClick={() => {}} + onClick={() => { + application.navigateToUrl(http.basePath.prepend(ELASTICSEARCH_PLUGIN.URL)); + }} display="subdued" /> @@ -335,7 +342,9 @@ export const FinishUpStep: React.FC = ({ title }) => { 'Tools for interacting with your data, such as console, profiler, Grok debugger and more', } )} - onClick={() => {}} + onClick={() => { + application.navigateToUrl(http.basePath.prepend(DEV_TOOLS_CONSOLE_PATH)); + }} display="subdued" /> diff --git a/x-pack/plugins/enterprise_search/public/applications/enterprise_search_content/components/connectors/create_connector/start_step.tsx b/x-pack/plugins/enterprise_search/public/applications/enterprise_search_content/components/connectors/create_connector/start_step.tsx index 633ea8f58d25c5..b66a5653351bd9 100644 --- a/x-pack/plugins/enterprise_search/public/applications/enterprise_search_content/components/connectors/create_connector/start_step.tsx +++ b/x-pack/plugins/enterprise_search/public/applications/enterprise_search_content/components/connectors/create_connector/start_step.tsx @@ -142,7 +142,7 @@ export const StartStep: React.FC = ({

{i18n.translate('xpack.enterpriseSearch.createConnector.startStep.h4.setUpLabel', { - defaultMessage: 'Set up', + defaultMessage: 'Setup', })}

@@ -152,8 +152,7 @@ export const StartStep: React.FC = ({ {i18n.translate( 'xpack.enterpriseSearch.createConnector.startStep.p.whereDoYouWantLabel', { - defaultMessage: - 'Where do you want to store the connector and how do you want to manage it?', + defaultMessage: 'Choose how to deploy and manage your connector:', } )}

@@ -185,7 +184,7 @@ export const StartStep: React.FC = ({ id={selfManagedRadioButtonId} label={i18n.translate( 'xpack.enterpriseSearch.createConnector.startStep.euiRadio.selfManagedLabel', - { defaultMessage: 'Self managed' } + { defaultMessage: 'Self-managed' } )} checked={selfManagePreference === 'selfManaged'} onChange={() => onSelfManagePreferenceChange('selfManaged')} @@ -223,7 +222,7 @@ export const StartStep: React.FC = ({ 'xpack.enterpriseSearch.createConnector.startStep.p.youWillStartTheLabel', { defaultMessage: - 'You will start the process of creating a new index, API key, and a Web Crawler Connector ID manually. Optionally you can bring your own configuration as well.', + "We'll automatically configure your index, API key, and connector ID. Alternatively, create these manually and use a custom configuration.", } )}

diff --git a/x-pack/plugins/enterprise_search/public/applications/enterprise_search_content/components/search_index/connector/constants.ts b/x-pack/plugins/enterprise_search/public/applications/enterprise_search_content/components/search_index/connector/constants.ts index 3962bbb888d6ef..65120d78cec845 100644 --- a/x-pack/plugins/enterprise_search/public/applications/enterprise_search_content/components/search_index/connector/constants.ts +++ b/x-pack/plugins/enterprise_search/public/applications/enterprise_search_content/components/search_index/connector/constants.ts @@ -35,17 +35,10 @@ export const getConnectorTemplate = ({ api_key: "${apiKeyData?.encoded || ''}" `; -export const getRunFromDockerSnippet = ({ version }: { version: string }) => dedent` -docker run \\ - - -v "/connectors-config:/config" \ # NOTE: change absolute path to match where config.yml is located on your machine - --tty \\ - - --rm \\ - - docker.elastic.co/enterprise-search/elastic-connectors:${version} \\ - - /app/bin/elastic-ingest \\ - - -c /config/config.yml # Path to your configuration file in the container -`; +export const getRunFromDockerSnippet = ({ version }: { version: string }) => `docker run \\ +-v "$HOME/elastic-connectors:/config" \\ +--tty \\ +--rm \\ +docker.elastic.co/enterprise-search/elastic-connectors:${version} \\ +/app/bin/elastic-ingest \\ +-c /config/config.yml`; diff --git a/x-pack/plugins/enterprise_search/public/navigation_tree.ts b/x-pack/plugins/enterprise_search/public/navigation_tree.ts index 2f4e5a17ab3351..2f41db6bef486c 100644 --- a/x-pack/plugins/enterprise_search/public/navigation_tree.ts +++ b/x-pack/plugins/enterprise_search/public/navigation_tree.ts @@ -209,7 +209,7 @@ export const getNavigationTreeDefinition = ({ }), }, { - children: [{ link: 'enterpriseSearchRelevance:inferenceEndpoints' }], + children: [{ link: 'searchInferenceEndpoints:inferenceEndpoints' }], id: 'relevance', title: i18n.translate('xpack.enterpriseSearch.searchNav.relevance', { defaultMessage: 'Relevance', diff --git a/x-pack/plugins/enterprise_search/public/plugin.ts b/x-pack/plugins/enterprise_search/public/plugin.ts index a1558c4855aa78..06f14ba3d70373 100644 --- a/x-pack/plugins/enterprise_search/public/plugin.ts +++ b/x-pack/plugins/enterprise_search/public/plugin.ts @@ -19,6 +19,8 @@ import { PluginInitializerContext, DEFAULT_APP_CATEGORIES, AppDeepLink, + type AppUpdater, + AppStatus, } from '@kbn/core/public'; import { DataPublicPluginStart } from '@kbn/data-plugin/public'; @@ -53,8 +55,8 @@ import { SEARCH_RELEVANCE_PLUGIN, } from '../common/constants'; import { registerLocators } from '../common/locators'; - import { ClientConfigType, InitialAppData } from '../common/types'; +import { hasEnterpriseLicense } from '../common/utils/licensing'; import { ENGINES_PATH } from './applications/app_search/routes'; import { SEARCH_APPLICATIONS_PATH, PLAYGROUND_PATH } from './applications/applications/routes'; @@ -134,7 +136,7 @@ const contentLinks: AppDeepLink[] = [ const relevanceLinks: AppDeepLink[] = [ { - id: 'searchInferenceEndpoints', + id: 'inferenceEndpoints', path: `/${INFERENCE_ENDPOINTS_PATH}`, title: i18n.translate( 'xpack.enterpriseSearch.navigation.relevanceInferenceEndpointsLinkLabel', @@ -180,6 +182,7 @@ const appSearchLinks: AppDeepLink[] = [ export class EnterpriseSearchPlugin implements Plugin { private config: ClientConfigType; + private enterpriseLicenseAppUpdater$ = new BehaviorSubject(() => ({})); constructor(initializerContext: PluginInitializerContext) { this.config = initializerContext.config.get(); @@ -440,6 +443,8 @@ export class EnterpriseSearchPlugin implements Plugin { deepLinks: relevanceLinks, euiIconType: SEARCH_RELEVANCE_PLUGIN.LOGO, id: SEARCH_RELEVANCE_PLUGIN.ID, + status: AppStatus.inaccessible, + updater$: this.enterpriseLicenseAppUpdater$, mount: async (params: AppMountParameters) => { const kibanaDeps = await this.getKibanaDeps(core, params, cloud); const { chrome, http } = kibanaDeps.core; @@ -615,6 +620,18 @@ export class EnterpriseSearchPlugin implements Plugin { ); }); + plugins.licensing?.license$.subscribe((license) => { + if (hasEnterpriseLicense(license)) { + this.enterpriseLicenseAppUpdater$.next(() => ({ + status: AppStatus.accessible, + })); + } else { + this.enterpriseLicenseAppUpdater$.next(() => ({ + status: AppStatus.inaccessible, + })); + } + }); + // Return empty start contract rather than void in order for plugins // that depend on the enterprise search plugin to determine whether it is enabled or not return {}; diff --git a/x-pack/plugins/enterprise_search/server/integrations.ts b/x-pack/plugins/enterprise_search/server/integrations.ts index 2918ef862dbdf0..d66768e578732c 100644 --- a/x-pack/plugins/enterprise_search/server/integrations.ts +++ b/x-pack/plugins/enterprise_search/server/integrations.ts @@ -6,17 +6,13 @@ */ import type { CustomIntegrationsPluginSetup } from '@kbn/custom-integrations-plugin/server'; import { i18n } from '@kbn/i18n'; -import { ConnectorServerSideDefinition } from '@kbn/search-connectors-plugin/server'; import { ConfigType } from '.'; export const registerEnterpriseSearchIntegrations = ( config: ConfigType, - customIntegrations: CustomIntegrationsPluginSetup, - isCloud: boolean, - connectors: ConnectorServerSideDefinition[] + customIntegrations: CustomIntegrationsPluginSetup ) => { - const nativeSearchTag = config.hasNativeConnectors && isCloud ? ['native_search'] : []; if (config.hasWebCrawler) { customIntegrations.registerCustomIntegration({ id: 'web_crawler', @@ -58,29 +54,4 @@ export const registerEnterpriseSearchIntegrations = ( shipper: 'search', isBeta: false, }); - - if (config.hasConnectors) { - connectors.forEach((connector) => { - const connectorType = connector.isNative && isCloud ? 'native' : 'connector_client'; - const categories = connector.isNative - ? [...(connector.categories || []), ...nativeSearchTag] - : connector.categories; - - customIntegrations.registerCustomIntegration({ - categories: categories || [], - description: connector.description || '', - icons: [ - { - src: connector.iconPath, - type: 'svg', - }, - ], - id: `${connector.serviceType}-${connector.name}`, - isBeta: connector.isBeta, - shipper: 'search', - title: connector.name, - uiInternalPath: `/app/enterprise_search/content/connectors/new_connector?connector_type=${connectorType}&service_type=${connector.serviceType}`, - }); - }); - } }; diff --git a/x-pack/plugins/enterprise_search/server/plugin.ts b/x-pack/plugins/enterprise_search/server/plugin.ts index c80216bc7a1560..4900fe2af29a29 100644 --- a/x-pack/plugins/enterprise_search/server/plugin.ts +++ b/x-pack/plugins/enterprise_search/server/plugin.ts @@ -182,12 +182,7 @@ export class EnterpriseSearchPlugin implements Plugin { const isCloud = !!cloud?.cloudId; if (customIntegrations) { - registerEnterpriseSearchIntegrations( - config, - customIntegrations, - isCloud, - searchConnectors?.getConnectorTypes() || [] - ); + registerEnterpriseSearchIntegrations(config, customIntegrations); } /* diff --git a/x-pack/plugins/entity_manager/server/lib/auth/privileges.ts b/x-pack/plugins/entity_manager/server/lib/auth/privileges.ts index 5ca3da77d7eba1..674e870c898bcd 100644 --- a/x-pack/plugins/entity_manager/server/lib/auth/privileges.ts +++ b/x-pack/plugins/entity_manager/server/lib/auth/privileges.ts @@ -59,7 +59,7 @@ export const entityDefinitionRuntimePrivileges = { index: [ { names: [ENTITY_INTERNAL_INDICES_PATTERN], - privileges: ['create_index', 'index', 'create_doc', 'auto_configure', 'read'], + privileges: ['create_index', 'delete_index', 'index', 'create_doc', 'auto_configure', 'read'], }, { names: [...BUILT_IN_ALLOWED_INDICES, ENTITY_INTERNAL_INDICES_PATTERN], diff --git a/x-pack/plugins/entity_manager/server/lib/entities/built_in/services_from_ecs_data.ts b/x-pack/plugins/entity_manager/server/lib/entities/built_in/services_from_ecs_data.ts index 37c8b0f854dc8b..fa40760e542aa3 100644 --- a/x-pack/plugins/entity_manager/server/lib/entities/built_in/services_from_ecs_data.ts +++ b/x-pack/plugins/entity_manager/server/lib/entities/built_in/services_from_ecs_data.ts @@ -29,7 +29,7 @@ export const builtInServicesFromEcsEntityDefinition: EntityDefinition = identityFields: ['service.name'], displayNameTemplate: '{{service.name}}', metadata: [ - { source: '_index', destination: 'sourceIndex' }, + { source: '_index', destination: 'source_index' }, { source: 'data_stream.type', destination: 'source_data_stream.type', @@ -38,7 +38,7 @@ export const builtInServicesFromEcsEntityDefinition: EntityDefinition = source: 'data_stream.dataset', destination: 'source_data_stream.dataset', }, - { source: 'agent.name', aggregation: { type: 'terms', limit: 100 } }, + 'agent.name', 'service.environment', 'service.name', 'service.namespace', diff --git a/x-pack/plugins/entity_manager/server/lib/entities/create_and_install_ingest_pipeline.ts b/x-pack/plugins/entity_manager/server/lib/entities/create_and_install_ingest_pipeline.ts index 0b3900363c0c81..5511e50c36ab82 100644 --- a/x-pack/plugins/entity_manager/server/lib/entities/create_and_install_ingest_pipeline.ts +++ b/x-pack/plugins/entity_manager/server/lib/entities/create_and_install_ingest_pipeline.ts @@ -25,7 +25,7 @@ export async function createAndInstallIngestPipelines( id: latestId, processors: latestProcessors, _meta: { - definitionVersion: definition.version, + definition_version: definition.version, managed: definition.managed, }, }), diff --git a/x-pack/plugins/entity_manager/server/lib/entities/delete_index.ts b/x-pack/plugins/entity_manager/server/lib/entities/delete_index.ts index d40d9975a8820f..491cd08e6d48ce 100644 --- a/x-pack/plugins/entity_manager/server/lib/entities/delete_index.ts +++ b/x-pack/plugins/entity_manager/server/lib/entities/delete_index.ts @@ -14,11 +14,13 @@ export async function deleteIndices( definition: EntityDefinition, logger: Logger ) { + const index = generateLatestIndexName(definition); try { - const index = generateLatestIndexName(definition); await esClient.indices.delete({ index, ignore_unavailable: true }); } catch (e) { - logger.error(`Unable to remove entity definition index [${definition.id}}]`); + logger.error( + `Unable to remove entity definition index ${index} for definition [${definition.id}]` + ); throw e; } } diff --git a/x-pack/plugins/entity_manager/server/lib/entities/ingest_pipeline/__snapshots__/generate_latest_processors.test.ts.snap b/x-pack/plugins/entity_manager/server/lib/entities/ingest_pipeline/__snapshots__/generate_latest_processors.test.ts.snap index 37f600f3a271f1..429b5fdce93095 100644 --- a/x-pack/plugins/entity_manager/server/lib/entities/ingest_pipeline/__snapshots__/generate_latest_processors.test.ts.snap +++ b/x-pack/plugins/entity_manager/server/lib/entities/ingest_pipeline/__snapshots__/generate_latest_processors.test.ts.snap @@ -16,25 +16,25 @@ Array [ }, Object { "set": Object { - "field": "entity.definitionId", + "field": "entity.definition_id", "value": "builtin_mock_entity_definition", }, }, Object { "set": Object { - "field": "entity.definitionVersion", + "field": "entity.definition_version", "value": "1.0.0", }, }, Object { "set": Object { - "field": "entity.schemaVersion", + "field": "entity.schema_version", "value": "v1", }, }, Object { "set": Object { - "field": "entity.identityFields", + "field": "entity.identity_fields", "value": Array [ "log.logger", ], @@ -92,7 +92,7 @@ if (ctx.entity?.metadata?.sourceIndex?.data != null) { }, Object { "set": Object { - "field": "entity.displayName", + "field": "entity.display_name", "value": "{{log.logger}}", }, }, @@ -121,25 +121,25 @@ Array [ }, Object { "set": Object { - "field": "entity.definitionId", + "field": "entity.definition_id", "value": "admin-console-services", }, }, Object { "set": Object { - "field": "entity.definitionVersion", + "field": "entity.definition_version", "value": "1.0.0", }, }, Object { "set": Object { - "field": "entity.schemaVersion", + "field": "entity.schema_version", "value": "v1", }, }, Object { "set": Object { - "field": "entity.identityFields", + "field": "entity.identity_fields", "value": Array [ "log.logger", ], @@ -197,7 +197,7 @@ if (ctx.entity?.metadata?.sourceIndex?.data != null) { }, Object { "set": Object { - "field": "entity.displayName", + "field": "entity.display_name", "value": "{{log.logger}}", }, }, diff --git a/x-pack/plugins/entity_manager/server/lib/entities/ingest_pipeline/generate_latest_processors.ts b/x-pack/plugins/entity_manager/server/lib/entities/ingest_pipeline/generate_latest_processors.ts index 787633246dede5..335c135448b10d 100644 --- a/x-pack/plugins/entity_manager/server/lib/entities/ingest_pipeline/generate_latest_processors.ts +++ b/x-pack/plugins/entity_manager/server/lib/entities/ingest_pipeline/generate_latest_processors.ts @@ -117,25 +117,25 @@ export function generateLatestProcessors(definition: EntityDefinition) { }, { set: { - field: 'entity.definitionId', + field: 'entity.definition_id', value: definition.id, }, }, { set: { - field: 'entity.definitionVersion', + field: 'entity.definition_version', value: definition.version, }, }, { set: { - field: 'entity.schemaVersion', + field: 'entity.schema_version', value: ENTITY_SCHEMA_VERSION_V1, }, }, { set: { - field: 'entity.identityFields', + field: 'entity.identity_fields', value: definition.identityFields.map((identityField) => identityField.field), }, }, @@ -173,7 +173,7 @@ export function generateLatestProcessors(definition: EntityDefinition) { // This must happen AFTER we lift the identity fields into the root of the document { set: { - field: 'entity.displayName', + field: 'entity.display_name', value: definition.displayNameTemplate, }, }, diff --git a/x-pack/plugins/entity_manager/server/lib/entities/install_entity_definition.test.ts b/x-pack/plugins/entity_manager/server/lib/entities/install_entity_definition.test.ts index e07670c58fd9b8..4633885b51387c 100644 --- a/x-pack/plugins/entity_manager/server/lib/entities/install_entity_definition.test.ts +++ b/x-pack/plugins/entity_manager/server/lib/entities/install_entity_definition.test.ts @@ -74,7 +74,7 @@ const assertHasCreatedDefinition = ( id: generateLatestIngestPipelineId(definition), processors: expect.anything(), _meta: { - definitionVersion: definition.version, + definition_version: definition.version, managed: definition.managed, }, }); @@ -112,7 +112,7 @@ const assertHasUpgradedDefinition = ( id: generateLatestIngestPipelineId(definition), processors: expect.anything(), _meta: { - definitionVersion: definition.version, + definition_version: definition.version, managed: definition.managed, }, }); @@ -260,7 +260,7 @@ describe('install_entity_definition', () => { describe('installBuiltInEntityDefinitions', () => { it('should install definition when not found', async () => { const builtInDefinitions = [mockEntityDefinition]; - const esClient = elasticsearchClientMock.createScopedClusterClient().asCurrentUser; + const clusterClient = elasticsearchClientMock.createScopedClusterClient(); const soClient = savedObjectsClientMock.create(); soClient.find.mockResolvedValue({ saved_objects: [], total: 0, page: 1, per_page: 10 }); soClient.update.mockResolvedValue({ @@ -271,18 +271,19 @@ describe('install_entity_definition', () => { }); await installBuiltInEntityDefinitions({ - esClient, + clusterClient, soClient, definitions: builtInDefinitions, logger: loggerMock.create(), }); - assertHasCreatedDefinition(mockEntityDefinition, soClient, esClient); + assertHasCreatedDefinition(mockEntityDefinition, soClient, clusterClient.asSecondaryAuthUser); }); it('should reinstall when partial state found', async () => { const builtInDefinitions = [mockEntityDefinition]; - const esClient = elasticsearchClientMock.createScopedClusterClient().asCurrentUser; + const clusterClient = elasticsearchClientMock.createScopedClusterClient(); + const esClient = clusterClient.asInternalUser; // mock partially installed definition esClient.ingest.getPipeline.mockResolvedValue({}); esClient.transform.getTransformStats.mockResolvedValue({ transforms: [], count: 0 }); @@ -314,14 +315,18 @@ describe('install_entity_definition', () => { }); await installBuiltInEntityDefinitions({ - esClient, + clusterClient, soClient, definitions: builtInDefinitions, logger: loggerMock.create(), }); - assertHasDeletedTransforms(mockEntityDefinition, esClient); - assertHasUpgradedDefinition(mockEntityDefinition, soClient, esClient); + assertHasDeletedTransforms(mockEntityDefinition, clusterClient.asSecondaryAuthUser); + assertHasUpgradedDefinition( + mockEntityDefinition, + soClient, + clusterClient.asSecondaryAuthUser + ); }); it('should reinstall when outdated version', async () => { @@ -329,7 +334,8 @@ describe('install_entity_definition', () => { ...mockEntityDefinition, version: semver.inc(mockEntityDefinition.version, 'major') ?? '0.0.0', }; - const esClient = elasticsearchClientMock.createScopedClusterClient().asCurrentUser; + const clusterClient = elasticsearchClientMock.createScopedClusterClient(); + const esClient = clusterClient.asInternalUser; esClient.transform.getTransformStats.mockResolvedValue({ transforms: [], count: 0 }); const soClient = savedObjectsClientMock.create(); @@ -359,14 +365,14 @@ describe('install_entity_definition', () => { }); await installBuiltInEntityDefinitions({ - esClient, + clusterClient, soClient, definitions: [updatedDefinition], logger: loggerMock.create(), }); - assertHasDeletedTransforms(mockEntityDefinition, esClient); - assertHasUpgradedDefinition(updatedDefinition, soClient, esClient); + assertHasDeletedTransforms(mockEntityDefinition, clusterClient.asSecondaryAuthUser); + assertHasUpgradedDefinition(updatedDefinition, soClient, clusterClient.asSecondaryAuthUser); }); it('should reinstall when stale upgrade', async () => { @@ -374,7 +380,8 @@ describe('install_entity_definition', () => { ...mockEntityDefinition, version: semver.inc(mockEntityDefinition.version, 'major') ?? '0.0.0', }; - const esClient = elasticsearchClientMock.createScopedClusterClient().asCurrentUser; + const clusterClient = elasticsearchClientMock.createScopedClusterClient(); + const esClient = clusterClient.asInternalUser; esClient.transform.getTransformStats.mockResolvedValue({ transforms: [], count: 0 }); const soClient = savedObjectsClientMock.create(); @@ -406,18 +413,19 @@ describe('install_entity_definition', () => { }); await installBuiltInEntityDefinitions({ - esClient, + clusterClient, soClient, definitions: [updatedDefinition], logger: loggerMock.create(), }); - assertHasDeletedTransforms(mockEntityDefinition, esClient); - assertHasUpgradedDefinition(updatedDefinition, soClient, esClient); + assertHasDeletedTransforms(mockEntityDefinition, clusterClient.asSecondaryAuthUser); + assertHasUpgradedDefinition(updatedDefinition, soClient, clusterClient.asSecondaryAuthUser); }); it('should reinstall when failed installation', async () => { - const esClient = elasticsearchClientMock.createScopedClusterClient().asCurrentUser; + const clusterClient = elasticsearchClientMock.createScopedClusterClient(); + const esClient = clusterClient.asInternalUser; esClient.transform.getTransformStats.mockResolvedValue({ transforms: [], count: 0 }); const soClient = savedObjectsClientMock.create(); @@ -448,14 +456,18 @@ describe('install_entity_definition', () => { }); await installBuiltInEntityDefinitions({ - esClient, + clusterClient, soClient, definitions: [mockEntityDefinition], logger: loggerMock.create(), }); - assertHasDeletedTransforms(mockEntityDefinition, esClient); - assertHasUpgradedDefinition(mockEntityDefinition, soClient, esClient); + assertHasDeletedTransforms(mockEntityDefinition, clusterClient.asSecondaryAuthUser); + assertHasUpgradedDefinition( + mockEntityDefinition, + soClient, + clusterClient.asSecondaryAuthUser + ); }); }); }); diff --git a/x-pack/plugins/entity_manager/server/lib/entities/install_entity_definition.ts b/x-pack/plugins/entity_manager/server/lib/entities/install_entity_definition.ts index b4adedaf10374f..bfc37ac52e2c18 100644 --- a/x-pack/plugins/entity_manager/server/lib/entities/install_entity_definition.ts +++ b/x-pack/plugins/entity_manager/server/lib/entities/install_entity_definition.ts @@ -6,7 +6,7 @@ */ import semver from 'semver'; -import { ElasticsearchClient } from '@kbn/core-elasticsearch-server'; +import { ElasticsearchClient, IScopedClusterClient } from '@kbn/core-elasticsearch-server'; import { SavedObjectsClientContract } from '@kbn/core-saved-objects-api-server'; import { EntityDefinition, EntityDefinitionUpdate } from '@kbn/entities-schema'; import { Logger } from '@kbn/logging'; @@ -29,6 +29,7 @@ import { mergeEntityDefinitionUpdate } from './helpers/merge_definition_update'; import { EntityDefinitionWithState } from './types'; import { stopLatestTransform, stopTransforms } from './stop_transforms'; import { deleteLatestTransform, deleteTransforms } from './delete_transforms'; +import { deleteIndices } from './delete_index'; export interface InstallDefinitionParams { esClient: ElasticsearchClient; @@ -49,10 +50,7 @@ export async function installEntityDefinition({ validateDefinitionCanCreateValidTransformIds(definition); if (await entityDefinitionExists(soClient, definition.id)) { - throw new EntityIdConflict( - `Entity definition with [${definition.id}] already exists.`, - definition - ); + throw new EntityIdConflict(`Entity definition [${definition.id}] already exists.`, definition); } try { @@ -65,7 +63,7 @@ export async function installEntityDefinition({ return await install({ esClient, soClient, logger, definition: entityDefinition }); } catch (e) { - logger.error(`Failed to install entity definition ${definition.id}: ${e}`); + logger.error(`Failed to install entity definition [${definition.id}]: ${e}`); await stopLatestTransform(esClient, definition, logger); await deleteLatestTransform(esClient, definition, logger); @@ -90,28 +88,32 @@ export async function installEntityDefinition({ } export async function installBuiltInEntityDefinitions({ - esClient, + clusterClient, soClient, logger, definitions, -}: Omit & { +}: Omit & { + clusterClient: IScopedClusterClient; definitions: EntityDefinition[]; }): Promise { if (definitions.length === 0) return []; - logger.debug(`Starting installation of ${definitions.length} built-in definitions`); + logger.info(`Checking installation of ${definitions.length} built-in definitions`); const installPromises = definitions.map(async (builtInDefinition) => { const installedDefinition = await findEntityDefinitionById({ - esClient, soClient, + esClient: clusterClient.asInternalUser, id: builtInDefinition.id, includeState: true, }); if (!installedDefinition) { + // clean data from previous installation + await deleteIndices(clusterClient.asCurrentUser, builtInDefinition, logger); + return await installEntityDefinition({ definition: builtInDefinition, - esClient, + esClient: clusterClient.asSecondaryAuthUser, soClient, logger, }); @@ -127,15 +129,16 @@ export async function installBuiltInEntityDefinitions({ return installedDefinition; } - logger.debug( + logger.info( `Detected failed or outdated installation of definition [${installedDefinition.id}] v${installedDefinition.version}, installing v${builtInDefinition.version}` ); return await reinstallEntityDefinition({ soClient, - esClient, + clusterClient, logger, definition: installedDefinition, definitionUpdate: builtInDefinition, + deleteData: true, }); }); @@ -150,22 +153,16 @@ async function install({ definition, logger, }: InstallDefinitionParams): Promise { - logger.debug( - () => - `Installing definition ${definition.id} v${definition.version}\n${JSON.stringify( - definition, - null, - 2 - )}` - ); + logger.info(`Installing definition [${definition.id}] v${definition.version}`); + logger.debug(() => JSON.stringify(definition, null, 2)); - logger.debug(`Installing index templates for definition ${definition.id}`); + logger.debug(`Installing index templates for definition [${definition.id}]`); const templates = await createAndInstallTemplates(esClient, definition, logger); - logger.debug(`Installing ingest pipelines for definition ${definition.id}`); + logger.debug(`Installing ingest pipelines for definition [${definition.id}]`); const pipelines = await createAndInstallIngestPipelines(esClient, definition, logger); - logger.debug(`Installing transforms for definition ${definition.id}`); + logger.debug(`Installing transforms for definition [${definition.id}]`); const transforms = await createAndInstallTransforms(esClient, definition, logger); const updatedProps = await updateEntityDefinition(soClient, definition.id, { @@ -177,20 +174,23 @@ async function install({ // stop and delete the current transforms and reinstall all the components export async function reinstallEntityDefinition({ - esClient, + clusterClient, soClient, definition, definitionUpdate, logger, -}: InstallDefinitionParams & { + deleteData = false, +}: Omit & { + clusterClient: IScopedClusterClient; definitionUpdate: EntityDefinitionUpdate; + deleteData?: boolean; }): Promise { try { const updatedDefinition = mergeEntityDefinitionUpdate(definition, definitionUpdate); logger.debug( () => - `Reinstalling definition ${definition.id} from v${definition.version} to v${ + `Reinstalling definition [${definition.id}] from v${definition.version} to v${ definitionUpdate.version }\n${JSON.stringify(updatedDefinition, null, 2)}` ); @@ -201,13 +201,17 @@ export async function reinstallEntityDefinition({ installStartedAt: new Date().toISOString(), }); - logger.debug(`Deleting transforms for definition ${definition.id} v${definition.version}`); - await stopAndDeleteTransforms(esClient, definition, logger); + logger.debug(`Deleting transforms for definition [${definition.id}] v${definition.version}`); + await stopAndDeleteTransforms(clusterClient.asSecondaryAuthUser, definition, logger); + + if (deleteData) { + await deleteIndices(clusterClient.asCurrentUser, definition, logger); + } return await install({ - esClient, soClient, logger, + esClient: clusterClient.asSecondaryAuthUser, definition: updatedDefinition, }); } catch (err) { diff --git a/x-pack/plugins/entity_manager/server/lib/entities/transform/__snapshots__/generate_latest_transform.test.ts.snap b/x-pack/plugins/entity_manager/server/lib/entities/transform/__snapshots__/generate_latest_transform.test.ts.snap index 94303584c45dc3..86978b1b4df958 100644 --- a/x-pack/plugins/entity_manager/server/lib/entities/transform/__snapshots__/generate_latest_transform.test.ts.snap +++ b/x-pack/plugins/entity_manager/server/lib/entities/transform/__snapshots__/generate_latest_transform.test.ts.snap @@ -3,7 +3,7 @@ exports[`generateLatestTransform(definition) should generate a valid latest transform 1`] = ` Object { "_meta": Object { - "definitionVersion": "1.0.0", + "definition_version": "1.0.0", "managed": false, }, "defer_validation": true, @@ -42,7 +42,7 @@ Object { }, }, }, - "entity.lastSeenTimestamp": Object { + "entity.last_seen_timestamp": Object { "max": Object { "field": "@timestamp", }, diff --git a/x-pack/plugins/entity_manager/server/lib/entities/transform/generate_latest_transform.ts b/x-pack/plugins/entity_manager/server/lib/entities/transform/generate_latest_transform.ts index c273469e3d3e3b..c9d8cd9deef9b9 100644 --- a/x-pack/plugins/entity_manager/server/lib/entities/transform/generate_latest_transform.ts +++ b/x-pack/plugins/entity_manager/server/lib/entities/transform/generate_latest_transform.ts @@ -69,7 +69,7 @@ const generateTransformPutRequest = ({ return { transform_id: transformId, _meta: { - definitionVersion: definition.version, + definition_version: definition.version, managed: definition.managed, }, defer_validation: true, @@ -113,7 +113,7 @@ const generateTransformPutRequest = ({ aggs: { ...generateLatestMetricAggregations(definition), ...generateLatestMetadataAggregations(definition), - 'entity.lastSeenTimestamp': { + 'entity.last_seen_timestamp': { max: { field: definition.latest.timestampField, }, diff --git a/x-pack/plugins/entity_manager/server/lib/entities/upgrade_entity_definition.ts b/x-pack/plugins/entity_manager/server/lib/entities/upgrade_entity_definition.ts index a4d44cd45ee17c..66bc6da96619b8 100644 --- a/x-pack/plugins/entity_manager/server/lib/entities/upgrade_entity_definition.ts +++ b/x-pack/plugins/entity_manager/server/lib/entities/upgrade_entity_definition.ts @@ -35,18 +35,20 @@ export async function upgradeBuiltInEntityDefinitions({ ); } - const { esClient, soClient } = getClientsFromAPIKey({ apiKey, server }); + const { clusterClient, soClient } = getClientsFromAPIKey({ apiKey, server }); logger.debug(`Starting built-in definitions upgrade`); const upgradedDefinitions = await installBuiltInEntityDefinitions({ - esClient, + clusterClient, soClient, definitions, logger, }); await Promise.all( - upgradedDefinitions.map((definition) => startTransforms(esClient, definition, logger)) + upgradedDefinitions.map((definition) => + startTransforms(clusterClient.asSecondaryAuthUser, definition, logger) + ) ); return { success: true, definitions: upgradedDefinitions }; diff --git a/x-pack/plugins/entity_manager/server/lib/entity_client.ts b/x-pack/plugins/entity_manager/server/lib/entity_client.ts index dcb3dfab8f3289..67e9f52e32bf54 100644 --- a/x-pack/plugins/entity_manager/server/lib/entity_client.ts +++ b/x-pack/plugins/entity_manager/server/lib/entity_client.ts @@ -40,6 +40,9 @@ export class EntityClient { definition: EntityDefinition; installOnly?: boolean; }) { + this.options.logger.info( + `Creating definition [${definition.id}] v${definition.version} (installOnly=${installOnly})` + ); const secondaryAuthClient = this.options.clusterClient.asSecondaryAuthUser; const installedDefinition = await installEntityDefinition({ definition, @@ -62,16 +65,15 @@ export class EntityClient { id: string; definitionUpdate: EntityDefinitionUpdate; }) { - const secondaryAuthClient = this.options.clusterClient.asSecondaryAuthUser; const definition = await findEntityDefinitionById({ id, soClient: this.options.soClient, - esClient: secondaryAuthClient, + esClient: this.options.clusterClient.asInternalUser, includeState: true, }); if (!definition) { - const message = `Unable to find entity definition with [${id}]`; + const message = `Unable to find entity definition [${id}]`; this.options.logger.error(message); throw new EntityDefinitionNotFound(message); } @@ -86,37 +88,46 @@ export class EntityClient { definition as EntityDefinitionWithState ).state.components.transforms.some((transform) => transform.running); + this.options.logger.info( + `Updating definition [${definition.id}] from v${definition.version} to v${definitionUpdate.version}` + ); const updatedDefinition = await reinstallEntityDefinition({ definition, definitionUpdate, soClient: this.options.soClient, - esClient: secondaryAuthClient, + clusterClient: this.options.clusterClient, logger: this.options.logger, }); if (shouldRestartTransforms) { - await startTransforms(secondaryAuthClient, updatedDefinition, this.options.logger); + await startTransforms( + this.options.clusterClient.asSecondaryAuthUser, + updatedDefinition, + this.options.logger + ); } return updatedDefinition; } async deleteEntityDefinition({ id, deleteData = false }: { id: string; deleteData?: boolean }) { - const secondaryAuthClient = this.options.clusterClient.asSecondaryAuthUser; const definition = await findEntityDefinitionById({ id, - esClient: secondaryAuthClient, + esClient: this.options.clusterClient.asInternalUser, soClient: this.options.soClient, }); if (!definition) { - const message = `Unable to find entity definition with [${id}]`; + const message = `Unable to find entity definition [${id}]`; this.options.logger.error(message); throw new EntityDefinitionNotFound(message); } + this.options.logger.info( + `Uninstalling definition [${definition.id}] v${definition.version} (deleteData=${deleteData})` + ); await uninstallEntityDefinition({ definition, - esClient: secondaryAuthClient, + esClient: this.options.clusterClient.asSecondaryAuthUser, soClient: this.options.soClient, logger: this.options.logger, }); @@ -148,7 +159,7 @@ export class EntityClient { builtIn?: boolean; }) { const definitions = await findEntityDefinitions({ - esClient: this.options.clusterClient.asSecondaryAuthUser, + esClient: this.options.clusterClient.asInternalUser, soClient: this.options.soClient, page, perPage, @@ -162,6 +173,7 @@ export class EntityClient { } async startEntityDefinition(definition: EntityDefinition) { + this.options.logger.info(`Starting transforms for definition [${definition.id}]`); return startTransforms( this.options.clusterClient.asSecondaryAuthUser, definition, @@ -170,6 +182,7 @@ export class EntityClient { } async stopEntityDefinition(definition: EntityDefinition) { + this.options.logger.info(`Stopping transforms for definition [${definition.id}]`); return stopTransforms( this.options.clusterClient.asSecondaryAuthUser, definition, diff --git a/x-pack/plugins/entity_manager/server/lib/manage_index_templates.ts b/x-pack/plugins/entity_manager/server/lib/manage_index_templates.ts index ffa58cd9c0145e..704c240e0c4246 100644 --- a/x-pack/plugins/entity_manager/server/lib/manage_index_templates.ts +++ b/x-pack/plugins/entity_manager/server/lib/manage_index_templates.ts @@ -11,7 +11,6 @@ import { IndicesPutIndexTemplateRequest, } from '@elastic/elasticsearch/lib/api/types'; import { ElasticsearchClient, Logger } from '@kbn/core/server'; -import { entitiesHistoryBaseComponentTemplateConfig } from '../templates/components/base_history'; import { entitiesLatestBaseComponentTemplateConfig } from '../templates/components/base_latest'; import { entitiesEntityComponentTemplateConfig } from '../templates/components/entity'; import { entitiesEventComponentTemplateConfig } from '../templates/components/event'; @@ -38,11 +37,6 @@ export const installEntityManagerTemplates = async ({ logger: Logger; }) => { await Promise.all([ - upsertComponent({ - esClient, - logger, - component: entitiesHistoryBaseComponentTemplateConfig, - }), upsertComponent({ esClient, logger, diff --git a/x-pack/plugins/entity_manager/server/lib/utils.ts b/x-pack/plugins/entity_manager/server/lib/utils.ts index aec8ffa9404370..dfe14dcf20abd9 100644 --- a/x-pack/plugins/entity_manager/server/lib/utils.ts +++ b/x-pack/plugins/entity_manager/server/lib/utils.ts @@ -5,7 +5,7 @@ * 2.0. */ -import { ElasticsearchClient } from '@kbn/core-elasticsearch-server'; +import { IScopedClusterClient } from '@kbn/core-elasticsearch-server'; import { SavedObjectsClientContract } from '@kbn/core-saved-objects-api-server'; import { getFakeKibanaRequest } from '@kbn/security-plugin/server/authentication/api_keys/fake_kibana_request'; import { EntityManagerServerSetup } from '../types'; @@ -17,9 +17,9 @@ export const getClientsFromAPIKey = ({ }: { apiKey: EntityDiscoveryAPIKey; server: EntityManagerServerSetup; -}): { esClient: ElasticsearchClient; soClient: SavedObjectsClientContract } => { +}): { clusterClient: IScopedClusterClient; soClient: SavedObjectsClientContract } => { const fakeRequest = getFakeKibanaRequest({ id: apiKey.id, api_key: apiKey.apiKey }); - const esClient = server.core.elasticsearch.client.asScoped(fakeRequest).asSecondaryAuthUser; + const clusterClient = server.core.elasticsearch.client.asScoped(fakeRequest); const soClient = server.core.savedObjects.getScopedClient(fakeRequest); - return { esClient, soClient }; + return { clusterClient, soClient }; }; diff --git a/x-pack/plugins/entity_manager/server/routes/enablement/check.ts b/x-pack/plugins/entity_manager/server/routes/enablement/check.ts index d0e2a572cb6f5c..1c67643c5c902b 100644 --- a/x-pack/plugins/entity_manager/server/routes/enablement/check.ts +++ b/x-pack/plugins/entity_manager/server/routes/enablement/check.ts @@ -61,13 +61,13 @@ export const checkEntityDiscoveryEnabledRoute = createEntityManagerServerRoute({ return response.ok({ body: { enabled: false, reason: ERROR_API_KEY_NOT_VALID } }); } - const { esClient, soClient } = getClientsFromAPIKey({ apiKey, server }); + const { clusterClient, soClient } = getClientsFromAPIKey({ apiKey, server }); const entityDiscoveryState = await Promise.all( builtInDefinitions.map(async (builtInDefinition) => { const definitions = await findEntityDefinitions({ - esClient, soClient, + esClient: clusterClient.asSecondaryAuthUser, id: builtInDefinition.id, includeState: true, }); diff --git a/x-pack/plugins/entity_manager/server/routes/enablement/disable.ts b/x-pack/plugins/entity_manager/server/routes/enablement/disable.ts index f8629fe46497b4..01208fe19d7a0e 100644 --- a/x-pack/plugins/entity_manager/server/routes/enablement/disable.ts +++ b/x-pack/plugins/entity_manager/server/routes/enablement/disable.ts @@ -67,12 +67,13 @@ export const disableEntityDiscoveryRoute = createEntityManagerServerRoute({ includedHiddenTypes: [EntityDiscoveryApiKeyType.name], }); + logger.info('Disabling managed entity discovery'); await uninstallBuiltInEntityDefinitions({ entityClient, deleteData: params.query.deleteData, }); - server.logger.debug('reading entity discovery API key from saved object'); + logger.debug('reading entity discovery API key from saved object'); const apiKey = await readEntityDiscoveryAPIKey(server); // api key could be deleted outside of the apis, it does not affect the // disablement flow @@ -82,6 +83,7 @@ export const disableEntityDiscoveryRoute = createEntityManagerServerRoute({ ids: [apiKey.id], }); } + logger.info('Managed entity discovery is disabled'); return response.ok({ body: { success: true } }); } catch (err) { diff --git a/x-pack/plugins/entity_manager/server/routes/enablement/enable.ts b/x-pack/plugins/entity_manager/server/routes/enablement/enable.ts index 1002c1e716df22..9a851e08b5673f 100644 --- a/x-pack/plugins/entity_manager/server/routes/enablement/enable.ts +++ b/x-pack/plugins/entity_manager/server/routes/enablement/enable.ts @@ -93,6 +93,7 @@ export const enableEntityDiscoveryRoute = createEntityManagerServerRoute({ }); } + logger.info(`Enabling managed entity discovery (installOnly=${params.query.installOnly})`); const soClient = core.savedObjects.getClient({ includedHiddenTypes: [EntityDiscoveryApiKeyType.name], }); @@ -119,9 +120,9 @@ export const enableEntityDiscoveryRoute = createEntityManagerServerRoute({ await saveEntityDiscoveryAPIKey(soClient, apiKey); - const esClient = core.elasticsearch.client.asSecondaryAuthUser; + const clusterClient = core.elasticsearch.client; const installedDefinitions = await installBuiltInEntityDefinitions({ - esClient, + clusterClient, soClient, logger, definitions: builtInDefinitions, @@ -130,10 +131,11 @@ export const enableEntityDiscoveryRoute = createEntityManagerServerRoute({ if (!params.query.installOnly) { await Promise.all( installedDefinitions.map((installedDefinition) => - startTransforms(esClient, installedDefinition, logger) + startTransforms(clusterClient.asSecondaryAuthUser, installedDefinition, logger) ) ); } + logger.info('Managed entity discovery is enabled'); return response.ok({ body: { success: true } }); } catch (err) { diff --git a/x-pack/plugins/entity_manager/server/routes/entities/update.ts b/x-pack/plugins/entity_manager/server/routes/entities/update.ts index 9cf72a9298d428..3b7ea8a03830d7 100644 --- a/x-pack/plugins/entity_manager/server/routes/entities/update.ts +++ b/x-pack/plugins/entity_manager/server/routes/entities/update.ts @@ -5,21 +5,13 @@ * 2.0. */ -import { - createEntityDefinitionQuerySchema, - entityDefinitionUpdateSchema, -} from '@kbn/entities-schema'; +import { entityDefinitionUpdateSchema } from '@kbn/entities-schema'; import { z } from '@kbn/zod'; import { EntitySecurityException } from '../../lib/entities/errors/entity_security_exception'; import { InvalidTransformError } from '../../lib/entities/errors/invalid_transform_error'; -import { findEntityDefinitionById } from '../../lib/entities/find_entity_definition'; -import { startTransforms } from '../../lib/entities/start_transforms'; -import { - installationInProgress, - reinstallEntityDefinition, -} from '../../lib/entities/install_entity_definition'; - import { createEntityManagerServerRoute } from '../create_entity_manager_server_route'; +import { EntityDefinitionNotFound } from '../../lib/entities/errors/entity_not_found'; +import { EntityDefinitionUpdateConflict } from '../../lib/entities/errors/entity_definition_update_conflict'; /** * @openapi @@ -29,13 +21,12 @@ import { createEntityManagerServerRoute } from '../create_entity_manager_server_ * tags: * - definitions * parameters: - * - in: query - * name: installOnly - * description: If true, the definition transforms will not be started - * required: false + * - in: path + * name: id + * description: The entity definition ID * schema: - * type: boolean - * default: false + * type: string + * required: true * requestBody: * description: The definition properties to update * required: true @@ -63,58 +54,37 @@ export const updateEntityDefinitionRoute = createEntityManagerServerRoute({ endpoint: 'PATCH /internal/entities/definition/{id}', params: z.object({ path: z.object({ id: z.string() }), - query: createEntityDefinitionQuerySchema, body: entityDefinitionUpdateSchema, }), - handler: async ({ context, response, params, logger }) => { - const core = await context.core; - const soClient = core.savedObjects.client; - const esClient = core.elasticsearch.client.asCurrentUser; + handler: async ({ request, response, params, logger, getScopedClient }) => { + const entityClient = await getScopedClient({ request }); try { - const installedDefinition = await findEntityDefinitionById({ - soClient, - esClient, + const updatedDefinition = await entityClient.updateEntityDefinition({ id: params.path.id, + definitionUpdate: params.body, }); - if (!installedDefinition) { + return response.ok({ body: updatedDefinition }); + } catch (e) { + logger.error(e); + + if (e instanceof EntityDefinitionNotFound) { return response.notFound({ body: { message: `Entity definition [${params.path.id}] not found` }, }); } - if (installedDefinition.managed) { - return response.forbidden({ - body: { message: `Managed definition cannot be modified` }, - }); - } - - if (installationInProgress(installedDefinition)) { + if (e instanceof EntityDefinitionUpdateConflict) { return response.conflict({ body: { message: `Entity definition [${params.path.id}] has changes in progress` }, }); } - const updatedDefinition = await reinstallEntityDefinition({ - soClient, - esClient, - logger, - definition: installedDefinition, - definitionUpdate: params.body, - }); - - if (!params.query.installOnly) { - await startTransforms(esClient, updatedDefinition, logger); - } - - return response.ok({ body: updatedDefinition }); - } catch (e) { - logger.error(e); - if (e instanceof EntitySecurityException || e instanceof InvalidTransformError) { return response.customError({ body: e, statusCode: 400 }); } + return response.customError({ body: e, statusCode: 500 }); } }, diff --git a/x-pack/plugins/entity_manager/server/templates/components/base_history.ts b/x-pack/plugins/entity_manager/server/templates/components/base_history.ts deleted file mode 100644 index d0bdaa76152eca..00000000000000 --- a/x-pack/plugins/entity_manager/server/templates/components/base_history.ts +++ /dev/null @@ -1,36 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { ClusterPutComponentTemplateRequest } from '@elastic/elasticsearch/lib/api/types'; -import { ENTITY_HISTORY_BASE_COMPONENT_TEMPLATE_V1 } from '../../../common/constants_entities'; - -export const entitiesHistoryBaseComponentTemplateConfig: ClusterPutComponentTemplateRequest = { - name: ENTITY_HISTORY_BASE_COMPONENT_TEMPLATE_V1, - _meta: { - description: - "Component template for the ECS fields used in the Elastic Entity Model's entity discovery framework's history data set", - documentation: 'https://www.elastic.co/guide/en/ecs/current/ecs-base.html', - ecs_version: '8.0.0', - managed: true, - }, - template: { - mappings: { - properties: { - '@timestamp': { - type: 'date', - }, - labels: { - type: 'object', - }, - tags: { - ignore_above: 1024, - type: 'keyword', - }, - }, - }, - }, -}; diff --git a/x-pack/plugins/entity_manager/server/templates/components/base_latest.ts b/x-pack/plugins/entity_manager/server/templates/components/base_latest.ts index 6ee48b37bff1d7..ef97a6fda3a3b8 100644 --- a/x-pack/plugins/entity_manager/server/templates/components/base_latest.ts +++ b/x-pack/plugins/entity_manager/server/templates/components/base_latest.ts @@ -22,7 +22,7 @@ export const entitiesLatestBaseComponentTemplateConfig: ClusterPutComponentTempl properties: { entity: { properties: { - displayName: { + display_name: { type: 'text', fields: { keyword: { @@ -31,9 +31,6 @@ export const entitiesLatestBaseComponentTemplateConfig: ClusterPutComponentTempl }, }, }, - firstSeenTimestamp: { - type: 'date', - }, }, }, labels: { diff --git a/x-pack/plugins/entity_manager/server/templates/components/entity.ts b/x-pack/plugins/entity_manager/server/templates/components/entity.ts index db93d0db77abf4..fbd57ba66fc979 100644 --- a/x-pack/plugins/entity_manager/server/templates/components/entity.ts +++ b/x-pack/plugins/entity_manager/server/templates/components/entity.ts @@ -29,22 +29,22 @@ export const entitiesEntityComponentTemplateConfig: ClusterPutComponentTemplateR ignore_above: 1024, type: 'keyword', }, - definitionId: { + definition_id: { ignore_above: 1024, type: 'keyword', }, - definitionVersion: { + definition_version: { ignore_above: 1024, type: 'keyword', }, - schemaVersion: { + schema_version: { ignore_above: 1024, type: 'keyword', }, - lastSeenTimestamp: { + last_seen_timestamp: { type: 'date', }, - identityFields: { + identity_fields: { type: 'keyword', }, }, diff --git a/x-pack/plugins/file_upload/common/constants.ts b/x-pack/plugins/file_upload/common/constants.ts index af0c3c07db6c8a..991dccac56f042 100644 --- a/x-pack/plugins/file_upload/common/constants.ts +++ b/x-pack/plugins/file_upload/common/constants.ts @@ -23,3 +23,5 @@ export const FILE_FORMATS = { SEMI_STRUCTURED_TEXT: 'semi_structured_text', TIKA: 'tika', }; + +export const TIKA_PREVIEW_CHARS = 100000; diff --git a/x-pack/plugins/file_upload/common/index.ts b/x-pack/plugins/file_upload/common/index.ts index eb5fcdc6b1c007..a331eb67e97864 100644 --- a/x-pack/plugins/file_upload/common/index.ts +++ b/x-pack/plugins/file_upload/common/index.ts @@ -15,3 +15,5 @@ export type { InputOverrides, IngestPipeline, } from './types'; + +export { TIKA_PREVIEW_CHARS } from './constants'; diff --git a/x-pack/plugins/file_upload/server/preview_tika_contents.ts b/x-pack/plugins/file_upload/server/preview_tika_contents.ts index f99a070d90414e..c2f9f5a2192430 100644 --- a/x-pack/plugins/file_upload/server/preview_tika_contents.ts +++ b/x-pack/plugins/file_upload/server/preview_tika_contents.ts @@ -7,6 +7,7 @@ import type { IScopedClusterClient } from '@kbn/core/server'; import type { PreviewTikaResponse } from '../common/types'; +import { TIKA_PREVIEW_CHARS } from '../common/constants'; /** * Returns the contents of a file using the attachment ingest processor @@ -24,6 +25,7 @@ export async function previewTikaContents( attachment: { field: 'data', remove_binary: true, + indexed_chars: TIKA_PREVIEW_CHARS, }, }, ], diff --git a/x-pack/plugins/fleet/common/constants/agentless.ts b/x-pack/plugins/fleet/common/constants/agentless.ts new file mode 100644 index 00000000000000..cbc7e85e563c16 --- /dev/null +++ b/x-pack/plugins/fleet/common/constants/agentless.ts @@ -0,0 +1,10 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +export const AGENTLESS_GLOBAL_TAG_NAME_ORGANIZATION = 'organization'; +export const AGENTLESS_GLOBAL_TAG_NAME_DIVISION = 'division'; +export const AGENTLESS_GLOBAL_TAG_NAME_TEAM = 'team'; diff --git a/x-pack/plugins/fleet/common/constants/index.ts b/x-pack/plugins/fleet/common/constants/index.ts index 31a7cd6b70686f..8ebfe005960c4e 100644 --- a/x-pack/plugins/fleet/common/constants/index.ts +++ b/x-pack/plugins/fleet/common/constants/index.ts @@ -10,6 +10,7 @@ export { INGEST_SAVED_OBJECT_INDEX, FLEET_SETUP_LOCK_TYPE } from './saved_object export * from './routes'; export * from './agent'; export * from './agent_policy'; +export * from './agentless'; export * from './package_policy'; export * from './epm'; export * from './output'; diff --git a/x-pack/plugins/fleet/common/types/models/epm.ts b/x-pack/plugins/fleet/common/types/models/epm.ts index b9e19fbc1947f7..3aa65dc3adcd46 100644 --- a/x-pack/plugins/fleet/common/types/models/epm.ts +++ b/x-pack/plugins/fleet/common/types/models/epm.ts @@ -178,12 +178,18 @@ export interface RegistryImage extends PackageSpecIcon { path: string; } -export interface DeploymentsModesEnablement { +export interface DeploymentsModesDefault { enabled: boolean; } + +export interface DeploymentsModesAgentless extends DeploymentsModesDefault { + organization?: string; + division?: string; + team?: string; +} export interface DeploymentsModes { - agentless: DeploymentsModesEnablement; - default?: DeploymentsModesEnablement; + agentless: DeploymentsModesAgentless; + default?: DeploymentsModesDefault; } export enum RegistryPolicyTemplateKeys { diff --git a/x-pack/plugins/fleet/public/applications/fleet/sections/agent_policy/create_package_policy_page/single_page_layout/hooks/setup_technology.test.ts b/x-pack/plugins/fleet/public/applications/fleet/sections/agent_policy/create_package_policy_page/single_page_layout/hooks/setup_technology.test.ts index 550a288dad3712..38663d88e5b237 100644 --- a/x-pack/plugins/fleet/public/applications/fleet/sections/agent_policy/create_package_policy_page/single_page_layout/hooks/setup_technology.test.ts +++ b/x-pack/plugins/fleet/public/applications/fleet/sections/agent_policy/create_package_policy_page/single_page_layout/hooks/setup_technology.test.ts @@ -11,6 +11,7 @@ import { waitFor } from '@testing-library/react'; import { createPackagePolicyMock } from '../../../../../../../../common/mocks'; +import type { RegistryPolicyTemplate, PackageInfo } from '../../../../../../../../common/types'; import { SetupTechnology } from '../../../../../../../../common/types'; import { ExperimentalFeaturesService } from '../../../../../services'; import { sendGetOneAgentPolicy, useStartServices, useConfig } from '../../../../../hooks'; @@ -145,6 +146,38 @@ describe('useSetupTechnology', () => { supports_agentless: false, inactivity_timeout: 3600, }; + + const packageInfoMock = { + policy_templates: [ + { + name: 'cspm', + title: 'Template 1', + description: '', + deployment_modes: { + default: { + enabled: true, + }, + agentless: { + enabled: true, + organization: 'org', + division: 'div', + team: 'team', + }, + }, + }, + { + name: 'not-cspm', + title: 'Template 2', + description: '', + deployment_modes: { + default: { + enabled: true, + }, + }, + }, + ] as RegistryPolicyTemplate[], + } as PackageInfo; + const packagePolicyMock = createPackagePolicyMock(); const mockedExperimentalFeaturesService = jest.mocked(ExperimentalFeaturesService); @@ -522,4 +555,170 @@ describe('useSetupTechnology', () => { expect(result.current.selectedSetupTechnology).toBe(SetupTechnology.AGENT_BASED); expect(setNewAgentPolicy).toHaveBeenCalledWith(newAgentPolicyMock); }); + + it('should have global_data_tags with the integration team when updating the agentless policy', async () => { + (useConfig as MockFn).mockReturnValue({ + agentless: { + enabled: true, + api: { + url: 'https://agentless.api.url', + }, + }, + } as any); + (useStartServices as MockFn).mockReturnValue({ + cloud: { + isCloudEnabled: true, + }, + }); + + const { result } = renderHook(() => + useSetupTechnology({ + setNewAgentPolicy, + newAgentPolicy: newAgentPolicyMock, + updateAgentPolicies: updateAgentPoliciesMock, + setSelectedPolicyTab: setSelectedPolicyTabMock, + packagePolicy: packagePolicyMock, + packageInfo: packageInfoMock, + isEditPage: true, + agentPolicies: [{ id: 'agentless-policy-id', supports_agentless: true } as any], + }) + ); + + act(() => { + result.current.handleSetupTechnologyChange(SetupTechnology.AGENTLESS, 'cspm'); + }); + + waitFor(() => { + expect(setNewAgentPolicy).toHaveBeenCalledWith({ + ...newAgentPolicyMock, + supports_agentless: true, + global_data_tags: [ + { name: 'organization', value: 'org' }, + { name: 'division', value: 'div' }, + { name: 'team', value: 'team' }, + ], + }); + }); + }); + + it('should not fail and not have global_data_tags when updating the agentless policy when it cannot find the policy template', async () => { + (useConfig as MockFn).mockReturnValue({ + agentless: { + enabled: true, + api: { + url: 'https://agentless.api.url', + }, + }, + } as any); + (useStartServices as MockFn).mockReturnValue({ + cloud: { + isCloudEnabled: true, + }, + }); + + const { result } = renderHook(() => + useSetupTechnology({ + setNewAgentPolicy, + newAgentPolicy: newAgentPolicyMock, + updateAgentPolicies: updateAgentPoliciesMock, + setSelectedPolicyTab: setSelectedPolicyTabMock, + packagePolicy: packagePolicyMock, + isEditPage: true, + agentPolicies: [{ id: 'agentless-policy-id', supports_agentless: true } as any], + }) + ); + + act(() => { + result.current.handleSetupTechnologyChange( + SetupTechnology.AGENTLESS, + 'never-gonna-give-you-up' + ); + }); + + waitFor(() => { + expect(setNewAgentPolicy).toHaveBeenCalledWith({ + ...newAgentPolicyMock, + supports_agentless: true, + }); + }); + }); + + it('should not fail and not have global_data_tags when updating the agentless policy without the policy temaplte name', async () => { + (useConfig as MockFn).mockReturnValue({ + agentless: { + enabled: true, + api: { + url: 'https://agentless.api.url', + }, + }, + } as any); + (useStartServices as MockFn).mockReturnValue({ + cloud: { + isCloudEnabled: true, + }, + }); + + const { result } = renderHook(() => + useSetupTechnology({ + setNewAgentPolicy, + newAgentPolicy: newAgentPolicyMock, + updateAgentPolicies: updateAgentPoliciesMock, + setSelectedPolicyTab: setSelectedPolicyTabMock, + packagePolicy: packagePolicyMock, + packageInfo: packageInfoMock, + isEditPage: true, + agentPolicies: [{ id: 'agentless-policy-id', supports_agentless: true } as any], + }) + ); + + act(() => { + result.current.handleSetupTechnologyChange(SetupTechnology.AGENTLESS); + }); + + waitFor(() => { + expect(setNewAgentPolicy).toHaveBeenCalledWith({ + ...newAgentPolicyMock, + supports_agentless: true, + }); + }); + }); + + it('should not fail and not have global_data_tags when updating the agentless policy without the packageInfo', async () => { + (useConfig as MockFn).mockReturnValue({ + agentless: { + enabled: true, + api: { + url: 'https://agentless.api.url', + }, + }, + } as any); + (useStartServices as MockFn).mockReturnValue({ + cloud: { + isCloudEnabled: true, + }, + }); + + const { result } = renderHook(() => + useSetupTechnology({ + setNewAgentPolicy, + newAgentPolicy: newAgentPolicyMock, + updateAgentPolicies: updateAgentPoliciesMock, + setSelectedPolicyTab: setSelectedPolicyTabMock, + packagePolicy: packagePolicyMock, + isEditPage: true, + agentPolicies: [{ id: 'agentless-policy-id', supports_agentless: true } as any], + }) + ); + + act(() => { + result.current.handleSetupTechnologyChange(SetupTechnology.AGENTLESS, 'cspm'); + }); + + waitFor(() => { + expect(setNewAgentPolicy).toHaveBeenCalledWith({ + ...newAgentPolicyMock, + supports_agentless: true, + }); + }); + }); }); diff --git a/x-pack/plugins/fleet/public/applications/fleet/sections/agent_policy/create_package_policy_page/single_page_layout/hooks/setup_technology.ts b/x-pack/plugins/fleet/public/applications/fleet/sections/agent_policy/create_package_policy_page/single_page_layout/hooks/setup_technology.ts index 241dcfbb93f4eb..2a88fecc6b1458 100644 --- a/x-pack/plugins/fleet/public/applications/fleet/sections/agent_policy/create_package_policy_page/single_page_layout/hooks/setup_technology.ts +++ b/x-pack/plugins/fleet/public/applications/fleet/sections/agent_policy/create_package_policy_page/single_page_layout/hooks/setup_technology.ts @@ -19,7 +19,12 @@ import type { import { SetupTechnology } from '../../../../../types'; import { sendGetOneAgentPolicy, useStartServices } from '../../../../../hooks'; import { SelectedPolicyTab } from '../../components'; -import { AGENTLESS_POLICY_ID } from '../../../../../../../../common/constants'; +import { + AGENTLESS_POLICY_ID, + AGENTLESS_GLOBAL_TAG_NAME_ORGANIZATION, + AGENTLESS_GLOBAL_TAG_NAME_DIVISION, + AGENTLESS_GLOBAL_TAG_NAME_TEAM, +} from '../../../../../../../../common/constants'; import { isAgentlessIntegration as isAgentlessIntegrationFn, getAgentlessAgentPolicyNameFromPackagePolicyName, @@ -150,16 +155,21 @@ export function useSetupTechnology({ }, [isDefaultAgentlessPolicyEnabled]); const handleSetupTechnologyChange = useCallback( - (setupTechnology: SetupTechnology) => { + (setupTechnology: SetupTechnology, policyTemplateName?: string) => { if (!isAgentlessEnabled || setupTechnology === selectedSetupTechnology) { return; } if (setupTechnology === SetupTechnology.AGENTLESS) { if (isAgentlessApiEnabled) { - setNewAgentPolicy(newAgentlessPolicy as NewAgentPolicy); + const agentlessPolicy = { + ...newAgentlessPolicy, + ...getAdditionalAgentlessPolicyInfo(policyTemplateName, packageInfo), + } as NewAgentPolicy; + + setNewAgentPolicy(agentlessPolicy); setSelectedPolicyTab(SelectedPolicyTab.NEW); - updateAgentPolicies([newAgentlessPolicy] as AgentPolicy[]); + updateAgentPolicies([agentlessPolicy] as AgentPolicy[]); } // tech debt: remove this when Serverless uses the Agentless API // https://github.com/elastic/security-team/issues/9781 @@ -187,6 +197,7 @@ export function useSetupTechnology({ newAgentlessPolicy, setSelectedPolicyTab, updateAgentPolicies, + packageInfo, ] ); @@ -195,3 +206,37 @@ export function useSetupTechnology({ selectedSetupTechnology, }; } + +const getAdditionalAgentlessPolicyInfo = ( + policyTemplateName?: string, + packageInfo?: PackageInfo +) => { + if (!policyTemplateName || !packageInfo) { + return {}; + } + const agentlessPolicyTemplate = policyTemplateName + ? packageInfo?.policy_templates?.find((policy) => policy.name === policyTemplateName) + : undefined; + + const agentlessInfo = agentlessPolicyTemplate?.deployment_modes?.agentless; + return !agentlessInfo + ? {} + : { + global_data_tags: agentlessInfo + ? [ + { + name: AGENTLESS_GLOBAL_TAG_NAME_ORGANIZATION, + value: agentlessInfo.organization, + }, + { + name: AGENTLESS_GLOBAL_TAG_NAME_DIVISION, + value: agentlessInfo.division, + }, + { + name: AGENTLESS_GLOBAL_TAG_NAME_TEAM, + value: agentlessInfo.team, + }, + ] + : [], + }; +}; diff --git a/x-pack/plugins/fleet/server/constants/index.ts b/x-pack/plugins/fleet/server/constants/index.ts index 73a62a3cbfb069..fb7e27c8b0ef8c 100644 --- a/x-pack/plugins/fleet/server/constants/index.ts +++ b/x-pack/plugins/fleet/server/constants/index.ts @@ -16,6 +16,9 @@ export { AGENT_POLICY_ROLLOUT_RATE_LIMIT_REQUEST_PER_INTERVAL, AGENT_POLICY_ROLLOUT_RATE_LIMIT_INTERVAL_MS, AGENT_UPDATE_ACTIONS_INTERVAL_MS, + AGENTLESS_GLOBAL_TAG_NAME_DIVISION, + AGENTLESS_GLOBAL_TAG_NAME_ORGANIZATION, + AGENTLESS_GLOBAL_TAG_NAME_TEAM, UNPRIVILEGED_AGENT_KUERY, PRIVILEGED_AGENT_KUERY, MAX_TIME_COMPLETE_INSTALL, diff --git a/x-pack/plugins/fleet/server/errors/index.ts b/x-pack/plugins/fleet/server/errors/index.ts index 2f9b42799075f7..ac6eca6b3b97d3 100644 --- a/x-pack/plugins/fleet/server/errors/index.ts +++ b/x-pack/plugins/fleet/server/errors/index.ts @@ -57,6 +57,16 @@ export class AgentlessAgentCreateError extends FleetError { super(`Error creating agentless agent in Fleet, ${message}`); } } +export class AgentlessAgentDeleteError extends FleetError { + constructor(message: string) { + super(`Error deleting agentless agent in Fleet, ${message}`); + } +} +export class AgentlessAgentConfigError extends FleetError { + constructor(message: string) { + super(`Error validating Agentless API configuration in Fleet, ${message}`); + } +} export class AgentlessPolicyExistsRequestError extends AgentPolicyError { constructor(message: string) { diff --git a/x-pack/plugins/fleet/server/routes/agent/index.ts b/x-pack/plugins/fleet/server/routes/agent/index.ts index f3b6e28a90f373..fc45869dc12190 100644 --- a/x-pack/plugins/fleet/server/routes/agent/index.ts +++ b/x-pack/plugins/fleet/server/routes/agent/index.ts @@ -397,6 +397,7 @@ export const registerAPIRoutes = (router: FleetAuthzRouter, config: FleetConfigT fleetAuthz: { fleet: { allAgents: true }, }, + // @ts-expect-error TODO(https://github.com/elastic/kibana/issues/196095): Replace {RouteDeprecationInfo} deprecated: true, }) .addVersion( @@ -618,6 +619,7 @@ export const registerAPIRoutes = (router: FleetAuthzRouter, config: FleetConfigT fleetAuthz: { fleet: { readAgents: true }, }, + // @ts-expect-error TODO(https://github.com/elastic/kibana/issues/196095): Replace {RouteDeprecationInfo} deprecated: true, }) .addVersion( diff --git a/x-pack/plugins/fleet/server/routes/app/index.ts b/x-pack/plugins/fleet/server/routes/app/index.ts index ea5d7be8156d58..c0b7dbcfa17431 100644 --- a/x-pack/plugins/fleet/server/routes/app/index.ts +++ b/x-pack/plugins/fleet/server/routes/app/index.ts @@ -293,6 +293,7 @@ export const registerRoutes = (router: FleetAuthzRouter, config: FleetConfigType fleet: { allAgents: true }, }, description: `Create a service token`, + // @ts-expect-error TODO(https://github.com/elastic/kibana/issues/196095): Replace {RouteDeprecationInfo} deprecated: true, }) .addVersion( diff --git a/x-pack/plugins/fleet/server/routes/enrollment_api_key/index.ts b/x-pack/plugins/fleet/server/routes/enrollment_api_key/index.ts index a93f63822e5b44..bcf44484209197 100644 --- a/x-pack/plugins/fleet/server/routes/enrollment_api_key/index.ts +++ b/x-pack/plugins/fleet/server/routes/enrollment_api_key/index.ts @@ -161,6 +161,7 @@ export const registerRoutes = (router: FleetAuthzRouter) => { fleetAuthz: { fleet: { readEnrollmentTokens: true }, }, + // @ts-expect-error TODO(https://github.com/elastic/kibana/issues/196095): Replace {RouteDeprecationInfo} deprecated: true, }) .addVersion( @@ -177,6 +178,7 @@ export const registerRoutes = (router: FleetAuthzRouter) => { fleetAuthz: { fleet: { allAgents: true }, }, + // @ts-expect-error TODO(https://github.com/elastic/kibana/issues/196095): Replace {RouteDeprecationInfo} deprecated: true, }) .addVersion( @@ -193,6 +195,7 @@ export const registerRoutes = (router: FleetAuthzRouter) => { fleetAuthz: { fleet: { readEnrollmentTokens: true }, }, + // @ts-expect-error TODO(https://github.com/elastic/kibana/issues/196095): Replace {RouteDeprecationInfo} deprecated: true, }) .addVersion( @@ -209,6 +212,7 @@ export const registerRoutes = (router: FleetAuthzRouter) => { fleetAuthz: { fleet: { allAgents: true }, }, + // @ts-expect-error TODO(https://github.com/elastic/kibana/issues/196095): Replace {RouteDeprecationInfo} deprecated: true, }) .addVersion( diff --git a/x-pack/plugins/fleet/server/routes/epm/index.ts b/x-pack/plugins/fleet/server/routes/epm/index.ts index c7eddee19b9e06..0e3c5e76eb8250 100644 --- a/x-pack/plugins/fleet/server/routes/epm/index.ts +++ b/x-pack/plugins/fleet/server/routes/epm/index.ts @@ -659,6 +659,7 @@ export const registerRoutes = (router: FleetAuthzRouter, config: FleetConfigType fleetAuthz, getRouteRequiredAuthz('get', EPM_API_ROUTES.INFO_PATTERN_DEPRECATED) ).granted, + // @ts-expect-error TODO(https://github.com/elastic/kibana/issues/196095): Replace {RouteDeprecationInfo} deprecated: true, }) .addVersion( @@ -687,6 +688,7 @@ export const registerRoutes = (router: FleetAuthzRouter, config: FleetConfigType fleetAuthz: { integrations: { writePackageSettings: true }, }, + // @ts-expect-error TODO(https://github.com/elastic/kibana/issues/196095): Replace {RouteDeprecationInfo} deprecated: true, }) .addVersion( @@ -713,6 +715,7 @@ export const registerRoutes = (router: FleetAuthzRouter, config: FleetConfigType .post({ path: EPM_API_ROUTES.INSTALL_FROM_REGISTRY_PATTERN_DEPRECATED, fleetAuthz: INSTALL_PACKAGES_AUTHZ, + // @ts-expect-error TODO(https://github.com/elastic/kibana/issues/196095): Replace {RouteDeprecationInfo} deprecated: true, }) .addVersion( @@ -741,6 +744,7 @@ export const registerRoutes = (router: FleetAuthzRouter, config: FleetConfigType fleetAuthz: { integrations: { removePackages: true }, }, + // @ts-expect-error TODO(https://github.com/elastic/kibana/issues/196095): Replace {RouteDeprecationInfo} deprecated: true, }) .addVersion( diff --git a/x-pack/plugins/fleet/server/services/agents/agentless_agent.test.ts b/x-pack/plugins/fleet/server/services/agents/agentless_agent.test.ts index e7db96812749bf..fe8b7a220470d0 100644 --- a/x-pack/plugins/fleet/server/services/agents/agentless_agent.test.ts +++ b/x-pack/plugins/fleet/server/services/agents/agentless_agent.test.ts @@ -12,7 +12,7 @@ import type { Logger } from '@kbn/core/server'; import type { AxiosError } from 'axios'; import axios from 'axios'; -import { AgentlessAgentCreateError } from '../../errors'; +import { AgentlessAgentConfigError } from '../../errors'; import type { AgentPolicy, NewAgentPolicy } from '../../types'; import { appContextService } from '../app_context'; @@ -88,104 +88,601 @@ describe('Agentless Agent service', () => { jest.resetAllMocks(); }); - it('should throw AgentlessAgentCreateError if agentless policy does not support_agentless', async () => { + it('should throw AgentlessAgentConfigError if agentless policy does not support_agentless', async () => { const soClient = getAgentPolicyCreateMock(); // ignore unrelated unique name constraint const esClient = elasticsearchServiceMock.createClusterClient().asInternalUser; jest.spyOn(appContextService, 'getCloud').mockReturnValue({ isCloudEnabled: true } as any); + jest.spyOn(appContextService, 'getConfig').mockReturnValue({ + agentless: { + enabled: true, + api: { + url: 'http://api.agentless.com/api/v1/ess', + tls: { + certificate: '/path/to/cert', + key: '/path/to/key', + }, + }, + }, + } as any); + + await expect( + agentlessAgentService.createAgentlessAgent(esClient, soClient, { + id: 'mocked', + name: 'agentless agent policy', + namespace: 'default', + supports_agentless: false, + } as AgentPolicy) + ).rejects.toThrowError( + new AgentlessAgentConfigError( + 'Agentless agent policy does not have supports_agentless enabled' + ) + ); + }); + + it('should throw AgentlessAgentConfigError if cloud and serverless is not enabled', async () => { + const soClient = getAgentPolicyCreateMock(); + // ignore unrelated unique name constraint + const esClient = elasticsearchServiceMock.createClusterClient().asInternalUser; + jest + .spyOn(appContextService, 'getCloud') + .mockReturnValue({ isCloudEnabled: false, isServerlessEnabled: false } as any); + jest.spyOn(appContextService, 'getConfig').mockReturnValue({ + agentless: { + enabled: true, + api: { + url: 'http://api.agentless.com/api/v1/ess', + tls: { + certificate: '/path/to/cert', + key: '/path/to/key', + }, + }, + }, + } as any); + await expect( + agentlessAgentService.createAgentlessAgent(esClient, soClient, { + id: 'mocked', + name: 'agentless agent policy', + namespace: 'default', + supports_agentless: true, + } as AgentPolicy) + ).rejects.toThrowError( + new AgentlessAgentConfigError( + 'Agentless agents are only supported in cloud deployment and serverless projects' + ) + ); + }); + + it('should throw AgentlessAgentConfigError if agentless configuration is not found', async () => { + const soClient = getAgentPolicyCreateMock(); + // ignore unrelated unique name constraint + const esClient = elasticsearchServiceMock.createClusterClient().asInternalUser; + jest.spyOn(appContextService, 'getConfig').mockReturnValue({} as any); + jest.spyOn(appContextService, 'getCloud').mockReturnValue({ isCloudEnabled: true } as any); + + await expect( + agentlessAgentService.createAgentlessAgent(esClient, soClient, { + id: 'mocked', + name: 'agentless agent policy', + namespace: 'default', + supports_agentless: true, + } as AgentPolicy) + ).rejects.toThrowError( + new AgentlessAgentConfigError('missing Agentless API configuration in Kibana') + ); + }); + + it('should throw AgentlessAgentConfigError if fleet hosts are not found', async () => { + const soClient = getAgentPolicyCreateMock(); + // ignore unrelated unique name constraint + const esClient = elasticsearchServiceMock.createClusterClient().asInternalUser; + jest.spyOn(appContextService, 'getConfig').mockReturnValue({ + agentless: { + enabled: true, + api: { + url: 'http://api.agentless.com/api/v1/ess', + tls: { + certificate: '/path/to/cert', + key: '/path/to/key', + }, + }, + }, + } as any); + jest.spyOn(appContextService, 'getCloud').mockReturnValue({ isCloudEnabled: true } as any); + mockedListFleetServerHosts.mockResolvedValue({ items: [] } as any); + mockedListEnrollmentApiKeys.mockResolvedValue({ + items: [ + { + id: 'mocked', + policy_id: 'mocked', + api_key: 'mocked', + }, + ], + } as any); + + await expect( + agentlessAgentService.createAgentlessAgent(esClient, soClient, { + id: 'mocked', + name: 'agentless agent policy', + namespace: 'default', + supports_agentless: true, + } as AgentPolicy) + ).rejects.toThrowError(new AgentlessAgentConfigError('missing default Fleet server host')); + }); + + it('should throw AgentlessAgentConfigError if enrollment tokens are not found', async () => { + const soClient = getAgentPolicyCreateMock(); + // ignore unrelated unique name constraint + const esClient = elasticsearchServiceMock.createClusterClient().asInternalUser; + jest.spyOn(appContextService, 'getConfig').mockReturnValue({ + agentless: { + enabled: true, + api: { + url: 'http://api.agentless.com/api/v1/ess', + tls: { + certificate: '/path/to/cert', + key: '/path/to/key', + }, + }, + }, + } as any); + jest.spyOn(appContextService, 'getCloud').mockReturnValue({ isCloudEnabled: true } as any); + mockedListFleetServerHosts.mockResolvedValue({ + items: [ + { + id: 'mocked', + host: 'http://fleetserver:8220', + active: true, + is_default: true, + }, + ], + } as any); + mockedListEnrollmentApiKeys.mockResolvedValue({ + items: [], + } as any); + + await expect( + agentlessAgentService.createAgentlessAgent(esClient, soClient, { + id: 'mocked', + name: 'agentless agent policy', + namespace: 'default', + supports_agentless: true, + } as AgentPolicy) + ).rejects.toThrowError(new AgentlessAgentConfigError('missing Fleet enrollment token')); + }); + + it('should throw an error and log and error when the Agentless API returns a status not handled and not in the 2xx series', async () => { + const soClient = getAgentPolicyCreateMock(); + const esClient = elasticsearchServiceMock.createClusterClient().asInternalUser; + jest.spyOn(appContextService, 'getConfig').mockReturnValue({ + agentless: { + enabled: true, + api: { + url: 'http://api.agentless.com', + tls: { + certificate: '/path/to/cert', + key: '/path/to/key', + ca: '/path/to/ca', + }, + }, + }, + } as any); + jest.spyOn(appContextService, 'getCloud').mockReturnValue({ isCloudEnabled: true } as any); + mockedListFleetServerHosts.mockResolvedValue({ + items: [ + { + id: 'mocked-fleet-server-id', + host: 'http://fleetserver:8220', + active: true, + is_default: true, + host_urls: ['http://fleetserver:8220'], + }, + ], + } as any); + mockedListEnrollmentApiKeys.mockResolvedValue({ + items: [ + { + id: 'mocked-fleet-enrollment-token-id', + policy_id: 'mocked-policy-id', + api_key: 'mocked-api-key', + }, + ], + } as any); + // Force axios to throw an AxiosError to simulate an error response + (axios as jest.MockedFunction).mockRejectedValueOnce({ + response: { + status: 999, + data: { + message: 'This is a fake error status that is never to be handled handled', + }, + }, + } as AxiosError); + + await expect( + agentlessAgentService.createAgentlessAgent(esClient, soClient, { + id: 'mocked-agentless-agent-policy-id', + name: 'agentless agent policy', + namespace: 'default', + supports_agentless: true, + } as AgentPolicy) + ).rejects.toThrowError(); + + // Assert that the error is logged + expect(mockedLogger.error).toHaveBeenCalledTimes(1); + }); + + it('should throw an error and log and error when the Agentless API returns status 500', async () => { + const soClient = getAgentPolicyCreateMock(); + const esClient = elasticsearchServiceMock.createClusterClient().asInternalUser; + jest.spyOn(appContextService, 'getConfig').mockReturnValue({ + agentless: { + enabled: true, + api: { + url: 'http://api.agentless.com', + tls: { + certificate: '/path/to/cert', + key: '/path/to/key', + ca: '/path/to/ca', + }, + }, + }, + } as any); + jest.spyOn(appContextService, 'getCloud').mockReturnValue({ isCloudEnabled: true } as any); + mockedListFleetServerHosts.mockResolvedValue({ + items: [ + { + id: 'mocked-fleet-server-id', + host: 'http://fleetserver:8220', + active: true, + is_default: true, + host_urls: ['http://fleetserver:8220'], + }, + ], + } as any); + mockedListEnrollmentApiKeys.mockResolvedValue({ + items: [ + { + id: 'mocked-fleet-enrollment-token-id', + policy_id: 'mocked-policy-id', + api_key: 'mocked-api-key', + }, + ], + } as any); + // Force axios to throw an AxiosError to simulate an error response + (axios as jest.MockedFunction).mockRejectedValueOnce({ + response: { + status: 500, + data: { + message: 'Internal Server Error', + }, + }, + } as AxiosError); + + await expect( + agentlessAgentService.createAgentlessAgent(esClient, soClient, { + id: 'mocked-agentless-agent-policy-id', + name: 'agentless agent policy', + namespace: 'default', + supports_agentless: true, + } as AgentPolicy) + ).rejects.toThrowError(); + + // Assert that the error is logged + expect(mockedLogger.error).toHaveBeenCalledTimes(1); + }); + + it('should throw an error and log and error when the Agentless API returns status 429', async () => { + const soClient = getAgentPolicyCreateMock(); + const esClient = elasticsearchServiceMock.createClusterClient().asInternalUser; + jest.spyOn(appContextService, 'getConfig').mockReturnValue({ + agentless: { + enabled: true, + api: { + url: 'http://api.agentless.com', + tls: { + certificate: '/path/to/cert', + key: '/path/to/key', + ca: '/path/to/ca', + }, + }, + }, + } as any); + jest.spyOn(appContextService, 'getCloud').mockReturnValue({ isCloudEnabled: true } as any); + mockedListFleetServerHosts.mockResolvedValue({ + items: [ + { + id: 'mocked-fleet-server-id', + host: 'http://fleetserver:8220', + active: true, + is_default: true, + host_urls: ['http://fleetserver:8220'], + }, + ], + } as any); + mockedListEnrollmentApiKeys.mockResolvedValue({ + items: [ + { + id: 'mocked-fleet-enrollment-token-id', + policy_id: 'mocked-policy-id', + api_key: 'mocked-api-key', + }, + ], + } as any); + // Force axios to throw an AxiosError to simulate an error response + (axios as jest.MockedFunction).mockRejectedValueOnce({ + response: { + status: 429, + data: { + message: 'Limit exceeded', + }, + }, + } as AxiosError); + + await expect( + agentlessAgentService.createAgentlessAgent(esClient, soClient, { + id: 'mocked-agentless-agent-policy-id', + name: 'agentless agent policy', + namespace: 'default', + supports_agentless: true, + } as AgentPolicy) + ).rejects.toThrowError(); + + // Assert that the error is logged + expect(mockedLogger.error).toHaveBeenCalledTimes(1); + }); + + it('should throw an error and log and error when the Agentless API returns status 408', async () => { + const soClient = getAgentPolicyCreateMock(); + const esClient = elasticsearchServiceMock.createClusterClient().asInternalUser; + jest.spyOn(appContextService, 'getConfig').mockReturnValue({ + agentless: { + enabled: true, + api: { + url: 'http://api.agentless.com', + tls: { + certificate: '/path/to/cert', + key: '/path/to/key', + ca: '/path/to/ca', + }, + }, + }, + } as any); + jest.spyOn(appContextService, 'getCloud').mockReturnValue({ isCloudEnabled: true } as any); + mockedListFleetServerHosts.mockResolvedValue({ + items: [ + { + id: 'mocked-fleet-server-id', + host: 'http://fleetserver:8220', + active: true, + is_default: true, + host_urls: ['http://fleetserver:8220'], + }, + ], + } as any); + mockedListEnrollmentApiKeys.mockResolvedValue({ + items: [ + { + id: 'mocked-fleet-enrollment-token-id', + policy_id: 'mocked-policy-id', + api_key: 'mocked-api-key', + }, + ], + } as any); + // Force axios to throw an AxiosError to simulate an error response + (axios as jest.MockedFunction).mockRejectedValueOnce({ + response: { + status: 408, + data: { + message: 'Request timed out', + }, + }, + } as AxiosError); await expect( agentlessAgentService.createAgentlessAgent(esClient, soClient, { - id: 'mocked', + id: 'mocked-agentless-agent-policy-id', name: 'agentless agent policy', namespace: 'default', - supports_agentless: false, + supports_agentless: true, } as AgentPolicy) - ).rejects.toThrowError( - new AgentlessAgentCreateError('Agentless agent policy does not have agentless enabled') - ); + ).rejects.toThrowError(); + + // Assert that the error is logged + expect(mockedLogger.error).toBeCalledTimes(1); }); - it('should throw AgentlessAgentCreateError if cloud is not enabled', async () => { + it('should throw an error and log and error when the Agentless API returns status 404', async () => { const soClient = getAgentPolicyCreateMock(); - // ignore unrelated unique name constraint const esClient = elasticsearchServiceMock.createClusterClient().asInternalUser; - jest.spyOn(appContextService, 'getCloud').mockReturnValue({ isCloudEnabled: false } as any); + jest.spyOn(appContextService, 'getConfig').mockReturnValue({ + agentless: { + enabled: true, + api: { + url: 'http://api.agentless.com', + tls: { + certificate: '/path/to/cert', + key: '/path/to/key', + ca: '/path/to/ca', + }, + }, + }, + } as any); + jest.spyOn(appContextService, 'getCloud').mockReturnValue({ isCloudEnabled: true } as any); + mockedListFleetServerHosts.mockResolvedValue({ + items: [ + { + id: 'mocked-fleet-server-id', + host: 'http://fleetserver:8220', + active: true, + is_default: true, + host_urls: ['http://fleetserver:8220'], + }, + ], + } as any); + mockedListEnrollmentApiKeys.mockResolvedValue({ + items: [ + { + id: 'mocked-fleet-enrollment-token-id', + policy_id: 'mocked-policy-id', + api_key: 'mocked-api-key', + }, + ], + } as any); + // Force axios to throw an AxiosError to simulate an error response + (axios as jest.MockedFunction).mockRejectedValueOnce({ + response: { + status: 404, + data: { + message: 'Not Found', + }, + }, + } as AxiosError); await expect( agentlessAgentService.createAgentlessAgent(esClient, soClient, { - id: 'mocked', + id: 'mocked-agentless-agent-policy-id', name: 'agentless agent policy', namespace: 'default', supports_agentless: true, } as AgentPolicy) - ).rejects.toThrowError(new AgentlessAgentCreateError('missing agentless configuration')); + ).rejects.toThrowError(); + + // Assert that the error is logged + expect(mockedLogger.error).toBeCalledTimes(1); }); - it('should throw AgentlessAgentCreateError if agentless configuration is not found', async () => { + it('should throw an error and log and error when the Agentless API returns status 403', async () => { const soClient = getAgentPolicyCreateMock(); - // ignore unrelated unique name constraint const esClient = elasticsearchServiceMock.createClusterClient().asInternalUser; - jest.spyOn(appContextService, 'getConfig').mockReturnValue({} as any); + jest.spyOn(appContextService, 'getConfig').mockReturnValue({ + agentless: { + enabled: true, + api: { + url: 'http://api.agentless.com', + tls: { + certificate: '/path/to/cert', + key: '/path/to/key', + ca: '/path/to/ca', + }, + }, + }, + } as any); jest.spyOn(appContextService, 'getCloud').mockReturnValue({ isCloudEnabled: true } as any); + mockedListFleetServerHosts.mockResolvedValue({ + items: [ + { + id: 'mocked-fleet-server-id', + host: 'http://fleetserver:8220', + active: true, + is_default: true, + host_urls: ['http://fleetserver:8220'], + }, + ], + } as any); + mockedListEnrollmentApiKeys.mockResolvedValue({ + items: [ + { + id: 'mocked-fleet-enrollment-token-id', + policy_id: 'mocked-policy-id', + api_key: 'mocked-api-key', + }, + ], + } as any); + // Force axios to throw an AxiosError to simulate an error response + (axios as jest.MockedFunction).mockRejectedValueOnce({ + response: { + status: 403, + data: { + message: 'Forbidden', + }, + }, + } as AxiosError); await expect( agentlessAgentService.createAgentlessAgent(esClient, soClient, { - id: 'mocked', + id: 'mocked-agentless-agent-policy-id', name: 'agentless agent policy', namespace: 'default', supports_agentless: true, } as AgentPolicy) - ).rejects.toThrowError(new AgentlessAgentCreateError('missing agentless configuration')); + ).rejects.toThrowError(); + + // Assert that the error is logged + expect(mockedLogger.error).toBeCalledTimes(1); }); - it('should throw AgentlessAgentCreateError if fleet hosts are not found', async () => { + + it('should throw an error and log and error when the Agentless API returns status 401', async () => { const soClient = getAgentPolicyCreateMock(); - // ignore unrelated unique name constraint const esClient = elasticsearchServiceMock.createClusterClient().asInternalUser; jest.spyOn(appContextService, 'getConfig').mockReturnValue({ agentless: { + enabled: true, api: { - url: 'http://api.agentless.com/api/v1/ess', + url: 'http://api.agentless.com', tls: { certificate: '/path/to/cert', key: '/path/to/key', + ca: '/path/to/ca', }, }, }, } as any); jest.spyOn(appContextService, 'getCloud').mockReturnValue({ isCloudEnabled: true } as any); - mockedListFleetServerHosts.mockResolvedValue({ items: [] } as any); + mockedListFleetServerHosts.mockResolvedValue({ + items: [ + { + id: 'mocked-fleet-server-id', + host: 'http://fleetserver:8220', + active: true, + is_default: true, + host_urls: ['http://fleetserver:8220'], + }, + ], + } as any); mockedListEnrollmentApiKeys.mockResolvedValue({ items: [ { - id: 'mocked', - policy_id: 'mocked', - api_key: 'mocked', + id: 'mocked-fleet-enrollment-token-id', + policy_id: 'mocked-policy-id', + api_key: 'mocked-api-key', }, ], } as any); + // Force axios to throw an AxiosError to simulate an error response + (axios as jest.MockedFunction).mockRejectedValueOnce({ + response: { + status: 401, + data: { + message: 'Unauthorized', + }, + }, + } as AxiosError); await expect( agentlessAgentService.createAgentlessAgent(esClient, soClient, { - id: 'mocked', + id: 'mocked-agentless-agent-policy-id', name: 'agentless agent policy', namespace: 'default', supports_agentless: true, } as AgentPolicy) - ).rejects.toThrowError(new AgentlessAgentCreateError('missing Fleet server host')); + ).rejects.toThrowError(); + + // Assert that the error is logged + expect(mockedLogger.error).toBeCalledTimes(1); }); - it('should throw AgentlessAgentCreateError if enrollment tokens are not found', async () => { + it('should throw an error and log and error when the Agentless API returns status 400', async () => { const soClient = getAgentPolicyCreateMock(); - // ignore unrelated unique name constraint const esClient = elasticsearchServiceMock.createClusterClient().asInternalUser; jest.spyOn(appContextService, 'getConfig').mockReturnValue({ agentless: { + enabled: true, api: { - url: 'http://api.agentless.com/api/v1/ess', + url: 'http://api.agentless.com', tls: { certificate: '/path/to/cert', key: '/path/to/key', + ca: '/path/to/ca', }, }, }, @@ -194,25 +691,44 @@ describe('Agentless Agent service', () => { mockedListFleetServerHosts.mockResolvedValue({ items: [ { - id: 'mocked', + id: 'mocked-fleet-server-id', host: 'http://fleetserver:8220', active: true, is_default: true, + host_urls: ['http://fleetserver:8220'], }, ], } as any); mockedListEnrollmentApiKeys.mockResolvedValue({ - items: [], + items: [ + { + id: 'mocked-fleet-enrollment-token-id', + policy_id: 'mocked-policy-id', + api_key: 'mocked-api-key', + }, + ], } as any); + // Force axios to throw an AxiosError to simulate an error response + (axios as jest.MockedFunction).mockRejectedValueOnce({ + response: { + status: 400, + data: { + message: 'Bad Request', + }, + }, + } as AxiosError); await expect( agentlessAgentService.createAgentlessAgent(esClient, soClient, { - id: 'mocked', + id: 'mocked-agentless-agent-policy-id', name: 'agentless agent policy', namespace: 'default', supports_agentless: true, } as AgentPolicy) - ).rejects.toThrowError(new AgentlessAgentCreateError('missing Fleet enrollment token')); + ).rejects.toThrowError(); + + // Assert that the error is logged + expect(mockedLogger.error).toBeCalledTimes(1); }); it('should create agentless agent for ESS', async () => { @@ -271,6 +787,20 @@ describe('Agentless Agent service', () => { name: 'agentless agent policy', namespace: 'default', supports_agentless: true, + global_data_tags: [ + { + name: 'organization', + value: 'elastic', + }, + { + name: 'division', + value: 'cloud', + }, + { + name: 'team', + value: 'fleet', + }, + ], } as AgentPolicy ); @@ -283,6 +813,11 @@ describe('Agentless Agent service', () => { fleet_url: 'http://fleetserver:8220', policy_id: 'mocked-agentless-agent-policy-id', stack_version: 'mocked-kibana-version-infinite', + labels: { + organization: 'elastic', + division: 'cloud', + team: 'fleet', + }, }), headers: expect.anything(), httpsAgent: expect.anything(), @@ -350,6 +885,20 @@ describe('Agentless Agent service', () => { name: 'agentless agent policy', namespace: 'default', supports_agentless: true, + global_data_tags: [ + { + name: 'organization', + value: 'elastic', + }, + { + name: 'division', + value: 'cloud', + }, + { + name: 'team', + value: 'fleet', + }, + ], } as AgentPolicy ); @@ -361,6 +910,11 @@ describe('Agentless Agent service', () => { fleet_token: 'mocked-fleet-enrollment-api-key', fleet_url: 'http://fleetserver:8220', policy_id: 'mocked-agentless-agent-policy-id', + labels: { + organization: 'elastic', + division: 'cloud', + team: 'fleet', + }, }, headers: expect.anything(), httpsAgent: expect.anything(), @@ -370,6 +924,83 @@ describe('Agentless Agent service', () => { ); }); + it('should create agentless agent when no labels are given', async () => { + const returnValue = { + id: 'mocked', + regional_id: 'mocked', + }; + + (axios as jest.MockedFunction).mockResolvedValueOnce(returnValue); + const soClient = getAgentPolicyCreateMock(); + // ignore unrelated unique name constraint + const esClient = elasticsearchServiceMock.createClusterClient().asInternalUser; + jest.spyOn(appContextService, 'getConfig').mockReturnValue({ + agentless: { + enabled: true, + api: { + url: 'http://api.agentless.com', + tls: { + certificate: '/path/to/cert', + key: '/path/to/key', + ca: '/path/to/ca', + }, + }, + }, + } as any); + jest.spyOn(appContextService, 'getCloud').mockReturnValue({ isCloudEnabled: true } as any); + jest + .spyOn(appContextService, 'getKibanaVersion') + .mockReturnValue('mocked-kibana-version-infinite'); + mockedListFleetServerHosts.mockResolvedValue({ + items: [ + { + id: 'mocked-fleet-server-id', + host: 'http://fleetserver:8220', + active: true, + is_default: true, + host_urls: ['http://fleetserver:8220'], + }, + ], + } as any); + mockedListEnrollmentApiKeys.mockResolvedValue({ + items: [ + { + id: 'mocked-fleet-enrollment-token-id', + policy_id: 'mocked-fleet-enrollment-policy-id', + api_key: 'mocked-fleet-enrollment-api-key', + }, + ], + } as any); + + const createAgentlessAgentReturnValue = await agentlessAgentService.createAgentlessAgent( + esClient, + soClient, + { + id: 'mocked-agentless-agent-policy-id', + name: 'agentless agent policy', + namespace: 'default', + supports_agentless: true, + } as AgentPolicy + ); + + expect(axios).toHaveBeenCalledTimes(1); + expect(createAgentlessAgentReturnValue).toEqual(returnValue); + expect(axios).toHaveBeenCalledWith( + expect.objectContaining({ + data: expect.objectContaining({ + fleet_token: 'mocked-fleet-enrollment-api-key', + fleet_url: 'http://fleetserver:8220', + policy_id: 'mocked-agentless-agent-policy-id', + stack_version: 'mocked-kibana-version-infinite', + }), + headers: expect.anything(), + httpsAgent: expect.anything(), + method: 'POST', + url: 'http://api.agentless.com/api/v1/ess/deployments', + }) + ); + }); + it('should delete agentless agent for ESS', async () => { const returnValue = { id: 'mocked', diff --git a/x-pack/plugins/fleet/server/services/agents/agentless_agent.ts b/x-pack/plugins/fleet/server/services/agents/agentless_agent.ts index 617f3db7849f44..7400b5958eb652 100644 --- a/x-pack/plugins/fleet/server/services/agents/agentless_agent.ts +++ b/x-pack/plugins/fleet/server/services/agents/agentless_agent.ts @@ -8,9 +8,10 @@ import https from 'https'; import type { ElasticsearchClient, LogMeta, SavedObjectsClientContract } from '@kbn/core/server'; +import type { Logger } from '@kbn/logging'; import { SslConfig, sslSchema } from '@kbn/server-http-tools'; -import type { AxiosError, AxiosRequestConfig } from 'axios'; +import type { AxiosError, AxiosRequestConfig, AxiosResponse } from 'axios'; import axios from 'axios'; import apm from 'elastic-apm-node'; @@ -18,7 +19,16 @@ import apm from 'elastic-apm-node'; import { SO_SEARCH_LIMIT } from '../../constants'; import type { AgentPolicy } from '../../types'; import type { AgentlessApiResponse } from '../../../common/types'; -import { AgentlessAgentCreateError } from '../../errors'; +import { + AgentlessAgentConfigError, + AgentlessAgentCreateError, + AgentlessAgentDeleteError, +} from '../../errors'; +import { + AGENTLESS_GLOBAL_TAG_NAME_ORGANIZATION, + AGENTLESS_GLOBAL_TAG_NAME_DIVISION, + AGENTLESS_GLOBAL_TAG_NAME_TEAM, +} from '../../constants'; import { appContextService } from '../app_context'; @@ -34,8 +44,6 @@ class AgentlessAgentService { agentlessAgentPolicy: AgentPolicy ) { const traceId = apm.currentTransaction?.traceparent; - const withRequestIdMessage = (message: string) => `${message} [Request Id: ${traceId}]`; - const errorMetadata: LogMeta = { trace: { id: traceId, @@ -45,21 +53,25 @@ class AgentlessAgentService { const logger = appContextService.getLogger(); logger.debug(`[Agentless API] Creating agentless agent ${agentlessAgentPolicy.id}`); - if (!isAgentlessApiEnabled) { + const agentlessConfig = appContextService.getConfig()?.agentless; + if (!agentlessConfig) { + logger.error('[Agentless API] Missing agentless configuration', errorMetadata); + throw new AgentlessAgentConfigError('missing Agentless API configuration in Kibana'); + } + + if (!isAgentlessApiEnabled()) { logger.error( - '[Agentless API] Creating agentless agent not supported in non-cloud or non-serverless environments' + '[Agentless API] Agentless agents are only supported in cloud deployment and serverless projects' + ); + throw new AgentlessAgentConfigError( + 'Agentless agents are only supported in cloud deployment and serverless projects' ); - throw new AgentlessAgentCreateError('Agentless agent not supported'); } if (!agentlessAgentPolicy.supports_agentless) { logger.error('[Agentless API] Agentless agent policy does not have agentless enabled'); - throw new AgentlessAgentCreateError('Agentless agent policy does not have agentless enabled'); - } - - const agentlessConfig = appContextService.getConfig()?.agentless; - if (!agentlessConfig) { - logger.error('[Agentless API] Missing agentless configuration', errorMetadata); - throw new AgentlessAgentCreateError('missing agentless configuration'); + throw new AgentlessAgentConfigError( + 'Agentless agent policy does not have supports_agentless enabled' + ); } const policyId = agentlessAgentPolicy.id; @@ -81,12 +93,15 @@ class AgentlessAgentService { ); const tlsConfig = this.createTlsConfig(agentlessConfig); + const labels = this.getAgentlessTags(agentlessAgentPolicy); + const requestConfig: AxiosRequestConfig = { url: prependAgentlessApiBasePathToEndpoint(agentlessConfig, '/deployments'), data: { policy_id: policyId, fleet_url: fleetUrl, fleet_token: fleetToken, + labels, }, method: 'POST', headers: { @@ -111,67 +126,19 @@ class AgentlessAgentService { logger.debug( `[Agentless API] Creating agentless agent with request config ${requestConfigDebugStatus}` ); - const errorMetadataWithRequestConfig: LogMeta = { - ...errorMetadata, - http: { - request: { - id: traceId, - body: requestConfig.data, - }, - }, - }; const response = await axios(requestConfig).catch( (error: Error | AxiosError) => { - if (!axios.isAxiosError(error)) { - logger.error( - `[Agentless API] Creating agentless failed with an error ${error} ${requestConfigDebugStatus}`, - errorMetadataWithRequestConfig - ); - throw new AgentlessAgentCreateError(withRequestIdMessage(error.message)); - } - - const errorLogCodeCause = `${error.code} ${this.convertCauseErrorsToString(error)}`; - - if (error.response) { - // The request was made and the server responded with a status code and error data - logger.error( - `[Agentless API] Creating agentless failed because the Agentless API responding with a status code that falls out of the range of 2xx: ${JSON.stringify( - error.response.status - )}} ${JSON.stringify(error.response.data)}} ${requestConfigDebugStatus}`, - { - ...errorMetadataWithRequestConfig, - http: { - ...errorMetadataWithRequestConfig.http, - response: { - status_code: error.response.status, - body: error.response.data, - }, - }, - } - ); - throw new AgentlessAgentCreateError( - withRequestIdMessage(`the Agentless API could not create the agentless agent`) - ); - } else if (error.request) { - // The request was made but no response was received - logger.error( - `[Agentless API] Creating agentless agent failed while sending the request to the Agentless API: ${errorLogCodeCause} ${requestConfigDebugStatus}`, - errorMetadataWithRequestConfig - ); - throw new AgentlessAgentCreateError( - withRequestIdMessage(`no response received from the Agentless API`) - ); - } else { - // Something happened in setting up the request that triggered an Error - logger.error( - `[Agentless API] Creating agentless agent failed to be created ${errorLogCodeCause} ${requestConfigDebugStatus}`, - errorMetadataWithRequestConfig - ); - throw new AgentlessAgentCreateError( - withRequestIdMessage('the Agentless API could not create the agentless agent') - ); - } + this.catchAgentlessApiError( + 'create', + error, + logger, + agentlessAgentPolicy.id, + requestConfig, + requestConfigDebugStatus, + errorMetadata, + traceId + ); } ); @@ -199,6 +166,12 @@ class AgentlessAgentService { ca: tlsConfig.certificateAuthorities, }), }; + const traceId = apm.currentTransaction?.traceparent; + const errorMetadata: LogMeta = { + trace: { + id: traceId, + }, + }; const requestConfigDebugStatus = this.createRequestConfigDebug(requestConfig); @@ -223,35 +196,40 @@ class AgentlessAgentService { ); const response = await axios(requestConfig).catch((error: AxiosError) => { - const errorLogCodeCause = `${error.code} ${this.convertCauseErrorsToString(error)}`; - - if (!axios.isAxiosError(error)) { - logger.error( - `[Agentless API] Deleting agentless deployment failed with an error ${JSON.stringify( - error - )} ${requestConfigDebugStatus}` - ); - } - if (error.response) { - logger.error( - `[Agentless API] Deleting Agentless deployment Failed Response Error: ${JSON.stringify( - error.response.status - )}} ${JSON.stringify(error.response.data)}} ${requestConfigDebugStatus} ` - ); - } else if (error.request) { - logger.error( - `[Agentless API] Deleting agentless deployment failed to receive a response from the Agentless API ${errorLogCodeCause} ${requestConfigDebugStatus}` - ); - } else { - logger.error( - `[Agentless API] Deleting agentless deployment failed to delete the request ${errorLogCodeCause} ${requestConfigDebugStatus}` - ); - } + this.catchAgentlessApiError( + 'delete', + error, + logger, + agentlessPolicyId, + requestConfig, + requestConfigDebugStatus, + errorMetadata, + traceId + ); }); return response; } + private getAgentlessTags(agentlessAgentPolicy: AgentPolicy) { + if (!agentlessAgentPolicy.global_data_tags) { + return undefined; + } + + const getGlobalTagValueByName = (name: string) => + agentlessAgentPolicy.global_data_tags?.find((tag) => tag.name === name)?.value; + + return { + organization: getGlobalTagValueByName(AGENTLESS_GLOBAL_TAG_NAME_ORGANIZATION), + division: getGlobalTagValueByName(AGENTLESS_GLOBAL_TAG_NAME_DIVISION), + team: getGlobalTagValueByName(AGENTLESS_GLOBAL_TAG_NAME_TEAM), + }; + } + + private withRequestIdMessage(message: string, traceId?: string) { + return `${message} [Request Id: ${traceId}]`; + } + private createTlsConfig(agentlessConfig: AgentlessConfig | undefined) { return new SslConfig( sslSchema.validate({ @@ -263,6 +241,34 @@ class AgentlessAgentService { ); } + private async getFleetUrlAndTokenForAgentlessAgent( + esClient: ElasticsearchClient, + policyId: string, + soClient: SavedObjectsClientContract + ) { + const { items: enrollmentApiKeys } = await listEnrollmentApiKeys(esClient, { + perPage: SO_SEARCH_LIMIT, + showInactive: true, + kuery: `policy_id:"${policyId}"`, + }); + + const { items: fleetHosts } = await listFleetServerHosts(soClient); + // Tech Debt: change this when we add the internal fleet server config to use the internal fleet server host + // https://github.com/elastic/security-team/issues/9695 + const defaultFleetHost = + fleetHosts.length === 1 ? fleetHosts[0] : fleetHosts.find((host) => host.is_default); + + if (!defaultFleetHost) { + throw new AgentlessAgentConfigError('missing default Fleet server host'); + } + if (!enrollmentApiKeys.length) { + throw new AgentlessAgentConfigError('missing Fleet enrollment token'); + } + const fleetToken = enrollmentApiKeys[0].api_key; + const fleetUrl = defaultFleetHost?.host_urls[0]; + return { fleetUrl, fleetToken }; + } + private createRequestConfigDebug(requestConfig: AxiosRequestConfig) { return JSON.stringify({ ...requestConfig, @@ -282,6 +288,129 @@ class AgentlessAgentService { }); } + private catchAgentlessApiError( + action: 'create' | 'delete', + error: Error | AxiosError, + logger: Logger, + agentlessPolicyId: string, + requestConfig: AxiosRequestConfig, + requestConfigDebugStatus: string, + errorMetadata: LogMeta, + traceId?: string + ) { + const errorMetadataWithRequestConfig: LogMeta = { + ...errorMetadata, + http: { + request: { + id: traceId, + body: requestConfig.data, + }, + }, + }; + + const errorLogCodeCause = (axiosError: AxiosError) => + `${axiosError.code} ${this.convertCauseErrorsToString(axiosError)}`; + + if (!axios.isAxiosError(error)) { + logger.error( + `${ + action === 'create' + ? `[Agentless API] Creating agentless failed with an error that is not an AxiosError for agentless policy` + : `[Agentless API] Deleting agentless deployment failed with an error that is not an Axios error for agentless policy` + } ${error} ${requestConfigDebugStatus}`, + errorMetadataWithRequestConfig + ); + + throw this.getAgentlessAgentError(action, error.message, traceId); + } + + const ERROR_HANDLING_MESSAGES = this.getErrorHandlingMessages(agentlessPolicyId); + + if (error.response) { + if (error.response.status in ERROR_HANDLING_MESSAGES) { + const handledResponseErrorMessage = + ERROR_HANDLING_MESSAGES[error.response.status as keyof typeof ERROR_HANDLING_MESSAGES][ + action + ]; + this.handleResponseError( + action, + error.response, + logger, + errorMetadataWithRequestConfig, + requestConfigDebugStatus, + handledResponseErrorMessage.log, + handledResponseErrorMessage.message, + traceId + ); + } else { + const unhandledResponseErrorMessage = ERROR_HANDLING_MESSAGES.unhandled_response[action]; + // The request was made and the server responded with a status code and error data + this.handleResponseError( + action, + error.response, + logger, + errorMetadataWithRequestConfig, + requestConfigDebugStatus, + unhandledResponseErrorMessage.log, + unhandledResponseErrorMessage.message, + traceId + ); + } + } else if (error.request) { + // The request was made but no response was received + const requestErrorMessage = ERROR_HANDLING_MESSAGES.request_error[action]; + logger.error( + `${requestErrorMessage.log} ${errorLogCodeCause(error)} ${requestConfigDebugStatus}`, + errorMetadataWithRequestConfig + ); + + throw this.getAgentlessAgentError(action, requestErrorMessage.message, traceId); + } else { + // Something happened in setting up the request that triggered an Error + logger.error( + `[Agentless API] ${ + action === 'create' ? 'Creating' : 'Deleting' + } the agentless agent failed ${errorLogCodeCause(error)} ${requestConfigDebugStatus}`, + errorMetadataWithRequestConfig + ); + + throw this.getAgentlessAgentError( + action, + `the Agentless API could not ${action} the agentless agent`, + traceId + ); + } + } + + private handleResponseError( + action: 'create' | 'delete', + response: AxiosResponse, + logger: Logger, + errorMetadataWithRequestConfig: LogMeta, + requestConfigDebugStatus: string, + logMessage: string, + userMessage: string, + traceId?: string + ) { + logger.error( + `${logMessage} ${JSON.stringify(response.status)} ${JSON.stringify( + response.data + )}} ${requestConfigDebugStatus}`, + { + ...errorMetadataWithRequestConfig, + http: { + ...errorMetadataWithRequestConfig.http, + response: { + status_code: response?.status, + body: response?.data, + }, + }, + } + ); + + throw this.getAgentlessAgentError(action, userMessage, traceId); + } + private convertCauseErrorsToString = (error: AxiosError) => { if (error.cause instanceof AggregateError) { return error.cause.errors.map((e: Error) => e.message); @@ -289,32 +418,122 @@ class AgentlessAgentService { return error.cause; }; - private async getFleetUrlAndTokenForAgentlessAgent( - esClient: ElasticsearchClient, - policyId: string, - soClient: SavedObjectsClientContract - ) { - const { items: enrollmentApiKeys } = await listEnrollmentApiKeys(esClient, { - perPage: SO_SEARCH_LIMIT, - showInactive: true, - kuery: `policy_id:"${policyId}"`, - }); - - const { items: fleetHosts } = await listFleetServerHosts(soClient); - // Tech Debt: change this when we add the internal fleet server config to use the internal fleet server host - // https://github.com/elastic/security-team/issues/9695 - const defaultFleetHost = - fleetHosts.length === 1 ? fleetHosts[0] : fleetHosts.find((host) => host.is_default); + private getAgentlessAgentError(action: string, userMessage: string, traceId: string | undefined) { + return action === 'create' + ? new AgentlessAgentCreateError(this.withRequestIdMessage(userMessage, traceId)) + : new AgentlessAgentDeleteError(this.withRequestIdMessage(userMessage, traceId)); + } - if (!defaultFleetHost) { - throw new AgentlessAgentCreateError('missing Fleet server host'); - } - if (!enrollmentApiKeys.length) { - throw new AgentlessAgentCreateError('missing Fleet enrollment token'); - } - const fleetToken = enrollmentApiKeys[0].api_key; - const fleetUrl = defaultFleetHost?.host_urls[0]; - return { fleetUrl, fleetToken }; + private getErrorHandlingMessages(agentlessPolicyId: string) { + return { + 400: { + create: { + log: '[Agentless API] Creating the agentless agent failed with a status 400, bad request for agentless policy.', + message: + 'the Agentless API could not create the agentless agent. Please delete the agentless policy and try again or contact your administrator.', + }, + delete: { + log: '[Agentless API] Deleting the agentless deployment failed with a status 400, bad request for agentless policy', + message: + 'the Agentless API could not create the agentless agent. Please delete the agentless policy try again or contact your administrator.', + }, + }, + 401: { + create: { + log: '[Agentless API] Creating the agentless agent failed with a status 401 unauthorized for agentless policy.', + message: + 'the Agentless API could not create the agentless agent because an unauthorized request was sent. Please delete the agentless policy and try again or contact your administrator.', + }, + delete: { + log: '[Agentless API] Deleting the agentless deployment failed with a status 401 unauthorized for agentless policy. Check the Kibana Agentless API tls configuration', + message: + 'the Agentless API could not delete the agentless deployment because an unauthorized request was sent. Please try again or contact your administrator.', + }, + }, + 403: { + create: { + log: '[Agentless API] Creating the agentless agent failed with a status 403 forbidden for agentless policy. Check the Kibana Agentless API configuration and endpoints.', + message: + 'the Agentless API could not create the agentless agent because a forbidden request was sent. Please delete the agentless policy and try again or contact your administrator.', + }, + delete: { + log: '[Agentless API] Deleting the agentless deployment failed with a status 403 forbidden for agentless policy. Check the Kibana Agentless API configuration and endpoints.', + message: + 'the Agentless API could not delete the agentless deployment because a forbidden request was sent. Please try again or contact your administrator.', + }, + }, + 404: { + // this is likely to happen when creating agentless agents, but covering it in case + create: { + log: '[Agentless API] Creating the agentless agent failed with a status 404 not found.', + message: + 'the Agentless API could not create the agentless agent because it returned a 404 error not found.', + }, + delete: { + log: '[Agentless API] Deleting the agentless deployment failed with a status 404 not found', + message: `the Agentless API could not delete the agentless deployment ${agentlessPolicyId} because it could not be found.`, + }, + }, + 408: { + create: { + log: '[Agentless API] Creating the agentless agent failed with a status 408, the request timed out', + message: + 'the Agentless API request timed out waiting for the agentless agent status to respond, please wait a few minutes for the agent to enroll with fleet. If agent fails to enroll with Fleet please delete the agentless policy try again or contact your administrator.', + }, + delete: { + log: '[Agentless API] Deleting the agentless deployment failed with a status 408, the request timed out', + message: `the Agentless API could not delete the agentless deployment ${agentlessPolicyId} because the request timed out, please wait a few minutes for the agentless agent deployment to be removed. If it continues to persist please try again or contact your administrator.`, + }, + }, + 429: { + create: { + log: '[Agentless API] Creating the agentless agent failed with a status 429 for agentless policy, agentless agent limit has been reached for this deployment or project.', + message: + 'the Agentless API could not create the agentless agent, you have reached the limit of agentless agents provisioned for this deployment or project. Consider removing some agentless agents and try again or use agent-based agents for this integration.', + }, + // this is likely to happen when deleting agentless agents, but covering it in case + delete: { + log: '[Agentless API] Deleting the agentless deployment failed with a status 429 for agentless policy, agentless agent limit has been reached for this deployment or project.', + message: + 'the Agentless API could not delete the agentless deployment, you have reached the limit of agentless agents provisioned for this deployment or project. Consider removing some agentless agents and try again or use agent-based agents for this integration.', + }, + }, + 500: { + create: { + log: '[Agentless API] Creating the agentless agent failed with a status 500 internal service error.', + message: + 'the Agentless API could not create the agentless agent because it returned a 500 internal error. Please delete the agentless policy and try again later or contact your administrator.', + }, + delete: { + log: '[Agentless API] Deleting the agentless deployment failed with a status 500 internal service error.', + message: + 'the Agentless API could not delete the agentless deployment because it returned a 500 internal error. Please try again later or contact your administrator.', + }, + }, + unhandled_response: { + create: { + log: '[Agentless API] Creating agentless agent failed because the Agentless API responded with an unhandled status code that falls out of the range of 2xx:', + message: + 'the Agentless API could not create the agentless agent due to an unexpected error. Please delete the agentless policy and try again later or contact your administrator.', + }, + delete: { + log: '[Agentless API] Deleting agentless deployment failed because the Agentless API responded with an unhandled status code that falls out of the range of 2xx:', + message: `the Agentless API could not delete the agentless deployment ${agentlessPolicyId}. Please try again later or contact your administrator.`, + }, + }, + request_error: { + create: { + log: '[Agentless API] Creating agentless agent failed with a request error:', + message: + 'the Agentless API could not create the agentless agent due to a request error. Please delete the agentless policy and try again later or contact your administrator.', + }, + delete: { + log: '[Agentless API] Deleting agentless deployment failed with a request error:', + message: + 'the Agentless API could not delete the agentless deployment due to a request error. Please try again later or contact your administrator.', + }, + }, + }; } } diff --git a/x-pack/plugins/fleet/server/services/epm/package_service.mock.ts b/x-pack/plugins/fleet/server/services/epm/package_service.mock.ts index 39d0451687de5f..eeaa80b0c9449e 100644 --- a/x-pack/plugins/fleet/server/services/epm/package_service.mock.ts +++ b/x-pack/plugins/fleet/server/services/epm/package_service.mock.ts @@ -16,7 +16,7 @@ const createClientMock = (): jest.Mocked => ({ installCustomIntegration: jest.fn(), fetchFindLatestPackage: jest.fn(), readBundledPackage: jest.fn(), - getAgentPolicyInputs: jest.fn(), + getAgentPolicyConfigYAML: jest.fn(), getPackage: jest.fn(), getPackageFieldsMetadata: jest.fn(), getPackages: jest.fn(), diff --git a/x-pack/plugins/fleet/server/services/epm/package_service.ts b/x-pack/plugins/fleet/server/services/epm/package_service.ts index 1911ed14a7c800..661475dfadc09c 100644 --- a/x-pack/plugins/fleet/server/services/epm/package_service.ts +++ b/x-pack/plugins/fleet/server/services/epm/package_service.ts @@ -28,7 +28,6 @@ import type { InstallablePackage, Installation, RegistryPackage, - TemplateAgentPolicyInput, } from '../../types'; import type { FleetAuthzRouteConfig } from '../security/types'; @@ -116,12 +115,12 @@ export interface PackageClient { prerelease?: false; }): Promise; - getAgentPolicyInputs( + getAgentPolicyConfigYAML( pkgName: string, pkgVersion?: string, prerelease?: false, ignoreUnverified?: boolean - ): Promise; + ): Promise; reinstallEsAssets( packageInfo: InstallablePackage, @@ -284,7 +283,7 @@ class PackageClientImpl implements PackageClient { return generatePackageInfoFromArchiveBuffer(archiveBuffer, 'application/zip'); } - public async getAgentPolicyInputs( + public async getAgentPolicyConfigYAML( pkgName: string, pkgVersion?: string, prerelease?: false, @@ -298,16 +297,14 @@ class PackageClientImpl implements PackageClient { pkgVersion = pkg.version; } - const { inputs } = await getTemplateInputs( + return getTemplateInputs( this.internalSoClient, pkgName, pkgVersion, - 'json', + 'yml', prerelease, ignoreUnverified ); - - return inputs; } public async getPackage( diff --git a/x-pack/plugins/fleet/server/services/utils/agentless.ts b/x-pack/plugins/fleet/server/services/utils/agentless.ts index c43f10db16b462..0f5d4e9d1de855 100644 --- a/x-pack/plugins/fleet/server/services/utils/agentless.ts +++ b/x-pack/plugins/fleet/server/services/utils/agentless.ts @@ -10,7 +10,7 @@ import type { FleetConfigType } from '../../config'; export { isOnlyAgentlessIntegration } from '../../../common/services/agentless_policy_helper'; export const isAgentlessApiEnabled = () => { - const cloudSetup = appContextService.getCloud && appContextService.getCloud(); + const cloudSetup = appContextService.getCloud(); const isHosted = cloudSetup?.isCloudEnabled || cloudSetup?.isServerlessEnabled; return Boolean(isHosted && appContextService.getConfig()?.agentless?.enabled); }; diff --git a/x-pack/plugins/index_management/__jest__/client_integration/home/indices_tab.test.tsx b/x-pack/plugins/index_management/__jest__/client_integration/home/indices_tab.test.tsx index 351bc068f36a0d..a8256a2e00b278 100644 --- a/x-pack/plugins/index_management/__jest__/client_integration/home/indices_tab.test.tsx +++ b/x-pack/plugins/index_management/__jest__/client_integration/home/indices_tab.test.tsx @@ -10,6 +10,7 @@ */ import { EuiSearchBoxProps } from '@elastic/eui/src/components/search_bar/search_box'; +import { applicationServiceMock } from '@kbn/core/public/mocks'; jest.mock('@elastic/eui/lib/components/search_bar/search_box', () => { return { EuiSearchBox: (props: EuiSearchBoxProps) => ( @@ -136,15 +137,21 @@ describe('', () => { createNonDataStreamIndex(indexName) ); + const application = applicationServiceMock.createStartContract(); testBed = await setup(httpSetup, { history: createMemoryHistory(), + core: { + application, + }, }); const { component, actions } = testBed; component.update(); await actions.clickIndexNameAt(0); - expect(testBed.actions.findIndexDetailsPageTitle()).toContain('testIndex'); + expect(application.navigateToUrl).toHaveBeenCalledWith( + '/app/management/data/index_management/indices/index_details?indexName=testIndex&includeHiddenIndices=true' + ); }); it('index page works with % character in index name', async () => { @@ -155,13 +162,21 @@ describe('', () => { createNonDataStreamIndex(indexName) ); - testBed = await setup(httpSetup); + const application = applicationServiceMock.createStartContract(); + testBed = await setup(httpSetup, { + history: createMemoryHistory(), + core: { + application, + }, + }); const { component, actions } = testBed; component.update(); await actions.clickIndexNameAt(0); - expect(testBed.actions.findIndexDetailsPageTitle()).toContain(indexName); + expect(application.navigateToUrl).toHaveBeenCalledWith( + '/app/management/data/index_management/indices/index_details?indexName=test%25&includeHiddenIndices=true' + ); }); describe('empty list component', () => { diff --git a/x-pack/plugins/index_management/public/application/components/template_form/steps/step_logistics.tsx b/x-pack/plugins/index_management/public/application/components/template_form/steps/step_logistics.tsx index 84cb0fa027ad1e..d73d95600e5b1b 100644 --- a/x-pack/plugins/index_management/public/application/components/template_form/steps/step_logistics.tsx +++ b/x-pack/plugins/index_management/public/application/components/template_form/steps/step_logistics.tsx @@ -194,6 +194,7 @@ export const StepLogistics: React.FunctionComponent = React.memo( const { submit, isSubmitted, + isSubmitting, isValid: isFormValid, getErrors: getFormErrors, getFormData, @@ -275,7 +276,7 @@ export const StepLogistics: React.FunctionComponent = React.memo(
diff --git a/x-pack/plugins/index_management/public/application/sections/home/data_stream_list/edit_data_retention_modal/edit_data_retention_modal.tsx b/x-pack/plugins/index_management/public/application/sections/home/data_stream_list/edit_data_retention_modal/edit_data_retention_modal.tsx index ca3612bdab168c..f747abca19f05d 100644 --- a/x-pack/plugins/index_management/public/application/sections/home/data_stream_list/edit_data_retention_modal/edit_data_retention_modal.tsx +++ b/x-pack/plugins/index_management/public/application/sections/home/data_stream_list/edit_data_retention_modal/edit_data_retention_modal.tsx @@ -23,6 +23,7 @@ import { has } from 'lodash'; import { ScopedHistory } from '@kbn/core/public'; import { i18n } from '@kbn/i18n'; import { FormattedMessage } from '@kbn/i18n-react'; +import { isBiggerThanGlobalMaxRetention } from './validations'; import { useForm, useFormData, @@ -34,6 +35,7 @@ import { UseField, ToggleField, NumericField, + fieldValidators, } from '../../../../../shared_imports'; import { reactRouterNavigate } from '../../../../../shared_imports'; @@ -53,35 +55,6 @@ interface Props { onClose: (data?: { hasUpdatedDataRetention: boolean }) => void; } -const convertToMinutes = (value: string) => { - const { size, unit } = splitSizeAndUnits(value); - const sizeNum = parseInt(size, 10); - - switch (unit) { - case 'd': - // days to minutes - return sizeNum * 24 * 60; - case 'h': - // hours to minutes - return sizeNum * 60; - case 'm': - // minutes to minutes - return sizeNum; - case 's': - // seconds to minutes - return sizeNum / 60; - default: - throw new Error(`Unknown unit: ${unit}`); - } -}; - -const isRetentionBiggerThan = (valueA: string, valueB: string) => { - const minutesA = convertToMinutes(valueA); - const minutesB = convertToMinutes(valueB); - - return minutesA > minutesB; -}; - const configurationFormSchema: FormSchema = { dataRetention: { type: FIELD_TYPES.TEXT, @@ -94,50 +67,62 @@ const configurationFormSchema: FormSchema = { formatters: [fieldFormatters.toInt], validations: [ { - validator: ({ value, formData, customData }) => { - // If infiniteRetentionPeriod is set, we dont need to validate the data retention field - if (formData.infiniteRetentionPeriod) { - return undefined; + validator: ({ value }) => { + // TODO: Replace with validator added in https://github.com/elastic/kibana/pull/196527/ + if (!Number.isInteger(Number(value ?? ''))) { + return { + message: i18n.translate( + 'xpack.idxMgmt.dataStreamsDetailsPanel.editDataRetentionModal.dataRetentionFieldIntegerError', + { + defaultMessage: 'Only integers are allowed.', + } + ), + }; } - - // If project level data retention is enabled, we need to enforce the global max retention - const { globalMaxRetention, enableProjectLevelRetentionChecks } = customData.value as any; - if (enableProjectLevelRetentionChecks) { - const currentValue = `${value}${formData.timeUnit}`; - if (globalMaxRetention && isRetentionBiggerThan(currentValue, globalMaxRetention)) { - return { - message: i18n.translate( - 'xpack.idxMgmt.dataStreamsDetailsPanel.editDataRetentionModal.dataRetentionFieldMaxError', - { - defaultMessage: - 'Maximum data retention period on this project is {maxRetention} days.', - // Remove the unit from the globalMaxRetention value - values: { maxRetention: globalMaxRetention.slice(0, -1) }, - } - ), - }; + }, + }, + { + validator: ({ value, formData, customData }) => { + // We only need to validate the data retention field if infiniteRetentionPeriod is set to false + if (!formData.infiniteRetentionPeriod) { + // If project level data retention is enabled, we need to enforce the global max retention + const { globalMaxRetention, enableProjectLevelRetentionChecks } = + customData.value as any; + if (enableProjectLevelRetentionChecks) { + return isBiggerThanGlobalMaxRetention(value, formData.timeUnit, globalMaxRetention); } } - - if (!value) { - return { - message: i18n.translate( + }, + }, + { + validator: (args) => { + // We only need to validate the data retention field if infiniteRetentionPeriod is set to false + if (!args.formData.infiniteRetentionPeriod) { + return fieldValidators.emptyField( + i18n.translate( 'xpack.idxMgmt.dataStreamsDetailsPanel.editDataRetentionModal.dataRetentionFieldRequiredError', { defaultMessage: 'A data retention value is required.', } - ), - }; + ) + )(args); } - if (value <= 0) { - return { + }, + }, + { + validator: (args) => { + // We only need to validate the data retention field if infiniteRetentionPeriod is set to false + if (!args.formData.infiniteRetentionPeriod) { + return fieldValidators.numberGreaterThanField({ + than: 0, + allowEquality: false, message: i18n.translate( 'xpack.idxMgmt.dataStreamsDetailsPanel.editDataRetentionModal.dataRetentionFieldNonNegativeError', { defaultMessage: `A positive value is required.`, } ), - }; + })(args); } }, }, @@ -258,11 +243,11 @@ export const EditDataRetentionModal: React.FunctionComponent = ({ const formHasErrors = form.getErrors().length > 0; const disableSubmit = formHasErrors || !isDirty || form.isValid === false; - // Whenever the formData changes, we need to re-validate the dataRetention field - // as it depends on the timeUnit field. + // Whenever the timeUnit field changes, we need to re-validate + // the dataRetention field useEffect(() => { form.validateFields(['dataRetention']); - }, [formData, form]); + }, [formData.timeUnit, form]); const onSubmitForm = async () => { const { isValid, data } = await form.submit(); diff --git a/x-pack/plugins/index_management/public/application/sections/home/data_stream_list/edit_data_retention_modal/validations.test.ts b/x-pack/plugins/index_management/public/application/sections/home/data_stream_list/edit_data_retention_modal/validations.test.ts new file mode 100644 index 00000000000000..0768d0990cdc0b --- /dev/null +++ b/x-pack/plugins/index_management/public/application/sections/home/data_stream_list/edit_data_retention_modal/validations.test.ts @@ -0,0 +1,53 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { isBiggerThanGlobalMaxRetention } from './validations'; + +describe('isBiggerThanGlobalMaxRetention', () => { + it('should return undefined if any argument is missing', () => { + expect(isBiggerThanGlobalMaxRetention('', 'd', '30d')).toBeUndefined(); + expect(isBiggerThanGlobalMaxRetention(10, '', '30d')).toBeUndefined(); + expect(isBiggerThanGlobalMaxRetention(10, 'd', '')).toBeUndefined(); + }); + + it('should return an error message if retention is bigger than global max retention (in days)', () => { + const result = isBiggerThanGlobalMaxRetention(40, 'd', '30d'); + expect(result).toEqual({ + message: 'Maximum data retention period on this project is 30 days.', + }); + }); + + it('should return undefined if retention is smaller than or equal to global max retention (in days)', () => { + expect(isBiggerThanGlobalMaxRetention(30, 'd', '30d')).toBeUndefined(); + expect(isBiggerThanGlobalMaxRetention(25, 'd', '30d')).toBeUndefined(); + }); + + it('should correctly compare retention in different time units against days', () => { + expect(isBiggerThanGlobalMaxRetention(24, 'h', '1d')).toBeUndefined(); + expect(isBiggerThanGlobalMaxRetention(23, 'h', '1d')).toBeUndefined(); + // 30 days = 720 hours + expect(isBiggerThanGlobalMaxRetention(800, 'h', '30d')).toEqual({ + message: 'Maximum data retention period on this project is 30 days.', + }); + + // 1 day = 1440 minutes + expect(isBiggerThanGlobalMaxRetention(1440, 'm', '1d')).toBeUndefined(); + expect(isBiggerThanGlobalMaxRetention(3000, 'm', '2d')).toEqual({ + message: 'Maximum data retention period on this project is 2 days.', + }); + + // 1 day = 86400 seconds + expect(isBiggerThanGlobalMaxRetention(1000, 's', '1d')).toBeUndefined(); + expect(isBiggerThanGlobalMaxRetention(87000, 's', '1d')).toEqual({ + message: 'Maximum data retention period on this project is 1 days.', + }); + }); + + it('should throw an error for unknown time units', () => { + expect(() => isBiggerThanGlobalMaxRetention(10, 'x', '30d')).toThrow('Unknown unit: x'); + }); +}); diff --git a/x-pack/plugins/index_management/public/application/sections/home/data_stream_list/edit_data_retention_modal/validations.ts b/x-pack/plugins/index_management/public/application/sections/home/data_stream_list/edit_data_retention_modal/validations.ts new file mode 100644 index 00000000000000..831ac2f4c26b9c --- /dev/null +++ b/x-pack/plugins/index_management/public/application/sections/home/data_stream_list/edit_data_retention_modal/validations.ts @@ -0,0 +1,61 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { i18n } from '@kbn/i18n'; +import { splitSizeAndUnits } from '../../../../../../common'; + +const convertToMinutes = (value: string) => { + const { size, unit } = splitSizeAndUnits(value); + const sizeNum = parseInt(size, 10); + + switch (unit) { + case 'd': + // days to minutes + return sizeNum * 24 * 60; + case 'h': + // hours to minutes + return sizeNum * 60; + case 'm': + // minutes to minutes + return sizeNum; + case 's': + // seconds to minutes (round up if any remainder) + return Math.ceil(sizeNum / 60); + default: + throw new Error(`Unknown unit: ${unit}`); + } +}; + +const isRetentionBiggerThan = (valueA: string, valueB: string) => { + const minutesA = convertToMinutes(valueA); + const minutesB = convertToMinutes(valueB); + + return minutesA > minutesB; +}; + +export const isBiggerThanGlobalMaxRetention = ( + retentionValue: string | number, + retentionTimeUnit: string, + globalMaxRetention: string +) => { + if (!retentionValue || !retentionTimeUnit || !globalMaxRetention) { + return undefined; + } + + return isRetentionBiggerThan(`${retentionValue}${retentionTimeUnit}`, globalMaxRetention) + ? { + message: i18n.translate( + 'xpack.idxMgmt.dataStreamsDetailsPanel.editDataRetentionModal.dataRetentionFieldMaxError', + { + defaultMessage: 'Maximum data retention period on this project is {maxRetention} days.', + // Remove the unit from the globalMaxRetention value + values: { maxRetention: globalMaxRetention.slice(0, -1) }, + } + ), + } + : undefined; +}; diff --git a/x-pack/plugins/index_management/public/application/sections/home/index_list/index_actions_context_menu/index_actions_context_menu.js b/x-pack/plugins/index_management/public/application/sections/home/index_list/index_actions_context_menu/index_actions_context_menu.js index 2acce7f28b06fe..d733fdfd2f6e61 100644 --- a/x-pack/plugins/index_management/public/application/sections/home/index_list/index_actions_context_menu/index_actions_context_menu.js +++ b/x-pack/plugins/index_management/public/application/sections/home/index_list/index_actions_context_menu/index_actions_context_menu.js @@ -23,7 +23,7 @@ import { import { flattenPanelTree } from '../../../../lib/flatten_panel_tree'; import { INDEX_OPEN, IndexDetailsSection } from '../../../../../../common/constants'; -import { getIndexDetailsLink } from '../../../../services/routing'; +import { getIndexDetailsLink, navigateToIndexDetailsPage } from '../../../../services/routing'; import { AppContext } from '../../../../app_context'; export class IndexActionsContextMenu extends Component { @@ -50,7 +50,7 @@ export class IndexActionsContextMenu extends Component { panels() { const { services: { extensionsService }, - core: { getUrlForApp }, + core: { getUrlForApp, application, http }, history, config: { enableIndexActions }, } = this.context; @@ -83,8 +83,13 @@ export class IndexActionsContextMenu extends Component { defaultMessage: 'Show index overview', }), onClick: () => { - history.push( - getIndexDetailsLink(indexNames[0], indicesListURLParams, IndexDetailsSection.Overview) + navigateToIndexDetailsPage( + indexNames[0], + indicesListURLParams, + extensionsService, + application, + http, + IndexDetailsSection.Overview ); }, }); @@ -94,8 +99,13 @@ export class IndexActionsContextMenu extends Component { defaultMessage: 'Show index settings', }), onClick: () => { - history.push( - getIndexDetailsLink(indexNames[0], indicesListURLParams, IndexDetailsSection.Settings) + navigateToIndexDetailsPage( + indexNames[0], + indicesListURLParams, + extensionsService, + application, + http, + IndexDetailsSection.Settings ); }, }); @@ -105,8 +115,13 @@ export class IndexActionsContextMenu extends Component { defaultMessage: 'Show index mapping', }), onClick: () => { - history.push( - getIndexDetailsLink(indexNames[0], indicesListURLParams, IndexDetailsSection.Mappings) + navigateToIndexDetailsPage( + indexNames[0], + indicesListURLParams, + extensionsService, + application, + http, + IndexDetailsSection.Mappings ); }, }); diff --git a/x-pack/plugins/index_management/public/application/sections/home/index_list/index_table/index_table.js b/x-pack/plugins/index_management/public/application/sections/home/index_list/index_table/index_table.js index 9567aee715c3b0..b63c211f74dbfd 100644 --- a/x-pack/plugins/index_management/public/application/sections/home/index_list/index_table/index_table.js +++ b/x-pack/plugins/index_management/public/application/sections/home/index_list/index_table/index_table.js @@ -41,7 +41,7 @@ import { reactRouterNavigate, attemptToURIDecode, } from '../../../../../shared_imports'; -import { getDataStreamDetailsLink, getIndexDetailsLink } from '../../../../services/routing'; +import { getDataStreamDetailsLink, navigateToIndexDetailsPage } from '../../../../services/routing'; import { documentationService } from '../../../../services/documentation'; import { AppContextConsumer } from '../../../../app_context'; import { renderBadges } from '../../../../lib/render_badges'; @@ -73,12 +73,13 @@ const getColumnConfigs = ({ { - if (!extensionsService.indexDetailsPageRoute) { - history.push(getIndexDetailsLink(index.name, location.search || '')); - } else { - const route = extensionsService.indexDetailsPageRoute.renderRoute(index.name); - application.navigateToUrl(http.basePath.prepend(route)); - } + navigateToIndexDetailsPage( + index.name, + location.search || '', + extensionsService, + application, + http + ); }} > {index.name} diff --git a/x-pack/plugins/index_management/public/application/services/routing.test.ts b/x-pack/plugins/index_management/public/application/services/routing.test.ts index 24500cb6059bf4..0b1462deab58bc 100644 --- a/x-pack/plugins/index_management/public/application/services/routing.test.ts +++ b/x-pack/plugins/index_management/public/application/services/routing.test.ts @@ -5,10 +5,16 @@ * 2.0. */ -import { getIndexDetailsLink, getIndexListUri } from './routing'; +import { getIndexDetailsLink, getIndexListUri, navigateToIndexDetailsPage } from './routing'; +import { applicationServiceMock, httpServiceMock } from '@kbn/core/public/mocks'; +import { ExtensionsService } from '../../services/extensions_service'; +import { IndexDetailsSection } from '../../../common/constants'; describe('routing', () => { describe('index details link', () => { + const application = applicationServiceMock.createStartContract(); + const http = httpServiceMock.createSetupContract(); + it('adds the index name to the url', () => { const indexName = 'testIndex'; const url = getIndexDetailsLink(indexName, ''); @@ -26,6 +32,33 @@ describe('routing', () => { const url = getIndexDetailsLink('testIndex', '', tab); expect(url).toContain(`tab=${tab}`); }); + it('renders default index details route without extensionService indexDetailsPageRoute ', () => { + const extensionService = { + indexDetailsPageRoute: null, + } as ExtensionsService; + navigateToIndexDetailsPage('testIndex', '', extensionService, application, http); + expect(application.navigateToUrl).toHaveBeenCalled(); + }); + + it('renders route from extensionService indexDetailsPageRoute with tab id', () => { + const extensionService = { + indexDetailsPageRoute: { + renderRoute: (indexName: string, detailsTabId?: string) => { + return `test_url/${detailsTabId}`; + }, + }, + } as ExtensionsService; + navigateToIndexDetailsPage( + 'testIndex', + '', + extensionService, + application, + http, + IndexDetailsSection.Settings + ); + expect(application.navigateToUrl).toHaveBeenCalled(); + expect(application.navigateToUrl).toHaveBeenCalledWith('test_url/settings'); + }); }); describe('indices list link', () => { diff --git a/x-pack/plugins/index_management/public/application/services/routing.ts b/x-pack/plugins/index_management/public/application/services/routing.ts index 07653d2591ffc5..bce7a14f03e46f 100644 --- a/x-pack/plugins/index_management/public/application/services/routing.ts +++ b/x-pack/plugins/index_management/public/application/services/routing.ts @@ -5,9 +5,12 @@ * 2.0. */ +import { ApplicationStart } from '@kbn/core/public'; +import { HttpSetup } from '@kbn/core/public'; import { Section } from '../../../common/constants'; import type { IndexDetailsTabId } from '../../../common/constants'; - +import { ExtensionsService } from '../../services/extensions_service'; +import { IndexDetailsSection } from '../../../common/constants'; export const getTemplateListLink = () => `/templates`; export const getTemplateDetailsLink = (name: string, isLegacy?: boolean) => { @@ -78,3 +81,26 @@ export const getComponentTemplatesLink = (usedByTemplateName?: string) => { } return url; }; +export const navigateToIndexDetailsPage = ( + indexName: string, + indicesListURLParams: string, + extensionsService: ExtensionsService, + application: ApplicationStart, + http: HttpSetup, + tabId?: IndexDetailsSection +) => { + if (!extensionsService.indexDetailsPageRoute) { + application.navigateToUrl( + http.basePath.prepend( + `/app/management/data/index_management${getIndexDetailsLink( + indexName, + indicesListURLParams, + tabId + )}` + ) + ); + } else { + const route = extensionsService.indexDetailsPageRoute.renderRoute(indexName, tabId); + application.navigateToUrl(http.basePath.prepend(route)); + } +}; diff --git a/x-pack/plugins/ingest_pipelines/common/types.ts b/x-pack/plugins/ingest_pipelines/common/types.ts index 4c68b443fb8fbd..793d54b085be28 100644 --- a/x-pack/plugins/ingest_pipelines/common/types.ts +++ b/x-pack/plugins/ingest_pipelines/common/types.ts @@ -35,6 +35,11 @@ export enum FieldCopyAction { export type DatabaseType = 'maxmind' | 'ipinfo' | 'web' | 'local' | 'unknown'; +export interface DatabaseNameOption { + value: string; + text: string; +} + export interface GeoipDatabase { name: string; id: string; diff --git a/x-pack/plugins/ingest_pipelines/public/application/components/pipeline_editor/components/processor_form/processors/ip_location.tsx b/x-pack/plugins/ingest_pipelines/public/application/components/pipeline_editor/components/processor_form/processors/ip_location.tsx index 765c482f1c86b3..83ee9f7ef00852 100644 --- a/x-pack/plugins/ingest_pipelines/public/application/components/pipeline_editor/components/processor_form/processors/ip_location.tsx +++ b/x-pack/plugins/ingest_pipelines/public/application/components/pipeline_editor/components/processor_form/processors/ip_location.tsx @@ -25,6 +25,7 @@ import { FieldsConfig, from, to } from './shared'; import { TargetField } from './common_fields/target_field'; import { PropertiesField } from './common_fields/properties_field'; import type { GeoipDatabase } from '../../../../../../../common/types'; +import { getDatabaseText, getDatabaseValue } from '../../../../../sections/manage_processors/utils'; import { getTypeLabel } from '../../../../../sections/manage_processors/constants'; const extension = '.mmdb'; @@ -33,8 +34,20 @@ const fieldsConfig: FieldsConfig = { /* Optional field config */ database_file: { type: FIELD_TYPES.COMBO_BOX, - deserializer: (v: unknown) => to.arrayOfStrings(v).map((str) => str?.split(extension)[0]), - serializer: (v: string[]) => (v.length ? `${v[0]}${extension}` : undefined), + deserializer: (v: unknown) => + to.arrayOfStrings(v).map((str) => { + const databaseName = str?.split(extension)[0]; + // Use the translated text for this database, if it exists + return getDatabaseText(databaseName) ?? databaseName; + }), + serializer: (v: any[]) => { + if (v.length) { + const databaseName = v[0]; + const databaseValue = getDatabaseValue(databaseName); + return databaseValue ? `${databaseValue}${extension}` : `${databaseName}${extension}`; + } + return undefined; + }, label: i18n.translate('xpack.ingestPipelines.pipelineEditor.ipLocationForm.databaseFileLabel', { defaultMessage: 'Database file (optional)', }), @@ -77,7 +90,8 @@ export const IpLocation: FunctionComponent = () => { const dataAsOptions = (data || []).map((item) => ({ id: item.id, type: item.type, - label: item.name, + // Use the translated text for this database, if it exists + label: getDatabaseText(item.name) ?? item.name, })); const optionsByGroup = groupBy(dataAsOptions, 'type'); const groupedOptions = map(optionsByGroup, (items, groupName) => ({ diff --git a/x-pack/plugins/ingest_pipelines/public/application/sections/manage_processors/constants.ts b/x-pack/plugins/ingest_pipelines/public/application/sections/manage_processors/constants.ts index 63b201936d859c..bc71e6ac59cadf 100644 --- a/x-pack/plugins/ingest_pipelines/public/application/sections/manage_processors/constants.ts +++ b/x-pack/plugins/ingest_pipelines/public/application/sections/manage_processors/constants.ts @@ -6,7 +6,7 @@ */ import { i18n } from '@kbn/i18n'; -import type { GeoipDatabase } from '../../../../common/types'; +import type { GeoipDatabase, DatabaseNameOption } from '../../../../common/types'; export const ADD_DATABASE_MODAL_TITLE_ID = 'manageProcessorsAddGeoipDatabase'; export const ADD_DATABASE_MODAL_FORM_ID = 'manageProcessorsAddGeoipDatabaseForm'; @@ -24,7 +24,7 @@ export const DATABASE_TYPE_OPTIONS = [ }), }, ]; -export const GEOIP_NAME_OPTIONS = [ +export const GEOIP_NAME_OPTIONS: DatabaseNameOption[] = [ { value: 'GeoIP2-Anonymous-IP', text: i18n.translate('xpack.ingestPipelines.manageProcessors.geoip.anonymousIPDatabaseName', { @@ -71,7 +71,7 @@ export const GEOIP_NAME_OPTIONS = [ }), }, ]; -export const IPINFO_NAME_OPTIONS = [ +export const IPINFO_NAME_OPTIONS: DatabaseNameOption[] = [ { value: 'asn', text: i18n.translate('xpack.ingestPipelines.manageProcessors.ipinfo.freeAsnDatabaseName', { diff --git a/x-pack/plugins/ingest_pipelines/public/application/sections/manage_processors/geoip_list.tsx b/x-pack/plugins/ingest_pipelines/public/application/sections/manage_processors/geoip_list.tsx index 0acb66ba7dd253..a6512c1442edeb 100644 --- a/x-pack/plugins/ingest_pipelines/public/application/sections/manage_processors/geoip_list.tsx +++ b/x-pack/plugins/ingest_pipelines/public/application/sections/manage_processors/geoip_list.tsx @@ -23,7 +23,7 @@ import { FormattedMessage } from '@kbn/i18n-react'; import { i18n } from '@kbn/i18n'; import { css } from '@emotion/react'; -import { IPINFO_NAME_OPTIONS } from './constants'; +import { getDatabaseText } from './utils'; import type { GeoipDatabase } from '../../../../common/types'; import { SectionLoading, useKibana } from '../../../shared_imports'; import { getTypeLabel } from './constants'; @@ -71,9 +71,8 @@ export const GeoipList: React.FunctionComponent = () => { sortable: true, render: (name: string, row) => { if (row.type === 'ipinfo') { - // find the name in the options to get the translated value - const option = IPINFO_NAME_OPTIONS.find((opt) => opt.value === name); - return option?.text ?? name; + // Use the translated text for this database, if it exists + return getDatabaseText(name, 'ipinfo') ?? name; } return name; diff --git a/x-pack/plugins/ingest_pipelines/public/application/sections/manage_processors/utils.test.ts b/x-pack/plugins/ingest_pipelines/public/application/sections/manage_processors/utils.test.ts new file mode 100644 index 00000000000000..c5b12a95bc539c --- /dev/null +++ b/x-pack/plugins/ingest_pipelines/public/application/sections/manage_processors/utils.test.ts @@ -0,0 +1,60 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { getDatabaseValue, getDatabaseText } from './utils'; + +describe('getDatabaseValue', () => { + it('should return the value for a given database text for maxmind', () => { + const databaseText = 'GeoIP2 City'; + const result = getDatabaseValue(databaseText, 'maxmind'); + expect(result).toBe('GeoIP2-City'); + }); + + it('should return the value for a given database text for ipinfo', () => { + const databaseText = 'Free IP to ASN'; + const result = getDatabaseValue(databaseText, 'ipinfo'); + expect(result).toBe('asn'); + }); + + it('should return undefined if the database text is not found', () => { + const databaseText = 'Unknown Database'; + const result = getDatabaseValue(databaseText); + expect(result).toBeUndefined(); + }); + + it('should return the value when no type is provided and the database text is found in any option', () => { + const databaseText = 'ASN'; + const result = getDatabaseValue(databaseText); + expect(result).toBe('standard_asn'); + }); +}); + +describe('getDatabaseText', () => { + it('should return the human-readable name for a given database value for maxmind', () => { + const databaseValue = 'GeoIP2-City'; + const result = getDatabaseText(databaseValue, 'maxmind'); + expect(result).toBe('GeoIP2 City'); + }); + + it('should return the human-readable name for a given database value for ipinfo', () => { + const databaseValue = 'asn'; + const result = getDatabaseText(databaseValue, 'ipinfo'); + expect(result).toBe('Free IP to ASN'); + }); + + it('should return undefined if the database value is not found', () => { + const databaseValue = 'unknown-value'; + const result = getDatabaseText(databaseValue); + expect(result).toBeUndefined(); + }); + + it('should return the human-readable name when no type is provided and the value is found in any option', () => { + const databaseValue = 'standard_location'; + const result = getDatabaseText(databaseValue); + expect(result).toBe('IP Geolocation'); + }); +}); diff --git a/x-pack/plugins/ingest_pipelines/public/application/sections/manage_processors/utils.ts b/x-pack/plugins/ingest_pipelines/public/application/sections/manage_processors/utils.ts new file mode 100644 index 00000000000000..83a6557cf4fd16 --- /dev/null +++ b/x-pack/plugins/ingest_pipelines/public/application/sections/manage_processors/utils.ts @@ -0,0 +1,44 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { DatabaseType, DatabaseNameOption } from '../../../../common/types'; +import { GEOIP_NAME_OPTIONS, IPINFO_NAME_OPTIONS } from './constants'; + +const getDatabaseNameOptions = (type?: DatabaseType): DatabaseNameOption[] => { + switch (type) { + case 'maxmind': + return GEOIP_NAME_OPTIONS; + case 'ipinfo': + return IPINFO_NAME_OPTIONS; + case undefined: + return [...GEOIP_NAME_OPTIONS, ...IPINFO_NAME_OPTIONS]; + default: + return []; + } +}; + +/** + * Returns the value/id of the database, if it exists. + * + * @param databaseText The human-readable name of the database + * @param type If specified, searches only in the database name options for this type + */ +export const getDatabaseValue = (databaseText: string, type?: DatabaseType): string | undefined => { + const options = getDatabaseNameOptions(type); + return options.find((opt) => opt.text === databaseText)?.value; +}; + +/** + * Returns the human-readable name of the database, if it exists. + * + * @param databaseText The id/value of the database + * @param type If specified, searches only in the database name options for this type + */ +export const getDatabaseText = (databaseValue: string, type?: DatabaseType): string | undefined => { + const options = getDatabaseNameOptions(type); + return options.find((opt) => opt.value === databaseValue)?.text; +}; diff --git a/x-pack/plugins/ingest_pipelines/server/routes/api/database/list.ts b/x-pack/plugins/ingest_pipelines/server/routes/api/database/list.ts index b3509a54864353..eb6eb2e7dabd8d 100644 --- a/x-pack/plugins/ingest_pipelines/server/routes/api/database/list.ts +++ b/x-pack/plugins/ingest_pipelines/server/routes/api/database/list.ts @@ -5,6 +5,7 @@ * 2.0. */ +import sortBy from 'lodash/sortBy'; import { deserializeGeoipDatabase, type GeoipDatabaseFromES } from './serialization'; import { API_BASE_PATH } from '../../../../common/constants'; import { RouteDependencies } from '../../../types'; @@ -21,9 +22,9 @@ export const registerListDatabaseRoute = ({ databases: GeoipDatabaseFromES[]; }; - const geoipDatabases = data.databases; + const body = sortBy(data.databases.map(deserializeGeoipDatabase), 'name'); - return res.ok({ body: geoipDatabases.map(deserializeGeoipDatabase) }); + return res.ok({ body }); } catch (error) { const esErrorResponse = handleEsError({ error, response: res }); if (esErrorResponse.status === 404) { diff --git a/x-pack/plugins/lens/public/app_plugin/csv_download_provider/csv_download_panel_content.tsx b/x-pack/plugins/lens/public/app_plugin/csv_download_provider/csv_download_panel_content.tsx deleted file mode 100644 index 0b877363ad55f2..00000000000000 --- a/x-pack/plugins/lens/public/app_plugin/csv_download_provider/csv_download_panel_content.tsx +++ /dev/null @@ -1,52 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { EuiButton, EuiForm, EuiModalFooter, EuiSpacer, EuiText } from '@elastic/eui'; -import React from 'react'; -import { FormattedMessage } from '@kbn/i18n-react'; - -export interface DownloadPanelContentProps { - isDisabled: boolean; - onClick: () => void; - warnings?: React.ReactNode[]; -} - -export function DownloadPanelContent({ - isDisabled, - onClick, - warnings = [], -}: DownloadPanelContentProps) { - return ( - <> - - - - {warnings.map((warning, i) => ( -

{warning}

- ))} - - - - - - - - - - ); -} diff --git a/x-pack/plugins/lens/public/app_plugin/csv_download_provider/csv_download_panel_content_lazy.tsx b/x-pack/plugins/lens/public/app_plugin/csv_download_provider/csv_download_panel_content_lazy.tsx deleted file mode 100644 index dded4f4768a16e..00000000000000 --- a/x-pack/plugins/lens/public/app_plugin/csv_download_provider/csv_download_panel_content_lazy.tsx +++ /dev/null @@ -1,39 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { EuiSpacer, EuiFlexGroup, EuiFlexItem, EuiLoadingSpinner } from '@elastic/eui'; -import * as React from 'react'; -import { FC, lazy, Suspense } from 'react'; -import type { DownloadPanelContentProps } from './csv_download_panel_content'; - -const LazyComponent = lazy(() => - import('./csv_download_panel_content').then(({ DownloadPanelContent }) => ({ - default: DownloadPanelContent, - })) -); - -export const PanelSpinner: React.FC = (props) => { - return ( - <> - - - - - - - - - ); -}; - -export const DownloadPanelContent: FC> = (props) => { - return ( - }> - - - ); -}; diff --git a/x-pack/plugins/lens/public/app_plugin/csv_download_provider/csv_download_provider.tsx b/x-pack/plugins/lens/public/app_plugin/csv_download_provider/csv_download_provider.tsx index db04a48ad3803f..92aadcbbb39977 100644 --- a/x-pack/plugins/lens/public/app_plugin/csv_download_provider/csv_download_provider.tsx +++ b/x-pack/plugins/lens/public/app_plugin/csv_download_provider/csv_download_provider.tsx @@ -8,10 +8,11 @@ import { i18n } from '@kbn/i18n'; import React from 'react'; import { tableHasFormulas } from '@kbn/data-plugin/common'; -import { downloadMultipleAs, ShareContext, ShareMenuProvider } from '@kbn/share-plugin/public'; +import { downloadMultipleAs } from '@kbn/share-plugin/public'; import { exporters } from '@kbn/data-plugin/public'; import { IUiSettingsClient } from '@kbn/core-ui-settings-browser'; import { FormattedMessage } from '@kbn/i18n-react'; +import { ShareMenuItemV2, ShareMenuProviderV2 } from '@kbn/share-plugin/public/types'; import { FormatFactory } from '../../../common/types'; import { TableInspectorAdapter } from '../../editor_frame_service/types'; @@ -75,22 +76,25 @@ async function downloadCSVs({ } function getWarnings(activeData: TableInspectorAdapter) { - const messages: string[] = []; + const warnings: Array<{ title: string; message: string }> = []; if (activeData) { const datatables = Object.values(activeData); const formulaDetected = datatables.some((datatable) => { return tableHasFormulas(datatable.columns, datatable.rows); }); if (formulaDetected) { - messages.push( - i18n.translate('xpack.lens.app.downloadButtonFormulasWarning', { + warnings.push({ + title: i18n.translate('xpack.lens.app.downloadButtonFormulasWarningTitle', { + defaultMessage: 'Formulas detected', + }), + message: i18n.translate('xpack.lens.app.downloadButtonFormulasWarningMessage', { defaultMessage: 'Your CSV contains characters that spreadsheet applications might interpret as formulas.', - }) - ); + }), + }); } } - return messages; + return warnings; } interface DownloadPanelShareOpts { @@ -103,8 +107,11 @@ export const downloadCsvShareProvider = ({ uiSettings, formatFactoryFn, atLeastGold, -}: DownloadPanelShareOpts): ShareMenuProvider => { - const getShareMenuItems = ({ objectType, sharingData }: ShareContext) => { +}: DownloadPanelShareOpts): ShareMenuProviderV2 => { + const getShareMenuItems: ShareMenuProviderV2['getShareMenuItems'] = ({ + objectType, + sharingData, + }) => { if ('lens' !== objectType) { return []; } @@ -123,15 +130,6 @@ export const downloadCsvShareProvider = ({ } ); - const menuItemMetadata = { - shareMenuItem: { - name: panelTitle, - icon: 'document', - disabled: !csvEnabled, - sortOrder: 1, - }, - }; - const downloadCSVHandler = () => downloadCSVs({ title, @@ -143,28 +141,23 @@ export const downloadCsvShareProvider = ({ return [ { - ...menuItemMetadata, + shareMenuItem: { + name: panelTitle, + icon: 'document', + disabled: !csvEnabled, + sortOrder: 1, + }, label: 'CSV' as const, reportType: 'lens_csv' as const, generateExport: downloadCSVHandler, + warnings: getWarnings(activeData), ...(atLeastGold() ? { - helpText: ( - - ), - generateExportButton: ( - - ), + disabled: !csvEnabled, renderLayoutOptionSwitch: false, getJobParams: undefined, - showRadios: true, } : { - isDisabled: !csvEnabled, - warnings: getWarnings(activeData), helpText: ( ), - showRadios: false, }), - }, + } satisfies ShareMenuItemV2, ]; }; diff --git a/x-pack/plugins/lens/public/app_plugin/lens_top_nav.tsx b/x-pack/plugins/lens/public/app_plugin/lens_top_nav.tsx index da99d693539b8d..d26ce3f01cf341 100644 --- a/x-pack/plugins/lens/public/app_plugin/lens_top_nav.tsx +++ b/x-pack/plugins/lens/public/app_plugin/lens_top_nav.tsx @@ -1071,6 +1071,7 @@ export const LensTopNavMenu = ({ return ( { expect(rest).toHaveLength(0); expect(suggestion).toMatchInlineSnapshot(` Object { - "hide": false, + "hide": true, "previewIcon": [Function], "score": 0.1, "state": Object { @@ -207,7 +207,7 @@ describe('metric_suggestions', () => { expect(rest).toHaveLength(0); expect(suggestion).toMatchInlineSnapshot(` Object { - "hide": false, + "hide": true, "previewIcon": [Function], "score": 0.1, "state": Object { diff --git a/x-pack/plugins/lens/public/visualizations/legacy_metric/metric_suggestions.ts b/x-pack/plugins/lens/public/visualizations/legacy_metric/metric_suggestions.ts index 93e564cde841ed..1b190cc0ce66f1 100644 --- a/x-pack/plugins/lens/public/visualizations/legacy_metric/metric_suggestions.ts +++ b/x-pack/plugins/lens/public/visualizations/legacy_metric/metric_suggestions.ts @@ -52,7 +52,7 @@ function getSuggestion( return { title, - hide: datasourceId === 'textBased', + hide: true, score: 0.1, previewIcon: IconChartMetric, state: { diff --git a/x-pack/plugins/lens/public/visualizations/metric/suggestions.test.ts b/x-pack/plugins/lens/public/visualizations/metric/suggestions.test.ts index fff365e0e89ddc..4f1c7b46d06be4 100644 --- a/x-pack/plugins/lens/public/visualizations/metric/suggestions.test.ts +++ b/x-pack/plugins/lens/public/visualizations/metric/suggestions.test.ts @@ -159,7 +159,7 @@ describe('metric suggestions', () => { // should ignore bucketed column for initial drag }, title: 'Metric', - hide: true, + hide: false, previewIcon: IconChartMetric, score: 0.51, }, @@ -189,7 +189,7 @@ describe('metric suggestions', () => { breakdownByAccessor: bucketColumn.columnId, }, title: 'Metric', - hide: true, + hide: false, previewIcon: IconChartMetric, score: 0.51, }, @@ -221,7 +221,7 @@ describe('metric suggestions', () => { breakdownByAccessor: bucketColumn.columnId, }, title: 'Metric', - hide: true, + hide: false, previewIcon: IconChartMetric, score: 0.51, }, @@ -294,7 +294,7 @@ describe('metric suggestions', () => { breakdownByAccessor: bucketColumn.columnId, }, title: 'Metric', - hide: true, + hide: false, previewIcon: IconChartMetric, score: 0.52, }, @@ -326,7 +326,7 @@ describe('metric suggestions', () => { breakdownByAccessor: bucketColumn.columnId, }, title: 'Metric', - hide: true, + hide: false, previewIcon: IconChartMetric, score: 0.52, }, @@ -357,7 +357,7 @@ describe('metric suggestions', () => { breakdownByAccessor: bucketColumn.columnId, }, title: 'Metric', - hide: true, + hide: false, previewIcon: IconChartMetric, score: 0.52, }, diff --git a/x-pack/plugins/lens/public/visualizations/metric/suggestions.ts b/x-pack/plugins/lens/public/visualizations/metric/suggestions.ts index b405ea646d9809..877d2b45d66af8 100644 --- a/x-pack/plugins/lens/public/visualizations/metric/suggestions.ts +++ b/x-pack/plugins/lens/public/visualizations/metric/suggestions.ts @@ -30,6 +30,8 @@ export const getSuggestions: Visualization['getSuggest const bucketedColumns = table.columns.filter(({ operation }) => operation.isBucketed); + const hasInterval = bucketedColumns.some(({ operation }) => operation.scale === 'interval'); + const unsupportedColumns = table.columns.filter( ({ operation }) => !supportedDataTypes.has(operation.dataType) && !operation.isBucketed ); @@ -59,11 +61,10 @@ export const getSuggestions: Visualization['getSuggest layerId: table.layerId, layerType: LayerTypes.DATA, }, - title: metricLabel, + title: metricColumns[0]?.operation.label || metricLabel, previewIcon: IconChartMetric, score: 0.5, - // don't show suggestions since we're in tech preview - hide: true, + hide: hasInterval, }; const accessorMappings: Pick = @@ -72,7 +73,11 @@ export const getSuggestions: Visualization['getSuggest breakdownByAccessor: bucketedColumns[0]?.columnId, }; - baseSuggestion.score += 0.01 * Object.values(accessorMappings).filter(Boolean).length; + baseSuggestion.score = Number( + (baseSuggestion.score + 0.01 * Object.values(accessorMappings).filter(Boolean).length).toFixed( + 2 + ) + ); const suggestion = { ...baseSuggestion, diff --git a/x-pack/plugins/ml/public/application/jobs/jobs_list/components/job_details/forecasts_table/forecasts_table.js b/x-pack/plugins/ml/public/application/jobs/jobs_list/components/job_details/forecasts_table/forecasts_table.js index bfed613b9ad5d4..4c14715ddf4254 100644 --- a/x-pack/plugins/ml/public/application/jobs/jobs_list/components/job_details/forecasts_table/forecasts_table.js +++ b/x-pack/plugins/ml/public/application/jobs/jobs_list/components/job_details/forecasts_table/forecasts_table.js @@ -350,7 +350,14 @@ export class ForecastsTable extends Component { name: i18n.translate('xpack.ml.jobsList.jobDetails.forecastsTable.expiresLabel', { defaultMessage: 'Expires', }), - render: timeFormatter, + render: (value) => { + if (value === undefined) { + return i18n.translate('xpack.ml.jobsList.jobDetails.forecastsTable.neverExpiresLabel', { + defaultMessage: 'Never expires', + }); + } + return timeFormatter(value); + }, textOnly: true, sortable: true, }, diff --git a/x-pack/plugins/ml/public/application/memory_usage/nodes_overview/allocated_models.tsx b/x-pack/plugins/ml/public/application/memory_usage/nodes_overview/allocated_models.tsx index bce892a26b678e..4dd04780e2e921 100644 --- a/x-pack/plugins/ml/public/application/memory_usage/nodes_overview/allocated_models.tsx +++ b/x-pack/plugins/ml/public/application/memory_usage/nodes_overview/allocated_models.tsx @@ -24,6 +24,7 @@ import type { NodeDeploymentStatsResponse, } from '../../../../common/types/trained_models'; import { useFieldFormatter } from '../../contexts/kibana/use_field_formatter'; +import { useEnabledFeatures } from '../../contexts/ml'; interface AllocatedModelsProps { models: NodeDeploymentStatsResponse['allocated_models']; @@ -38,6 +39,7 @@ export const AllocatedModels: FC = ({ const dateFormatter = useFieldFormatter(FIELD_FORMAT_IDS.DATE); const durationFormatter = useFieldFormatter(FIELD_FORMAT_IDS.DURATION); const euiTheme = useEuiTheme(); + const { showNodeInfo } = useEnabledFeatures(); const columns: Array> = [ { @@ -105,9 +107,20 @@ export const AllocatedModels: FC = ({ width: '8%', name: ( {i18n.translate('xpack.ml.trainedModels.nodesList.modelsList.allocationHeader', { diff --git a/x-pack/plugins/ml/public/application/services/forecast_service.ts b/x-pack/plugins/ml/public/application/services/forecast_service.ts index d1778dbf948f68..51ddc3ef9a926e 100644 --- a/x-pack/plugins/ml/public/application/services/forecast_service.ts +++ b/x-pack/plugins/ml/public/application/services/forecast_service.ts @@ -319,7 +319,7 @@ export function forecastServiceFactory(mlApi: MlApi) { ); } // Runs a forecast - function runForecast(jobId: string, duration?: string) { + function runForecast(jobId: string, duration?: string, neverExpires?: boolean) { // eslint-disable-next-line no-console console.log('ML forecast service run forecast with duration:', duration); return new Promise((resolve, reject) => { @@ -327,6 +327,7 @@ export function forecastServiceFactory(mlApi: MlApi) { .forecast({ jobId, duration, + neverExpires, }) .then((resp) => { resolve(resp); diff --git a/x-pack/plugins/ml/public/application/services/ml_api_service/index.ts b/x-pack/plugins/ml/public/application/services/ml_api_service/index.ts index 868ca0d5baa0fc..f69e60453bfd47 100644 --- a/x-pack/plugins/ml/public/application/services/ml_api_service/index.ts +++ b/x-pack/plugins/ml/public/application/services/ml_api_service/index.ts @@ -359,9 +359,18 @@ export function mlApiProvider(httpService: HttpService) { }); }, - forecast({ jobId, duration }: { jobId: string; duration?: string }) { + forecast({ + jobId, + duration, + neverExpires, + }: { + jobId: string; + duration?: string; + neverExpires?: boolean; + }) { const body = JSON.stringify({ ...(duration !== undefined ? { duration } : {}), + ...(neverExpires === true ? { expires_in: '0' } : {}), }); return httpService.http({ diff --git a/x-pack/plugins/ml/public/application/timeseriesexplorer/components/forecasting_modal/forecasting_modal.js b/x-pack/plugins/ml/public/application/timeseriesexplorer/components/forecasting_modal/forecasting_modal.js index 1bd47ff69ebc6d..2bd5192fb870fd 100644 --- a/x-pack/plugins/ml/public/application/timeseriesexplorer/components/forecasting_modal/forecasting_modal.js +++ b/x-pack/plugins/ml/public/application/timeseriesexplorer/components/forecasting_modal/forecasting_modal.js @@ -53,6 +53,7 @@ function getDefaultState() { newForecastDuration: '1d', isNewForecastDurationValid: true, newForecastDurationErrors: [], + neverExpires: false, messages: [], }; } @@ -109,6 +110,12 @@ export class ForecastingModal extends Component { this.closeModal(); }; + onNeverExpiresChange = (event) => { + this.setState({ + neverExpires: event.target.checked, + }); + }; + onNewForecastDurationChange = (event) => { const newForecastDurationErrors = []; let isNewForecastDurationValid = true; @@ -263,7 +270,7 @@ export class ForecastingModal extends Component { const durationInSeconds = parseInterval(this.state.newForecastDuration).asSeconds(); this.mlForecastService - .runForecast(this.props.job.job_id, `${durationInSeconds}s`) + .runForecast(this.props.job.job_id, `${durationInSeconds}s`, this.state.neverExpires) .then((resp) => { // Endpoint will return { acknowledged:true, id: } before forecast is complete. // So wait for results and then refresh the dashboard to the end of the forecast. @@ -551,6 +558,8 @@ export class ForecastingModal extends Component { runForecast={this.checkJobStateAndRunForecast} newForecastDuration={this.state.newForecastDuration} onNewForecastDurationChange={this.onNewForecastDurationChange} + onNeverExpiresChange={this.onNeverExpiresChange} + neverExpires={this.state.neverExpires} isNewForecastDurationValid={this.state.isNewForecastDurationValid} newForecastDurationErrors={this.state.newForecastDurationErrors} isForecastRequested={this.state.isForecastRequested} diff --git a/x-pack/plugins/ml/public/application/timeseriesexplorer/components/forecasting_modal/run_controls.js b/x-pack/plugins/ml/public/application/timeseriesexplorer/components/forecasting_modal/run_controls.js index 420ce2a0a76483..bc77a3d5fa38d9 100644 --- a/x-pack/plugins/ml/public/application/timeseriesexplorer/components/forecasting_modal/run_controls.js +++ b/x-pack/plugins/ml/public/application/timeseriesexplorer/components/forecasting_modal/run_controls.js @@ -20,6 +20,7 @@ import { EuiForm, EuiFormRow, EuiSpacer, + EuiSwitch, EuiText, EuiToolTip, } from '@elastic/eui'; @@ -82,6 +83,8 @@ export function RunControls({ newForecastDuration, isNewForecastDurationValid, newForecastDurationErrors, + neverExpires, + onNeverExpiresChange, onNewForecastDurationChange, runForecast, isForecastRequested, @@ -133,8 +136,8 @@ export function RunControls({ - - + + - - - {disabledState.isDisabledToolTipText === undefined ? ( - runButton - ) : ( - - {runButton} - - )} - + + + + + + + + + + {disabledState.isDisabledToolTipText === undefined ? ( + runButton + ) : ( + + {runButton} + + )} + + + @@ -193,7 +223,9 @@ RunControls.propType = { newForecastDuration: PropTypes.string, isNewForecastDurationValid: PropTypes.bool, newForecastDurationErrors: PropTypes.array, + neverExpires: PropTypes.bool.isRequired, onNewForecastDurationChange: PropTypes.func.isRequired, + onNeverExpiresChange: PropTypes.func.isRequired, runForecast: PropTypes.func.isRequired, isForecastRequested: PropTypes.bool, forecastProgress: PropTypes.number, diff --git a/x-pack/plugins/ml/server/routes/anomaly_detectors.ts b/x-pack/plugins/ml/server/routes/anomaly_detectors.ts index 4f843620003baa..8cd9f45a4217e9 100644 --- a/x-pack/plugins/ml/server/routes/anomaly_detectors.ts +++ b/x-pack/plugins/ml/server/routes/anomaly_detectors.ts @@ -439,11 +439,10 @@ export function jobRoutes({ router, routeGuard }: RouteInitialization) { routeGuard.fullLicenseAPIGuard(async ({ mlClient, request, response }) => { try { const jobId = request.params.jobId; - const duration = request.body.duration; const body = await mlClient.forecast({ job_id: jobId, body: { - duration, + ...request.body, }, }); return response.ok({ diff --git a/x-pack/plugins/ml/server/routes/schemas/anomaly_detectors_schema.ts b/x-pack/plugins/ml/server/routes/schemas/anomaly_detectors_schema.ts index 3b1eb0b481e462..6084097c4a843f 100644 --- a/x-pack/plugins/ml/server/routes/schemas/anomaly_detectors_schema.ts +++ b/x-pack/plugins/ml/server/routes/schemas/anomaly_detectors_schema.ts @@ -211,7 +211,10 @@ export const updateModelSnapshotBodySchema = schema.object({ retain: schema.maybe(schema.boolean()), }); -export const forecastAnomalyDetector = schema.object({ duration: schema.any() }); +export const forecastAnomalyDetector = schema.object({ + duration: schema.any(), + expires_in: schema.maybe(schema.any()), +}); export const forceQuerySchema = schema.object({ force: schema.maybe(schema.boolean()), diff --git a/x-pack/plugins/ml/server/routes/system.ts b/x-pack/plugins/ml/server/routes/system.ts index 0804a8dc023487..bf4fa3161f5b97 100644 --- a/x-pack/plugins/ml/server/routes/system.ts +++ b/x-pack/plugins/ml/server/routes/system.ts @@ -202,8 +202,9 @@ export function systemRoutes( options: { tags: ['access:ml:canGetJobs'], }, - deprecated: true, summary: 'ES Search wrapper', + // @ts-expect-error TODO(https://github.com/elastic/kibana/issues/196095): Replace {RouteDeprecationInfo} + deprecated: true, }) .addVersion( { diff --git a/x-pack/plugins/observability_solution/apm/ftr_e2e/cypress/e2e/service_inventory/service_inventory.cy.ts b/x-pack/plugins/observability_solution/apm/ftr_e2e/cypress/e2e/service_inventory/service_inventory.cy.ts index 3e913d4f527f0b..6198ba8c5d05fd 100644 --- a/x-pack/plugins/observability_solution/apm/ftr_e2e/cypress/e2e/service_inventory/service_inventory.cy.ts +++ b/x-pack/plugins/observability_solution/apm/ftr_e2e/cypress/e2e/service_inventory/service_inventory.cy.ts @@ -34,8 +34,7 @@ const mainApiRequestsToIntercept = [ const mainAliasNames = mainApiRequestsToIntercept.map(({ aliasName }) => `@${aliasName}`); -// See details: https://github.com/elastic/kibana/issues/191961 -describe.skip('Service inventory', () => { +describe('Service inventory', () => { before(() => { const { rangeFrom, rangeTo } = timeRange; synthtrace.index( diff --git a/x-pack/plugins/observability_solution/apm/ftr_e2e/cypress/e2e/service_overview/mobile_overview_with_most_used_charts.cy.ts b/x-pack/plugins/observability_solution/apm/ftr_e2e/cypress/e2e/service_overview/mobile_overview_with_most_used_charts.cy.ts index 1f8eb7f5396a56..7483d5f77769fc 100644 --- a/x-pack/plugins/observability_solution/apm/ftr_e2e/cypress/e2e/service_overview/mobile_overview_with_most_used_charts.cy.ts +++ b/x-pack/plugins/observability_solution/apm/ftr_e2e/cypress/e2e/service_overview/mobile_overview_with_most_used_charts.cy.ts @@ -31,7 +31,7 @@ const apmMobileServiceOverview = url.format({ rangeTo, }, }); -describe.skip('Mobile Service overview page', () => { +describe('Mobile Service overview page', () => { before(() => { synthtrace.index( generateMobileData({ diff --git a/x-pack/plugins/observability_solution/apm/ftr_e2e/cypress/e2e/service_overview/service_overview.cy.ts b/x-pack/plugins/observability_solution/apm/ftr_e2e/cypress/e2e/service_overview/service_overview.cy.ts index 794e290acb7c0b..4840037cafb838 100644 --- a/x-pack/plugins/observability_solution/apm/ftr_e2e/cypress/e2e/service_overview/service_overview.cy.ts +++ b/x-pack/plugins/observability_solution/apm/ftr_e2e/cypress/e2e/service_overview/service_overview.cy.ts @@ -76,8 +76,7 @@ const aliasNamesWithComparison = apiRequestsToInterceptWithComparison.map( const aliasNames = [...aliasNamesNoComparison, ...aliasNamesWithComparison]; -// See details: https://github.com/elastic/kibana/issues/191961 -describe.skip('Service Overview', () => { +describe('Service Overview', () => { before(() => { synthtrace.index( opbeans({ diff --git a/x-pack/plugins/observability_solution/apm/ftr_e2e/cypress/e2e/storage_explorer/storage_explorer.cy.ts b/x-pack/plugins/observability_solution/apm/ftr_e2e/cypress/e2e/storage_explorer/storage_explorer.cy.ts index 2132fee724950c..519f309105f541 100644 --- a/x-pack/plugins/observability_solution/apm/ftr_e2e/cypress/e2e/storage_explorer/storage_explorer.cy.ts +++ b/x-pack/plugins/observability_solution/apm/ftr_e2e/cypress/e2e/storage_explorer/storage_explorer.cy.ts @@ -36,8 +36,7 @@ const mainApiRequestsToIntercept = [ ]; const mainAliasNames = mainApiRequestsToIntercept.map(({ aliasName }) => `@${aliasName}`); - -// See details: https://github.com/elastic/kibana/issues/191961 +// flaky test describe.skip('Storage Explorer', () => { before(() => { const { rangeFrom, rangeTo } = timeRange; diff --git a/x-pack/plugins/observability_solution/apm/ftr_e2e/cypress/e2e/transaction_details/transaction_details.cy.ts b/x-pack/plugins/observability_solution/apm/ftr_e2e/cypress/e2e/transaction_details/transaction_details.cy.ts index 404bc5d2492eee..3ae431f5d32994 100644 --- a/x-pack/plugins/observability_solution/apm/ftr_e2e/cypress/e2e/transaction_details/transaction_details.cy.ts +++ b/x-pack/plugins/observability_solution/apm/ftr_e2e/cypress/e2e/transaction_details/transaction_details.cy.ts @@ -15,8 +15,8 @@ const timeRange = { rangeFrom: start, rangeTo: end, }; - -describe('Transaction details', () => { +// flaky +describe.skip('Transaction details', () => { before(() => { synthtrace.index( opbeans({ @@ -34,7 +34,8 @@ describe('Transaction details', () => { cy.loginAsViewerUser(); }); - it('shows transaction name and transaction charts', () => { + // skipping this as it´s been failing a lot lately, more information here https://github.com/elastic/kibana/issues/197386 + it.skip('shows transaction name and transaction charts', () => { cy.intercept('GET', '/internal/apm/services/opbeans-java/transactions/charts/latency?*').as( 'transactionLatencyRequest' ); @@ -106,8 +107,8 @@ describe('Transaction details', () => { ); cy.contains('Create SLO'); }); - - it('shows top errors table', () => { + // skipping this as it´s been failing a lot lately, more information here https://github.com/elastic/kibana/issues/197386 + it.skip('shows top errors table', () => { cy.visitKibana( `/app/apm/services/opbeans-java/transactions/view?${new URLSearchParams({ ...timeRange, diff --git a/x-pack/plugins/observability_solution/apm/public/components/app/service_overview/index.tsx b/x-pack/plugins/observability_solution/apm/public/components/app/service_overview/index.tsx index 0df6e9e1ebae02..98deba4f85a802 100644 --- a/x-pack/plugins/observability_solution/apm/public/components/app/service_overview/index.tsx +++ b/x-pack/plugins/observability_solution/apm/public/components/app/service_overview/index.tsx @@ -97,7 +97,7 @@ export function ServiceOverview() { setDismissedLogsOnlyEmptyState(true)} + onDismiss={() => setDismissedLogsOnlyEmptyState(true)} /> )} diff --git a/x-pack/plugins/observability_solution/apm/public/components/app/service_tab_empty_state/constants.ts b/x-pack/plugins/observability_solution/apm/public/components/app/service_tab_empty_state/constants.ts index 8551745238e436..312ed042bb8def 100644 --- a/x-pack/plugins/observability_solution/apm/public/components/app/service_tab_empty_state/constants.ts +++ b/x-pack/plugins/observability_solution/apm/public/components/app/service_tab_empty_state/constants.ts @@ -5,9 +5,12 @@ * 2.0. */ +import type { ObservabilityOnboardingLocatorParams } from '@kbn/deeplinks-observability'; import { i18n } from '@kbn/i18n'; +import type { AddDataPanelProps } from '@kbn/observability-shared-plugin/public'; +import type { LocatorPublic } from '@kbn/share-plugin/common'; -export type EmptyStateKey = +export type AddAPMCalloutKeys = | 'serviceOverview' | 'serviceDependencies' | 'infraOverview' @@ -16,80 +19,154 @@ export type EmptyStateKey = | 'metrics' | 'errorGroupOverview'; -interface EmptyStateContent { - title: string; - content: string; - imgName?: string; -} +const defaultActions = ( + locator: LocatorPublic | undefined +) => { + return { + actions: { + primary: { + href: locator?.getRedirectUrl({ category: 'application' }), + label: i18n.translate('xpack.apm.serviceTabEmptyState.defaultPrimaryActionLabel', { + defaultMessage: 'Add APM', + }), + }, + secondary: { + href: 'https://ela.st/demo-apm-try-it', + }, + link: { + href: 'https://www.elastic.co/observability/application-performance-monitoring', + }, + }, + }; +}; -export const emptyStateDefinitions: Record = { - serviceOverview: { - title: i18n.translate('xpack.apm.serviceTabEmptyState.overviewTitle', { - defaultMessage: 'Detect and resolve issues faster with deep visibility into your application', - }), - content: i18n.translate('xpack.apm.serviceTabEmptyState.overviewContent', { - defaultMessage: - 'Understanding your application performance, relationships and dependencies by instrumenting with APM.', - }), - }, - serviceDependencies: { - title: i18n.translate('xpack.apm.serviceTabEmptyState.dependenciesTitle', { - defaultMessage: 'Understand the dependencies for your service', - }), - content: i18n.translate('xpack.apm.serviceTabEmptyState.dependenciesContent', { - defaultMessage: - "See your service's dependencies on both internal and third-party services by instrumenting with APM.", - }), - imgName: 'service_tab_empty_state_dependencies.png', - }, - infraOverview: { - title: i18n.translate('xpack.apm.serviceTabEmptyState.infrastructureTitle', { - defaultMessage: 'Understand what your service is running on', - }), - content: i18n.translate('xpack.apm.serviceTabEmptyState.infrastructureContent', { - defaultMessage: - 'Troubleshoot service problems by seeing the infrastructure your service is running on.', - }), - imgName: 'service_tab_empty_state_infrastructure.png', - }, - serviceMap: { - title: i18n.translate('xpack.apm.serviceTabEmptyState.serviceMapTitle', { - defaultMessage: 'Visualise the dependencies between your services', - }), - content: i18n.translate('xpack.apm.serviceTabEmptyState.serviceMapContent', { - defaultMessage: - 'See your services dependencies at a glance to help identify dependencies that may be affecting your service.', - }), - imgName: 'service_tab_empty_state_service_map.png', - }, - transactionOverview: { - title: i18n.translate('xpack.apm.serviceTabEmptyState.transactionsTitle', { - defaultMessage: 'Troubleshoot latency, throughput and errors', - }), - content: i18n.translate('xpack.apm.serviceTabEmptyState.transactionsContent', { - defaultMessage: - "Troubleshoot your service's performance by analysing latency, throughput and errors down to the specific transaction.", - }), - imgName: 'service_tab_empty_state_transactions.png', - }, - metrics: { - title: i18n.translate('xpack.apm.serviceTabEmptyState.metricsTitle', { - defaultMessage: 'View core metrics for your application', - }), - content: i18n.translate('xpack.apm.serviceTabEmptyState.metricsContent', { - defaultMessage: - 'View metric trends for the instances of your service to identify performance bottlenecks that could be affecting your users.', - }), - imgName: 'service_tab_empty_state_metrics.png', - }, - errorGroupOverview: { - title: i18n.translate('xpack.apm.serviceTabEmptyState.errorGroupOverviewTitle', { - defaultMessage: 'Identify transaction errors with your applications', - }), - content: i18n.translate('xpack.apm.serviceTabEmptyState.errorGroupOverviewContent', { - defaultMessage: - 'Analyse errors down to the specific transaction to pin-point specific errors within your service.', - }), - imgName: 'service_tab_empty_state_errors.png', - }, +export const addAPMCalloutDefinitions = ( + baseFolderPath: string, + locator: LocatorPublic | undefined +): Record< + AddAPMCalloutKeys, + Omit +> => { + return { + serviceOverview: { + content: { + title: i18n.translate('xpack.apm.serviceTabEmptyState.overviewTitle', { + defaultMessage: + 'Detect and resolve issues faster with deep visibility into your application', + }), + content: i18n.translate('xpack.apm.serviceTabEmptyState.overviewContent', { + defaultMessage: + 'Understanding your application performance, relationships and dependencies by instrumenting with APM.', + }), + img: { + name: 'service_tab_empty_state_overview.png', + baseFolderPath, + position: 'inside', + }, + }, + ...defaultActions(locator), + }, + serviceDependencies: { + content: { + title: i18n.translate('xpack.apm.serviceTabEmptyState.dependenciesTitle', { + defaultMessage: 'Understand the dependencies for your service', + }), + content: i18n.translate('xpack.apm.serviceTabEmptyState.dependenciesContent', { + defaultMessage: + "See your service's dependencies on both internal and third-party services by instrumenting with APM.", + }), + img: { + name: 'service_tab_empty_state_dependencies.png', + baseFolderPath, + position: 'below', + }, + }, + ...defaultActions(locator), + }, + infraOverview: { + content: { + title: i18n.translate('xpack.apm.serviceTabEmptyState.infrastructureTitle', { + defaultMessage: 'Understand what your service is running on', + }), + content: i18n.translate('xpack.apm.serviceTabEmptyState.infrastructureContent', { + defaultMessage: + 'Troubleshoot service problems by seeing the infrastructure your service is running on.', + }), + img: { + name: 'service_tab_empty_state_infrastructure.png', + baseFolderPath, + position: 'below', + }, + }, + ...defaultActions(locator), + }, + serviceMap: { + content: { + title: i18n.translate('xpack.apm.serviceTabEmptyState.serviceMapTitle', { + defaultMessage: 'Visualise the dependencies between your services', + }), + content: i18n.translate('xpack.apm.serviceTabEmptyState.serviceMapContent', { + defaultMessage: + 'See your services dependencies at a glance to help identify dependencies that may be affecting your service.', + }), + img: { + name: 'service_tab_empty_state_service_map.png', + baseFolderPath, + position: 'below', + }, + }, + ...defaultActions(locator), + }, + transactionOverview: { + content: { + title: i18n.translate('xpack.apm.serviceTabEmptyState.transactionsTitle', { + defaultMessage: 'Troubleshoot latency, throughput and errors', + }), + content: i18n.translate('xpack.apm.serviceTabEmptyState.transactionsContent', { + defaultMessage: + "Troubleshoot your service's performance by analysing latency, throughput and errors down to the specific transaction.", + }), + img: { + name: 'service_tab_empty_state_transactions.png', + baseFolderPath, + position: 'below', + }, + }, + ...defaultActions(locator), + }, + metrics: { + content: { + title: i18n.translate('xpack.apm.serviceTabEmptyState.metricsTitle', { + defaultMessage: 'View core metrics for your application', + }), + content: i18n.translate('xpack.apm.serviceTabEmptyState.metricsContent', { + defaultMessage: + 'View metric trends for the instances of your service to identify performance bottlenecks that could be affecting your users.', + }), + img: { + name: 'service_tab_empty_state_metrics.png', + baseFolderPath, + position: 'below', + }, + }, + ...defaultActions(locator), + }, + errorGroupOverview: { + content: { + title: i18n.translate('xpack.apm.serviceTabEmptyState.errorGroupOverviewTitle', { + defaultMessage: 'Identify transaction errors with your applications', + }), + content: i18n.translate('xpack.apm.serviceTabEmptyState.errorGroupOverviewContent', { + defaultMessage: + 'Analyse errors down to the specific transaction to pin-point specific errors within your service.', + }), + img: { + name: 'service_tab_empty_state_errors.png', + baseFolderPath, + position: 'below', + }, + }, + ...defaultActions(locator), + }, + }; }; diff --git a/x-pack/plugins/observability_solution/apm/public/components/app/service_tab_empty_state/index.tsx b/x-pack/plugins/observability_solution/apm/public/components/app/service_tab_empty_state/index.tsx index a8962fcc1d2f7b..f6493e213cce92 100644 --- a/x-pack/plugins/observability_solution/apm/public/components/app/service_tab_empty_state/index.tsx +++ b/x-pack/plugins/observability_solution/apm/public/components/app/service_tab_empty_state/index.tsx @@ -5,50 +5,24 @@ * 2.0. */ -/* eslint-disable @elastic/eui/href-or-on-click */ - -import { - EuiButton, - EuiButtonIcon, - EuiFlexGroup, - EuiFlexItem, - EuiImage, - EuiLink, - EuiPanel, - EuiSpacer, - EuiText, - EuiTitle, - useEuiTheme, -} from '@elastic/eui'; import React from 'react'; -import { i18n } from '@kbn/i18n'; import { useKibana } from '@kbn/kibana-react-plugin/public'; +import { AddDataPanel } from '@kbn/observability-shared-plugin/public'; +import { + OBSERVABILITY_ONBOARDING_LOCATOR, + ObservabilityOnboardingLocatorParams, +} from '@kbn/deeplinks-observability'; +import { useApmPluginContext } from '../../../context/apm_plugin/use_apm_plugin_context'; import { EmptyStateClickParams, EntityInventoryAddDataParams } from '../../../services/telemetry'; import { ApmPluginStartDeps, ApmServices } from '../../../plugin'; -import { useApmPluginContext } from '../../../context/apm_plugin/use_apm_plugin_context'; import { useKibanaUrl } from '../../../hooks/use_kibana_url'; -import { AddApmData } from '../../shared/add_data_buttons/buttons'; -import { emptyStateDefinitions, EmptyStateKey } from './constants'; +import { addAPMCalloutDefinitions, AddAPMCalloutKeys } from './constants'; export interface ServiceTabEmptyStateProps { - id: EmptyStateKey; - onDissmiss?: () => void; + id: AddAPMCalloutKeys; + onDismiss?: () => void; } -const tryItNowButton = { - label: i18n.translate('xpack.apm.serviceTabEmptyState.tryItNowButtonLabel', { - defaultMessage: 'Try it now in our demo cluster', - }), - href: 'https://ela.st/demo-apm-try-it', -}; - -const learnMoreLink = { - label: i18n.translate('xpack.apm.serviceTabEmptyState.learnMoreLinkLabel', { - defaultMessage: 'Learn more', - }), - href: 'https://www.elastic.co/observability/application-performance-monitoring', -}; - const baseImgFolder = '/plugins/apm/assets/service_tab_empty_state'; const defaultAddDataTelemetryParams: EntityInventoryAddDataParams = { view: 'add_apm_cta', @@ -58,114 +32,40 @@ const defaultClickTelemetryParams: EmptyStateClickParams = { view: 'add_apm_cta', }; -export function ServiceTabEmptyState({ id, onDissmiss }: ServiceTabEmptyStateProps) { - const { euiTheme } = useEuiTheme(); - const { services } = useKibana(); - const { core } = useApmPluginContext(); +export function ServiceTabEmptyState({ id, onDismiss }: ServiceTabEmptyStateProps) { + const { + services: { telemetry }, + } = useKibana(); - const imgFolder = `${baseImgFolder}/${ - core.uiSettings.get('theme:darkMode') === 'enabled' ? 'dark' : 'light' - }`; - const imgName = emptyStateDefinitions[id].imgName; - const imgSrc = useKibanaUrl( - `${imgFolder}/${imgName ? imgName : 'service_tab_empty_state_overview.png'}` + const { share } = useApmPluginContext(); + + const onboardingLocator = share.url.locators.get( + OBSERVABILITY_ONBOARDING_LOCATOR ); + const imgBaseFolderPath = useKibanaUrl(baseImgFolder); + function handleAddAPMClick() { - services.telemetry.reportEntityInventoryAddData(defaultAddDataTelemetryParams); + telemetry.reportEntityInventoryAddData(defaultAddDataTelemetryParams); } function handleTryItClick() { - services.telemetry.reportTryItClick(defaultClickTelemetryParams); + telemetry.reportTryItClick(defaultClickTelemetryParams); } function handleLearnMoreClick() { - services.telemetry.reportLearnMoreClick(defaultClickTelemetryParams); + telemetry.reportLearnMoreClick(defaultClickTelemetryParams); } return ( - <> - - - - -

{emptyStateDefinitions[id].title}

- - - {emptyStateDefinitions[id].content} - - - - - - - - {tryItNowButton.label} - - - - - {learnMoreLink.label} - - - - - {!emptyStateDefinitions[id].imgName && ( - - - - )} - - {onDissmiss && ( - - )} - - - {emptyStateDefinitions[id].imgName && ( - <> - - - - )} - + ); } diff --git a/x-pack/plugins/observability_solution/apm/public/components/routing/app_root/apm_header_action_menu/labs/labs_flyout.tsx b/x-pack/plugins/observability_solution/apm/public/components/routing/app_root/apm_header_action_menu/labs/labs_flyout.tsx index 7eea2faf9f62cf..bda1c7e4ee0223 100644 --- a/x-pack/plugins/observability_solution/apm/public/components/routing/app_root/apm_header_action_menu/labs/labs_flyout.tsx +++ b/x-pack/plugins/observability_solution/apm/public/components/routing/app_root/apm_header_action_menu/labs/labs_flyout.tsx @@ -20,6 +20,7 @@ import { EuiSpacer, EuiText, EuiTitle, + EuiToolTip, } from '@elastic/eui'; import { withSuspense } from '@kbn/shared-ux-utility'; import { i18n } from '@kbn/i18n'; @@ -42,7 +43,11 @@ interface Props { export function LabsFlyout({ onClose }: Props) { const trackApmEvent = useUiTracker({ app: 'apm' }); - const { docLinks, notifications } = useApmPluginContext().core; + const { docLinks, notifications, application } = useApmPluginContext().core; + + const canSave = + application.capabilities.advancedSettings.save && + (application.capabilities.apm['settings:save'] as boolean); const { data, status } = useFetcher( (callApmApi) => callApmApi('GET /internal/apm/settings/labs'), @@ -152,7 +157,7 @@ export function LabsFlyout({ onClose }: Props) { > @@ -172,16 +177,27 @@ export function LabsFlyout({ onClose }: Props) { - - {i18n.translate('xpack.apm.labs.reload', { - defaultMessage: 'Reload to apply changes', - })} - + + {i18n.translate('xpack.apm.labs.reload', { + defaultMessage: 'Reload to apply changes', + })} + + diff --git a/x-pack/plugins/observability_solution/apm/public/components/routing/templates/apm_main_template/entities_inventory_callout.tsx b/x-pack/plugins/observability_solution/apm/public/components/routing/templates/apm_main_template/entities_inventory_callout.tsx index 16cc93e2827f26..16eeba5e67ef49 100644 --- a/x-pack/plugins/observability_solution/apm/public/components/routing/templates/apm_main_template/entities_inventory_callout.tsx +++ b/x-pack/plugins/observability_solution/apm/public/components/routing/templates/apm_main_template/entities_inventory_callout.tsx @@ -13,10 +13,10 @@ import { useKibana } from '@kbn/kibana-react-plugin/public'; import { ApmPluginStartDeps } from '../../../../plugin'; interface EntitiesInventoryCalloutProps { - onDissmiss: () => void; + onDismiss: () => void; } -export function EntitiesInventoryCallout({ onDissmiss }: EntitiesInventoryCalloutProps) { +export function EntitiesInventoryCallout({ onDismiss }: EntitiesInventoryCalloutProps) { const { services } = useKibana(); const { observabilityShared } = services; @@ -50,7 +50,7 @@ export function EntitiesInventoryCallout({ onDissmiss }: EntitiesInventoryCallou diff --git a/x-pack/plugins/observability_solution/apm/public/components/routing/templates/apm_main_template/index.tsx b/x-pack/plugins/observability_solution/apm/public/components/routing/templates/apm_main_template/index.tsx index 3f05d872f6d1fc..b7fadf8c12870c 100644 --- a/x-pack/plugins/observability_solution/apm/public/components/routing/templates/apm_main_template/index.tsx +++ b/x-pack/plugins/observability_solution/apm/public/components/routing/templates/apm_main_template/index.tsx @@ -176,7 +176,7 @@ export function ApmMainTemplate({ {showEntitiesInventoryCallout ? ( { + onDismiss={() => { setdismissedEntitiesInventoryCallout(true); }} /> diff --git a/x-pack/plugins/observability_solution/apm/server/assistant_functions/get_apm_dataset_info.ts b/x-pack/plugins/observability_solution/apm/server/assistant_functions/get_apm_dataset_info.ts index a27bdcc3dc8136..72fb4c8c7d2001 100644 --- a/x-pack/plugins/observability_solution/apm/server/assistant_functions/get_apm_dataset_info.ts +++ b/x-pack/plugins/observability_solution/apm/server/assistant_functions/get_apm_dataset_info.ts @@ -164,7 +164,6 @@ export function registerGetApmDatasetInfoFunction({ `, }, }; - }, - ['observability'] + } ); } diff --git a/x-pack/plugins/observability_solution/apm/server/assistant_functions/get_apm_downstream_dependencies.ts b/x-pack/plugins/observability_solution/apm/server/assistant_functions/get_apm_downstream_dependencies.ts index 8a95fe9c898696..478c96e77e5687 100644 --- a/x-pack/plugins/observability_solution/apm/server/assistant_functions/get_apm_downstream_dependencies.ts +++ b/x-pack/plugins/observability_solution/apm/server/assistant_functions/get_apm_downstream_dependencies.ts @@ -67,7 +67,6 @@ export function registerGetApmDownstreamDependenciesFunction({ randomSampler, }), }; - }, - ['observability'] + } ); } diff --git a/x-pack/plugins/observability_solution/apm/server/assistant_functions/get_apm_services_list.ts b/x-pack/plugins/observability_solution/apm/server/assistant_functions/get_apm_services_list.ts index f768c30d8af212..b24c24425b413f 100644 --- a/x-pack/plugins/observability_solution/apm/server/assistant_functions/get_apm_services_list.ts +++ b/x-pack/plugins/observability_solution/apm/server/assistant_functions/get_apm_services_list.ts @@ -84,7 +84,6 @@ export function registerGetApmServicesListFunction({ arguments: args, }), }; - }, - ['observability'] + } ); } diff --git a/x-pack/plugins/observability_solution/apm/server/assistant_functions/get_apm_timeseries.ts b/x-pack/plugins/observability_solution/apm/server/assistant_functions/get_apm_timeseries.ts index dc9152d268adbe..63bdbd422c6586 100644 --- a/x-pack/plugins/observability_solution/apm/server/assistant_functions/get_apm_timeseries.ts +++ b/x-pack/plugins/observability_solution/apm/server/assistant_functions/get_apm_timeseries.ts @@ -138,8 +138,7 @@ export function registerGetApmTimeseriesFunction({ content: timeseries.map((series): Omit => omit(series, 'data')), data: timeseries, }; - }, - ['observability'] + } ); } diff --git a/x-pack/plugins/observability_solution/apm/server/assistant_functions/index.ts b/x-pack/plugins/observability_solution/apm/server/assistant_functions/index.ts index 816f1e17e04990..6a65e6126ff227 100644 --- a/x-pack/plugins/observability_solution/apm/server/assistant_functions/index.ts +++ b/x-pack/plugins/observability_solution/apm/server/assistant_functions/index.ts @@ -49,7 +49,10 @@ export function registerAssistantFunctions({ ruleDataClient: IRuleDataClient; plugins: APMRouteHandlerResources['plugins']; }): RegistrationCallback { - return async ({ resources, functions: { registerFunction } }) => { + return async ({ resources, functions: { registerFunction }, scopes }) => { + if (!scopes.includes('observability')) { + return; + } const apmRouteHandlerResources: MinimalAPMRouteHandlerResources = { context: resources.context, request: resources.request, diff --git a/x-pack/plugins/observability_solution/apm/server/routes/agent_keys/route.ts b/x-pack/plugins/observability_solution/apm/server/routes/agent_keys/route.ts index d8c2cd70768c45..a296b7f8be2842 100644 --- a/x-pack/plugins/observability_solution/apm/server/routes/agent_keys/route.ts +++ b/x-pack/plugins/observability_solution/apm/server/routes/agent_keys/route.ts @@ -91,7 +91,10 @@ const invalidateAgentKeyRoute = createApmServerRoute({ const createAgentKeyRoute = createApmServerRoute({ endpoint: 'POST /api/apm/agent_keys 2023-10-31', - options: { tags: ['access:apm', 'access:apm_settings_write', 'oas-tag:APM agent keys'] }, + options: { + tags: ['access:apm', 'access:apm_settings_write', 'oas-tag:APM agent keys'], + access: 'public', + }, params: t.type({ body: t.type({ name: t.string, diff --git a/x-pack/plugins/observability_solution/apm/server/routes/entities/types.ts b/x-pack/plugins/observability_solution/apm/server/routes/entities/types.ts index 5713c0a2b67fb4..833e565ec00efc 100644 --- a/x-pack/plugins/observability_solution/apm/server/routes/entities/types.ts +++ b/x-pack/plugins/observability_solution/apm/server/routes/entities/types.ts @@ -26,7 +26,6 @@ export interface EntityLatestServiceRaw { interface Entity { id: string; - lastSeenTimestamp: string; - firstSeenTimestamp: string; - identityFields: string[]; + last_seen_timestamp: string; + identity_fields: string[]; } diff --git a/x-pack/plugins/observability_solution/apm/server/routes/entities/utils/merge_entities.test.ts b/x-pack/plugins/observability_solution/apm/server/routes/entities/utils/merge_entities.test.ts index bb5c4f48b41254..e3dd0ef5e0d4e8 100644 --- a/x-pack/plugins/observability_solution/apm/server/routes/entities/utils/merge_entities.test.ts +++ b/x-pack/plugins/observability_solution/apm/server/routes/entities/utils/merge_entities.test.ts @@ -20,9 +20,8 @@ describe('mergeEntities', () => { agent: { name: ['nodejs'] }, source_data_stream: { type: ['metrics', 'logs'] }, entity: { - firstSeenTimestamp: '2024-06-05T10:34:40.810Z', - lastSeenTimestamp: '2024-06-05T10:34:40.810Z', - identityFields: ['service.name', 'service.environment'], + last_seen_timestamp: '2024-06-05T10:34:40.810Z', + identity_fields: ['service.name', 'service.environment'], id: 'service-1:test', }, }, @@ -49,9 +48,8 @@ describe('mergeEntities', () => { agent: { name: ['nodejs'] }, source_data_stream: { type: ['foo'] }, entity: { - firstSeenTimestamp: '2024-03-05T10:34:40.810Z', - lastSeenTimestamp: '2024-03-05T10:34:40.810Z', - identityFields: ['service.name', 'service.environment'], + last_seen_timestamp: '2024-03-05T10:34:40.810Z', + identity_fields: ['service.name', 'service.environment'], id: 'service-1:env-service-1', }, }, @@ -63,9 +61,8 @@ describe('mergeEntities', () => { agent: { name: ['nodejs'] }, source_data_stream: { type: ['bar'] }, entity: { - firstSeenTimestamp: '2024-03-05T10:34:40.810Z', - lastSeenTimestamp: '2024-03-05T10:34:40.810Z', - identityFields: ['service.name', 'service.environment'], + last_seen_timestamp: '2024-03-05T10:34:40.810Z', + identity_fields: ['service.name', 'service.environment'], id: 'apm-only-1:synthtrace-env-2', }, }, @@ -77,9 +74,8 @@ describe('mergeEntities', () => { agent: { name: ['java'] }, source_data_stream: { type: ['baz'] }, entity: { - firstSeenTimestamp: '2024-06-05T10:34:40.810Z', - lastSeenTimestamp: '2024-06-05T10:34:40.810Z', - identityFields: ['service.name', 'service.environment'], + last_seen_timestamp: '2024-06-05T10:34:40.810Z', + identity_fields: ['service.name', 'service.environment'], id: 'service-2:env-service-3', }, }, @@ -91,9 +87,8 @@ describe('mergeEntities', () => { agent: { name: ['java'] }, source_data_stream: { type: ['baz'] }, entity: { - firstSeenTimestamp: '2024-06-05T10:34:40.810Z', - lastSeenTimestamp: '2024-06-05T10:34:40.810Z', - identityFields: ['service.name', 'service.environment'], + last_seen_timestamp: '2024-06-05T10:34:40.810Z', + identity_fields: ['service.name', 'service.environment'], id: 'service-2:env-service-3', }, }, @@ -127,9 +122,8 @@ describe('mergeEntities', () => { agent: { name: ['nodejs'] }, source_data_stream: { type: ['metrics', 'logs'] }, entity: { - firstSeenTimestamp: '2024-06-05T10:34:40.810Z', - lastSeenTimestamp: '2024-06-05T10:34:40.810Z', - identityFields: ['service.name', 'service.environment'], + last_seen_timestamp: '2024-06-05T10:34:40.810Z', + identity_fields: ['service.name', 'service.environment'], id: 'service-1:test', }, }, @@ -141,9 +135,8 @@ describe('mergeEntities', () => { agent: { name: ['nodejs'] }, source_data_stream: { type: ['metrics', 'logs'] }, entity: { - firstSeenTimestamp: '2024-06-05T10:34:40.810Z', - lastSeenTimestamp: '2024-06-05T10:34:40.810Z', - identityFields: ['service.name', 'service.environment'], + last_seen_timestamp: '2024-06-05T10:34:40.810Z', + identity_fields: ['service.name', 'service.environment'], id: 'service-1:test', }, }, @@ -155,9 +148,8 @@ describe('mergeEntities', () => { agent: { name: ['nodejs'] }, source_data_stream: { type: ['foo'] }, entity: { - firstSeenTimestamp: '2024-23-05T10:34:40.810Z', - lastSeenTimestamp: '2024-23-05T10:34:40.810Z', - identityFields: ['service.name', 'service.environment'], + last_seen_timestamp: '2024-23-05T10:34:40.810Z', + identity_fields: ['service.name', 'service.environment'], id: 'service-1:prod', }, }, @@ -183,9 +175,8 @@ describe('mergeEntities', () => { agent: { name: ['nodejs'] }, source_data_stream: { type: [] }, entity: { - firstSeenTimestamp: '2024-06-05T10:34:40.810Z', - lastSeenTimestamp: '2024-06-05T10:34:40.810Z', - identityFields: ['service.name'], + last_seen_timestamp: '2024-06-05T10:34:40.810Z', + identity_fields: ['service.name'], id: 'service-1:test', }, }, @@ -209,9 +200,8 @@ describe('mergeEntities', () => { agent: { name: ['nodejs'] }, source_data_stream: { type: [] }, entity: { - firstSeenTimestamp: '2024-06-05T10:34:40.810Z', - lastSeenTimestamp: '2024-06-05T10:34:40.810Z', - identityFields: ['service.name'], + last_seen_timestamp: '2024-06-05T10:34:40.810Z', + identity_fields: ['service.name'], id: 'service-1:test', }, }, @@ -222,9 +212,8 @@ describe('mergeEntities', () => { agent: { name: ['nodejs'] }, source_data_stream: { type: [] }, entity: { - firstSeenTimestamp: '2024-06-05T10:34:40.810Z', - lastSeenTimestamp: '2024-06-05T10:34:40.810Z', - identityFields: ['service.name'], + last_seen_timestamp: '2024-06-05T10:34:40.810Z', + identity_fields: ['service.name'], id: 'service-1:test', }, }, @@ -250,9 +239,8 @@ describe('mergeEntities', () => { agent: { name: ['nodejs'] }, source_data_stream: { type: [] }, entity: { - firstSeenTimestamp: '2024-06-05T10:34:40.810Z', - lastSeenTimestamp: '2024-06-05T10:34:40.810Z', - identityFields: ['service.name'], + last_seen_timestamp: '2024-06-05T10:34:40.810Z', + identity_fields: ['service.name'], id: 'service-1:test', }, }, @@ -276,9 +264,8 @@ describe('mergeEntities', () => { agent: { name: ['nodejs'] }, source_data_stream: { type: [] }, entity: { - firstSeenTimestamp: '2024-06-05T10:34:40.810Z', - lastSeenTimestamp: '2024-06-05T10:34:40.810Z', - identityFields: ['service.name'], + last_seen_timestamp: '2024-06-05T10:34:40.810Z', + identity_fields: ['service.name'], id: 'service-1:test', }, }, @@ -289,9 +276,8 @@ describe('mergeEntities', () => { agent: { name: ['nodejs'] }, source_data_stream: { type: [] }, entity: { - firstSeenTimestamp: '2024-06-05T10:34:40.810Z', - lastSeenTimestamp: '2024-06-05T10:34:40.810Z', - identityFields: ['service.name'], + last_seen_timestamp: '2024-06-05T10:34:40.810Z', + identity_fields: ['service.name'], id: 'service-1:test', }, }, @@ -318,9 +304,8 @@ describe('mergeEntities', () => { agent: { name: ['nodejs'] }, source_data_stream: { type: ['metrics'] }, entity: { - firstSeenTimestamp: '2024-06-05T10:34:40.810Z', - lastSeenTimestamp: '2024-06-05T10:34:40.810Z', - identityFields: ['service.name', 'service.environment'], + last_seen_timestamp: '2024-06-05T10:34:40.810Z', + identity_fields: ['service.name', 'service.environment'], id: 'service-1:test', }, }, diff --git a/x-pack/plugins/observability_solution/apm/server/routes/entities/utils/merge_entities.ts b/x-pack/plugins/observability_solution/apm/server/routes/entities/utils/merge_entities.ts index e2ccc270b2a868..2f33c4728bd1a7 100644 --- a/x-pack/plugins/observability_solution/apm/server/routes/entities/utils/merge_entities.ts +++ b/x-pack/plugins/observability_solution/apm/server/routes/entities/utils/merge_entities.ts @@ -40,7 +40,7 @@ function mergeFunc(entity: EntityLatestServiceRaw, existingEntity?: MergedServic const commonEntityFields = { serviceName: entity.service.name, agentName: entity.agent.name[0], - lastSeenTimestamp: entity.entity.lastSeenTimestamp, + lastSeenTimestamp: entity.entity.last_seen_timestamp, }; if (!existingEntity) { diff --git a/x-pack/plugins/observability_solution/apm/server/routes/fleet/route.ts b/x-pack/plugins/observability_solution/apm/server/routes/fleet/route.ts index 05b74b3fc9c42e..1355460cc18369 100644 --- a/x-pack/plugins/observability_solution/apm/server/routes/fleet/route.ts +++ b/x-pack/plugins/observability_solution/apm/server/routes/fleet/route.ts @@ -65,7 +65,7 @@ const fleetAgentsRoute = createApmServerRoute({ const saveApmServerSchemaRoute = createApmServerRoute({ endpoint: 'POST /api/apm/fleet/apm_server_schema 2023-10-31', - options: { tags: ['access:apm', 'access:apm_write'] }, + options: { tags: ['access:apm', 'access:apm_write'], access: 'public' }, params: t.type({ body: t.type({ schema: t.record(t.string, t.unknown), diff --git a/x-pack/plugins/observability_solution/apm/server/routes/services/route.ts b/x-pack/plugins/observability_solution/apm/server/routes/services/route.ts index da2a506e3ae3f6..eb810fae503231 100644 --- a/x-pack/plugins/observability_solution/apm/server/routes/services/route.ts +++ b/x-pack/plugins/observability_solution/apm/server/routes/services/route.ts @@ -395,7 +395,7 @@ const serviceAnnotationsRoute = createApmServerRoute({ }), query: t.intersection([environmentRt, rangeRt]), }), - options: { tags: ['access:apm', 'oas-tag:APM annotations'] }, + options: { tags: ['access:apm', 'oas-tag:APM annotations'], access: 'public' }, handler: async (resources): Promise => { const apmEventClient = await getApmEventClient(resources); const { params, plugins, context, request, logger, config } = resources; @@ -440,6 +440,7 @@ const serviceAnnotationsCreateRoute = createApmServerRoute({ endpoint: 'POST /api/apm/services/{serviceName}/annotation 2023-10-31', options: { tags: ['access:apm', 'access:apm_write', 'oas-tag:APM annotations'], + access: 'public', }, params: t.type({ path: t.type({ diff --git a/x-pack/plugins/observability_solution/apm/server/routes/settings/agent_configuration/route.ts b/x-pack/plugins/observability_solution/apm/server/routes/settings/agent_configuration/route.ts index aaf8fb2c486817..bc8109dfa2808e 100644 --- a/x-pack/plugins/observability_solution/apm/server/routes/settings/agent_configuration/route.ts +++ b/x-pack/plugins/observability_solution/apm/server/routes/settings/agent_configuration/route.ts @@ -39,7 +39,7 @@ function throwNotFoundIfAgentConfigNotAvailable(featureFlags: ApmFeatureFlags): // get list of configurations const agentConfigurationRoute = createApmServerRoute({ endpoint: 'GET /api/apm/settings/agent-configuration 2023-10-31', - options: { tags: ['access:apm'] }, + options: { tags: ['access:apm'], access: 'public' }, handler: async ( resources ): Promise<{ @@ -68,7 +68,7 @@ const getSingleAgentConfigurationRoute = createApmServerRoute({ params: t.partial({ query: serviceRt, }), - options: { tags: ['access:apm'] }, + options: { tags: ['access:apm'], access: 'public' }, handler: async (resources): Promise => { throwNotFoundIfAgentConfigNotAvailable(resources.featureFlags); @@ -100,6 +100,7 @@ const deleteAgentConfigurationRoute = createApmServerRoute({ endpoint: 'DELETE /api/apm/settings/agent-configuration 2023-10-31', options: { tags: ['access:apm', 'access:apm_settings_write'], + access: 'public', }, params: t.type({ body: t.type({ @@ -156,6 +157,7 @@ const createOrUpdateAgentConfigurationRoute = createApmServerRoute({ endpoint: 'PUT /api/apm/settings/agent-configuration 2023-10-31', options: { tags: ['access:apm', 'access:apm_settings_write'], + access: 'public', }, params: t.intersection([ t.partial({ query: t.partial({ overwrite: toBooleanRt }) }), @@ -224,7 +226,7 @@ const agentConfigurationSearchRoute = createApmServerRoute({ params: t.type({ body: searchParamsRt, }), - options: { tags: ['access:apm'], disableTelemetry: true }, + options: { tags: ['access:apm'], disableTelemetry: true, access: 'public' }, handler: async ( resources ): Promise | null> => { @@ -286,7 +288,7 @@ const listAgentConfigurationEnvironmentsRoute = createApmServerRoute({ params: t.partial({ query: t.partial({ serviceName: t.string }), }), - options: { tags: ['access:apm'] }, + options: { tags: ['access:apm'], access: 'public' }, handler: async ( resources ): Promise<{ @@ -327,7 +329,7 @@ const agentConfigurationAgentNameRoute = createApmServerRoute({ params: t.type({ query: t.type({ serviceName: t.string }), }), - options: { tags: ['access:apm'] }, + options: { tags: ['access:apm'], access: 'public' }, handler: async (resources): Promise<{ agentName: string | undefined }> => { throwNotFoundIfAgentConfigNotAvailable(resources.featureFlags); diff --git a/x-pack/plugins/observability_solution/apm/server/routes/source_maps/route.ts b/x-pack/plugins/observability_solution/apm/server/routes/source_maps/route.ts index bc92c06416204c..f1f7f3def93ab2 100644 --- a/x-pack/plugins/observability_solution/apm/server/routes/source_maps/route.ts +++ b/x-pack/plugins/observability_solution/apm/server/routes/source_maps/route.ts @@ -49,7 +49,7 @@ function throwNotImplementedIfSourceMapNotAvailable(featureFlags: ApmFeatureFlag const listSourceMapRoute = createApmServerRoute({ endpoint: 'GET /api/apm/sourcemaps 2023-10-31', - options: { tags: ['access:apm'] }, + options: { tags: ['access:apm'], access: 'public' }, params: t.partial({ query: t.partial({ page: toNumberRt, @@ -87,6 +87,7 @@ const uploadSourceMapRoute = createApmServerRoute({ options: { tags: ['access:apm', 'access:apm_write'], body: { accepts: ['multipart/form-data'] }, + access: 'public', }, params: t.type({ body: t.type({ @@ -159,7 +160,7 @@ const uploadSourceMapRoute = createApmServerRoute({ const deleteSourceMapRoute = createApmServerRoute({ endpoint: 'DELETE /api/apm/sourcemaps/{id} 2023-10-31', - options: { tags: ['access:apm', 'access:apm_write'] }, + options: { tags: ['access:apm', 'access:apm_write'], access: 'public' }, params: t.type({ path: t.type({ id: t.string, diff --git a/x-pack/plugins/observability_solution/infra/public/components/asset_details/add_metrics_callout/index.tsx b/x-pack/plugins/observability_solution/infra/public/components/asset_details/add_metrics_callout/index.tsx index c4132a1e29a3a6..bd749baed7114d 100644 --- a/x-pack/plugins/observability_solution/infra/public/components/asset_details/add_metrics_callout/index.tsx +++ b/x-pack/plugins/observability_solution/infra/public/components/asset_details/add_metrics_callout/index.tsx @@ -56,7 +56,7 @@ export function AddMetricsCallout({ id, onDismiss }: AddMetricsCalloutProps) { onAddData={handleAddMetricsClick} onTryIt={handleTryItClick} onLearnMore={handleLearnMoreClick} - onDissmiss={onDismiss && handleDismiss} + onDismiss={onDismiss && handleDismiss} /> ); } diff --git a/x-pack/plugins/observability_solution/inventory/common/entities.ts b/x-pack/plugins/observability_solution/inventory/common/entities.ts index 7df71559aa97ac..d8a056074e3393 100644 --- a/x-pack/plugins/observability_solution/inventory/common/entities.ts +++ b/x-pack/plugins/observability_solution/inventory/common/entities.ts @@ -6,12 +6,6 @@ */ import { ENTITY_LATEST, entitiesAliasPattern } from '@kbn/entities-schema'; import { - HOST_NAME, - SERVICE_ENVIRONMENT, - SERVICE_NAME, - AGENT_NAME, - CLOUD_PROVIDER, - CONTAINER_ID, ENTITY_DEFINITION_ID, ENTITY_DISPLAY_NAME, ENTITY_ID, @@ -22,12 +16,6 @@ import { import { isRight } from 'fp-ts/lib/Either'; import * as t from 'io-ts'; -export const entityTypeRt = t.union([ - t.literal('service'), - t.literal('host'), - t.literal('container'), -]); - export const entityColumnIdsRt = t.union([ t.literal(ENTITY_DISPLAY_NAME), t.literal(ENTITY_LAST_SEEN), @@ -37,8 +25,6 @@ export const entityColumnIdsRt = t.union([ export type EntityColumnIds = t.TypeOf; -export type EntityType = t.TypeOf; - export const defaultEntitySortField: EntityColumnIds = 'alertsCount'; export const MAX_NUMBER_OF_ENTITIES = 500; @@ -48,20 +34,8 @@ export const ENTITIES_LATEST_ALIAS = entitiesAliasPattern({ dataset: ENTITY_LATEST, }); -const BUILTIN_SERVICES_FROM_ECS_DATA = 'builtin_services_from_ecs_data'; -const BUILTIN_HOSTS_FROM_ECS_DATA = 'builtin_hosts_from_ecs_data'; -const BUILTIN_CONTAINERS_FROM_ECS_DATA = 'builtin_containers_from_ecs_data'; - -export const defaultEntityDefinitions = [ - BUILTIN_SERVICES_FROM_ECS_DATA, - BUILTIN_HOSTS_FROM_ECS_DATA, - BUILTIN_CONTAINERS_FROM_ECS_DATA, -]; - -export const defaultEntityTypes: EntityType[] = ['service', 'host', 'container']; - -const entityArrayRt = t.array(entityTypeRt); -export const entityTypesRt = new t.Type( +const entityArrayRt = t.array(t.string); +export const entityTypesRt = new t.Type( 'entityTypesRt', entityArrayRt.is, (input, context) => { @@ -83,37 +57,13 @@ export const entityTypesRt = new t.Type( (arr) => arr.join() ); -interface BaseEntity { +export interface Entity { [ENTITY_LAST_SEEN]: string; [ENTITY_ID]: string; - [ENTITY_TYPE]: EntityType; + [ENTITY_TYPE]: string; [ENTITY_DISPLAY_NAME]: string; [ENTITY_DEFINITION_ID]: string; [ENTITY_IDENTITY_FIELDS]: string | string[]; alertsCount?: number; [key: string]: any; } - -/** - * These types are based on service, host and container from the built in definition. - */ -export interface ServiceEntity extends BaseEntity { - [ENTITY_TYPE]: 'service'; - [SERVICE_NAME]: string; - [SERVICE_ENVIRONMENT]?: string | string[] | null; - [AGENT_NAME]: string | string[] | null; -} - -export interface HostEntity extends BaseEntity { - [ENTITY_TYPE]: 'host'; - [HOST_NAME]: string; - [CLOUD_PROVIDER]: string | string[] | null; -} - -export interface ContainerEntity extends BaseEntity { - [ENTITY_TYPE]: 'container'; - [CONTAINER_ID]: string; - [CLOUD_PROVIDER]: string | string[] | null; -} - -export type Entity = ServiceEntity | HostEntity | ContainerEntity; diff --git a/x-pack/plugins/observability_solution/inventory/common/entitites.test.ts b/x-pack/plugins/observability_solution/inventory/common/entitites.test.ts index 38da7beab8d4f9..c923bda5307468 100644 --- a/x-pack/plugins/observability_solution/inventory/common/entitites.test.ts +++ b/x-pack/plugins/observability_solution/inventory/common/entitites.test.ts @@ -5,7 +5,7 @@ * 2.0. */ import { isLeft, isRight } from 'fp-ts/lib/Either'; -import { type EntityType, entityTypesRt } from './entities'; +import { entityTypesRt } from './entities'; const validate = (input: unknown) => entityTypesRt.decode(input); @@ -28,36 +28,12 @@ describe('entityTypesRt codec', () => { } }); - it('should fail validation when the string contains invalid entity types', () => { - const input = 'service,invalidType,host'; - const result = validate(input); - expect(isLeft(result)).toBe(true); - }); - - it('should fail validation when the array contains invalid entity types', () => { - const input = ['service', 'invalidType', 'host']; - const result = validate(input); - expect(isLeft(result)).toBe(true); - }); - it('should fail validation when input is not a string or array', () => { const input = 123; const result = validate(input); expect(isLeft(result)).toBe(true); }); - it('should fail validation when the array contains non-string elements', () => { - const input = ['service', 123, 'host']; - const result = validate(input); - expect(isLeft(result)).toBe(true); - }); - - it('should fail validation an empty string', () => { - const input = ''; - const result = validate(input); - expect(isLeft(result)).toBe(true); - }); - it('should validate an empty array as valid', () => { const input: unknown[] = []; const result = validate(input); @@ -67,32 +43,14 @@ describe('entityTypesRt codec', () => { } }); - it('should fail validation when the string contains only commas', () => { - const input = ',,,'; - const result = validate(input); - expect(isLeft(result)).toBe(true); - }); - - it('should fail validation for partial valid entities in a string', () => { - const input = 'service,invalidType'; - const result = validate(input); - expect(isLeft(result)).toBe(true); - }); - - it('should fail validation for partial valid entities in an array', () => { - const input = ['service', 'invalidType']; - const result = validate(input); - expect(isLeft(result)).toBe(true); - }); - it('should serialize a valid array back to a string', () => { - const input: EntityType[] = ['service', 'host']; + const input = ['service', 'host']; const serialized = entityTypesRt.encode(input); expect(serialized).toBe('service,host'); }); it('should serialize an empty array back to an empty string', () => { - const input: EntityType[] = []; + const input: string[] = []; const serialized = entityTypesRt.encode(input); expect(serialized).toBe(''); }); diff --git a/x-pack/plugins/observability_solution/inventory/common/utils/parse_identity_field_values_to_kql.test.ts b/x-pack/plugins/observability_solution/inventory/common/utils/parse_identity_field_values_to_kql.test.ts index c4b48410456f8c..8703e995b4446f 100644 --- a/x-pack/plugins/observability_solution/inventory/common/utils/parse_identity_field_values_to_kql.test.ts +++ b/x-pack/plugins/observability_solution/inventory/common/utils/parse_identity_field_values_to_kql.test.ts @@ -9,9 +9,10 @@ import { ENTITY_DEFINITION_ID, ENTITY_DISPLAY_NAME, ENTITY_ID, + ENTITY_IDENTITY_FIELDS, ENTITY_LAST_SEEN, } from '@kbn/observability-shared-plugin/common'; -import { HostEntity, ServiceEntity } from '../entities'; +import type { Entity } from '../entities'; import { parseIdentityFieldValuesToKql } from './parse_identity_field_values_to_kql'; const commonEntityFields = { @@ -24,9 +25,9 @@ const commonEntityFields = { describe('parseIdentityFieldValuesToKql', () => { it('should return the value when identityFields is a single string', () => { - const entity: ServiceEntity = { + const entity: Entity = { 'agent.name': 'node', - 'entity.identityFields': 'service.name', + [ENTITY_IDENTITY_FIELDS]: 'service.name', 'service.name': 'my-service', 'entity.type': 'service', ...commonEntityFields, @@ -37,9 +38,9 @@ describe('parseIdentityFieldValuesToKql', () => { }); it('should return values when identityFields is an array of strings', () => { - const entity: ServiceEntity = { + const entity: Entity = { 'agent.name': 'node', - 'entity.identityFields': ['service.name', 'service.environment'], + [ENTITY_IDENTITY_FIELDS]: ['service.name', 'service.environment'], 'service.name': 'my-service', 'entity.type': 'service', 'service.environment': 'staging', @@ -51,9 +52,9 @@ describe('parseIdentityFieldValuesToKql', () => { }); it('should return an empty string if identityFields is empty string', () => { - const entity: ServiceEntity = { + const entity: Entity = { 'agent.name': 'node', - 'entity.identityFields': '', + [ENTITY_IDENTITY_FIELDS]: '', 'service.name': 'my-service', 'entity.type': 'service', ...commonEntityFields, @@ -63,9 +64,9 @@ describe('parseIdentityFieldValuesToKql', () => { expect(result).toEqual(''); }); it('should return an empty array if identityFields is empty array', () => { - const entity: ServiceEntity = { + const entity: Entity = { 'agent.name': 'node', - 'entity.identityFields': [], + [ENTITY_IDENTITY_FIELDS]: [], 'service.name': 'my-service', 'entity.type': 'service', ...commonEntityFields, @@ -76,8 +77,8 @@ describe('parseIdentityFieldValuesToKql', () => { }); it('should ignore fields that are not present in the entity', () => { - const entity: HostEntity = { - 'entity.identityFields': ['host.name', 'foo.bar'], + const entity: Entity = { + [ENTITY_IDENTITY_FIELDS]: ['host.name', 'foo.bar'], 'host.name': 'my-host', 'entity.type': 'host', 'cloud.provider': null, diff --git a/x-pack/plugins/observability_solution/inventory/e2e/cypress/e2e/home.cy.ts b/x-pack/plugins/observability_solution/inventory/e2e/cypress/e2e/home.cy.ts index 16d14446ef2409..c18f8866475ab1 100644 --- a/x-pack/plugins/observability_solution/inventory/e2e/cypress/e2e/home.cy.ts +++ b/x-pack/plugins/observability_solution/inventory/e2e/cypress/e2e/home.cy.ts @@ -66,11 +66,11 @@ describe('Home page', () => { cy.visitKibana('/app/inventory'); cy.wait('@getEEMStatus'); cy.contains('server1'); - cy.contains('Host'); + cy.contains('host'); cy.contains('synth-node-trace-logs'); - cy.contains('Service'); + cy.contains('service'); cy.contains('foo'); - cy.contains('Container'); + cy.contains('container'); }); it('Navigates to apm when clicking on a service type entity', () => { diff --git a/x-pack/plugins/observability_solution/inventory/public/components/alerts_badge/alerts_badge.test.tsx b/x-pack/plugins/observability_solution/inventory/public/components/alerts_badge/alerts_badge.test.tsx index c60490c8a12b19..60124e7813bc43 100644 --- a/x-pack/plugins/observability_solution/inventory/public/components/alerts_badge/alerts_badge.test.tsx +++ b/x-pack/plugins/observability_solution/inventory/public/components/alerts_badge/alerts_badge.test.tsx @@ -9,7 +9,7 @@ import { type KibanaReactContextValue } from '@kbn/kibana-react-plugin/public'; import { render, screen } from '@testing-library/react'; import { AlertsBadge } from './alerts_badge'; import * as useKibana from '../../hooks/use_kibana'; -import { HostEntity, ServiceEntity } from '../../../common/entities'; +import type { Entity } from '../../../common/entities'; describe('AlertsBadge', () => { jest.spyOn(useKibana, 'useKibana').mockReturnValue({ @@ -27,14 +27,14 @@ describe('AlertsBadge', () => { }); it('render alerts badge for a host entity', () => { - const entity: HostEntity = { - 'entity.lastSeenTimestamp': 'foo', + const entity: Entity = { + 'entity.last_seen_timestamp': 'foo', 'entity.id': '1', 'entity.type': 'host', - 'entity.displayName': 'foo', - 'entity.identityFields': 'host.name', + 'entity.display_name': 'foo', + 'entity.identity_fields': 'host.name', 'host.name': 'foo', - 'entity.definitionId': 'host', + 'entity.definition_id': 'host', 'cloud.provider': null, alertsCount: 1, }; @@ -45,15 +45,15 @@ describe('AlertsBadge', () => { expect(screen.queryByTestId('inventoryAlertsBadgeLink')?.textContent).toEqual('1'); }); it('render alerts badge for a service entity', () => { - const entity: ServiceEntity = { - 'entity.lastSeenTimestamp': 'foo', + const entity: Entity = { + 'entity.last_seen_timestamp': 'foo', 'agent.name': 'node', 'entity.id': '1', 'entity.type': 'service', - 'entity.displayName': 'foo', - 'entity.identityFields': 'service.name', + 'entity.display_name': 'foo', + 'entity.identity_fields': 'service.name', 'service.name': 'bar', - 'entity.definitionId': 'host', + 'entity.definition_id': 'host', 'cloud.provider': null, alertsCount: 5, }; @@ -64,16 +64,16 @@ describe('AlertsBadge', () => { expect(screen.queryByTestId('inventoryAlertsBadgeLink')?.textContent).toEqual('5'); }); it('render alerts badge for a service entity with multiple identity fields', () => { - const entity: ServiceEntity = { - 'entity.lastSeenTimestamp': 'foo', + const entity: Entity = { + 'entity.last_seen_timestamp': 'foo', 'agent.name': 'node', 'entity.id': '1', 'entity.type': 'service', - 'entity.displayName': 'foo', - 'entity.identityFields': ['service.name', 'service.environment'], + 'entity.display_name': 'foo', + 'entity.identity_fields': ['service.name', 'service.environment'], 'service.name': 'bar', 'service.environment': 'prod', - 'entity.definitionId': 'host', + 'entity.definition_id': 'host', 'cloud.provider': null, alertsCount: 2, }; diff --git a/x-pack/plugins/observability_solution/inventory/public/components/entities_grid/entities_grid.stories.tsx b/x-pack/plugins/observability_solution/inventory/public/components/entities_grid/entities_grid.stories.tsx index a89781ad2742ae..047c2e73d0d3ee 100644 --- a/x-pack/plugins/observability_solution/inventory/public/components/entities_grid/entities_grid.stories.tsx +++ b/x-pack/plugins/observability_solution/inventory/public/components/entities_grid/entities_grid.stories.tsx @@ -12,14 +12,13 @@ import React, { useMemo, useState } from 'react'; import { ENTITY_LAST_SEEN, ENTITY_TYPE } from '@kbn/observability-shared-plugin/common'; import { useArgs } from '@storybook/addons'; import { EntitiesGrid } from '.'; -import { EntityType } from '../../../common/entities'; import { entitiesMock } from './mock/entities_mock'; interface EntityGridStoriesArgs { - entityType?: EntityType; + entityType?: string; } -const entityTypeOptions: EntityType[] = ['host', 'container', 'service']; +const entityTypeOptions = ['host', 'container', 'service']; const stories: Meta = { title: 'app/inventory/entities_grid', diff --git a/x-pack/plugins/observability_solution/inventory/public/components/entities_grid/entity_name/entity_name.test.tsx b/x-pack/plugins/observability_solution/inventory/public/components/entities_grid/entity_name/entity_name.test.tsx index 36aad3d8e3a970..2e4f0c319edfcf 100644 --- a/x-pack/plugins/observability_solution/inventory/public/components/entities_grid/entity_name/entity_name.test.tsx +++ b/x-pack/plugins/observability_solution/inventory/public/components/entities_grid/entity_name/entity_name.test.tsx @@ -8,7 +8,7 @@ import { type KibanaReactContextValue } from '@kbn/kibana-react-plugin/public'; import * as useKibana from '../../../hooks/use_kibana'; import { EntityName } from '.'; -import { ContainerEntity, HostEntity, ServiceEntity } from '../../../../common/entities'; +import type { Entity } from '../../../../common/entities'; import { render, screen } from '@testing-library/react'; import React from 'react'; import { ASSET_DETAILS_LOCATOR_ID } from '@kbn/observability-shared-plugin/common/locators/infra/asset_details_locator'; @@ -40,14 +40,14 @@ describe('EntityName', () => { }); it('returns host link', () => { - const entity: HostEntity = { - 'entity.lastSeenTimestamp': 'foo', + const entity: Entity = { + 'entity.last_seen_timestamp': 'foo', 'entity.id': '1', 'entity.type': 'host', - 'entity.displayName': 'foo', - 'entity.identityFields': 'host.name', + 'entity.display_name': 'foo', + 'entity.identity_fields': 'host.name', 'host.name': 'foo', - 'entity.definitionId': 'host', + 'entity.definition_id': 'host', 'cloud.provider': null, }; render(); @@ -58,14 +58,14 @@ describe('EntityName', () => { }); it('returns container link', () => { - const entity: ContainerEntity = { - 'entity.lastSeenTimestamp': 'foo', + const entity: Entity = { + 'entity.last_seen_timestamp': 'foo', 'entity.id': '1', 'entity.type': 'container', - 'entity.displayName': 'foo', - 'entity.identityFields': 'container.id', + 'entity.display_name': 'foo', + 'entity.identity_fields': 'container.id', 'container.id': 'foo', - 'entity.definitionId': 'container', + 'entity.definition_id': 'container', 'cloud.provider': null, }; render(); @@ -76,14 +76,14 @@ describe('EntityName', () => { }); it('returns service link without environment', () => { - const entity: ServiceEntity = { - 'entity.lastSeenTimestamp': 'foo', + const entity: Entity = { + 'entity.last_seen_timestamp': 'foo', 'entity.id': '1', 'entity.type': 'service', - 'entity.displayName': 'foo', - 'entity.identityFields': 'service.name', + 'entity.display_name': 'foo', + 'entity.identity_fields': 'service.name', 'service.name': 'foo', - 'entity.definitionId': 'service', + 'entity.definition_id': 'service', 'agent.name': 'bar', }; render(); @@ -94,14 +94,14 @@ describe('EntityName', () => { }); it('returns service link with environment', () => { - const entity: ServiceEntity = { - 'entity.lastSeenTimestamp': 'foo', + const entity: Entity = { + 'entity.last_seen_timestamp': 'foo', 'entity.id': '1', 'entity.type': 'service', - 'entity.displayName': 'foo', - 'entity.identityFields': 'service.name', + 'entity.display_name': 'foo', + 'entity.identity_fields': 'service.name', 'service.name': 'foo', - 'entity.definitionId': 'service', + 'entity.definition_id': 'service', 'agent.name': 'bar', 'service.environment': 'baz', }; @@ -113,14 +113,14 @@ describe('EntityName', () => { }); it('returns service link with first environment when it is an array', () => { - const entity: ServiceEntity = { - 'entity.lastSeenTimestamp': 'foo', + const entity: Entity = { + 'entity.last_seen_timestamp': 'foo', 'entity.id': '1', 'entity.type': 'service', - 'entity.displayName': 'foo', - 'entity.identityFields': 'service.name', + 'entity.display_name': 'foo', + 'entity.identity_fields': 'service.name', 'service.name': 'foo', - 'entity.definitionId': 'service', + 'entity.definition_id': 'service', 'agent.name': 'bar', 'service.environment': ['baz', 'bar', 'foo'], }; @@ -132,14 +132,14 @@ describe('EntityName', () => { }); it('returns service link identity fields is an array', () => { - const entity: ServiceEntity = { - 'entity.lastSeenTimestamp': 'foo', + const entity: Entity = { + 'entity.last_seen_timestamp': 'foo', 'entity.id': '1', 'entity.type': 'service', - 'entity.displayName': 'foo', - 'entity.identityFields': ['service.name', 'service.environment'], + 'entity.display_name': 'foo', + 'entity.identity_fields': ['service.name', 'service.environment'], 'service.name': 'foo', - 'entity.definitionId': 'service', + 'entity.definition_id': 'service', 'agent.name': 'bar', 'service.environment': 'baz', }; diff --git a/x-pack/plugins/observability_solution/inventory/public/components/entities_grid/index.tsx b/x-pack/plugins/observability_solution/inventory/public/components/entities_grid/index.tsx index 697bc3304753e3..6d65669c61651e 100644 --- a/x-pack/plugins/observability_solution/inventory/public/components/entities_grid/index.tsx +++ b/x-pack/plugins/observability_solution/inventory/public/components/entities_grid/index.tsx @@ -20,13 +20,12 @@ import { ENTITY_LAST_SEEN, ENTITY_TYPE, } from '@kbn/observability-shared-plugin/common'; -import { EntityColumnIds, EntityType } from '../../../common/entities'; +import { EntityColumnIds } from '../../../common/entities'; import { APIReturnType } from '../../api'; import { BadgeFilterWithPopover } from '../badge_filter_with_popover'; import { getColumns } from './grid_columns'; import { AlertsBadge } from '../alerts_badge/alerts_badge'; import { EntityName } from './entity_name'; -import { getEntityTypeLabel } from '../../utils/get_entity_type_label'; type InventoryEntitiesAPIReturnType = APIReturnType<'GET /internal/inventory/entities'>; type LatestEntities = InventoryEntitiesAPIReturnType['entities']; @@ -39,7 +38,7 @@ interface Props { pageIndex: number; onChangeSort: (sorting: EuiDataGridSorting['columns'][0]) => void; onChangePage: (nextPage: number) => void; - onFilterByType: (entityType: EntityType) => void; + onFilterByType: (entityType: string) => void; } const PAGE_SIZE = 20; @@ -95,7 +94,7 @@ export function EntitiesGrid({ onFilterByType(entityType)} /> ); diff --git a/x-pack/plugins/observability_solution/inventory/public/components/entities_grid/mock/entities_mock.ts b/x-pack/plugins/observability_solution/inventory/public/components/entities_grid/mock/entities_mock.ts index 8a34a9f68c7b62..3b7e7afcadb991 100644 --- a/x-pack/plugins/observability_solution/inventory/public/components/entities_grid/mock/entities_mock.ts +++ b/x-pack/plugins/observability_solution/inventory/public/components/entities_grid/mock/entities_mock.ts @@ -11,8 +11,10 @@ import { ENTITY_TYPE, ENTITY_ID, ENTITY_LAST_SEEN, + AGENT_NAME, + CLOUD_PROVIDER, } from '@kbn/observability-shared-plugin/common'; -import { Entity, EntityType } from '../../../../common/entities'; +import { Entity } from '../../../../common/entities'; const idGenerator = () => { let id = 0; @@ -31,11 +33,12 @@ function generateRandomTimestamp() { return randomDate.toISOString(); } -const getEntity = (entityType: EntityType) => ({ +const getEntity = (entityType: string, customFields: Record = {}) => ({ [ENTITY_LAST_SEEN]: generateRandomTimestamp(), [ENTITY_TYPE]: entityType, [ENTITY_DISPLAY_NAME]: faker.person.fullName(), [ENTITY_ID]: generateId(), + ...customFields, }); const alertsMock = [ @@ -58,9 +61,11 @@ const alertsMock = [ }, ]; -const hostsMock = Array.from({ length: 20 }, () => getEntity('host')); +const hostsMock = Array.from({ length: 20 }, () => getEntity('host', { [CLOUD_PROVIDER]: 'gcp' })); const containersMock = Array.from({ length: 20 }, () => getEntity('container')); -const servicesMock = Array.from({ length: 20 }, () => getEntity('service')); +const servicesMock = Array.from({ length: 20 }, () => + getEntity('service', { [AGENT_NAME]: 'java' }) +); export const entitiesMock = [ ...alertsMock, diff --git a/x-pack/plugins/observability_solution/inventory/public/components/entity_icon/index.tsx b/x-pack/plugins/observability_solution/inventory/public/components/entity_icon/index.tsx index c88358405bf122..a62f0026ddfa04 100644 --- a/x-pack/plugins/observability_solution/inventory/public/components/entity_icon/index.tsx +++ b/x-pack/plugins/observability_solution/inventory/public/components/entity_icon/index.tsx @@ -27,35 +27,37 @@ export function EntityIcon({ entity }: EntityIconProps) { const entityType = entity[ENTITY_TYPE]; const defaultIconSize = euiThemeVars.euiSizeL; - switch (entityType) { - case 'host': - case 'container': { - const cloudProvider = getSingleValue( - entity[CLOUD_PROVIDER] as NotNullableCloudProvider | NotNullableCloudProvider[] - ); - return ( - - - - - - ); - } - case 'service': { - const agentName = getSingleValue(entity[AGENT_NAME] as AgentName | AgentName[]); - return ; - } - default: - // Return an empty EuiIcon instead of null to maintain UI alignment across all EntityIcon usages - return ; + if (entityType === 'host' || entityType === 'container') { + const cloudProvider = getSingleValue( + entity[CLOUD_PROVIDER] as NotNullableCloudProvider | NotNullableCloudProvider[] + ); + return ( + + + + + + ); } + + if (entityType === 'service') { + const agentName = getSingleValue(entity[AGENT_NAME] as AgentName | AgentName[]); + return ; + } + + if (entityType.startsWith('kubernetes')) { + return ; + } + + // Return an empty EuiIcon instead of null to maintain UI alignment across all EntityIcon usages + return ; } diff --git a/x-pack/plugins/observability_solution/inventory/public/components/search_bar/discover_button.tsx b/x-pack/plugins/observability_solution/inventory/public/components/search_bar/discover_button.tsx index ee3014e990b0bf..dee05d6f7cdd0d 100644 --- a/x-pack/plugins/observability_solution/inventory/public/components/search_bar/discover_button.tsx +++ b/x-pack/plugins/observability_solution/inventory/public/components/search_bar/discover_button.tsx @@ -17,7 +17,7 @@ import { ENTITY_LAST_SEEN, ENTITY_TYPE, } from '@kbn/observability-shared-plugin/common'; -import { defaultEntityDefinitions, EntityColumnIds } from '../../../common/entities'; +import { ENTITIES_LATEST_ALIAS, EntityColumnIds } from '../../../common/entities'; import { useInventoryParams } from '../../hooks/use_inventory_params'; import { useKibana } from '../../hooks/use_kibana'; @@ -43,7 +43,7 @@ export function DiscoverButton({ dataView }: { dataView: DataView }) { if (entityDefinitionField) { const entityDefinitionFilter = buildPhrasesFilter( entityDefinitionField!, - defaultEntityDefinitions, + [ENTITIES_LATEST_ALIAS], dataView ); filters.push(entityDefinitionFilter); diff --git a/x-pack/plugins/observability_solution/inventory/public/components/search_bar/entity_types_controls.tsx b/x-pack/plugins/observability_solution/inventory/public/components/search_bar/entity_types_controls.tsx index 6e55408d28e8c2..e2d9dba2709f18 100644 --- a/x-pack/plugins/observability_solution/inventory/public/components/search_bar/entity_types_controls.tsx +++ b/x-pack/plugins/observability_solution/inventory/public/components/search_bar/entity_types_controls.tsx @@ -8,19 +8,17 @@ import { EuiComboBox, EuiComboBoxOptionOption } from '@elastic/eui'; import { css } from '@emotion/react'; import { i18n } from '@kbn/i18n'; import React from 'react'; -import { EntityType } from '../../../common/entities'; import { useInventoryAbortableAsync } from '../../hooks/use_inventory_abortable_async'; import { useInventoryParams } from '../../hooks/use_inventory_params'; import { useKibana } from '../../hooks/use_kibana'; -import { getEntityTypeLabel } from '../../utils/get_entity_type_label'; interface Props { - onChange: (entityTypes: EntityType[]) => void; + onChange: (entityTypes: string[]) => void; } -const toComboBoxOption = (entityType: EntityType): EuiComboBoxOptionOption => ({ +const toComboBoxOption = (entityType: string): EuiComboBoxOptionOption => ({ key: entityType, - label: getEntityTypeLabel(entityType), + label: entityType, 'data-test-subj': `entityTypesFilter${entityType}Option`, }); @@ -44,7 +42,7 @@ export function EntityTypesControls({ onChange }: Props) { const selectedOptions = entityTypes.map(toComboBoxOption); return ( - + { - onChange(newOptions.map((option) => option.key as EntityType)); + onChange(newOptions.map((option) => option.key).filter((key): key is string => !!key)); }} isClearable /> diff --git a/x-pack/plugins/observability_solution/inventory/public/components/search_bar/index.tsx b/x-pack/plugins/observability_solution/inventory/public/components/search_bar/index.tsx index 46ef45cfc195d2..40a2164be70315 100644 --- a/x-pack/plugins/observability_solution/inventory/public/components/search_bar/index.tsx +++ b/x-pack/plugins/observability_solution/inventory/public/components/search_bar/index.tsx @@ -9,7 +9,6 @@ import { SearchBarOwnProps } from '@kbn/unified-search-plugin/public/search_bar' import deepEqual from 'fast-deep-equal'; import React, { useCallback, useEffect } from 'react'; import { EuiFlexGroup, EuiFlexItem } from '@elastic/eui'; -import { EntityType } from '../../../common/entities'; import { useInventorySearchBarContext } from '../../context/inventory_search_bar_context_provider'; import { useAdHocInventoryDataView } from '../../hooks/use_adhoc_inventory_data_view'; import { useInventoryParams } from '../../hooks/use_inventory_params'; @@ -52,7 +51,7 @@ export function SearchBar() { }, [syncSearchBarWithUrl]); const handleEntityTypesChange = useCallback( - (nextEntityTypes: EntityType[]) => { + (nextEntityTypes: string[]) => { searchBarContentSubject$.next({ kuery, entityTypes: nextEntityTypes, refresh: false }); }, [kuery, searchBarContentSubject$] diff --git a/x-pack/plugins/observability_solution/inventory/public/context/inventory_search_bar_context_provider/index.tsx b/x-pack/plugins/observability_solution/inventory/public/context/inventory_search_bar_context_provider/index.tsx index fc494651d6f3f9..fbb51c4f0d7e79 100644 --- a/x-pack/plugins/observability_solution/inventory/public/context/inventory_search_bar_context_provider/index.tsx +++ b/x-pack/plugins/observability_solution/inventory/public/context/inventory_search_bar_context_provider/index.tsx @@ -6,12 +6,11 @@ */ import React, { createContext, useContext, type ReactChild } from 'react'; import { Subject } from 'rxjs'; -import { EntityType } from '../../../common/entities'; interface InventorySearchBarContextType { searchBarContentSubject$: Subject<{ kuery?: string; - entityTypes?: EntityType[]; + entityTypes?: string[]; refresh: boolean; }>; } diff --git a/x-pack/plugins/observability_solution/inventory/public/pages/inventory_page/index.tsx b/x-pack/plugins/observability_solution/inventory/public/pages/inventory_page/index.tsx index 965434eeac6d19..00dfb9e24d2ddb 100644 --- a/x-pack/plugins/observability_solution/inventory/public/pages/inventory_page/index.tsx +++ b/x-pack/plugins/observability_solution/inventory/public/pages/inventory_page/index.tsx @@ -7,7 +7,7 @@ import { EuiDataGridSorting } from '@elastic/eui'; import React from 'react'; import useEffectOnce from 'react-use/lib/useEffectOnce'; -import { EntityColumnIds, EntityType } from '../../../common/entities'; +import { EntityColumnIds } from '../../../common/entities'; import { EntitiesGrid } from '../../components/entities_grid'; import { useInventorySearchBarContext } from '../../context/inventory_search_bar_context_provider'; import { useInventoryAbortableAsync } from '../../hooks/use_inventory_abortable_async'; @@ -82,7 +82,7 @@ export function InventoryPage() { }); } - function handleTypeFilter(entityType: EntityType) { + function handleTypeFilter(entityType: string) { inventoryRoute.push('/', { path: {}, query: { diff --git a/x-pack/plugins/observability_solution/inventory/public/utils/get_entity_type_label.test.ts b/x-pack/plugins/observability_solution/inventory/public/utils/get_entity_type_label.test.ts deleted file mode 100644 index e31a169d5d9fab..00000000000000 --- a/x-pack/plugins/observability_solution/inventory/public/utils/get_entity_type_label.test.ts +++ /dev/null @@ -1,31 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { EntityType } from '../../common/entities'; -import { getEntityTypeLabel } from './get_entity_type_label'; - -describe('getEntityTypeLabel', () => { - it('should return "Service" for the "service" entityType', () => { - const label = getEntityTypeLabel('service'); - expect(label).toBe('Service'); - }); - - it('should return "Container" for the "container" entityType', () => { - const label = getEntityTypeLabel('container'); - expect(label).toBe('Container'); - }); - - it('should return "Host" for the "host" entityType', () => { - const label = getEntityTypeLabel('host'); - expect(label).toBe('Host'); - }); - - it('should return "N/A" for an unknown entityType', () => { - const label = getEntityTypeLabel('foo' as EntityType); - expect(label).toBe('N/A'); - }); -}); diff --git a/x-pack/plugins/observability_solution/inventory/public/utils/get_entity_type_label.ts b/x-pack/plugins/observability_solution/inventory/public/utils/get_entity_type_label.ts deleted file mode 100644 index 907ea70f0f0c6c..00000000000000 --- a/x-pack/plugins/observability_solution/inventory/public/utils/get_entity_type_label.ts +++ /dev/null @@ -1,30 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { i18n } from '@kbn/i18n'; -import { EntityType } from '../../common/entities'; - -export function getEntityTypeLabel(entityType: EntityType) { - switch (entityType) { - case 'service': - return i18n.translate('xpack.inventory.entityType.serviceLabel', { - defaultMessage: 'Service', - }); - case 'container': - return i18n.translate('xpack.inventory.entityType.containerLabel', { - defaultMessage: 'Container', - }); - case 'host': - return i18n.translate('xpack.inventory.entityType.hostLabel', { - defaultMessage: 'Host', - }); - default: - return i18n.translate('xpack.inventory.entityType.naLabel', { - defaultMessage: 'N/A', - }); - } -} diff --git a/x-pack/plugins/observability_solution/inventory/server/routes/entities/get_entity_types.ts b/x-pack/plugins/observability_solution/inventory/server/routes/entities/get_entity_types.ts index 8db185f7b619fa..2dfc9b8ccfdf30 100644 --- a/x-pack/plugins/observability_solution/inventory/server/routes/entities/get_entity_types.ts +++ b/x-pack/plugins/observability_solution/inventory/server/routes/entities/get_entity_types.ts @@ -7,8 +7,8 @@ import { type ObservabilityElasticsearchClient } from '@kbn/observability-utils/es/client/create_observability_es_client'; import { ENTITY_TYPE } from '@kbn/observability-shared-plugin/common'; -import { ENTITIES_LATEST_ALIAS, EntityType } from '../../../common/entities'; -import { getEntityDefinitionIdWhereClause, getEntityTypesWhereClause } from './query_helper'; +import { ENTITIES_LATEST_ALIAS } from '../../../common/entities'; +import { getBuiltinEntityDefinitionIdESQLWhereClause } from './query_helper'; export async function getEntityTypes({ inventoryEsClient, @@ -17,11 +17,10 @@ export async function getEntityTypes({ }) { const entityTypesEsqlResponse = await inventoryEsClient.esql('get_entity_types', { query: `FROM ${ENTITIES_LATEST_ALIAS} - | ${getEntityTypesWhereClause()} - | ${getEntityDefinitionIdWhereClause()} + | ${getBuiltinEntityDefinitionIdESQLWhereClause()} | STATS count = COUNT(${ENTITY_TYPE}) BY ${ENTITY_TYPE} `, }); - return entityTypesEsqlResponse.values.map(([_, val]) => val as EntityType); + return entityTypesEsqlResponse.values.map(([_, val]) => val as string); } diff --git a/x-pack/plugins/observability_solution/inventory/server/routes/entities/get_identify_fields.test.ts b/x-pack/plugins/observability_solution/inventory/server/routes/entities/get_identify_fields.test.ts index 90bf2967b894d6..ffd5ba9c6f855c 100644 --- a/x-pack/plugins/observability_solution/inventory/server/routes/entities/get_identify_fields.test.ts +++ b/x-pack/plugins/observability_solution/inventory/server/routes/entities/get_identify_fields.test.ts @@ -5,11 +5,12 @@ * 2.0. */ -import { ContainerEntity, HostEntity, ServiceEntity } from '../../../common/entities'; +import type { Entity } from '../../../common/entities'; import { ENTITY_DEFINITION_ID, ENTITY_DISPLAY_NAME, ENTITY_ID, + ENTITY_IDENTITY_FIELDS, ENTITY_LAST_SEEN, } from '@kbn/observability-shared-plugin/common'; import { getIdentityFieldsPerEntityType } from './get_identity_fields_per_entity_type'; @@ -27,24 +28,24 @@ describe('getIdentityFields', () => { expect(result.size).toBe(0); }); it('should return a Map with unique entity types and their respective identity fields', () => { - const serviceEntity: ServiceEntity = { + const serviceEntity: Entity = { 'agent.name': 'node', - 'entity.identityFields': ['service.name', 'service.environment'], + 'entity.identity_fields': ['service.name', 'service.environment'], 'service.name': 'my-service', 'entity.type': 'service', ...commonEntityFields, }; - const hostEntity: HostEntity = { - 'entity.identityFields': ['host.name'], + const hostEntity: Entity = { + [ENTITY_IDENTITY_FIELDS]: ['host.name'], 'host.name': 'my-host', 'entity.type': 'host', 'cloud.provider': null, ...commonEntityFields, }; - const containerEntity: ContainerEntity = { - 'entity.identityFields': 'container.id', + const containerEntity: Entity = { + [ENTITY_IDENTITY_FIELDS]: 'container.id', 'host.name': 'my-host', 'entity.type': 'container', 'cloud.provider': null, diff --git a/x-pack/plugins/observability_solution/inventory/server/routes/entities/get_identity_fields_per_entity_type.ts b/x-pack/plugins/observability_solution/inventory/server/routes/entities/get_identity_fields_per_entity_type.ts index 0ca4eb9d212392..f54dc8a7f121f2 100644 --- a/x-pack/plugins/observability_solution/inventory/server/routes/entities/get_identity_fields_per_entity_type.ts +++ b/x-pack/plugins/observability_solution/inventory/server/routes/entities/get_identity_fields_per_entity_type.ts @@ -6,9 +6,9 @@ */ import { ENTITY_IDENTITY_FIELDS, ENTITY_TYPE } from '@kbn/observability-shared-plugin/common'; -import { Entity, EntityType } from '../../../common/entities'; +import { Entity } from '../../../common/entities'; -export type IdentityFieldsPerEntityType = Map; +export type IdentityFieldsPerEntityType = Map; export const getIdentityFieldsPerEntityType = (entities: Entity[]) => { const identityFieldsPerEntityType: IdentityFieldsPerEntityType = new Map(); diff --git a/x-pack/plugins/observability_solution/inventory/server/routes/entities/get_latest_entities.ts b/x-pack/plugins/observability_solution/inventory/server/routes/entities/get_latest_entities.ts index e500ce32c3cef9..4fb3b930beaceb 100644 --- a/x-pack/plugins/observability_solution/inventory/server/routes/entities/get_latest_entities.ts +++ b/x-pack/plugins/observability_solution/inventory/server/routes/entities/get_latest_entities.ts @@ -8,15 +8,15 @@ import { type ObservabilityElasticsearchClient } from '@kbn/observability-utils/es/client/create_observability_es_client'; import { kqlQuery } from '@kbn/observability-utils/es/queries/kql_query'; import { esqlResultToPlainObjects } from '@kbn/observability-utils/es/utils/esql_result_to_plain_objects'; -import { ENTITY_LAST_SEEN } from '@kbn/observability-shared-plugin/common'; +import { ENTITY_LAST_SEEN, ENTITY_TYPE } from '@kbn/observability-shared-plugin/common'; +import type { ScalarValue } from '@elastic/elasticsearch/lib/api/types'; import { ENTITIES_LATEST_ALIAS, MAX_NUMBER_OF_ENTITIES, - type EntityType, type Entity, type EntityColumnIds, } from '../../../common/entities'; -import { getEntityDefinitionIdWhereClause, getEntityTypesWhereClause } from './query_helper'; +import { getBuiltinEntityDefinitionIdESQLWhereClause } from './query_helper'; export async function getLatestEntities({ inventoryEsClient, @@ -28,27 +28,35 @@ export async function getLatestEntities({ inventoryEsClient: ObservabilityElasticsearchClient; sortDirection: 'asc' | 'desc'; sortField: EntityColumnIds; - entityTypes?: EntityType[]; + entityTypes?: string[]; kuery?: string; }) { // alertsCount doesn't exist in entities index. Ignore it and sort by entity.lastSeenTimestamp by default. const entitiesSortField = sortField === 'alertsCount' ? ENTITY_LAST_SEEN : sortField; - const request = { - query: `FROM ${ENTITIES_LATEST_ALIAS} - | ${getEntityTypesWhereClause(entityTypes)} - | ${getEntityDefinitionIdWhereClause()} - | SORT ${entitiesSortField} ${sortDirection} - | LIMIT ${MAX_NUMBER_OF_ENTITIES} - `, + const from = `FROM ${ENTITIES_LATEST_ALIAS}`; + const where: string[] = [getBuiltinEntityDefinitionIdESQLWhereClause()]; + const params: ScalarValue[] = []; + + if (entityTypes) { + where.push(`WHERE ${ENTITY_TYPE} IN (${entityTypes.map(() => '?').join()})`); + params.push(...entityTypes.map((entityType) => entityType)); + } + + const sort = `SORT ${entitiesSortField} ${sortDirection}`; + const limit = `LIMIT ${MAX_NUMBER_OF_ENTITIES}`; + + const query = [from, ...where, sort, limit].join(' | '); + + const latestEntitiesEsqlResponse = await inventoryEsClient.esql('get_latest_entities', { + query, filter: { bool: { filter: [...kqlQuery(kuery)], }, }, - }; - - const latestEntitiesEsqlResponse = await inventoryEsClient.esql('get_latest_entities', request); + params, + }); return esqlResultToPlainObjects(latestEntitiesEsqlResponse); } diff --git a/x-pack/plugins/observability_solution/inventory/server/routes/entities/get_latest_entities_alerts.ts b/x-pack/plugins/observability_solution/inventory/server/routes/entities/get_latest_entities_alerts.ts index 4e6ce545a079ee..e969f1d537e99a 100644 --- a/x-pack/plugins/observability_solution/inventory/server/routes/entities/get_latest_entities_alerts.ts +++ b/x-pack/plugins/observability_solution/inventory/server/routes/entities/get_latest_entities_alerts.ts @@ -7,17 +7,17 @@ import { kqlQuery, termQuery } from '@kbn/observability-plugin/server'; import { ALERT_STATUS, ALERT_STATUS_ACTIVE } from '@kbn/rule-data-utils'; +import { ENTITY_TYPE } from '@kbn/observability-shared-plugin/common'; import { AlertsClient } from '../../lib/create_alerts_client.ts/create_alerts_client'; import { getGroupByTermsAgg } from './get_group_by_terms_agg'; import { IdentityFieldsPerEntityType } from './get_identity_fields_per_entity_type'; -import { EntityType } from '../../../common/entities'; interface Bucket { key: Record; doc_count: number; } -type EntityTypeBucketsAggregation = Record; +type EntityTypeBucketsAggregation = Record; export async function getLatestEntitiesAlerts({ alertsClient, @@ -27,7 +27,7 @@ export async function getLatestEntitiesAlerts({ alertsClient: AlertsClient; kuery?: string; identityFieldsPerEntityType: IdentityFieldsPerEntityType; -}): Promise> { +}): Promise> { if (identityFieldsPerEntityType.size === 0) { return []; } @@ -56,7 +56,7 @@ export async function getLatestEntitiesAlerts({ return buckets.map((bucket: Bucket) => ({ alertsCount: bucket.doc_count, - type: entityType, + [ENTITY_TYPE]: entityType, ...bucket.key, })); }); diff --git a/x-pack/plugins/observability_solution/inventory/server/routes/entities/query_helper.ts b/x-pack/plugins/observability_solution/inventory/server/routes/entities/query_helper.ts index 0a3e97418da924..5a8cd08eaa0d8f 100644 --- a/x-pack/plugins/observability_solution/inventory/server/routes/entities/query_helper.ts +++ b/x-pack/plugins/observability_solution/inventory/server/routes/entities/query_helper.ts @@ -5,13 +5,7 @@ * 2.0. */ -import { ENTITY_DEFINITION_ID, ENTITY_TYPE } from '@kbn/observability-shared-plugin/common'; -import { EntityType, defaultEntityTypes, defaultEntityDefinitions } from '../../../common/entities'; +import { ENTITY_DEFINITION_ID } from '@kbn/observability-shared-plugin/common'; -export const getEntityTypesWhereClause = (entityTypes: EntityType[] = defaultEntityTypes) => - `WHERE ${ENTITY_TYPE} IN (${entityTypes.map((entityType) => `"${entityType}"`).join()})`; - -export const getEntityDefinitionIdWhereClause = () => - `WHERE ${ENTITY_DEFINITION_ID} IN (${[...defaultEntityDefinitions] - .map((buildin) => `"${buildin}"`) - .join()})`; +export const getBuiltinEntityDefinitionIdESQLWhereClause = () => + `WHERE ${ENTITY_DEFINITION_ID} LIKE "builtin_*"`; diff --git a/x-pack/plugins/observability_solution/inventory/server/routes/entities/route.ts b/x-pack/plugins/observability_solution/inventory/server/routes/entities/route.ts index eb80f80d02730d..67b3803dd98de2 100644 --- a/x-pack/plugins/observability_solution/inventory/server/routes/entities/route.ts +++ b/x-pack/plugins/observability_solution/inventory/server/routes/entities/route.ts @@ -10,7 +10,7 @@ import { createObservabilityEsClient } from '@kbn/observability-utils/es/client/ import * as t from 'io-ts'; import { orderBy } from 'lodash'; import { joinByKey } from '@kbn/observability-utils/array/join_by_key'; -import { entityTypeRt, entityColumnIdsRt, Entity } from '../../../common/entities'; +import { entityColumnIdsRt, Entity } from '../../../common/entities'; import { createInventoryServerRoute } from '../create_inventory_server_route'; import { getEntityTypes } from './get_entity_types'; import { getLatestEntities } from './get_latest_entities'; @@ -45,7 +45,7 @@ export const listLatestEntitiesRoute = createInventoryServerRoute({ sortDirection: t.union([t.literal('asc'), t.literal('desc')]), }), t.partial({ - entityTypes: jsonRt.pipe(t.array(entityTypeRt)), + entityTypes: jsonRt.pipe(t.array(t.string)), kuery: t.string, }), ]), @@ -53,7 +53,13 @@ export const listLatestEntitiesRoute = createInventoryServerRoute({ options: { tags: ['access:inventory'], }, - handler: async ({ params, context, logger, plugins, request }) => { + handler: async ({ + params, + context, + logger, + plugins, + request, + }): Promise<{ entities: Entity[] }> => { const coreContext = await context.core; const inventoryEsClient = createObservabilityEsClient({ client: coreContext.elasticsearch.client.asCurrentUser, @@ -85,7 +91,7 @@ export const listLatestEntitiesRoute = createInventoryServerRoute({ const joined = joinByKey( [...latestEntities, ...alerts], [...identityFieldsPerEntityType.values()].flat() - ).filter((entity) => entity['entity.id']); + ).filter((entity) => entity['entity.id']) as Entity[]; return { entities: diff --git a/x-pack/plugins/observability_solution/inventory/server/routes/has_data/get_has_data.ts b/x-pack/plugins/observability_solution/inventory/server/routes/has_data/get_has_data.ts index 465e720938b329..27ba8c0fe46c3a 100644 --- a/x-pack/plugins/observability_solution/inventory/server/routes/has_data/get_has_data.ts +++ b/x-pack/plugins/observability_solution/inventory/server/routes/has_data/get_has_data.ts @@ -7,10 +7,7 @@ import type { Logger } from '@kbn/core/server'; import { esqlResultToPlainObjects } from '@kbn/observability-utils/es/utils/esql_result_to_plain_objects'; import { type ObservabilityElasticsearchClient } from '@kbn/observability-utils/es/client/create_observability_es_client'; -import { - getEntityDefinitionIdWhereClause, - getEntityTypesWhereClause, -} from '../entities/query_helper'; +import { getBuiltinEntityDefinitionIdESQLWhereClause } from '../entities/query_helper'; import { ENTITIES_LATEST_ALIAS } from '../../../common/entities'; export async function getHasData({ @@ -23,8 +20,7 @@ export async function getHasData({ try { const esqlResults = await inventoryEsClient.esql('get_has_data', { query: `FROM ${ENTITIES_LATEST_ALIAS} - | ${getEntityDefinitionIdWhereClause()} - | ${getEntityTypesWhereClause()} + | ${getBuiltinEntityDefinitionIdESQLWhereClause()} | STATS _count = COUNT(*) | LIMIT 1`, }); diff --git a/x-pack/plugins/observability_solution/investigate_app/public/pages/details/components/assistant_hypothesis/assistant_hypothesis.tsx b/x-pack/plugins/observability_solution/investigate_app/public/pages/details/components/assistant_hypothesis/assistant_hypothesis.tsx index 2dc76d49c282fd..f63cbb9c016180 100644 --- a/x-pack/plugins/observability_solution/investigate_app/public/pages/details/components/assistant_hypothesis/assistant_hypothesis.tsx +++ b/x-pack/plugins/observability_solution/investigate_app/public/pages/details/components/assistant_hypothesis/assistant_hypothesis.tsx @@ -114,7 +114,7 @@ const formatEntityMetrics = (entity: EntityWithSource): string => { .join(', '); const entitySources = entity.sources.map((source) => source.dataStream).join(', '); return dedent(` - Entity name: ${entity.displayName}; + Entity name: ${entity.display_name}; Entity type: ${entity.type}; Entity metrics: ${entityMetrics}; Entity data streams: ${entitySources} diff --git a/x-pack/plugins/observability_solution/investigate_app/server/services/get_entities.ts b/x-pack/plugins/observability_solution/investigate_app/server/services/get_entities.ts index 00151f2029d218..0aa5d674702e3f 100644 --- a/x-pack/plugins/observability_solution/investigate_app/server/services/get_entities.ts +++ b/x-pack/plugins/observability_solution/investigate_app/server/services/get_entities.ts @@ -22,7 +22,7 @@ import { } from '../clients/create_entities_es_client'; // the official types do not explicitly define sourceIndex in the schema, but it is present in the data at the time of writing this -type EntitiesLatest = z.infer & { sourceIndex: string[] }; +type EntitiesLatest = z.infer & { source_index: string[] }; export async function getEntitiesWithSource({ serviceEnvironment, @@ -51,21 +51,21 @@ export async function getEntitiesWithSource({ for (const response of entityResponses) { const processedEntities = await Promise.all( response.map(async (entity: EntitiesLatest) => { - const sourceIndex = entity?.sourceIndex; + const sourceIndex = entity?.source_index; if (!sourceIndex || !sourceIndex.length) return null; const indices = await esClient.indices.get({ index: sourceIndex }); const sources = await fetchSources(indices); return { - identityFields: entity?.entity.identityFields, + identity_fields: entity?.entity.identity_fields, id: entity?.entity.id, - definitionId: entity?.entity.definitionId, - lastSeenTimestamp: entity?.entity.lastSeenTimestamp, - displayName: entity?.entity.displayName, + definition_id: entity?.entity.definition_id, + last_seen_timestamp: entity?.entity.last_seen_timestamp, + display_name: entity?.entity.display_name, metrics: entity?.entity.metrics, - schemaVersion: entity?.entity.schemaVersion, - definitionVersion: entity?.entity.definitionVersion, + schema_version: entity?.entity.schema_version, + definition_version: entity?.entity.definition_version, type: entity?.entity.type, sources, }; @@ -104,7 +104,7 @@ const getFetchEntitiesPromises = ({ hostName?: string; containerId?: string; serviceEnvironment?: string; -}): Array>> => { +}): Array>> => { const shouldFilterForServiceEnvironment = serviceEnvironment && serviceName && @@ -139,7 +139,7 @@ const getFetchEntitiesPromises = ({ return [containersPromise, hostsPromise, servicesPromise].filter( (promise) => promise !== null - ) as Array>>; + ) as Array>>; }; const getFetchEntityPromise = ({ @@ -152,10 +152,10 @@ const getFetchEntityPromise = ({ shouldFetch: boolean; shouldMatch: QueryDslQueryContainer[]; entitiesEsClient: EntitiesESClient; -}): Promise> | null => { +}): Promise> | null => { return shouldFetch ? entitiesEsClient - .search<{ sourceIndex: string[]; entity: EntitiesLatest['entity'] }>(index, { + .search<{ source_index: string[]; entity: EntitiesLatest['entity'] }>(index, { body: { query: { bool: { @@ -167,7 +167,7 @@ const getFetchEntityPromise = ({ }) .then((response) => { return response.hits.hits.map((hit) => { - return { sourceIndex: hit?._source.sourceIndex, entity: hit._source.entity }; + return { source_index: hit?._source.source_index, entity: hit._source.entity }; }); }) : null; diff --git a/x-pack/plugins/observability_solution/logs_shared/kibana.jsonc b/x-pack/plugins/observability_solution/logs_shared/kibana.jsonc index 10c8fe32cfe9ca..f5e9f76c2ace61 100644 --- a/x-pack/plugins/observability_solution/logs_shared/kibana.jsonc +++ b/x-pack/plugins/observability_solution/logs_shared/kibana.jsonc @@ -11,6 +11,7 @@ "requiredPlugins": [ "charts", "data", + "fieldFormats", "dataViews", "discoverShared", "logsDataAccess", @@ -21,7 +22,7 @@ "optionalPlugins": [ "observabilityAIAssistant", ], - "requiredBundles": ["kibanaUtils", "kibanaReact"], + "requiredBundles": ["kibanaUtils", "kibanaReact", "unifiedDocViewer"], "extraPublicDirs": ["common"] } } diff --git a/x-pack/plugins/observability_solution/logs_shared/public/plugin.ts b/x-pack/plugins/observability_solution/logs_shared/public/plugin.tsx similarity index 97% rename from x-pack/plugins/observability_solution/logs_shared/public/plugin.ts rename to x-pack/plugins/observability_solution/logs_shared/public/plugin.tsx index fc17e9b17cc824..0321651607ed10 100644 --- a/x-pack/plugins/observability_solution/logs_shared/public/plugin.ts +++ b/x-pack/plugins/observability_solution/logs_shared/public/plugin.tsx @@ -61,6 +61,7 @@ export class LogsSharedPlugin implements LogsSharedClientPluginClass { logsDataAccess, observabilityAIAssistant, share, + fieldFormats, } = plugins; const logViews = this.logViews.start({ @@ -71,11 +72,14 @@ export class LogsSharedPlugin implements LogsSharedClientPluginClass { }); const LogsOverview = createLogsOverview({ + core, charts, logsDataAccess, search: data.search.search, uiSettings: settings, share, + dataViews, + fieldFormats, }); if (!observabilityAIAssistant) { diff --git a/x-pack/plugins/observability_solution/logs_shared/public/types.ts b/x-pack/plugins/observability_solution/logs_shared/public/types.ts index 4237c28c621b8e..e2435fa1f4915a 100644 --- a/x-pack/plugins/observability_solution/logs_shared/public/types.ts +++ b/x-pack/plugins/observability_solution/logs_shared/public/types.ts @@ -14,6 +14,7 @@ import type { LogsDataAccessPluginStart } from '@kbn/logs-data-access-plugin/pub import type { ObservabilityAIAssistantPublicStart } from '@kbn/observability-ai-assistant-plugin/public'; import type { SharePluginSetup, SharePluginStart } from '@kbn/share-plugin/public'; import type { UiActionsStart } from '@kbn/ui-actions-plugin/public'; +import { FieldFormatsStart } from '@kbn/field-formats-plugin/public'; import type { LogsSharedLocators } from '../common/locators'; import type { LogAIAssistantProps } from './components/log_ai_assistant/log_ai_assistant'; import type { SelfContainedLogsOverview } from './components/logs_overview'; @@ -44,6 +45,7 @@ export interface LogsSharedClientStartDeps { observabilityAIAssistant?: ObservabilityAIAssistantPublicStart; share: SharePluginStart; uiActions: UiActionsStart; + fieldFormats: FieldFormatsStart; } export type LogsSharedClientCoreSetup = CoreSetup< diff --git a/x-pack/plugins/observability_solution/logs_shared/tsconfig.json b/x-pack/plugins/observability_solution/logs_shared/tsconfig.json index 788f55c9b6fc50..f171c79afccd0a 100644 --- a/x-pack/plugins/observability_solution/logs_shared/tsconfig.json +++ b/x-pack/plugins/observability_solution/logs_shared/tsconfig.json @@ -48,5 +48,6 @@ "@kbn/observability-logs-overview", "@kbn/charts-plugin", "@kbn/core-ui-settings-common", + "@kbn/field-formats-plugin", ] } diff --git a/x-pack/plugins/observability_solution/observability/server/lib/annotations/register_annotation_apis.ts b/x-pack/plugins/observability_solution/observability/server/lib/annotations/register_annotation_apis.ts index 8af247721acb91..59ae964ce88310 100644 --- a/x-pack/plugins/observability_solution/observability/server/lib/annotations/register_annotation_apis.ts +++ b/x-pack/plugins/observability_solution/observability/server/lib/annotations/register_annotation_apis.ts @@ -98,6 +98,9 @@ export function registerAnnotationAPIs({ validate: { body: unknowns, }, + options: { + access: 'public', + }, }, wrapRouteHandler(t.type({ body: createAnnotationRt }), ({ data, client }) => { return client.create(data.body); @@ -110,6 +113,9 @@ export function registerAnnotationAPIs({ validate: { body: unknowns, }, + options: { + access: 'public', + }, }, wrapRouteHandler(t.type({ body: updateAnnotationRt }), ({ data, client }) => { return client.update(data.body); @@ -122,6 +128,9 @@ export function registerAnnotationAPIs({ validate: { params: unknowns, }, + options: { + access: 'public', + }, }, wrapRouteHandler(t.type({ params: deleteAnnotationRt }), ({ data, client }) => { return client.delete(data.params); @@ -134,6 +143,9 @@ export function registerAnnotationAPIs({ validate: { params: unknowns, }, + options: { + access: 'public', + }, }, wrapRouteHandler(t.type({ params: getAnnotationByIdRt }), ({ data, client }) => { return client.getById(data.params); @@ -146,6 +158,9 @@ export function registerAnnotationAPIs({ validate: { query: unknowns, }, + options: { + access: 'public', + }, }, wrapRouteHandler(t.type({ query: findAnnotationRt }), ({ data, client }) => { return client.find(data.query); @@ -158,6 +173,9 @@ export function registerAnnotationAPIs({ validate: { query: unknowns, }, + options: { + access: 'public', + }, }, wrapRouteHandler(t.type({}), ({ client }) => { return client.permissions(); diff --git a/x-pack/plugins/observability_solution/observability/server/plugin.ts b/x-pack/plugins/observability_solution/observability/server/plugin.ts index 6bc21bf5dddf2c..7f9a37a5a26c4d 100644 --- a/x-pack/plugins/observability_solution/observability/server/plugin.ts +++ b/x-pack/plugins/observability_solution/observability/server/plugin.ts @@ -31,6 +31,8 @@ import { METRIC_INVENTORY_THRESHOLD_ALERT_TYPE_ID, OBSERVABILITY_THRESHOLD_RULE_TYPE_ID, SLO_BURN_RATE_RULE_TYPE_ID, + SYNTHETICS_STATUS_RULE, + SYNTHETICS_TLS_RULE, } from '@kbn/rule-data-utils'; import { RuleRegistryPluginSetupContract } from '@kbn/rule-registry-plugin/server'; import { SharePluginSetup } from '@kbn/share-plugin/server'; @@ -83,6 +85,8 @@ const o11yRuleTypes = [ ML_ANOMALY_DETECTION_RULE_TYPE_ID, METRIC_INVENTORY_THRESHOLD_ALERT_TYPE_ID, ...Object.values(ApmRuleType), + SYNTHETICS_STATUS_RULE, + SYNTHETICS_TLS_RULE, ]; export class ObservabilityPlugin implements Plugin { diff --git a/x-pack/plugins/observability_solution/observability/server/routes/assistant/route.ts b/x-pack/plugins/observability_solution/observability/server/routes/assistant/route.ts index e6e04704971d22..f5c6c393371c5e 100644 --- a/x-pack/plugins/observability_solution/observability/server/routes/assistant/route.ts +++ b/x-pack/plugins/observability_solution/observability/server/routes/assistant/route.ts @@ -13,6 +13,7 @@ const getObservabilityAlertDetailsContextRoute = createObservabilityServerRoute( endpoint: 'GET /internal/observability/assistant/alert_details_contextual_insights', options: { tags: [], + access: 'internal', }, params: t.type({ query: alertDetailsContextRt, diff --git a/x-pack/plugins/observability_solution/observability/server/routes/rules/route.ts b/x-pack/plugins/observability_solution/observability/server/routes/rules/route.ts index c33f58f6ea75f2..909b11cb713a90 100644 --- a/x-pack/plugins/observability_solution/observability/server/routes/rules/route.ts +++ b/x-pack/plugins/observability_solution/observability/server/routes/rules/route.ts @@ -13,6 +13,7 @@ const alertsDynamicIndexPatternRoute = createObservabilityServerRoute({ endpoint: 'GET /api/observability/rules/alerts/dynamic_index_pattern 2023-10-31', options: { tags: [], + access: 'public', }, params: t.type({ query: t.type({ diff --git a/x-pack/plugins/observability_solution/observability_ai_assistant/common/functions/types.ts b/x-pack/plugins/observability_solution/observability_ai_assistant/common/functions/types.ts index 5b93005a7fc267..bd786e9ba3c75d 100644 --- a/x-pack/plugins/observability_solution/observability_ai_assistant/common/functions/types.ts +++ b/x-pack/plugins/observability_solution/observability_ai_assistant/common/functions/types.ts @@ -6,7 +6,6 @@ */ import type { JSONSchema7TypeName } from 'json-schema'; import type { Observable } from 'rxjs'; -import type { AssistantScope } from '@kbn/ai-assistant-common'; import { ChatCompletionChunkEvent, MessageAddEvent } from '../conversation_complete'; import { FunctionVisibility } from './function_visibility'; export { FunctionVisibility }; @@ -42,7 +41,6 @@ export interface FunctionDefinition; diff --git a/x-pack/plugins/observability_solution/observability_ai_assistant/public/components/insight/insight.tsx b/x-pack/plugins/observability_solution/observability_ai_assistant/public/components/insight/insight.tsx index 08bf1414b15b5d..562749f24cc9de 100644 --- a/x-pack/plugins/observability_solution/observability_ai_assistant/public/components/insight/insight.tsx +++ b/x-pack/plugins/observability_solution/observability_ai_assistant/public/components/insight/insight.tsx @@ -56,7 +56,7 @@ function ChatContent({ }) { const service = useObservabilityAIAssistant(); const chatService = useObservabilityAIAssistantChatService(); - const scope = chatService.getScope(); + const scopes = chatService.getScopes(); const initialMessagesRef = useRef(initialMessages); @@ -69,7 +69,7 @@ function ChatContent({ initialMessages, persist: false, disableFunctions: true, - scope, + scopes, }); const lastAssistantResponse = getLastMessageOfType( diff --git a/x-pack/plugins/observability_solution/observability_ai_assistant/public/hooks/use_chat.test.ts b/x-pack/plugins/observability_solution/observability_ai_assistant/public/hooks/use_chat.test.ts index 28e2a3709a3558..e21eda9e09c660 100644 --- a/x-pack/plugins/observability_solution/observability_ai_assistant/public/hooks/use_chat.test.ts +++ b/x-pack/plugins/observability_solution/observability_ai_assistant/public/hooks/use_chat.test.ts @@ -39,7 +39,7 @@ const mockChatService: MockedChatService = { role: MessageRole.System, }, }), - getScope: jest.fn(), + getScopes: jest.fn(), }; const addErrorMock = jest.fn(); @@ -83,7 +83,7 @@ describe('useChat', () => { service: { getScreenContexts: () => [], } as unknown as ObservabilityAIAssistantService, - scope: 'observability', + scopes: ['observability'], } as UseChatProps, }); }); @@ -113,7 +113,7 @@ describe('useChat', () => { service: { getScreenContexts: () => [], } as unknown as ObservabilityAIAssistantService, - scope: 'observability', + scopes: ['observability'], } as UseChatProps, }); diff --git a/x-pack/plugins/observability_solution/observability_ai_assistant/public/hooks/use_chat.ts b/x-pack/plugins/observability_solution/observability_ai_assistant/public/hooks/use_chat.ts index 48884664ec646c..86aeb8f519e875 100644 --- a/x-pack/plugins/observability_solution/observability_ai_assistant/public/hooks/use_chat.ts +++ b/x-pack/plugins/observability_solution/observability_ai_assistant/public/hooks/use_chat.ts @@ -56,7 +56,7 @@ interface UseChatPropsWithoutContext { disableFunctions?: boolean; onConversationUpdate?: (event: ConversationCreateEvent | ConversationUpdateEvent) => void; onChatComplete?: (messages: Message[]) => void; - scope: AssistantScope; + scopes: AssistantScope[]; } export type UseChatProps = Omit; @@ -72,7 +72,7 @@ function useChatWithoutContext({ onChatComplete, persist, disableFunctions, - scope, + scopes, }: UseChatPropsWithoutContext): UseChatResult { const [chatState, setChatState] = useState(ChatState.Ready); const systemMessage = useMemo(() => { @@ -165,7 +165,7 @@ function useChatWithoutContext({ disableFunctions: disableFunctions ?? false, signal: abortControllerRef.current.signal, conversationId, - scope, + scopes, }); function getPendingMessages() { @@ -264,7 +264,7 @@ function useChatWithoutContext({ disableFunctions, service, systemMessage, - scope, + scopes, ] ); diff --git a/x-pack/plugins/observability_solution/observability_ai_assistant/public/mock.tsx b/x-pack/plugins/observability_solution/observability_ai_assistant/public/mock.tsx index 0731f26476da3b..7be61a65e263d3 100644 --- a/x-pack/plugins/observability_solution/observability_ai_assistant/public/mock.tsx +++ b/x-pack/plugins/observability_solution/observability_ai_assistant/public/mock.tsx @@ -47,7 +47,7 @@ export const mockChatService: ObservabilityAIAssistantChatService = { content: 'System', }, }), - getScope: jest.fn(), + getScopes: jest.fn(), }; export const mockService: ObservabilityAIAssistantService = { @@ -64,9 +64,9 @@ export const mockService: ObservabilityAIAssistantService = { predefinedConversation$: new Observable(), }, navigate: async () => of(), - setScope: jest.fn(), - getScope: jest.fn(), - scope$: new BehaviorSubject('all'), + setScopes: jest.fn(), + getScopes: jest.fn(), + scope$: new BehaviorSubject(['all']), }; function createSetupContract(): ObservabilityAIAssistantPublicSetup { diff --git a/x-pack/plugins/observability_solution/observability_ai_assistant/public/plugin.tsx b/x-pack/plugins/observability_solution/observability_ai_assistant/public/plugin.tsx index cb9cc7d9411478..2753b750dc2880 100644 --- a/x-pack/plugins/observability_solution/observability_ai_assistant/public/plugin.tsx +++ b/x-pack/plugins/observability_solution/observability_ai_assistant/public/plugin.tsx @@ -67,7 +67,7 @@ export class ObservabilityAIAssistantPlugin coreStart.application.capabilities.observabilityAIAssistant[ aiAssistantCapabilities.show ] === true, - scope: this.scopeFromConfig || 'observability', + scopes: this.scopeFromConfig ? [this.scopeFromConfig] : ['all'], scopeIsMutable: !!this.scopeFromConfig, })); diff --git a/x-pack/plugins/observability_solution/observability_ai_assistant/public/service/complete.test.ts b/x-pack/plugins/observability_solution/observability_ai_assistant/public/service/complete.test.ts index 9d8338f2d3892d..dd69c8e309989f 100644 --- a/x-pack/plugins/observability_solution/observability_ai_assistant/public/service/complete.test.ts +++ b/x-pack/plugins/observability_solution/observability_ai_assistant/public/service/complete.test.ts @@ -102,7 +102,7 @@ describe('complete', () => { disableFunctions: false, signal: new AbortController().signal, ...params, - scope: 'all', + scopes: ['all'], }, requestCallback ); diff --git a/x-pack/plugins/observability_solution/observability_ai_assistant/public/service/complete.ts b/x-pack/plugins/observability_solution/observability_ai_assistant/public/service/complete.ts index 6e03683b44064b..6cc08054e67a39 100644 --- a/x-pack/plugins/observability_solution/observability_ai_assistant/public/service/complete.ts +++ b/x-pack/plugins/observability_solution/observability_ai_assistant/public/service/complete.ts @@ -43,7 +43,7 @@ export function complete( disableFunctions, signal, instructions, - scope, + scopes, }: { client: Pick; getScreenContexts: () => ObservabilityAIAssistantScreenContext[]; @@ -66,7 +66,7 @@ export function complete( screenContexts, conversationId, instructions, - scope, + scopes, }, }, }).pipe(shareReplay()); @@ -133,7 +133,7 @@ export function complete( persist, disableFunctions, instructions, - scope, + scopes, }, requestCallback ).subscribe(subscriber); diff --git a/x-pack/plugins/observability_solution/observability_ai_assistant/public/service/create_chat_service.test.ts b/x-pack/plugins/observability_solution/observability_ai_assistant/public/service/create_chat_service.test.ts index 05e0a89c4b7ad0..f059196f2e681c 100644 --- a/x-pack/plugins/observability_solution/observability_ai_assistant/public/service/create_chat_service.test.ts +++ b/x-pack/plugins/observability_solution/observability_ai_assistant/public/service/create_chat_service.test.ts @@ -56,7 +56,7 @@ describe('createChatService', () => { } beforeEach(async () => { - clientSpy.mockImplementationOnce(async () => { + clientSpy.mockImplementation(async () => { return { functionDefinitions: [], contextDefinitions: [], @@ -71,7 +71,7 @@ describe('createChatService', () => { apiClient: clientSpy, registrations: [], signal: new AbortController().signal, - scope$: new BehaviorSubject('observability'), + scope$: new BehaviorSubject(['observability']), }); }); @@ -85,7 +85,7 @@ describe('createChatService', () => { signal, messages: [], connectorId: '', - scope: 'observability', + scopes: ['observability'], }); } diff --git a/x-pack/plugins/observability_solution/observability_ai_assistant/public/service/create_chat_service.ts b/x-pack/plugins/observability_solution/observability_ai_assistant/public/service/create_chat_service.ts index 04520cb70a588a..e3ccb383198968 100644 --- a/x-pack/plugins/observability_solution/observability_ai_assistant/public/service/create_chat_service.ts +++ b/x-pack/plugins/observability_solution/observability_ai_assistant/public/service/create_chat_service.ts @@ -144,7 +144,7 @@ class ChatService { private renderFunctionRegistry: Map>; private abortSignal: AbortSignal; private apiClient: ObservabilityAIAssistantAPIClient; - public scope$: BehaviorSubject; + public scope$: BehaviorSubject; private analytics: AnalyticsServiceStart; private registrations: ChatRegistrationRenderFunction[]; private systemMessage: string; @@ -159,7 +159,7 @@ class ChatService { }: { abortSignal: AbortSignal; apiClient: ObservabilityAIAssistantAPIClient; - scope$: BehaviorSubject; + scope$: BehaviorSubject; analytics: AnalyticsServiceStart; registrations: ChatRegistrationRenderFunction[]; }) { @@ -186,15 +186,21 @@ class ChatService { async initialize() { this.functionRegistry = new Map(); - const [{ functionDefinitions, systemMessage }] = await Promise.all([ - this.apiClient('GET /internal/observability_ai_assistant/{scope}/functions', { - signal: this.abortSignal, - params: { - path: { - scope: this.getScope(), - }, + const systemMessages: string[] = []; + const scopePromise = this.apiClient('GET /internal/observability_ai_assistant/functions', { + signal: this.abortSignal, + params: { + query: { + scopes: this.getScopes(), }, - }), + }, + }).then(({ functionDefinitions, systemMessage }) => { + functionDefinitions.forEach((fn) => this.functionRegistry.set(fn.name, fn)); + systemMessages.push(systemMessage); + }); + + await Promise.all([ + scopePromise, ...this.registrations.map((registration) => { return registration({ registerRenderFunction: (name, renderFn) => { @@ -204,10 +210,7 @@ class ChatService { }), ]); - functionDefinitions.forEach((fn) => { - this.functionRegistry.set(fn.name, fn); - }); - this.systemMessage = systemMessage; + this.systemMessage = systemMessages.join('\n'); this.functions$.next(this.getFunctions()); } @@ -249,10 +252,6 @@ class ChatService { return filterFunctionDefinitions({ ...options, definitions: Array.from(this.functionRegistry.values()), - }).filter((value) => { - return value.scopes - ? value.scopes?.includes(this.getScope()) || value.scopes?.includes('all') - : true; }); }; @@ -301,7 +300,7 @@ class ChatService { connectorId, functionCall, functions: functions ?? [], - scope: this.getScope(), + scopes: this.getScopes(), }, }, signal, @@ -334,7 +333,7 @@ class ChatService { signal, client: this.getClient(), instructions, - scope: this.getScope(), + scopes: this.getScopes(), }, ({ params }) => { return this.callStreamingApi('POST /internal/observability_ai_assistant/chat/complete', { @@ -345,7 +344,7 @@ class ChatService { ); }; - public getScope() { + public getScopes() { return this.scope$.value; } } @@ -361,7 +360,7 @@ export async function createChatService({ signal: AbortSignal; registrations: ChatRegistrationRenderFunction[]; apiClient: ObservabilityAIAssistantAPIClient; - scope$: BehaviorSubject; + scope$: BehaviorSubject; }): Promise { return new ChatService({ analytics, diff --git a/x-pack/plugins/observability_solution/observability_ai_assistant/public/service/create_mock_chat_service.ts b/x-pack/plugins/observability_solution/observability_ai_assistant/public/service/create_mock_chat_service.ts index 9af669242e436e..0559d65a14a81a 100644 --- a/x-pack/plugins/observability_solution/observability_ai_assistant/public/service/create_mock_chat_service.ts +++ b/x-pack/plugins/observability_solution/observability_ai_assistant/public/service/create_mock_chat_service.ts @@ -29,7 +29,7 @@ export const createMockChatService = (): MockedChatService => { content: 'system', }, }), - getScope: jest.fn(), + getScopes: jest.fn(), }; return mockChatService; }; diff --git a/x-pack/plugins/observability_solution/observability_ai_assistant/public/service/create_service.ts b/x-pack/plugins/observability_solution/observability_ai_assistant/public/service/create_service.ts index 22d1b9c792f7fa..07f967a4028d9e 100644 --- a/x-pack/plugins/observability_solution/observability_ai_assistant/public/service/create_service.ts +++ b/x-pack/plugins/observability_solution/observability_ai_assistant/public/service/create_service.ts @@ -20,13 +20,13 @@ export function createService({ analytics, coreStart, enabled, - scope, + scopes, scopeIsMutable, }: { analytics: AnalyticsServiceStart; coreStart: CoreStart; enabled: boolean; - scope: AssistantScope; + scopes: [AssistantScope]; scopeIsMutable: boolean; }): ObservabilityAIAssistantService { const apiClient = createCallObservabilityAIAssistantAPI(coreStart); @@ -38,13 +38,13 @@ export function createService({ ]); const predefinedConversation$ = new Subject<{ messages: Message[]; title?: string }>(); - const scope$ = new BehaviorSubject(scope); + const scope$ = new BehaviorSubject(scopes); const getScreenContexts = () => { - const currentScope = scope$.value; + const currentScopes = scope$.value; const screenContexts = screenContexts$.value.map(({ starterPrompts, ...rest }) => ({ ...rest, - starterPrompts: starterPrompts?.filter(filterScopes(currentScope)), + starterPrompts: starterPrompts?.filter(filterScopes(currentScopes)), })); return screenContexts; }; @@ -58,7 +58,13 @@ export function createService({ }, start: async ({ signal }) => { const mod = await import('./create_chat_service'); - return await mod.createChatService({ analytics, apiClient, signal, registrations, scope$ }); + return await mod.createChatService({ + analytics, + apiClient, + signal, + registrations, + scope$, + }); }, callApi: apiClient, getScreenContexts, @@ -103,12 +109,12 @@ export function createService({ }, predefinedConversation$: predefinedConversation$.asObservable(), }, - setScope: (newScope: AssistantScope) => { + setScopes: (newScopes: AssistantScope[]) => { if (!scopeIsMutable) { - scope$.next(newScope); + scope$.next(newScopes); } }, - getScope: () => scope$.value, + getScopes: () => scope$.value, scope$, }; } diff --git a/x-pack/plugins/observability_solution/observability_ai_assistant/public/storybook_mock.tsx b/x-pack/plugins/observability_solution/observability_ai_assistant/public/storybook_mock.tsx index 19d51bf4c66d19..004ad25aa4a86b 100644 --- a/x-pack/plugins/observability_solution/observability_ai_assistant/public/storybook_mock.tsx +++ b/x-pack/plugins/observability_solution/observability_ai_assistant/public/storybook_mock.tsx @@ -40,7 +40,7 @@ export const createStorybookChatService = (): ObservabilityAIAssistantChatServic functions$: new BehaviorSubject( [] ) as ObservabilityAIAssistantChatService['functions$'], - getScope: () => 'all', + getScopes: () => ['all'], }); export const createStorybookService = (): ObservabilityAIAssistantService => ({ @@ -57,7 +57,9 @@ export const createStorybookService = (): ObservabilityAIAssistantService => ({ predefinedConversation$: new Observable(), }, navigate: async () => of(), - scope$: new BehaviorSubject('all') as ObservabilityAIAssistantService['scope$'], - getScope: () => 'all', - setScope: () => {}, + scope$: new BehaviorSubject([ + 'all', + ]) as ObservabilityAIAssistantService['scope$'], + getScopes: () => ['all'], + setScopes: () => {}, }); diff --git a/x-pack/plugins/observability_solution/observability_ai_assistant/public/types.ts b/x-pack/plugins/observability_solution/observability_ai_assistant/public/types.ts index b13d81faa3a3b3..becc21f59c5f45 100644 --- a/x-pack/plugins/observability_solution/observability_ai_assistant/public/types.ts +++ b/x-pack/plugins/observability_solution/observability_ai_assistant/public/types.ts @@ -54,7 +54,7 @@ export interface ObservabilityAIAssistantChatService { functions?: Array>; functionCall?: string; signal: AbortSignal; - scope: AssistantScope; + scopes: AssistantScope[]; } ) => Observable; complete: (options: { @@ -70,12 +70,12 @@ export interface ObservabilityAIAssistantChatService { }; signal: AbortSignal; instructions?: AdHocInstruction[]; - scope: AssistantScope; + scopes: AssistantScope[]; }) => Observable; getFunctions: (options?: { contexts?: string[]; filter?: string; - scope: AssistantScope; + scopes: AssistantScope[]; }) => FunctionDefinition[]; functions$: BehaviorSubject; hasFunction: (name: string) => boolean; @@ -87,7 +87,7 @@ export interface ObservabilityAIAssistantChatService { response: { data?: string; content?: string }, onActionClick: ChatActionClickHandler ) => React.ReactNode; - getScope: () => AssistantScope; + getScopes: () => AssistantScope[]; } export interface ObservabilityAIAssistantConversationService { @@ -104,9 +104,9 @@ export interface ObservabilityAIAssistantService { getScreenContexts: () => ObservabilityAIAssistantScreenContext[]; conversations: ObservabilityAIAssistantConversationService; navigate: (callback: () => void) => Promise>; - scope$: BehaviorSubject; - setScope: (scope: AssistantScope) => void; - getScope: () => AssistantScope; + scope$: BehaviorSubject; + setScopes: (scope: AssistantScope[]) => void; + getScopes: () => AssistantScope[]; } export type RenderFunction = (options: { diff --git a/x-pack/plugins/observability_solution/observability_ai_assistant/server/functions/context.ts b/x-pack/plugins/observability_solution/observability_ai_assistant/server/functions/context.ts index 61448d297e4d34..fd579686171878 100644 --- a/x-pack/plugins/observability_solution/observability_ai_assistant/server/functions/context.ts +++ b/x-pack/plugins/observability_solution/observability_ai_assistant/server/functions/context.ts @@ -115,7 +115,6 @@ export function registerContextFunction({ subscriber.complete(); }); }); - }, - ['all'] + } ); } diff --git a/x-pack/plugins/observability_solution/observability_ai_assistant/server/functions/elasticsearch.ts b/x-pack/plugins/observability_solution/observability_ai_assistant/server/functions/elasticsearch.ts index 71a0cfa4bbde05..6008b53dd42c55 100644 --- a/x-pack/plugins/observability_solution/observability_ai_assistant/server/functions/elasticsearch.ts +++ b/x-pack/plugins/observability_solution/observability_ai_assistant/server/functions/elasticsearch.ts @@ -48,7 +48,6 @@ export function registerElasticsearchFunction({ }); return { content: { response } }; - }, - ['all'] + } ); } diff --git a/x-pack/plugins/observability_solution/observability_ai_assistant/server/functions/execute_connector.ts b/x-pack/plugins/observability_solution/observability_ai_assistant/server/functions/execute_connector.ts index bfe04cb56e8cfd..0088e35a6f6af0 100644 --- a/x-pack/plugins/observability_solution/observability_ai_assistant/server/functions/execute_connector.ts +++ b/x-pack/plugins/observability_solution/observability_ai_assistant/server/functions/execute_connector.ts @@ -38,7 +38,6 @@ export function registerExecuteConnectorFunction({ ).getActionsClientWithRequest(resources.request); const content = await actionsClient.execute({ actionId: id, params }); return { content }; - }, - ['all'] + } ); } diff --git a/x-pack/plugins/observability_solution/observability_ai_assistant/server/functions/get_dataset_info/index.ts b/x-pack/plugins/observability_solution/observability_ai_assistant/server/functions/get_dataset_info/index.ts index 9b20d364ef7d90..57cac3a4e0c0f1 100644 --- a/x-pack/plugins/observability_solution/observability_ai_assistant/server/functions/get_dataset_info/index.ts +++ b/x-pack/plugins/observability_solution/observability_ai_assistant/server/functions/get_dataset_info/index.ts @@ -94,7 +94,6 @@ export function registerGetDatasetInfoFunction({ stats: relevantFieldNames.stats, }, }; - }, - ['all'] + } ); } diff --git a/x-pack/plugins/observability_solution/observability_ai_assistant/server/functions/index.ts b/x-pack/plugins/observability_solution/observability_ai_assistant/server/functions/index.ts index a5333ee1a7ffc3..0313d29d3b2098 100644 --- a/x-pack/plugins/observability_solution/observability_ai_assistant/server/functions/index.ts +++ b/x-pack/plugins/observability_solution/observability_ai_assistant/server/functions/index.ts @@ -28,20 +28,47 @@ export const registerFunctions: RegistrationCallback = async ({ functions, resources, signal, + scopes, }) => { const registrationParameters: FunctionRegistrationParameters = { client, functions, resources, signal, + scopes, }; const isServerless = !!resources.plugins.serverless; + if (scopes.includes('observability')) { + functions.registerInstruction(`You are a helpful assistant for Elastic Observability. Your goal is to help the Elastic Observability users to quickly assess what is happening in their observed systems. You can help them visualise and analyze data, investigate their systems, perform root cause analysis or identify optimisation opportunities. - functions.registerInstruction({ - instruction: `You are a helpful assistant for Elastic Observability. Your goal is to help the Elastic Observability users to quickly assess what is happening in their observed systems. You can help them visualise and analyze data, investigate their systems, perform root cause analysis or identify optimisation opportunities. + It's very important to not assume what the user is meaning. Ask them for clarification if needed. - It's very important to not assume what the user is meaning. Ask them for clarification if needed. + If you are unsure about which function should be used and with what arguments, ask the user for clarification or confirmation. + + In KQL ("kqlFilter")) escaping happens with double quotes, not single quotes. Some characters that need escaping are: ':()\\\ + /\". Always put a field value in double quotes. Best: service.name:\"opbeans-go\". Wrong: service.name:opbeans-go. This is very important! + + You can use Github-flavored Markdown in your responses. If a function returns an array, consider using a Markdown table to format the response. + + Note that ES|QL (the Elasticsearch Query Language which is a new piped language) is the preferred query language. + + If you want to call a function or tool, only call it a single time per message. Wait until the function has been executed and its results + returned to you, before executing the same tool or another tool again if needed. + + DO NOT UNDER ANY CIRCUMSTANCES USE ES|QL syntax (\`service.name == "foo"\`) with "kqlFilter" (\`service.name:"foo"\`). + + The user is able to change the language which they want you to reply in on the settings page of the AI Assistant for Observability and Search, which can be found in the ${ + isServerless ? `Project settings.` : `Stack Management app under the option AI Assistants` + }. + If the user asks how to change the language, reply in the same language the user asked in.`); + } + + if (scopes.length === 0 || (scopes.length === 1 && scopes[0] === 'all')) { + functions.registerInstruction( + `You are a helpful assistant for Elasticsearch. Your goal is to help Elasticsearch users accomplish tasks using Kibana and Elasticsearch. You can help them construct queries, index data, search data, use Elasticsearch APIs, generate sample data, visualise and analyze data. + + It's very important to not assume what the user means. Ask them for clarification if needed. If you are unsure about which function should be used and with what arguments, ask the user for clarification or confirmation. @@ -50,63 +77,56 @@ export const registerFunctions: RegistrationCallback = async ({ You can use Github-flavored Markdown in your responses. If a function returns an array, consider using a Markdown table to format the response. - Note that ES|QL (the Elasticsearch Query Language which is a new piped language) is the preferred query language. - If you want to call a function or tool, only call it a single time per message. Wait until the function has been executed and its results returned to you, before executing the same tool or another tool again if needed. - DO NOT UNDER ANY CIRCUMSTANCES USE ES|QL syntax (\`service.name == "foo"\`) with "kqlFilter" (\`service.name:"foo"\`). - - The user is able to change the language which they want you to reply in on the settings page of the AI Assistant for Observability, which can be found in the ${ + The user is able to change the language which they want you to reply in on the settings page of the AI Assistant for Observability and Search, which can be found in the ${ isServerless ? `Project settings.` : `Stack Management app under the option AI Assistants` }. - If the user asks how to change the language, reply in the same language the user asked in.`, - scopes: ['observability'], - }); + If the user asks how to change the language, reply in the same language the user asked in.` + ); + } const { ready: isReady } = await client.getKnowledgeBaseStatus(); - functions.registerInstruction({ - instruction: ({ availableFunctionNames }) => { - const instructions: string[] = []; + functions.registerInstruction(({ availableFunctionNames }) => { + const instructions: string[] = []; - if ( - availableFunctionNames.includes(QUERY_FUNCTION_NAME) && - availableFunctionNames.includes(GET_DATASET_INFO_FUNCTION_NAME) - ) { - instructions.push(`You MUST use the "${GET_DATASET_INFO_FUNCTION_NAME}" ${ - functions.hasFunction('get_apm_dataset_info') ? 'or the get_apm_dataset_info' : '' - } function before calling the "${QUERY_FUNCTION_NAME}" or the "changes" functions. + if ( + availableFunctionNames.includes(QUERY_FUNCTION_NAME) && + availableFunctionNames.includes(GET_DATASET_INFO_FUNCTION_NAME) + ) { + instructions.push(`You MUST use the "${GET_DATASET_INFO_FUNCTION_NAME}" ${ + functions.hasFunction('get_apm_dataset_info') ? 'or the get_apm_dataset_info' : '' + } function before calling the "${QUERY_FUNCTION_NAME}" or the "changes" functions. If a function requires an index, you MUST use the results from the dataset info functions.`); - } + } - if (availableFunctionNames.includes(GET_DATA_ON_SCREEN_FUNCTION_NAME)) { - instructions.push(`You have access to data on the screen by calling the "${GET_DATA_ON_SCREEN_FUNCTION_NAME}" function. + if (availableFunctionNames.includes(GET_DATA_ON_SCREEN_FUNCTION_NAME)) { + instructions.push(`You have access to data on the screen by calling the "${GET_DATA_ON_SCREEN_FUNCTION_NAME}" function. Use it to help the user understand what they are looking at. A short summary of what they are looking at is available in the return of the "${CONTEXT_FUNCTION_NAME}" function. Data that is compact enough automatically gets included in the response for the "${CONTEXT_FUNCTION_NAME}" function.`); - } + } - if (isReady) { - if (availableFunctionNames.includes(SUMMARIZE_FUNCTION_NAME)) { - instructions.push(`You can use the "${SUMMARIZE_FUNCTION_NAME}" function to store new information you have learned in a knowledge database. + if (isReady) { + if (availableFunctionNames.includes(SUMMARIZE_FUNCTION_NAME)) { + instructions.push(`You can use the "${SUMMARIZE_FUNCTION_NAME}" function to store new information you have learned in a knowledge database. Only use this function when the user asks for it. All summaries MUST be created in English, even if the conversation was carried out in a different language.`); - } - - if (availableFunctionNames.includes(CONTEXT_FUNCTION_NAME)) { - instructions.push( - `Additionally, you can use the "${CONTEXT_FUNCTION_NAME}" function to retrieve relevant information from the knowledge database.` - ); - } - } else { + } + + if (availableFunctionNames.includes(CONTEXT_FUNCTION_NAME)) { instructions.push( - `You do not have a working memory. If the user expects you to remember the previous conversations, tell them they can set up the knowledge base.` + `Additionally, you can use the "${CONTEXT_FUNCTION_NAME}" function to retrieve relevant information from the knowledge database.` ); } - return instructions.map((instruction) => dedent(instruction)); - }, - scopes: ['all'], + } else { + instructions.push( + `You do not have a working memory. If the user expects you to remember the previous conversations, tell them they can set up the knowledge base.` + ); + } + return instructions.map((instruction) => dedent(instruction)); }); if (isReady) { diff --git a/x-pack/plugins/observability_solution/observability_ai_assistant/server/functions/kibana.ts b/x-pack/plugins/observability_solution/observability_ai_assistant/server/functions/kibana.ts index f55a8ba432922a..f939e3a79799b3 100644 --- a/x-pack/plugins/observability_solution/observability_ai_assistant/server/functions/kibana.ts +++ b/x-pack/plugins/observability_solution/observability_ai_assistant/server/functions/kibana.ts @@ -95,7 +95,6 @@ export function registerKibanaFunction({ }).then((response) => { return { content: response.data }; }); - }, - ['all'] + } ); } diff --git a/x-pack/plugins/observability_solution/observability_ai_assistant/server/functions/summarize.ts b/x-pack/plugins/observability_solution/observability_ai_assistant/server/functions/summarize.ts index a4c34c5caa5a35..8865861d81f456 100644 --- a/x-pack/plugins/observability_solution/observability_ai_assistant/server/functions/summarize.ts +++ b/x-pack/plugins/observability_solution/observability_ai_assistant/server/functions/summarize.ts @@ -86,7 +86,6 @@ export function registerSummarizationFunction({ message: `The document has been stored`, }, })); - }, - ['observability'] + } ); } diff --git a/x-pack/plugins/observability_solution/observability_ai_assistant/server/routes/chat/route.ts b/x-pack/plugins/observability_solution/observability_ai_assistant/server/routes/chat/route.ts index 136cc68497563e..8bc88cca10b01d 100644 --- a/x-pack/plugins/observability_solution/observability_ai_assistant/server/routes/chat/route.ts +++ b/x-pack/plugins/observability_solution/observability_ai_assistant/server/routes/chat/route.ts @@ -61,7 +61,7 @@ const chatCompleteInternalRt = t.intersection([ t.type({ body: t.type({ screenContexts: t.array(screenContextRt), - scope: assistantScopeType, + scopes: t.array(assistantScopeType), }), }), ]); @@ -83,11 +83,11 @@ async function initializeChatRequest({ request, plugins: { cloud, actions }, params: { - body: { connectorId, scope }, + body: { connectorId, scopes }, }, service, }: ObservabilityAIAssistantRouteHandlerResources & { - params: { body: { connectorId: string; scope: AssistantScope } }; + params: { body: { connectorId: string; scopes: AssistantScope[] } }; }) { await withAssistantSpan('guard_against_invalid_connector', async () => { const actionsClient = await (await actions.start()).getActionsClientWithRequest(request); @@ -101,7 +101,7 @@ async function initializeChatRequest({ }); const [client, cloudStart, simulateFunctionCalling] = await Promise.all([ - service.getClient({ request, scope }), + service.getClient({ request, scopes }), cloud?.start(), (await context.core).uiSettings.client.get(aiAssistantSimulatedFunctionCalling), ]); @@ -136,7 +136,7 @@ const chatRoute = createObservabilityAIAssistantServerRoute({ messages: t.array(messageRt), connectorId: t.string, functions: t.array(functionRt), - scope: assistantScopeType, + scopes: t.array(assistantScopeType), }), t.partial({ functionCall: t.string, @@ -182,7 +182,7 @@ const chatRecallRoute = createObservabilityAIAssistantServerRoute({ prompt: t.string, context: t.string, connectorId: t.string, - scope: assistantScopeType, + scopes: t.array(assistantScopeType), }), }), handler: async (resources): Promise => { @@ -248,6 +248,7 @@ async function chatComplete( screenContexts, instructions, disableFunctions, + scopes, }, } = params; @@ -260,6 +261,7 @@ async function chatComplete( resources, client, screenContexts, + scopes, }); const response$ = client.complete({ @@ -310,7 +312,7 @@ const publicChatCompleteRoute = createObservabilityAIAssistantServerRoute({ params: { body: { ...restOfBody, - scope: 'observability', + scopes: ['observability'], screenContexts: [ { actions, diff --git a/x-pack/plugins/observability_solution/observability_ai_assistant/server/routes/functions/route.ts b/x-pack/plugins/observability_solution/observability_ai_assistant/server/routes/functions/route.ts index b31e33148454cc..8a61248d4e70ee 100644 --- a/x-pack/plugins/observability_solution/observability_ai_assistant/server/routes/functions/route.ts +++ b/x-pack/plugins/observability_solution/observability_ai_assistant/server/routes/functions/route.ts @@ -15,10 +15,10 @@ import { createObservabilityAIAssistantServerRoute } from '../create_observabili import { assistantScopeType } from '../runtime_types'; const getFunctionsRoute = createObservabilityAIAssistantServerRoute({ - endpoint: 'GET /internal/observability_ai_assistant/{scope}/functions', + endpoint: 'GET /internal/observability_ai_assistant/functions', params: t.type({ - path: t.type({ - scope: assistantScopeType, + query: t.partial({ + scopes: t.union([t.array(assistantScopeType), assistantScopeType]), }), }), options: { @@ -34,10 +34,12 @@ const getFunctionsRoute = createObservabilityAIAssistantServerRoute({ service, request, params: { - path: { scope }, + query: { scopes: inputScopes }, }, } = resources; + const scopes = inputScopes ? (Array.isArray(inputScopes) ? inputScopes : [inputScopes]) : []; + const controller = new AbortController(); request.events.aborted$.subscribe(() => { controller.abort(); @@ -51,19 +53,20 @@ const getFunctionsRoute = createObservabilityAIAssistantServerRoute({ resources, client, screenContexts: [], + scopes, }), // error is caught in client client.getKnowledgeBaseUserInstructions(), ]); - const functionDefinitions = functionClient.getFunctions({ scope }).map((fn) => fn.definition); + const functionDefinitions = functionClient.getFunctions().map((fn) => fn.definition); const availableFunctionNames = functionDefinitions.map((def) => def.name); return { functionDefinitions, systemMessage: getSystemMessageFromInstructions({ - applicationInstructions: functionClient.getInstructions(scope), + applicationInstructions: functionClient.getInstructions(), userInstructions, adHocInstructions: [], availableFunctionNames, diff --git a/x-pack/plugins/observability_solution/observability_ai_assistant/server/service/chat_function_client/index.test.ts b/x-pack/plugins/observability_solution/observability_ai_assistant/server/service/chat_function_client/index.test.ts index ea265c580b50fd..3d83c470de0c5a 100644 --- a/x-pack/plugins/observability_solution/observability_ai_assistant/server/service/chat_function_client/index.test.ts +++ b/x-pack/plugins/observability_solution/observability_ai_assistant/server/service/chat_function_client/index.test.ts @@ -34,8 +34,7 @@ describe('chatFunctionClient', () => { required: ['foo'], }, }, - respondFn, - ['all'] + respondFn ); }); diff --git a/x-pack/plugins/observability_solution/observability_ai_assistant/server/service/chat_function_client/index.ts b/x-pack/plugins/observability_solution/observability_ai_assistant/server/service/chat_function_client/index.ts index 4413e4fa8b6349..97def121e85932 100644 --- a/x-pack/plugins/observability_solution/observability_ai_assistant/server/service/chat_function_client/index.ts +++ b/x-pack/plugins/observability_solution/observability_ai_assistant/server/service/chat_function_client/index.ts @@ -9,7 +9,6 @@ import Ajv, { type ErrorObject, type ValidateFunction } from 'ajv'; import dedent from 'dedent'; import { compact, keyBy } from 'lodash'; -import { type AssistantScope, filterScopes } from '@kbn/ai-assistant-common'; import { FunctionVisibility, type FunctionResponse } from '../../../common/functions/types'; import type { Message, ObservabilityAIAssistantScreenContextRequest } from '../../../common/types'; import { filterFunctionDefinitions } from '../../../common/utils/filter_function_definitions'; @@ -18,7 +17,6 @@ import type { FunctionHandler, FunctionHandlerRegistry, InstructionOrCallback, - InstructionOrCallbackWithScopes, RegisterFunction, RegisterInstruction, } from '../types'; @@ -36,7 +34,7 @@ const ajv = new Ajv({ export const GET_DATA_ON_SCREEN_FUNCTION_NAME = 'get_data_on_screen'; export class ChatFunctionClient { - private readonly instructions: InstructionOrCallbackWithScopes[] = []; + private readonly instructions: InstructionOrCallback[] = []; private readonly functionRegistry: FunctionHandlerRegistry = new Map(); private readonly validators: Map = new Map(); @@ -75,8 +73,7 @@ export class ChatFunctionClient { return { content: allData.filter((data) => dataNames.includes(data.name)), }; - }, - ['all'] + } ); } @@ -87,11 +84,11 @@ export class ChatFunctionClient { }); } - registerFunction: RegisterFunction = (definition, respond, scopes) => { + registerFunction: RegisterFunction = (definition, respond) => { if (definition.parameters) { this.validators.set(definition.name, ajv.compile(definition.parameters)); } - this.functionRegistry.set(definition.name, { handler: { definition, respond }, scopes }); + this.functionRegistry.set(definition.name, { handler: { definition, respond } }); }; registerInstruction: RegisterInstruction = (instruction) => { @@ -110,8 +107,8 @@ export class ChatFunctionClient { } } - getInstructions(scope: AssistantScope): InstructionOrCallback[] { - return this.instructions.filter(filterScopes(scope)).map((i) => i.instruction); + getInstructions(): InstructionOrCallback[] { + return this.instructions; } hasAction(name: string) { @@ -120,14 +117,10 @@ export class ChatFunctionClient { getFunctions({ filter, - scope, }: { filter?: string; - scope?: AssistantScope; } = {}): FunctionHandler[] { - const allFunctions = Array.from(this.functionRegistry.values()) - .filter(filterScopes(scope)) - .map(({ handler }) => handler); + const allFunctions = Array.from(this.functionRegistry.values()).map(({ handler }) => handler); const functionsByName = keyBy(allFunctions, (definition) => definition.definition.name); diff --git a/x-pack/plugins/observability_solution/observability_ai_assistant/server/service/client/index.test.ts b/x-pack/plugins/observability_solution/observability_ai_assistant/server/service/client/index.test.ts index 5a7cf81a401223..0476bda1af8a2c 100644 --- a/x-pack/plugins/observability_solution/observability_ai_assistant/server/service/client/index.test.ts +++ b/x-pack/plugins/observability_solution/observability_ai_assistant/server/service/client/index.test.ts @@ -187,7 +187,7 @@ describe('Observability AI Assistant client', () => { user: { name: 'johndoe', }, - scope: 'all', + scopes: ['all'], }); } diff --git a/x-pack/plugins/observability_solution/observability_ai_assistant/server/service/client/index.ts b/x-pack/plugins/observability_solution/observability_ai_assistant/server/service/client/index.ts index 4eb0e54f9febec..19a3dd827107b0 100644 --- a/x-pack/plugins/observability_solution/observability_ai_assistant/server/service/client/index.ts +++ b/x-pack/plugins/observability_solution/observability_ai_assistant/server/service/client/index.ts @@ -101,7 +101,7 @@ export class ObservabilityAIAssistantClient { name: string; }; knowledgeBaseService: KnowledgeBaseService; - scope: AssistantScope; + scopes: AssistantScope[]; } ) {} @@ -217,11 +217,11 @@ export class ObservabilityAIAssistantClient { // this is what we eventually store in the conversation const messagesWithUpdatedSystemMessage = replaceSystemMessage( getSystemMessageFromInstructions({ - applicationInstructions: functionClient.getInstructions(this.dependencies.scope), + applicationInstructions: functionClient.getInstructions(), userInstructions, adHocInstructions, availableFunctionNames: functionClient - .getFunctions({ scope: this.dependencies.scope }) + .getFunctions() .map((fn) => fn.definition.name), }), initialMessages @@ -301,7 +301,6 @@ export class ObservabilityAIAssistantClient { disableFunctions, tracer: completeTracer, connectorId, - scope: this.dependencies.scope, useSimulatedFunctionCalling: simulateFunctionCalling === true, }) ); diff --git a/x-pack/plugins/observability_solution/observability_ai_assistant/server/service/client/operators/continue_conversation.ts b/x-pack/plugins/observability_solution/observability_ai_assistant/server/service/client/operators/continue_conversation.ts index 7ebd9d66bf30f1..66204c96f31cb1 100644 --- a/x-pack/plugins/observability_solution/observability_ai_assistant/server/service/client/operators/continue_conversation.ts +++ b/x-pack/plugins/observability_solution/observability_ai_assistant/server/service/client/operators/continue_conversation.ts @@ -21,7 +21,6 @@ import { switchMap, throwError, } from 'rxjs'; -import type { AssistantScope } from '@kbn/ai-assistant-common'; import { CONTEXT_FUNCTION_NAME } from '../../../functions/context'; import { createFunctionNotFoundError, Message, MessageRole } from '../../../../common'; import { @@ -138,7 +137,6 @@ function getFunctionDefinitions({ functionClient, functionLimitExceeded, disableFunctions, - scope, }: { functionClient: ChatFunctionClient; functionLimitExceeded: boolean; @@ -147,14 +145,13 @@ function getFunctionDefinitions({ | { except: string[]; }; - scope: AssistantScope; }) { if (functionLimitExceeded || disableFunctions === true) { return []; } let systemFunctions = functionClient - .getFunctions({ scope }) + .getFunctions() .map((fn) => fn.definition) .filter( (def) => @@ -187,7 +184,6 @@ export function continueConversation({ disableFunctions, tracer, connectorId, - scope, useSimulatedFunctionCalling, }: { messages: Message[]; @@ -205,7 +201,6 @@ export function continueConversation({ }; tracer: LangTracer; connectorId: string; - scope: AssistantScope; useSimulatedFunctionCalling: boolean; }): Observable { let nextFunctionCallsLeft = functionCallsLeft; @@ -216,12 +211,11 @@ export function continueConversation({ functionLimitExceeded, functionClient, disableFunctions, - scope, }); const messagesWithUpdatedSystemMessage = replaceSystemMessage( getSystemMessageFromInstructions({ - applicationInstructions: functionClient.getInstructions(scope), + applicationInstructions: functionClient.getInstructions(), userInstructions, adHocInstructions, availableFunctionNames: definitions.map((def) => def.name), @@ -350,7 +344,6 @@ export function continueConversation({ disableFunctions, tracer, connectorId, - scope, useSimulatedFunctionCalling, }); }) diff --git a/x-pack/plugins/observability_solution/observability_ai_assistant/server/service/index.ts b/x-pack/plugins/observability_solution/observability_ai_assistant/server/service/index.ts index f203dcc350bfdf..63e2ee240927cc 100644 --- a/x-pack/plugins/observability_solution/observability_ai_assistant/server/service/index.ts +++ b/x-pack/plugins/observability_solution/observability_ai_assistant/server/service/index.ts @@ -249,10 +249,10 @@ export class ObservabilityAIAssistantService { async getClient({ request, - scope, + scopes, }: { request: KibanaRequest; - scope?: AssistantScope; + scopes?: AssistantScope[]; }): Promise { const controller = new AbortController(); @@ -291,7 +291,7 @@ export class ObservabilityAIAssistantService { } : undefined, knowledgeBaseService: this.kbService!, - scope: scope || 'all', + scopes: scopes || ['all'], }); } @@ -300,11 +300,13 @@ export class ObservabilityAIAssistantService { signal, resources, client, + scopes, }: { screenContexts: ObservabilityAIAssistantScreenContextRequest[]; signal: AbortSignal; resources: RespondFunctionResources; client: ObservabilityAIAssistantClient; + scopes: AssistantScope[]; }): Promise { const fnClient = new ChatFunctionClient(screenContexts); @@ -313,6 +315,7 @@ export class ObservabilityAIAssistantService { functions: fnClient, resources, client, + scopes, }; await Promise.all( diff --git a/x-pack/plugins/observability_solution/observability_ai_assistant/server/service/types.ts b/x-pack/plugins/observability_solution/observability_ai_assistant/server/service/types.ts index 4857189f2d1561..b00da8d6518fa8 100644 --- a/x-pack/plugins/observability_solution/observability_ai_assistant/server/service/types.ts +++ b/x-pack/plugins/observability_solution/observability_ai_assistant/server/service/types.ts @@ -68,18 +68,13 @@ export interface FunctionHandler { export type InstructionOrCallback = InstructionOrPlainText | RegisterInstructionCallback; -export interface InstructionOrCallbackWithScopes { - instruction: InstructionOrCallback; - scopes: AssistantScope[]; -} - export type RegisterInstructionCallback = ({ availableFunctionNames, }: { availableFunctionNames: string[]; }) => InstructionOrPlainText | InstructionOrPlainText[] | undefined; -export type RegisterInstruction = (...instruction: InstructionOrCallbackWithScopes[]) => void; +export type RegisterInstruction = (...instruction: InstructionOrCallback[]) => void; export type RegisterFunction = < TParameters extends CompatibleJSONSchema = any, @@ -87,17 +82,14 @@ export type RegisterFunction = < TArguments = FromSchema >( definition: FunctionDefinition, - respond: RespondFunction, - scopes: AssistantScope[] + respond: RespondFunction ) => void; -export type FunctionHandlerRegistry = Map< - string, - { handler: FunctionHandler; scopes: AssistantScope[] } ->; +export type FunctionHandlerRegistry = Map; export type RegistrationCallback = ({}: { signal: AbortSignal; resources: RespondFunctionResources; client: ObservabilityAIAssistantClient; functions: ChatFunctionClient; + scopes: AssistantScope[]; }) => Promise; diff --git a/x-pack/plugins/observability_solution/observability_ai_assistant/tsconfig.json b/x-pack/plugins/observability_solution/observability_ai_assistant/tsconfig.json index 63105b2a86c590..7c2f2212ee9464 100644 --- a/x-pack/plugins/observability_solution/observability_ai_assistant/tsconfig.json +++ b/x-pack/plugins/observability_solution/observability_ai_assistant/tsconfig.json @@ -46,7 +46,7 @@ "@kbn/core-ui-settings-server", "@kbn/inference-plugin", "@kbn/management-settings-ids", - "@kbn/ai-assistant-common" + "@kbn/ai-assistant-common", ], "exclude": ["target/**/*"] } diff --git a/x-pack/plugins/observability_solution/observability_ai_assistant_app/public/hooks/use_nav_control_scope.ts b/x-pack/plugins/observability_solution/observability_ai_assistant_app/public/hooks/use_nav_control_scope.ts index 39080adc47d48e..157fccfb8a1f2f 100644 --- a/x-pack/plugins/observability_solution/observability_ai_assistant_app/public/hooks/use_nav_control_scope.ts +++ b/x-pack/plugins/observability_solution/observability_ai_assistant_app/public/hooks/use_nav_control_scope.ts @@ -10,11 +10,12 @@ import { useAIAssistantAppService } from '@kbn/ai-assistant'; import { AssistantScope } from '@kbn/ai-assistant-common'; import { useObservable } from 'react-use/lib'; import { DEFAULT_APP_CATEGORIES } from '@kbn/core/public'; +import { isEqual } from 'lodash'; import { useKibana } from './use_kibana'; -const scopeUrlLookup: Record = { - [DEFAULT_APP_CATEGORIES.observability.id]: 'observability', - [DEFAULT_APP_CATEGORIES.enterpriseSearch.id]: 'search', +const scopeUrlLookup: Record = { + [DEFAULT_APP_CATEGORIES.observability.id]: ['observability'], + [DEFAULT_APP_CATEGORIES.enterpriseSearch.id]: ['search'], }; export function useNavControlScope() { @@ -31,11 +32,9 @@ export function useNavControlScope() { const currentCategoryId = (currentApplication && applications?.get(currentApplication)?.category?.id) || DEFAULT_APP_CATEGORIES.kibana.id; - const newScope = Object.entries(scopeUrlLookup).find( - ([categoryId]) => categoryId === currentCategoryId - )?.[1]; - if (newScope && newScope !== service.getScope()) { - service.setScope(newScope); + const newScopes = scopeUrlLookup[currentCategoryId]; + if (newScopes?.length && !isEqual(service.getScopes(), newScopes)) { + service.setScopes(newScopes); } }, [applications, currentApplication, service]); } diff --git a/x-pack/plugins/observability_solution/observability_ai_assistant_app/public/routes/conversations/conversation_view_with_props.tsx b/x-pack/plugins/observability_solution/observability_ai_assistant_app/public/routes/conversations/conversation_view_with_props.tsx index c57b8e2c66c71f..2d28ee0adbaa6d 100644 --- a/x-pack/plugins/observability_solution/observability_ai_assistant_app/public/routes/conversations/conversation_view_with_props.tsx +++ b/x-pack/plugins/observability_solution/observability_ai_assistant_app/public/routes/conversations/conversation_view_with_props.tsx @@ -38,6 +38,7 @@ export function ConversationViewWithProps() { }, }) } + scopes={['observability']} /> ); } diff --git a/x-pack/plugins/observability_solution/observability_ai_assistant_app/scripts/evaluation/evaluation.ts b/x-pack/plugins/observability_solution/observability_ai_assistant_app/scripts/evaluation/evaluation.ts index 030994fa44acfc..a01b276c37bdfe 100644 --- a/x-pack/plugins/observability_solution/observability_ai_assistant_app/scripts/evaluation/evaluation.ts +++ b/x-pack/plugins/observability_solution/observability_ai_assistant_app/scripts/evaluation/evaluation.ts @@ -100,7 +100,7 @@ function runEvaluations() { evaluationConnectorId: evaluationConnector.id!, persist: argv.persist, suite: mocha.suite, - scope: 'all', + scopes: ['all'], }); const header: string[][] = [ diff --git a/x-pack/plugins/observability_solution/observability_ai_assistant_app/scripts/evaluation/kibana_client.ts b/x-pack/plugins/observability_solution/observability_ai_assistant_app/scripts/evaluation/kibana_client.ts index cc1500168e3685..f3b5ca357231b7 100644 --- a/x-pack/plugins/observability_solution/observability_ai_assistant_app/scripts/evaluation/kibana_client.ts +++ b/x-pack/plugins/observability_solution/observability_ai_assistant_app/scripts/evaluation/kibana_client.ts @@ -239,13 +239,13 @@ export class KibanaClient { evaluationConnectorId, persist, suite, - scope, + scopes, }: { connectorId: string; evaluationConnectorId: string; persist: boolean; suite?: Mocha.Suite; - scope: AssistantScope; + scopes: AssistantScope[]; }): ChatClient { function getMessages(message: string | Array): Array { if (typeof message === 'string') { @@ -373,7 +373,7 @@ export class KibanaClient { connectorId: connectorIdOverride || connectorId, functions: functions.map((fn) => pick(fn, 'name', 'description', 'parameters')), functionCall, - scope, + scopes, }; return that.axios.post( @@ -463,7 +463,7 @@ export class KibanaClient { connectorId, persist, title: currentTitle, - scope, + scopes, }, { responseType: 'stream', timeout: NaN } ) diff --git a/x-pack/plugins/observability_solution/observability_ai_assistant_app/server/functions/alerts.ts b/x-pack/plugins/observability_solution/observability_ai_assistant_app/server/functions/alerts.ts index 1d0056fa2f66c8..682f2e2a4b19b4 100644 --- a/x-pack/plugins/observability_solution/observability_ai_assistant_app/server/functions/alerts.ts +++ b/x-pack/plugins/observability_solution/observability_ai_assistant_app/server/functions/alerts.ts @@ -74,154 +74,155 @@ export function registerAlertsFunction({ functions, resources, pluginsStart, + scopes, }: FunctionRegistrationParameters) { - functions.registerFunction( - { - name: 'get_alerts_dataset_info', - visibility: FunctionVisibility.AssistantOnly, - description: `Use this function to get information about alerts data.`, - parameters: { - type: 'object', - properties: { - start: { - type: 'string', - description: - 'The start of the current time range, in datemath, like now-24h or an ISO timestamp', + if (scopes.includes('observability')) { + functions.registerFunction( + { + name: 'get_alerts_dataset_info', + visibility: FunctionVisibility.AssistantOnly, + description: `Use this function to get information about alerts data.`, + parameters: { + type: 'object', + properties: { + start: { + type: 'string', + description: + 'The start of the current time range, in datemath, like now-24h or an ISO timestamp', + }, + end: { + type: 'string', + description: + 'The end of the current time range, in datemath, like now-24h or an ISO timestamp', + }, }, - end: { - type: 'string', - description: - 'The end of the current time range, in datemath, like now-24h or an ISO timestamp', - }, - }, - } as const, - }, - async ( - { arguments: { start, end }, chat, messages }, - signal - ): Promise<{ - content: { - fields: string[]; - }; - }> => { - const core = await resources.context.core; + } as const, + }, + async ( + { arguments: { start, end }, chat, messages }, + signal + ): Promise<{ + content: { + fields: string[]; + }; + }> => { + const core = await resources.context.core; - const { fields } = await getRelevantFieldNames({ - index: `.alerts-observability*`, - messages, - esClient: core.elasticsearch.client.asInternalUser, - dataViews: await resources.plugins.dataViews.start(), - savedObjectsClient: core.savedObjects.client, - signal, - chat: ( - operationName, - { messages: nextMessages, functionCall, functions: nextFunctions } - ) => { - return chat(operationName, { - messages: nextMessages, - functionCall, - functions: nextFunctions, - signal, - }); - }, - }); + const { fields } = await getRelevantFieldNames({ + index: `.alerts-observability*`, + messages, + esClient: core.elasticsearch.client.asInternalUser, + dataViews: await resources.plugins.dataViews.start(), + savedObjectsClient: core.savedObjects.client, + signal, + chat: ( + operationName, + { messages: nextMessages, functionCall, functions: nextFunctions } + ) => { + return chat(operationName, { + messages: nextMessages, + functionCall, + functions: nextFunctions, + signal, + }); + }, + }); - return { - content: { - fields: fields.length === 0 ? defaultFields : fields, - }, - }; - }, - ['observability'] - ); + return { + content: { + fields: fields.length === 0 ? defaultFields : fields, + }, + }; + } + ); - functions.registerFunction( - { - name: 'alerts', - description: `Get alerts for Observability. Make sure get_alerts_dataset_info was called before. + functions.registerFunction( + { + name: 'alerts', + description: `Get alerts for Observability. Make sure get_alerts_dataset_info was called before. Use this to get open (and optionally recovered) alerts for Observability assets, like services, hosts or containers. Display the response in tabular format if appropriate. `, - descriptionForUser: 'Get alerts for Observability', - parameters: { - type: 'object', - properties: { - start: { - type: 'string', - description: 'The start of the time range, in Elasticsearch date math, like `now`.', - }, - end: { - type: 'string', - description: 'The end of the time range, in Elasticsearch date math, like `now-24h`.', + descriptionForUser: 'Get alerts for Observability', + parameters: { + type: 'object', + properties: { + start: { + type: 'string', + description: 'The start of the time range, in Elasticsearch date math, like `now`.', + }, + end: { + type: 'string', + description: 'The end of the time range, in Elasticsearch date math, like `now-24h`.', + }, + kqlFilter: { + type: 'string', + description: `Filter alerts by field:value pairs`, + }, + includeRecovered: { + type: 'boolean', + description: + 'Whether to include recovered/closed alerts. Defaults to false, which means only active alerts will be returned', + }, }, - kqlFilter: { - type: 'string', - description: `Filter alerts by field:value pairs`, - }, - includeRecovered: { - type: 'boolean', - description: - 'Whether to include recovered/closed alerts. Defaults to false, which means only active alerts will be returned', - }, - }, - required: ['start', 'end'], - } as const, - }, - async ( - { arguments: { start: startAsDatemath, end: endAsDatemath, filter, includeRecovered } }, - signal - ) => { - const alertsClient = await pluginsStart.ruleRegistry.getRacClientWithRequest( - resources.request as KibanaRequest - ); + required: ['start', 'end'], + } as const, + }, + async ( + { arguments: { start: startAsDatemath, end: endAsDatemath, filter, includeRecovered } }, + signal + ) => { + const alertsClient = await pluginsStart.ruleRegistry.getRacClientWithRequest( + resources.request as KibanaRequest + ); - const start = datemath.parse(startAsDatemath)!.valueOf(); - const end = datemath.parse(endAsDatemath)!.valueOf(); + const start = datemath.parse(startAsDatemath)!.valueOf(); + const end = datemath.parse(endAsDatemath)!.valueOf(); - const kqlQuery = !filter ? [] : [toElasticsearchQuery(fromKueryExpression(filter))]; + const kqlQuery = !filter ? [] : [toElasticsearchQuery(fromKueryExpression(filter))]; - const response = await alertsClient.find({ - featureIds: DEFAULT_FEATURE_IDS as unknown as string[], - query: { - bool: { - filter: [ - { - range: { - '@timestamp': { - gte: start, - lte: end, + const response = await alertsClient.find({ + featureIds: DEFAULT_FEATURE_IDS as unknown as string[], + query: { + bool: { + filter: [ + { + range: { + '@timestamp': { + gte: start, + lte: end, + }, }, }, - }, - ...kqlQuery, - ...(!includeRecovered - ? [ - { - term: { - [ALERT_STATUS]: ALERT_STATUS_ACTIVE, + ...kqlQuery, + ...(!includeRecovered + ? [ + { + term: { + [ALERT_STATUS]: ALERT_STATUS_ACTIVE, + }, }, - }, - ] - : []), - ], + ] + : []), + ], + }, }, - }, - size: 10, - }); + size: 10, + }); - // trim some fields - const alerts = response.hits.hits.map((hit) => - omit(hit._source, ...OMITTED_ALERT_FIELDS) - ) as unknown as ParsedTechnicalFields[]; + // trim some fields + const alerts = response.hits.hits.map((hit) => + omit(hit._source, ...OMITTED_ALERT_FIELDS) + ) as unknown as ParsedTechnicalFields[]; - return { - content: { - total: (response.hits as { total: { value: number } }).total.value, - alerts, - }, - }; - }, - ['observability'] - ); + return { + content: { + total: (response.hits as { total: { value: number } }).total.value, + alerts, + }, + }; + } + ); + } } diff --git a/x-pack/plugins/observability_solution/observability_ai_assistant_app/server/functions/changes/index.ts b/x-pack/plugins/observability_solution/observability_ai_assistant_app/server/functions/changes/index.ts index 71872782e27b0d..cc712b7bb9b4f0 100644 --- a/x-pack/plugins/observability_solution/observability_ai_assistant_app/server/functions/changes/index.ts +++ b/x-pack/plugins/observability_solution/observability_ai_assistant_app/server/functions/changes/index.ts @@ -25,131 +25,133 @@ export function registerChangesFunction({ context: { core: corePromise }, }, pluginsStart, + scopes, }: FunctionRegistrationParameters) { - functions.registerFunction( - { - name: CHANGES_FUNCTION_NAME, - description: 'Returns change points like spikes and dips for logs and metrics.', - parameters: changesFunctionParameters, - }, - async ({ - arguments: { start, end, logs = [], metrics = [] }, - }): Promise => { - if (logs.length === 0 && metrics.length === 0) { - throw new Error('No metrics or logs were defined'); - } + if (scopes.includes('observability')) { + functions.registerFunction( + { + name: CHANGES_FUNCTION_NAME, + description: 'Returns change points like spikes and dips for logs and metrics.', + parameters: changesFunctionParameters, + }, + async ({ + arguments: { start, end, logs = [], metrics = [] }, + }): Promise => { + if (logs.length === 0 && metrics.length === 0) { + throw new Error('No metrics or logs were defined'); + } - const core = await corePromise; + const core = await corePromise; - const logSourcesService = - await pluginsStart.logsDataAccess.services.logSourcesServiceFactory.getLogSourcesService( - core.savedObjects.client - ); - const logsIndexPattern = await logSourcesService.getFlattenedLogSources(); + const logSourcesService = + await pluginsStart.logsDataAccess.services.logSourcesServiceFactory.getLogSourcesService( + core.savedObjects.client + ); + const logsIndexPattern = await logSourcesService.getFlattenedLogSources(); - const client = createElasticsearchClient({ - client: core.elasticsearch.client.asCurrentUser, - logger, - inspect: logger.isLevelEnabled('debug'), - }); + const client = createElasticsearchClient({ + client: core.elasticsearch.client.asCurrentUser, + logger, + inspect: logger.isLevelEnabled('debug'), + }); - const commonFilters = [ - { - range: { - '@timestamp': { - gte: start, - lt: end, + const commonFilters = [ + { + range: { + '@timestamp': { + gte: start, + lt: end, + }, }, }, - }, - ]; + ]; - const dateHistogram: AggregationsAutoDateHistogramAggregation = { - field: '@timestamp', - buckets: 100, - }; + const dateHistogram: AggregationsAutoDateHistogramAggregation = { + field: '@timestamp', + buckets: 100, + }; - const [metricChanges, logChanges] = await Promise.all([ - Promise.all([ - ...metrics.map(async (metric) => { - const changes = await getMetricChanges({ - index: metric.index, - client, - filters: [ - ...commonFilters, - ...(metric.kqlFilter - ? [toElasticsearchQuery(fromKueryExpression(metric.kqlFilter))] - : []), - ], - groupBy: metric.groupBy ?? [], - type: metric.type || 'count', - field: metric.field, - dateHistogram, - }); + const [metricChanges, logChanges] = await Promise.all([ + Promise.all([ + ...metrics.map(async (metric) => { + const changes = await getMetricChanges({ + index: metric.index, + client, + filters: [ + ...commonFilters, + ...(metric.kqlFilter + ? [toElasticsearchQuery(fromKueryExpression(metric.kqlFilter))] + : []), + ], + groupBy: metric.groupBy ?? [], + type: metric.type || 'count', + field: metric.field, + dateHistogram, + }); - return changes.map((change) => ({ - name: metric.name, - ...change, - })); - }), - ]), - Promise.all([ - ...logs.map(async (log) => { - const changes = await getLogChanges({ - index: log.index || logsIndexPattern, - client, - filters: [ - ...commonFilters, - ...(log.kqlFilter - ? [toElasticsearchQuery(fromKueryExpression(log.kqlFilter))] - : []), - ], - field: log.field ?? 'message', - dateHistogram, - }); - return changes.map((change) => ({ - name: log.name, - ...change, - })); - }), - ]), - ]); + return changes.map((change) => ({ + name: metric.name, + ...change, + })); + }), + ]), + Promise.all([ + ...logs.map(async (log) => { + const changes = await getLogChanges({ + index: log.index || logsIndexPattern, + client, + filters: [ + ...commonFilters, + ...(log.kqlFilter + ? [toElasticsearchQuery(fromKueryExpression(log.kqlFilter))] + : []), + ], + field: log.field ?? 'message', + dateHistogram, + }); + return changes.map((change) => ({ + name: log.name, + ...change, + })); + }), + ]), + ]); - const allMetricChanges = orderBy(metricChanges.flat(), [ - (item) => ('p_value' in item.changes ? item.changes.p_value : Number.POSITIVE_INFINITY), - ]).slice(0, 25); + const allMetricChanges = orderBy(metricChanges.flat(), [ + (item) => ('p_value' in item.changes ? item.changes.p_value : Number.POSITIVE_INFINITY), + ]).slice(0, 25); - const allMetricChangesWithoutTimeseries = allMetricChanges.flat().map((metricChange) => { - return omit(metricChange, 'over_time'); - }); + const allMetricChangesWithoutTimeseries = allMetricChanges.flat().map((metricChange) => { + return omit(metricChange, 'over_time'); + }); - const allLogChanges = orderBy(logChanges.flat(), [ - (item) => ('p_value' in item.changes ? item.changes.p_value : Number.POSITIVE_INFINITY), - ]).slice(0, 25); + const allLogChanges = orderBy(logChanges.flat(), [ + (item) => ('p_value' in item.changes ? item.changes.p_value : Number.POSITIVE_INFINITY), + ]).slice(0, 25); - const allLogChangesWithoutTimeseries = allLogChanges.flat().map((logChange) => { - return omit(logChange, 'over_time'); - }); + const allLogChangesWithoutTimeseries = allLogChanges.flat().map((logChange) => { + return omit(logChange, 'over_time'); + }); - return { - content: { - description: `For each item, the user can see the type of change, the impact, the timestamp, the trend, and the label. + return { + content: { + description: `For each item, the user can see the type of change, the impact, the timestamp, the trend, and the label. Do not regurgitate these results back to the user. Instead, focus on the interesting changes, mention possible correlations or root causes, and suggest next steps to the user. "indeterminate" means that the system could not detect any changes.`, - changes: { - metrics: allMetricChangesWithoutTimeseries, - logs: allLogChangesWithoutTimeseries, + changes: { + metrics: allMetricChangesWithoutTimeseries, + logs: allLogChangesWithoutTimeseries, + }, }, - }, - data: { - changes: { - metrics: allMetricChanges, - logs: allLogChanges, + data: { + changes: { + metrics: allMetricChanges, + logs: allLogChanges, + }, }, - }, - }; - }, - ['observability'] - ); + }; + } + ); + } } diff --git a/x-pack/plugins/observability_solution/observability_ai_assistant_app/server/functions/lens.ts b/x-pack/plugins/observability_solution/observability_ai_assistant_app/server/functions/lens.ts index bb07d701f1708f..dbae57c08c9e2f 100644 --- a/x-pack/plugins/observability_solution/observability_ai_assistant_app/server/functions/lens.ts +++ b/x-pack/plugins/observability_solution/observability_ai_assistant_app/server/functions/lens.ts @@ -8,13 +8,9 @@ import type { ChatFunctionClient } from '@kbn/observability-ai-assistant-plugin/ import { lensFunctionDefinition } from '../../common/functions/lens'; export function registerLensFunction({ functions }: { functions: ChatFunctionClient }) { - functions.registerFunction( - lensFunctionDefinition, - async () => { - return { - content: {}, - }; - }, - ['all'] - ); + functions.registerFunction(lensFunctionDefinition, async () => { + return { + content: {}, + }; + }); } diff --git a/x-pack/plugins/observability_solution/observability_ai_assistant_app/server/functions/query/index.ts b/x-pack/plugins/observability_solution/observability_ai_assistant_app/server/functions/query/index.ts index 8f7eb7b6b4e1f5..3643c543652480 100644 --- a/x-pack/plugins/observability_solution/observability_ai_assistant_app/server/functions/query/index.ts +++ b/x-pack/plugins/observability_solution/observability_ai_assistant_app/server/functions/query/index.ts @@ -53,7 +53,7 @@ export function registerQueryFunction({ When the "visualize_query" function has been called, a visualization has been displayed to the user. DO NOT UNDER ANY CIRCUMSTANCES follow up a "visualize_query" function call with your own visualization attempt. If the "${EXECUTE_QUERY_NAME}" function has been called, summarize these results for the user. The user does not see a visualization in this case.` : undefined; - functions.registerInstruction({ instruction, scopes: ['all'] }); + functions.registerInstruction(instruction); functions.registerFunction( { @@ -103,8 +103,7 @@ export function registerQueryFunction({ rows, }, }; - }, - ['all'] + } ); functions.registerFunction( { @@ -188,7 +187,6 @@ export function registerQueryFunction({ return messageAddEvent; }) ); - }, - ['all'] + } ); } diff --git a/x-pack/plugins/observability_solution/observability_ai_assistant_app/server/functions/visualize_esql.ts b/x-pack/plugins/observability_solution/observability_ai_assistant_app/server/functions/visualize_esql.ts index bda75eafc9adeb..4eeba0450e6e4e 100644 --- a/x-pack/plugins/observability_solution/observability_ai_assistant_app/server/functions/visualize_esql.ts +++ b/x-pack/plugins/observability_solution/observability_ai_assistant_app/server/functions/visualize_esql.ts @@ -61,7 +61,6 @@ export function registerVisualizeESQLFunction({ ], }, }; - }, - ['all'] + } ); } diff --git a/x-pack/plugins/observability_solution/observability_ai_assistant_app/server/rule_connector/index.ts b/x-pack/plugins/observability_solution/observability_ai_assistant_app/server/rule_connector/index.ts index d99e822484b679..19f1408275e1ff 100644 --- a/x-pack/plugins/observability_solution/observability_ai_assistant_app/server/rule_connector/index.ts +++ b/x-pack/plugins/observability_solution/observability_ai_assistant_app/server/rule_connector/index.ts @@ -154,12 +154,13 @@ async function executor( } const resources = await initResources(request); - const client = await resources.service.getClient({ request, scope: 'observability' }); + const client = await resources.service.getClient({ request, scopes: ['observability'] }); const functionClient = await resources.service.getFunctionClient({ signal: new AbortController().signal, resources, client, screenContexts: [], + scopes: ['observability'], }); const actionsClient = await ( await resources.plugins.actions.start() @@ -227,7 +228,7 @@ If available, include the link of the conversation at the end of your answer.` role: MessageRole.System, content: getSystemMessageFromInstructions({ availableFunctionNames: functionClient.getFunctions().map((fn) => fn.definition.name), - applicationInstructions: functionClient.getInstructions('observability'), + applicationInstructions: functionClient.getInstructions(), userInstructions: [], adHocInstructions: [], }), diff --git a/x-pack/plugins/observability_solution/observability_ai_assistant_management/README.md b/x-pack/plugins/observability_solution/observability_ai_assistant_management/README.md index 43e09378c72883..39d0973b1a1f01 100644 --- a/x-pack/plugins/observability_solution/observability_ai_assistant_management/README.md +++ b/x-pack/plugins/observability_solution/observability_ai_assistant_management/README.md @@ -1,3 +1,3 @@ # `observabilityAiAssistantManagement` plugin -The `observabilityAiAssistantManagement` plugin manages the `Ai Assistant for Observability` management section. +The `observabilityAiAssistantManagement` plugin manages the `Ai Assistant for Observability and Search` management section. diff --git a/x-pack/plugins/observability_solution/observability_ai_assistant_management/public/app.tsx b/x-pack/plugins/observability_solution/observability_ai_assistant_management/public/app.tsx index af8d41223e1d80..4522e00fb37d26 100644 --- a/x-pack/plugins/observability_solution/observability_ai_assistant_management/public/app.tsx +++ b/x-pack/plugins/observability_solution/observability_ai_assistant_management/public/app.tsx @@ -35,7 +35,7 @@ export const mountManagementSection = async ({ core, mountParams }: MountParams) coreStart.chrome.docTitle.change( i18n.translate('xpack.observabilityAiAssistantManagement.app.titleBar', { - defaultMessage: 'AI Assistant for Observability Settings', + defaultMessage: 'AI Assistant for Observability and Search Settings', }) ); diff --git a/x-pack/plugins/observability_solution/observability_ai_assistant_management/public/plugin.ts b/x-pack/plugins/observability_solution/observability_ai_assistant_management/public/plugin.ts index 53da619c7ad1cc..e2e69ef5600cf9 100644 --- a/x-pack/plugins/observability_solution/observability_ai_assistant_management/public/plugin.ts +++ b/x-pack/plugins/observability_solution/observability_ai_assistant_management/public/plugin.ts @@ -49,7 +49,7 @@ export class AiAssistantManagementObservabilityPlugin { home, management, observabilityAIAssistant }: SetupDependencies ): AiAssistantManagementObservabilityPluginSetup { const title = i18n.translate('xpack.observabilityAiAssistantManagement.app.title', { - defaultMessage: 'AI Assistant for Observability', + defaultMessage: 'AI Assistant for Observability and Search', }); if (home) { @@ -57,7 +57,7 @@ export class AiAssistantManagementObservabilityPlugin id: 'ai_assistant_observability', title, description: i18n.translate('xpack.observabilityAiAssistantManagement.app.description', { - defaultMessage: 'Manage your AI Assistant for Observability.', + defaultMessage: 'Manage your AI Assistant for Observability and Search.', }), icon: 'sparkles', path: '/app/management/kibana/ai-assistant/observability', diff --git a/x-pack/plugins/observability_solution/observability_ai_assistant_management/public/routes/components/settings_page.tsx b/x-pack/plugins/observability_solution/observability_ai_assistant_management/public/routes/components/settings_page.tsx index c329e6de8e673b..075aaeb0aeb755 100644 --- a/x-pack/plugins/observability_solution/observability_ai_assistant_management/public/routes/components/settings_page.tsx +++ b/x-pack/plugins/observability_solution/observability_ai_assistant_management/public/routes/components/settings_page.tsx @@ -40,7 +40,7 @@ export function SettingsPage() { text: i18n.translate( 'xpack.observabilityAiAssistantManagement.breadcrumb.serverless.observability', { - defaultMessage: 'AI Assistant for Observability Settings', + defaultMessage: 'AI Assistant for Observability and Search Settings', } ), }, diff --git a/x-pack/plugins/observability_solution/observability_ai_assistant_management/public/routes/components/settings_tab/settings_tab.tsx b/x-pack/plugins/observability_solution/observability_ai_assistant_management/public/routes/components/settings_tab/settings_tab.tsx index 4ec17f34610e25..71b758f27f5808 100644 --- a/x-pack/plugins/observability_solution/observability_ai_assistant_management/public/routes/components/settings_tab/settings_tab.tsx +++ b/x-pack/plugins/observability_solution/observability_ai_assistant_management/public/routes/components/settings_tab/settings_tab.tsx @@ -85,7 +85,7 @@ export function SettingsTab() { 'xpack.observabilityAiAssistantManagement.settingsPage.euiDescribedFormGroup.inOrderToUseLabel', { defaultMessage: - 'In order to use the Observability AI Assistant you must set up a Generative AI connector.', + 'In order to use the AI Assistant you must set up a Generative AI connector.', } )} > diff --git a/x-pack/plugins/observability_solution/observability_ai_assistant_management/tsconfig.json b/x-pack/plugins/observability_solution/observability_ai_assistant_management/tsconfig.json index d8a03acbae61be..12148ec0147259 100644 --- a/x-pack/plugins/observability_solution/observability_ai_assistant_management/tsconfig.json +++ b/x-pack/plugins/observability_solution/observability_ai_assistant_management/tsconfig.json @@ -21,7 +21,7 @@ "@kbn/observability-shared-plugin", "@kbn/config-schema", "@kbn/core-ui-settings-common", - "@kbn/logs-data-access-plugin" + "@kbn/logs-data-access-plugin", ], "exclude": ["target/**/*"] } diff --git a/x-pack/plugins/observability_solution/observability_onboarding/public/application/onboarding_flow_form/use_custom_cards_for_category.tsx b/x-pack/plugins/observability_solution/observability_onboarding/public/application/onboarding_flow_form/use_custom_cards_for_category.tsx index a31f835bae4d05..eb359f6158030c 100644 --- a/x-pack/plugins/observability_solution/observability_onboarding/public/application/onboarding_flow_form/use_custom_cards_for_category.tsx +++ b/x-pack/plugins/observability_solution/observability_onboarding/public/application/onboarding_flow_form/use_custom_cards_for_category.tsx @@ -57,7 +57,7 @@ export function useCustomCardsForCategory( description: i18n.translate( 'xpack.observability_onboarding.useCustomCardsForCategory.autoDetectDescription', { - defaultMessage: 'Scan your host for log and metric files, auto-install integrations', + defaultMessage: 'Scan your host for log files, metrics, auto-install integrations', } ), extraLabelsBadges: [ @@ -191,6 +191,7 @@ export function useCustomCardsForCategory( version: '', integration: '', isQuickstart: true, + release: 'preview', }, ]; diff --git a/x-pack/plugins/observability_solution/observability_onboarding/public/application/pages/otel_kubernetes.tsx b/x-pack/plugins/observability_solution/observability_onboarding/public/application/pages/otel_kubernetes.tsx index c4fba1fd8ff0e4..8939a9fdf678e8 100644 --- a/x-pack/plugins/observability_solution/observability_onboarding/public/application/pages/otel_kubernetes.tsx +++ b/x-pack/plugins/observability_solution/observability_onboarding/public/application/pages/otel_kubernetes.tsx @@ -28,6 +28,7 @@ export const OtelKubernetesPage = () => ( defaultMessage: 'Unified Kubernetes observability with the OpenTelemetry Operator', } )} + isTechnicalPreview={true} /> } > diff --git a/x-pack/plugins/observability_solution/observability_onboarding/public/assets/auto_detect.sh b/x-pack/plugins/observability_solution/observability_onboarding/public/assets/auto_detect.sh index ebdcdeb0d81dce..c315ef483d9d67 100755 --- a/x-pack/plugins/observability_solution/observability_onboarding/public/assets/auto_detect.sh +++ b/x-pack/plugins/observability_solution/observability_onboarding/public/assets/auto_detect.sh @@ -105,6 +105,7 @@ elastic_agent_config_path="/opt/Elastic/Agent/elastic-agent.yml" elastic_agent_tmp_config_path="/tmp/elastic-agent-config.tar" integration_names=() integration_titles=() +config_files_with_password=() OS="$(uname)" ARCH="$(uname -m)" @@ -155,7 +156,7 @@ download_elastic_agent() { curl -L -O "$download_url" --silent --fail if [ "$?" -eq 0 ]; then - printf "\e[1;32m✓\e[0m %s\n" "Elastic Agent downloaded to $(pwd)/$elastic_agent_artifact_name.tar.gz" + printf "\e[32;1m✓\e[0m %s\n" "Elastic Agent downloaded to $(pwd)/$elastic_agent_artifact_name.tar.gz" update_step_progress "ea-download" "complete" else update_step_progress "ea-download" "danger" "Failed to download Elastic Agent, see script output for error." @@ -167,7 +168,7 @@ extract_elastic_agent() { tar -xzf "${elastic_agent_artifact_name}.tar.gz" if [ "$?" -eq 0 ]; then - printf "\e[1;32m✓\e[0m %s\n" "Archive extracted" + printf "\e[32;1m✓\e[0m %s\n" "Archive extracted" update_step_progress "ea-extract" "complete" else update_step_progress "ea-extract" "danger" "Failed to extract Elastic Agent, see script output for error." @@ -179,7 +180,7 @@ install_elastic_agent() { "./${elastic_agent_artifact_name}/elastic-agent" install -f -n >/dev/null if [ "$?" -eq 0 ]; then - printf "\e[1;32m✓\e[0m %s\n" "Elastic Agent installed to $(dirname "$elastic_agent_config_path")" + printf "\e[32;1m✓\e[0m %s\n" "Elastic Agent installed to $(dirname "$elastic_agent_config_path")" update_step_progress "ea-install" "complete" else update_step_progress "ea-install" "danger" "Failed to install Elastic Agent, see script output for error." @@ -224,7 +225,7 @@ ensure_elastic_agent_healthy() { backup_elastic_agent_config() { if [ -f "$elastic_agent_config_path" ]; then - echo -e "\nExisting config found at $elastic_agent_config_path" + printf "\n%s \e[36m%s\e[0m\n" "Existing config found at" "$elastic_agent_config_path" printf "\n\e[1;36m?\e[0m \e[1m%s\e[0m \e[2m%s\e[0m" "Create backup and continue installation?" "[Y/n] (default: Yes): " read confirmation_reply @@ -241,7 +242,7 @@ backup_elastic_agent_config() { fi if [ "$?" -eq 0 ]; then - printf "\n\e[1;32m✓\e[0m %s\n" "Backup saved to $backup_path" + printf "\n\e[32;1m✓\e[0m %s \e[36m%s\e[0m\n" "Backup saved to" "$backup_path" else update_step_progress "ea-config" "warning" "Failed to backup existing configuration" fail "Failed to backup existing config - Try manually creating a backup or delete your existing config before re-running this script" @@ -278,7 +279,7 @@ install_integrations() { --output "$elastic_agent_tmp_config_path" if [ "$?" -eq 0 ]; then - printf "\n\e[1;32m✓\e[0m %s\n" "Integrations installed" + printf "\n\e[32;1m✓\e[0m %s\n" "Integrations installed" else update_step_progress "ea-config" "warning" "Failed to install integrations" fail "Failed to install integrations" @@ -297,10 +298,15 @@ apply_elastic_agent_config() { # Replace placeholder with the Ingest API key sed -i='' "s/\${API_KEY}/$decoded_ingest_api_key/" "$elastic_agent_config_path" if [ "$?" -eq 0 ]; then - printf "\e[1;32m✓\e[0m %s\n" "Config written to:" - tar --list --file "$elastic_agent_tmp_config_path" | grep '\.yml$' | while read -r file; do - echo " - $(dirname "$elastic_agent_config_path")/$file" - done + printf "\e[32;1m✓\e[0m %s\n" "Config files written to:" + while IFS= read -r file; do + local path="$(dirname "$elastic_agent_config_path")/$file" + printf " \e[36m%s\e[0m\n" "$path" + grep '' "$path" >/dev/null + if [ "$?" -eq 0 ]; then + config_files_with_password+=("$path") + fi + done < <(tar --list --file "$elastic_agent_tmp_config_path" | grep '\.yml$') update_step_progress "ea-config" "complete" else @@ -585,4 +591,11 @@ printf "\n\e[1m%s\e[0m\n" "Waiting for healthy status..." wait_for_elastic_agent_status ensure_elastic_agent_healthy -printf "\n\e[32m%s\e[0m\n" "🎉 Elastic Agent is configured and running. You can now go back to Kibana and check for incoming logs." +printf "\n\e[32m%s\e[0m\n" "🎉 Elastic Agent is configured and running!" + +printf "\n\e[1m%s\e[0m\n" "Next steps:" +printf "\n• %s\n" "Go back to Kibana and check for incoming data" +for path in "${config_files_with_password[@]}"; do + printf "\n• %s:\n \e[36m%s\e[0m\n" "Collect $(known_integration_title "$(basename "${path%.yml}")") metrics by adding your username and password to" "$path" +done +printf "\n• %s:\n \e[36;4m%s\e[0m\n" "For information on other standalone integration setups, visit" "https://www.elastic.co/guide/en/fleet/current/elastic-agent-configuration.html" diff --git a/x-pack/plugins/observability_solution/observability_onboarding/public/assets/integrations.conf b/x-pack/plugins/observability_solution/observability_onboarding/public/assets/integrations.conf index e6455a9170c86e..0b197bef30f7d4 100644 --- a/x-pack/plugins/observability_solution/observability_onboarding/public/assets/integrations.conf +++ b/x-pack/plugins/observability_solution/observability_onboarding/public/assets/integrations.conf @@ -1,14 +1,14 @@ [system] -title=System Logs And Metrics +title=System [nginx] -title=Nginx Logs +title=Nginx patterns= /var/log/nginx/access.log* /var/log/nginx/error.log* [apache] -title=Apache Logs +title=Apache patterns= /var/log/apache2/access.log* /var/log/apache2/other_vhosts_access.log* @@ -17,13 +17,13 @@ patterns= /var/log/httpd/error_log* [docker] -title=Docker Container Logs +title=Docker patterns= /var/lib/docker/containers/*/*-json.log /var/run/docker.sock [mysql] -title=MySQL Logs +title=MySQL patterns= /var/log/mysql/*error.log* /var/log/mysqld.log* @@ -31,7 +31,7 @@ patterns= /var/lib/mysql/*-slow.log* [postgresql] -title=PostgreSQL Logs +title=PostgreSQL patterns= /var/log/postgresql/postgresql-*-*.log* /*/postgresql-logs/*.log @@ -39,26 +39,26 @@ patterns= /var/log/postgresql/postgresql-*-*.csv* [redis] -title=Redis Logs +title=Redis patterns= /var/log/redis/redis-server.log* /etc/redis/redis.conf [haproxy] -title=HAProxy Logs +title=HAProxy patterns= /var/log/haproxy.log /etc/haproxy/haproxy.cfg [rabbitmq] -title=RabbitMQ Logs +title=RabbitMQ patterns= /var/log/rabbitmq/rabbit@*.log /etc/rabbitmq/rabbitmq.conf /etc/rabbitmq/rabbitmq.config [kafka] -title=Kafka Logs +title=Kafka patterns= /var/log/kafka/server.log /etc/kafka/server.properties @@ -68,19 +68,19 @@ patterns= /*/logs/kafka-*.log* [mongodb] -title=MongoDB Logs +title=MongoDB patterns= /var/log/mongodb/mongod.log [apache_tomcat] -title=Apache Tomcat Logs +title=Apache Tomcat patterns= /opt/tomcat/logs/localhost_access_log.*.txt /opt/tomcat/logs/catalina.*.log /opt/tomcat/logs/localhost.*.log [prometheus] -title=Prometheus Server overview +title=Prometheus patterns= /var/log/prometheus/prometheus.log /etc/prometheus/prometheus.yml \ No newline at end of file diff --git a/x-pack/plugins/observability_solution/observability_onboarding/server/lib/api_key/create_shipper_api_key.ts b/x-pack/plugins/observability_solution/observability_onboarding/server/lib/api_key/create_shipper_api_key.ts index bdfdd202a962e3..9279ae0e1dfd16 100644 --- a/x-pack/plugins/observability_solution/observability_onboarding/server/lib/api_key/create_shipper_api_key.ts +++ b/x-pack/plugins/observability_solution/observability_onboarding/server/lib/api_key/create_shipper_api_key.ts @@ -6,7 +6,11 @@ */ import { ElasticsearchClient } from '@kbn/core/server'; -import { MONITOR_CLUSTER, INDEX_LOGS_AND_METRICS, WRITE_APM_EVENTS } from './privileges'; +import { + MONITOR_CLUSTER, + INDEX_LOGS_AND_METRICS, + INDEX_LOGS_METRICS_AND_TRACES, +} from './privileges'; export function createShipperApiKey(esClient: ElasticsearchClient, name: string, withAPM = false) { // Based on https://www.elastic.co/guide/en/fleet/master/grant-access-to-elasticsearch.html#create-api-key-standalone-agent @@ -20,8 +24,7 @@ export function createShipperApiKey(esClient: ElasticsearchClient, name: string, role_descriptors: { standalone_agent: { cluster: [MONITOR_CLUSTER], - indices: [INDEX_LOGS_AND_METRICS], - applications: withAPM ? [WRITE_APM_EVENTS] : undefined, + indices: [withAPM ? INDEX_LOGS_METRICS_AND_TRACES : INDEX_LOGS_AND_METRICS], }, }, }, diff --git a/x-pack/plugins/observability_solution/observability_onboarding/server/lib/api_key/has_log_monitoring_privileges.ts b/x-pack/plugins/observability_solution/observability_onboarding/server/lib/api_key/has_log_monitoring_privileges.ts index 0593a7f761e1e7..ce5897936b741c 100644 --- a/x-pack/plugins/observability_solution/observability_onboarding/server/lib/api_key/has_log_monitoring_privileges.ts +++ b/x-pack/plugins/observability_solution/observability_onboarding/server/lib/api_key/has_log_monitoring_privileges.ts @@ -6,14 +6,17 @@ */ import { ElasticsearchClient } from '@kbn/core/server'; -import { MONITOR_CLUSTER, INDEX_LOGS_AND_METRICS, WRITE_APM_EVENTS } from './privileges'; +import { + MONITOR_CLUSTER, + INDEX_LOGS_AND_METRICS, + INDEX_LOGS_METRICS_AND_TRACES, +} from './privileges'; export async function hasLogMonitoringPrivileges(esClient: ElasticsearchClient, withAPM = false) { const res = await esClient.security.hasPrivileges({ body: { cluster: [MONITOR_CLUSTER, 'manage_own_api_key'], - index: [INDEX_LOGS_AND_METRICS], - application: withAPM ? [WRITE_APM_EVENTS] : undefined, + index: [withAPM ? INDEX_LOGS_METRICS_AND_TRACES : INDEX_LOGS_AND_METRICS], }, }); diff --git a/x-pack/plugins/observability_solution/observability_onboarding/server/lib/api_key/privileges.ts b/x-pack/plugins/observability_solution/observability_onboarding/server/lib/api_key/privileges.ts index 7c3b5999842bd1..8a28849ef10035 100644 --- a/x-pack/plugins/observability_solution/observability_onboarding/server/lib/api_key/privileges.ts +++ b/x-pack/plugins/observability_solution/observability_onboarding/server/lib/api_key/privileges.ts @@ -18,9 +18,8 @@ export const INDEX_LOGS_AND_METRICS: estypes.SecurityIndicesPrivileges = { privileges: ['auto_configure', 'create_doc'], }; -// https://www.elastic.co/guide/en/observability/master/apm-api-key.html#apm-create-api-key-workflow-es -export const WRITE_APM_EVENTS: estypes.SecurityApplicationPrivileges = { - application: 'apm', - privileges: ['event:write', 'config_agent:read'], - resources: ['*'], +// https://www.elastic.co/guide/en/fleet/master/grant-access-to-elasticsearch.html#create-api-key-standalone-agent +export const INDEX_LOGS_METRICS_AND_TRACES: estypes.SecurityIndicesPrivileges = { + names: ['logs-*-*', 'metrics-*-*', 'traces-*-*'], + privileges: ['auto_configure', 'create_doc'], }; diff --git a/x-pack/plugins/observability_solution/observability_onboarding/server/routes/flow/route.ts b/x-pack/plugins/observability_solution/observability_onboarding/server/routes/flow/route.ts index 229ce3bf252d0e..d6575f8751c4ac 100644 --- a/x-pack/plugins/observability_solution/observability_onboarding/server/routes/flow/route.ts +++ b/x-pack/plugins/observability_solution/observability_onboarding/server/routes/flow/route.ts @@ -263,8 +263,8 @@ const createFlowRoute = createObservabilityOnboardingServerRoute({ * * The request format is TSV (tab-separated values) to simplify parsing in bash. * - * The response format is either a YAML file or a tar archive containing the Elastic Agent - * configuration, depending on the `Accept` header. + * The response format is a tar archive containing the Elastic Agent configuration, depending on the + * `Accept` header. * * Errors during installation are ignore unless all integrations fail to install. When that happens * a 500 Internal Server Error is returned with the first error message. @@ -348,7 +348,7 @@ const integrationsInstallRoute = createObservabilityOnboardingServerRoute({ } return acc; }, []); - // Errors during installation are ignore unless all integrations fail to install. When that happens + // Errors during installation are ignored unless all integrations fail to install. When that happens // a 500 Internal Server Error is returned with the first error message. if (!installedIntegrations.length) { throw (settledResults[0] as PromiseRejectedResult).reason; @@ -383,20 +383,11 @@ const integrationsInstallRoute = createObservabilityOnboardingServerRoute({ ? [plugins.cloud?.setup?.elasticsearchUrl] : await getFallbackESUrl(services.esLegacyConfigService); - if (request.headers.accept === 'application/x-tar') { - return response.ok({ - headers: { - 'content-type': 'application/x-tar', - }, - body: generateAgentConfigTar({ elasticsearchUrl, installedIntegrations }), - }); - } - return response.ok({ headers: { - 'content-type': 'application/yaml', + 'content-type': 'application/x-tar', }, - body: generateAgentConfigYAML({ elasticsearchUrl, installedIntegrations }), + body: generateAgentConfigTar({ elasticsearchUrl, installedIntegrations }), }); }, }); @@ -423,7 +414,7 @@ async function ensureInstalledIntegrations( if (installSource === 'registry') { const installation = await packageClient.ensureInstalledPackage({ pkgName }); const pkg = installation.package; - const inputs = await packageClient.getAgentPolicyInputs(pkg.name, pkg.version); + const config = await packageClient.getAgentPolicyConfigYAML(pkg.name, pkg.version); const { packageInfo } = await packageClient.getPackage(pkg.name, pkg.version); return { @@ -431,7 +422,7 @@ async function ensureInstalledIntegrations( pkgName: pkg.name, pkgVersion: pkg.version, title: packageInfo.title, - inputs: inputs.filter((input) => input.type !== 'httpjson'), + config, dataStreams: packageInfo.data_streams?.map(({ type, dataset }) => ({ type, dataset })) ?? [], kibanaAssets: pkg.installed_kibana, @@ -447,19 +438,21 @@ async function ensureInstalledIntegrations( pkgName, pkgVersion: '1.0.0', // Custom integrations are always installed as version `1.0.0` title: pkgName, - inputs: [ - { - id: `filestream-${pkgName}`, - type: 'filestream', - streams: [ - { - id: `filestream-${pkgName}`, - data_stream: dataStream, - paths: integration.logFilePaths, - }, - ], - }, - ], + config: dump({ + inputs: [ + { + id: `filestream-${pkgName}`, + type: 'filestream', + streams: [ + { + id: `filestream-${pkgName}`, + data_stream: dataStream, + paths: integration.logFilePaths, + }, + ], + }, + ], + }), dataStreams: [dataStream], kibanaAssets: [], }; @@ -538,25 +531,6 @@ function parseIntegrationsTSV(tsv: string) { ); } -const generateAgentConfigYAML = ({ - elasticsearchUrl, - installedIntegrations, -}: { - elasticsearchUrl: string[]; - installedIntegrations: InstalledIntegration[]; -}) => { - return dump({ - outputs: { - default: { - type: 'elasticsearch', - hosts: elasticsearchUrl, - api_key: '${API_KEY}', // Placeholder to be replaced by bash script with the actual API key - }, - }, - inputs: installedIntegrations.map(({ inputs }) => inputs).flat(), - }); -}; - const generateAgentConfigTar = ({ elasticsearchUrl, installedIntegrations, @@ -592,7 +566,7 @@ const generateAgentConfigTar = ({ path: `inputs.d/${integration.pkgName}.yml`, mode: 0o644, mtime: now, - data: dump({ inputs: integration.inputs }), + data: integration.config, })), ]); }; diff --git a/x-pack/plugins/observability_solution/observability_onboarding/server/routes/types.ts b/x-pack/plugins/observability_solution/observability_onboarding/server/routes/types.ts index de2e7ce65fd2d3..c9cded0805f65a 100644 --- a/x-pack/plugins/observability_solution/observability_onboarding/server/routes/types.ts +++ b/x-pack/plugins/observability_solution/observability_onboarding/server/routes/types.ts @@ -57,7 +57,7 @@ export const IntegrationRT = t.type({ pkgName: t.string, pkgVersion: t.string, title: t.string, - inputs: t.array(t.unknown), + config: t.string, dataStreams: t.array( t.type({ type: t.string, diff --git a/x-pack/plugins/observability_solution/observability_shared/common/field_names/elasticsearch.ts b/x-pack/plugins/observability_solution/observability_shared/common/field_names/elasticsearch.ts index 5652671a872813..e703cd487259c8 100644 --- a/x-pack/plugins/observability_solution/observability_shared/common/field_names/elasticsearch.ts +++ b/x-pack/plugins/observability_solution/observability_shared/common/field_names/elasticsearch.ts @@ -149,9 +149,9 @@ export const PROFILE_INUSE_SPACE = 'profile.inuse_space.bytes'; export const ENTITY = 'entity'; export const ENTITY_ID = 'entity.id'; export const ENTITY_TYPE = 'entity.type'; -export const ENTITY_LAST_SEEN = 'entity.lastSeenTimestamp'; -export const ENTITY_FIRST_SEEN = 'entity.firstSeenTimestamp'; -export const ENTITY_DISPLAY_NAME = 'entity.displayName'; -export const ENTITY_DEFINITION_ID = 'entity.definitionId'; -export const ENTITY_IDENTITY_FIELDS = 'entity.identityFields'; +export const ENTITY_LAST_SEEN = 'entity.last_seen_timestamp'; +export const ENTITY_FIRST_SEEN = 'entity.first_seen_timestamp'; +export const ENTITY_DISPLAY_NAME = 'entity.display_name'; +export const ENTITY_DEFINITION_ID = 'entity.definition_id'; +export const ENTITY_IDENTITY_FIELDS = 'entity.identity_fields'; export const SOURCE_DATA_STREAM_TYPE = 'source_data_stream.type'; diff --git a/x-pack/plugins/observability_solution/observability_shared/public/components/add_data_panel/add_data_panel.stories.tsx b/x-pack/plugins/observability_solution/observability_shared/public/components/add_data_panel/add_data_panel.stories.tsx index 76442c0a4de0ad..7915e4d0104540 100644 --- a/x-pack/plugins/observability_solution/observability_shared/public/components/add_data_panel/add_data_panel.stories.tsx +++ b/x-pack/plugins/observability_solution/observability_shared/public/components/add_data_panel/add_data_panel.stories.tsx @@ -15,7 +15,7 @@ export default { }; const defaultFunctions = { - onDissmiss: () => alert('Dismissed'), + onDismiss: () => alert('Dismissed'), onAddData: () => alert('Add Data'), onTryIt: () => alert('Try It'), onLearnMore: () => alert('Learn More'), @@ -139,7 +139,7 @@ export function NotDismissable(props: ComponentProps) { NotDismissable.args = { ...defaultContent(), ...defaultFunctions, - onDissmiss: undefined, + onDismiss: undefined, actions: { primary: defaultPrimaryAction, secondary: { diff --git a/x-pack/plugins/observability_solution/observability_shared/public/components/add_data_panel/index.tsx b/x-pack/plugins/observability_solution/observability_shared/public/components/add_data_panel/index.tsx index ec6e405adcb262..f047fdb6b33d33 100644 --- a/x-pack/plugins/observability_solution/observability_shared/public/components/add_data_panel/index.tsx +++ b/x-pack/plugins/observability_solution/observability_shared/public/components/add_data_panel/index.tsx @@ -43,7 +43,7 @@ type AddDataPanelButtonWithLabel = Required; export interface AddDataPanelProps { content: AddDataPanelContent; - onDissmiss?: () => void; + onDismiss?: () => void; onAddData: () => void; onTryIt?: () => void; onLearnMore: () => void; @@ -72,7 +72,7 @@ const learnMoreDefaultLabel = i18n.translate( export function AddDataPanel({ content, actions, - onDissmiss, + onDismiss, onLearnMore, onTryIt, onAddData, @@ -155,7 +155,7 @@ export function AddDataPanel({ )} - {onDissmiss && ( + {onDismiss && ( )} diff --git a/x-pack/plugins/observability_solution/slo/server/services/transform_generators/__snapshots__/apm_transaction_duration.test.ts.snap b/x-pack/plugins/observability_solution/slo/server/services/transform_generators/__snapshots__/apm_transaction_duration.test.ts.snap index e5eba04f5305cf..fe0c3a8904c05a 100644 --- a/x-pack/plugins/observability_solution/slo/server/services/transform_generators/__snapshots__/apm_transaction_duration.test.ts.snap +++ b/x-pack/plugins/observability_solution/slo/server/services/transform_generators/__snapshots__/apm_transaction_duration.test.ts.snap @@ -394,7 +394,7 @@ Object { "goodEvents": "slo.numerator.value", "totalEvents": "slo.denominator.value", }, - "script": "params.goodEvents / params.totalEvents >= 0.95 ? 1 : 0", + "script": "if (params.totalEvents == 0) { return 1 } else { return params.goodEvents / params.totalEvents >= 0.95 ? 1 : 0 }", }, }, "slo.numerator": Object { @@ -542,7 +542,7 @@ Object { "goodEvents": "slo.numerator.value", "totalEvents": "slo.denominator.value", }, - "script": "params.goodEvents / params.totalEvents > 0 ? 1 : 0", + "script": "if (params.totalEvents == 0) { return 1 } else { return params.goodEvents / params.totalEvents > 0 ? 1 : 0 }", }, }, "slo.numerator": Object { diff --git a/x-pack/plugins/observability_solution/slo/server/services/transform_generators/__snapshots__/apm_transaction_error_rate.test.ts.snap b/x-pack/plugins/observability_solution/slo/server/services/transform_generators/__snapshots__/apm_transaction_error_rate.test.ts.snap index 92c5b8c09385c6..a081c2829f2bc9 100644 --- a/x-pack/plugins/observability_solution/slo/server/services/transform_generators/__snapshots__/apm_transaction_error_rate.test.ts.snap +++ b/x-pack/plugins/observability_solution/slo/server/services/transform_generators/__snapshots__/apm_transaction_error_rate.test.ts.snap @@ -358,7 +358,7 @@ Object { "goodEvents": "slo.numerator>_count", "totalEvents": "slo.denominator>_count", }, - "script": "params.goodEvents / params.totalEvents >= 0.95 ? 1 : 0", + "script": "if (params.totalEvents == 0) { return 1 } else { return params.goodEvents / params.totalEvents >= 0.95 ? 1 : 0 }", }, }, "slo.numerator": Object { @@ -493,7 +493,7 @@ Object { "goodEvents": "slo.numerator>_count", "totalEvents": "slo.denominator>_count", }, - "script": "params.goodEvents / params.totalEvents > 0 ? 1 : 0", + "script": "if (params.totalEvents == 0) { return 1 } else { return params.goodEvents / params.totalEvents > 0 ? 1 : 0 }", }, }, "slo.numerator": Object { diff --git a/x-pack/plugins/observability_solution/slo/server/services/transform_generators/__snapshots__/histogram.test.ts.snap b/x-pack/plugins/observability_solution/slo/server/services/transform_generators/__snapshots__/histogram.test.ts.snap index 260a9406e7674f..43026be44a3bbb 100644 --- a/x-pack/plugins/observability_solution/slo/server/services/transform_generators/__snapshots__/histogram.test.ts.snap +++ b/x-pack/plugins/observability_solution/slo/server/services/transform_generators/__snapshots__/histogram.test.ts.snap @@ -134,7 +134,7 @@ Object { "goodEvents": "slo.numerator>value", "totalEvents": "slo.denominator>value", }, - "script": "params.goodEvents / params.totalEvents >= 0.95 ? 1 : 0", + "script": "if (params.totalEvents == 0) { return 1 } else { return params.goodEvents / params.totalEvents >= 0.95 ? 1 : 0 }", }, }, "slo.numerator": Object { @@ -263,7 +263,7 @@ Object { "goodEvents": "slo.numerator>value", "totalEvents": "slo.denominator>value", }, - "script": "params.goodEvents / params.totalEvents > 0 ? 1 : 0", + "script": "if (params.totalEvents == 0) { return 1 } else { return params.goodEvents / params.totalEvents > 0 ? 1 : 0 }", }, }, "slo.numerator": Object { diff --git a/x-pack/plugins/observability_solution/slo/server/services/transform_generators/__snapshots__/kql_custom.test.ts.snap b/x-pack/plugins/observability_solution/slo/server/services/transform_generators/__snapshots__/kql_custom.test.ts.snap index 26fb5dde0f7841..95e1e3abf6aa5d 100644 --- a/x-pack/plugins/observability_solution/slo/server/services/transform_generators/__snapshots__/kql_custom.test.ts.snap +++ b/x-pack/plugins/observability_solution/slo/server/services/transform_generators/__snapshots__/kql_custom.test.ts.snap @@ -140,7 +140,7 @@ Object { "goodEvents": "slo.numerator>_count", "totalEvents": "slo.denominator>_count", }, - "script": "params.goodEvents / params.totalEvents >= 0.95 ? 1 : 0", + "script": "if (params.totalEvents == 0) { return 1 } else { return params.goodEvents / params.totalEvents >= 0.95 ? 1 : 0 }", }, }, "slo.numerator": Object { @@ -242,7 +242,7 @@ Object { "goodEvents": "slo.numerator>_count", "totalEvents": "slo.denominator>_count", }, - "script": "params.goodEvents / params.totalEvents > 0 ? 1 : 0", + "script": "if (params.totalEvents == 0) { return 1 } else { return params.goodEvents / params.totalEvents > 0 ? 1 : 0 }", }, }, "slo.numerator": Object { diff --git a/x-pack/plugins/observability_solution/slo/server/services/transform_generators/__snapshots__/metric_custom.test.ts.snap b/x-pack/plugins/observability_solution/slo/server/services/transform_generators/__snapshots__/metric_custom.test.ts.snap index c1317435fb97b7..4b7dab85cec60d 100644 --- a/x-pack/plugins/observability_solution/slo/server/services/transform_generators/__snapshots__/metric_custom.test.ts.snap +++ b/x-pack/plugins/observability_solution/slo/server/services/transform_generators/__snapshots__/metric_custom.test.ts.snap @@ -181,7 +181,7 @@ Object { "goodEvents": "slo.numerator>value", "totalEvents": "slo.denominator>value", }, - "script": "params.goodEvents / params.totalEvents >= 0.95 ? 1 : 0", + "script": "if (params.totalEvents == 0) { return 1 } else { return params.goodEvents / params.totalEvents >= 0.95 ? 1 : 0 }", }, }, "slo.numerator": Object { diff --git a/x-pack/plugins/observability_solution/slo/server/services/transform_generators/apm_transaction_duration.ts b/x-pack/plugins/observability_solution/slo/server/services/transform_generators/apm_transaction_duration.ts index 85496cb91f6e44..b349a5affecebd 100644 --- a/x-pack/plugins/observability_solution/slo/server/services/transform_generators/apm_transaction_duration.ts +++ b/x-pack/plugins/observability_solution/slo/server/services/transform_generators/apm_transaction_duration.ts @@ -185,9 +185,9 @@ export class ApmTransactionDurationTransformGenerator extends TransformGenerator goodEvents: 'slo.numerator.value', totalEvents: 'slo.denominator.value', }, - script: `params.goodEvents / params.totalEvents ${getTimesliceTargetComparator( + script: `if (params.totalEvents == 0) { return 1 } else { return params.goodEvents / params.totalEvents ${getTimesliceTargetComparator( slo.objective.timesliceTarget! - )} ${slo.objective.timesliceTarget} ? 1 : 0`, + )} ${slo.objective.timesliceTarget} ? 1 : 0 }`, }, }, }), diff --git a/x-pack/plugins/observability_solution/slo/server/services/transform_generators/apm_transaction_error_rate.ts b/x-pack/plugins/observability_solution/slo/server/services/transform_generators/apm_transaction_error_rate.ts index 91b4af3a07aff8..3aa0d4507e8a44 100644 --- a/x-pack/plugins/observability_solution/slo/server/services/transform_generators/apm_transaction_error_rate.ts +++ b/x-pack/plugins/observability_solution/slo/server/services/transform_generators/apm_transaction_error_rate.ts @@ -168,9 +168,9 @@ export class ApmTransactionErrorRateTransformGenerator extends TransformGenerato goodEvents: 'slo.numerator>_count', totalEvents: 'slo.denominator>_count', }, - script: `params.goodEvents / params.totalEvents ${getTimesliceTargetComparator( + script: `if (params.totalEvents == 0) { return 1 } else { return params.goodEvents / params.totalEvents ${getTimesliceTargetComparator( slo.objective.timesliceTarget! - )} ${slo.objective.timesliceTarget} ? 1 : 0`, + )} ${slo.objective.timesliceTarget} ? 1 : 0 }`, }, }, }), diff --git a/x-pack/plugins/observability_solution/slo/server/services/transform_generators/histogram.ts b/x-pack/plugins/observability_solution/slo/server/services/transform_generators/histogram.ts index c7c97639b92a89..b19f9a48e70f00 100644 --- a/x-pack/plugins/observability_solution/slo/server/services/transform_generators/histogram.ts +++ b/x-pack/plugins/observability_solution/slo/server/services/transform_generators/histogram.ts @@ -101,9 +101,9 @@ export class HistogramTransformGenerator extends TransformGenerator { goodEvents: 'slo.numerator>value', totalEvents: 'slo.denominator>value', }, - script: `params.goodEvents / params.totalEvents ${getTimesliceTargetComparator( + script: `if (params.totalEvents == 0) { return 1 } else { return params.goodEvents / params.totalEvents ${getTimesliceTargetComparator( slo.objective.timesliceTarget! - )} ${slo.objective.timesliceTarget} ? 1 : 0`, + )} ${slo.objective.timesliceTarget} ? 1 : 0 }`, }, }, }), diff --git a/x-pack/plugins/observability_solution/slo/server/services/transform_generators/kql_custom.ts b/x-pack/plugins/observability_solution/slo/server/services/transform_generators/kql_custom.ts index 1924bc1a4c344f..0082e13968c804 100644 --- a/x-pack/plugins/observability_solution/slo/server/services/transform_generators/kql_custom.ts +++ b/x-pack/plugins/observability_solution/slo/server/services/transform_generators/kql_custom.ts @@ -94,9 +94,9 @@ export class KQLCustomTransformGenerator extends TransformGenerator { goodEvents: 'slo.numerator>_count', totalEvents: 'slo.denominator>_count', }, - script: `params.goodEvents / params.totalEvents ${getTimesliceTargetComparator( + script: `if (params.totalEvents == 0) { return 1 } else { return params.goodEvents / params.totalEvents ${getTimesliceTargetComparator( slo.objective.timesliceTarget! - )} ${slo.objective.timesliceTarget} ? 1 : 0`, + )} ${slo.objective.timesliceTarget} ? 1 : 0 }`, }, }, }), diff --git a/x-pack/plugins/observability_solution/slo/server/services/transform_generators/metric_custom.ts b/x-pack/plugins/observability_solution/slo/server/services/transform_generators/metric_custom.ts index 5717b05a466ded..e96f252d5ed843 100644 --- a/x-pack/plugins/observability_solution/slo/server/services/transform_generators/metric_custom.ts +++ b/x-pack/plugins/observability_solution/slo/server/services/transform_generators/metric_custom.ts @@ -105,9 +105,9 @@ export class MetricCustomTransformGenerator extends TransformGenerator { goodEvents: 'slo.numerator>value', totalEvents: 'slo.denominator>value', }, - script: `params.goodEvents / params.totalEvents ${getTimesliceTargetComparator( + script: `if (params.totalEvents == 0) { return 1 } else { return params.goodEvents / params.totalEvents ${getTimesliceTargetComparator( slo.objective.timesliceTarget! - )} ${slo.objective.timesliceTarget} ? 1 : 0`, + )} ${slo.objective.timesliceTarget} ? 1 : 0 }`, }, }, }), diff --git a/x-pack/plugins/observability_solution/synthetics/e2e/synthetics/journeys/alert_rules/custom_status_alert.journey.ts b/x-pack/plugins/observability_solution/synthetics/e2e/synthetics/journeys/alert_rules/custom_status_alert.journey.ts index 58f59995faabc9..3d45e0698f6167 100644 --- a/x-pack/plugins/observability_solution/synthetics/e2e/synthetics/journeys/alert_rules/custom_status_alert.journey.ts +++ b/x-pack/plugins/observability_solution/synthetics/e2e/synthetics/journeys/alert_rules/custom_status_alert.journey.ts @@ -5,8 +5,7 @@ * 2.0. */ -import { journey, step, before, after, expect } from '@elastic/synthetics'; -import { RetryService } from '@kbn/ftr-common-functional-services'; +import { journey, step, before, after } from '@elastic/synthetics'; import { syntheticsAppPageProvider } from '../../page_objects/synthetics_app'; import { SyntheticsServices } from '../services/synthetics_services'; @@ -14,8 +13,6 @@ journey(`CustomStatusAlert`, async ({ page, params }) => { const syntheticsApp = syntheticsAppPageProvider({ page, kibanaUrl: params.kibanaUrl, params }); const services = new SyntheticsServices(params); - const getService = params.getService; - const retry: RetryService = getService('retry'); const firstCheckTime = new Date(Date.now()).toISOString(); @@ -61,19 +58,7 @@ journey(`CustomStatusAlert`, async ({ page, params }) => { }); step('verify rule creation', async () => { - await retry.try(async () => { - const rules = await services.getRules(); - expect(rules.length).toBe(3); - expect(rules[2].params).toStrictEqual({ - condition: { - downThreshold: 3, - locationsThreshold: 1, - groupBy: 'locationId', - window: { - numberOfChecks: 5, - }, - }, - }); - }); + await syntheticsApp.goToRulesPage(); + await page.waitForSelector(`text='Synthetics status rule'`); }); }); diff --git a/x-pack/plugins/observability_solution/synthetics/e2e/synthetics/journeys/services/synthetics_services.ts b/x-pack/plugins/observability_solution/synthetics/e2e/synthetics/journeys/services/synthetics_services.ts index 23c5ef45d13835..5c356492f1c243 100644 --- a/x-pack/plugins/observability_solution/synthetics/e2e/synthetics/journeys/services/synthetics_services.ts +++ b/x-pack/plugins/observability_solution/synthetics/e2e/synthetics/journeys/services/synthetics_services.ts @@ -221,14 +221,6 @@ export class SyntheticsServices { } } - async getRules() { - const response = await axios.get(this.kibanaUrl + '/internal/alerting/rules/_find', { - auth: { username: 'elastic', password: 'changeme' }, - headers: { 'kbn-xsrf': 'true' }, - }); - return response.data.data; - } - async setupTestConnector() { const indexConnector = { name: 'test index', diff --git a/x-pack/plugins/observability_solution/synthetics/e2e/synthetics/page_objects/synthetics_app.tsx b/x-pack/plugins/observability_solution/synthetics/e2e/synthetics/page_objects/synthetics_app.tsx index f6d5ce45b96c30..931694da554caa 100644 --- a/x-pack/plugins/observability_solution/synthetics/e2e/synthetics/page_objects/synthetics_app.tsx +++ b/x-pack/plugins/observability_solution/synthetics/e2e/synthetics/page_objects/synthetics_app.tsx @@ -393,5 +393,10 @@ export function syntheticsAppPageProvider({ const isDisabled = await addMonitorBtn.isDisabled(); return !isDisabled; }, + + async goToRulesPage() { + const rulesPage = '/app/observability/alerts/rules'; + await page.goto(basePath + rulesPage); + }, }; } diff --git a/x-pack/plugins/observability_solution/synthetics/public/apps/embeddables/common/monitor_configuration.tsx b/x-pack/plugins/observability_solution/synthetics/public/apps/embeddables/common/monitor_configuration.tsx index 24995e898b3a17..4092f5cd404788 100644 --- a/x-pack/plugins/observability_solution/synthetics/public/apps/embeddables/common/monitor_configuration.tsx +++ b/x-pack/plugins/observability_solution/synthetics/public/apps/embeddables/common/monitor_configuration.tsx @@ -18,7 +18,6 @@ import { EuiTitle, } from '@elastic/eui'; import { FormattedMessage } from '@kbn/i18n-react'; -import { i18n } from '@kbn/i18n'; import { FormProvider, useForm } from 'react-hook-form'; import { MonitorFilters } from '../monitors_overview/types'; import { MonitorFiltersForm } from './monitor_filters_form'; @@ -29,12 +28,14 @@ interface MonitorConfigurationProps { }; onCreate: (props: { filters: MonitorFilters }) => void; onCancel: () => void; + title: string; } export function MonitorConfiguration({ initialInput, onCreate, onCancel, + title, }: MonitorConfigurationProps) { const methods = useForm({ defaultValues: { @@ -57,64 +58,50 @@ export function MonitorConfiguration({ }; return ( - + - + +

{title}

+ + + + - -

- {i18n.translate( - 'xpack.synthetics.overviewEmbeddable.config.sloSelector.headerTitle', - { - defaultMessage: 'Overview configuration', - } - )} -

- + + + + + + + - + + + + + + - <> - - - - - - - - - - - - - - - - - - - - - - - - - + + + + + ); } diff --git a/x-pack/plugins/observability_solution/synthetics/public/apps/embeddables/common/monitor_filters_form.tsx b/x-pack/plugins/observability_solution/synthetics/public/apps/embeddables/common/monitor_filters_form.tsx index 80d2f3aa072cdf..a53d275a124284 100644 --- a/x-pack/plugins/observability_solution/synthetics/public/apps/embeddables/common/monitor_filters_form.tsx +++ b/x-pack/plugins/observability_solution/synthetics/public/apps/embeddables/common/monitor_filters_form.tsx @@ -4,7 +4,7 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ -import { EuiFlexGroup, EuiIconTip } from '@elastic/eui'; +import { EuiFlexGroup } from '@elastic/eui'; import { i18n } from '@kbn/i18n'; import React from 'react'; import { FieldSelector } from './field_selector'; @@ -23,18 +23,6 @@ export function MonitorFiltersForm() { )} name="monitorIds" dataTestSubj="syntheticsAvailabilityMonitorSelector" - tooltip={ - - } /> { flyoutSession.close(); diff --git a/x-pack/plugins/observability_solution/synthetics/public/apps/embeddables/common/utils.ts b/x-pack/plugins/observability_solution/synthetics/public/apps/embeddables/common/utils.ts new file mode 100644 index 00000000000000..0a5e104a742701 --- /dev/null +++ b/x-pack/plugins/observability_solution/synthetics/public/apps/embeddables/common/utils.ts @@ -0,0 +1,22 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { MonitorFilters } from '../monitors_overview/types'; + +export const areFiltersEmpty = (filters: MonitorFilters) => { + if (!filters) { + return true; + } + + return ( + !filters.monitorIds?.length && + !filters.projects?.length && + !filters.tags?.length && + !filters.monitorTypes?.length && + !filters.locations?.length + ); +}; diff --git a/x-pack/plugins/observability_solution/synthetics/public/apps/embeddables/monitors_overview/monitors_embeddable_factory.tsx b/x-pack/plugins/observability_solution/synthetics/public/apps/embeddables/monitors_overview/monitors_embeddable_factory.tsx index e23de3cc67a14f..3908063e68116d 100644 --- a/x-pack/plugins/observability_solution/synthetics/public/apps/embeddables/monitors_overview/monitors_embeddable_factory.tsx +++ b/x-pack/plugins/observability_solution/synthetics/public/apps/embeddables/monitors_overview/monitors_embeddable_factory.tsx @@ -87,6 +87,12 @@ export const getMonitorsEmbeddableFactory = ( initialState: { filters: filters$.getValue(), }, + title: i18n.translate( + 'xpack.synthetics.editSyntheticsOverviewEmbeddableTitle.overview.title', + { + defaultMessage: 'Create monitors overview', + } + ), }); filters$.next(result.filters); } catch (e) { diff --git a/x-pack/plugins/observability_solution/synthetics/public/apps/embeddables/monitors_overview/monitors_grid_component.tsx b/x-pack/plugins/observability_solution/synthetics/public/apps/embeddables/monitors_overview/monitors_grid_component.tsx index c3801bb98ca9af..c6465b9d56408a 100644 --- a/x-pack/plugins/observability_solution/synthetics/public/apps/embeddables/monitors_overview/monitors_grid_component.tsx +++ b/x-pack/plugins/observability_solution/synthetics/public/apps/embeddables/monitors_overview/monitors_grid_component.tsx @@ -7,8 +7,8 @@ import React, { useEffect, useRef } from 'react'; import { Subject } from 'rxjs'; -import { i18n } from '@kbn/i18n'; import { useDispatch } from 'react-redux'; +import { areFiltersEmpty } from '../common/utils'; import { getOverviewStore } from './redux_store'; import { ShowSelectedFilters } from '../common/show_selected_filters'; import { setOverviewPageStateAction } from '../../synthetics/state'; @@ -26,13 +26,11 @@ export const StatusGridComponent = ({ }) => { const overviewStore = useRef(getOverviewStore()); + const hasFilters = !areFiltersEmpty(filters); + return ( } + titleAppend={hasFilters ? : null} > diff --git a/x-pack/plugins/observability_solution/synthetics/public/apps/embeddables/stats_overview/stats_overview_component.tsx b/x-pack/plugins/observability_solution/synthetics/public/apps/embeddables/stats_overview/stats_overview_component.tsx index 579596615ae72f..a7c1cee656795c 100644 --- a/x-pack/plugins/observability_solution/synthetics/public/apps/embeddables/stats_overview/stats_overview_component.tsx +++ b/x-pack/plugins/observability_solution/synthetics/public/apps/embeddables/stats_overview/stats_overview_component.tsx @@ -8,6 +8,8 @@ import React, { useEffect, useRef } from 'react'; import { Subject } from 'rxjs'; import { useDispatch } from 'react-redux'; +import { EuiFlexGroup, EuiFlexItem } from '@elastic/eui'; +import { areFiltersEmpty } from '../common/utils'; import { getStatsOverviewStore } from './redux_store'; import { ShowSelectedFilters } from '../common/show_selected_filters'; import { MonitorFilters } from '../monitors_overview/types'; @@ -26,7 +28,16 @@ export const StatsOverviewComponent = ({ return ( - + + + + + ); }; @@ -36,14 +47,21 @@ const WithFiltersComponent = ({ filters }: { filters: MonitorFilters }) => { useEffect(() => { dispatch( setOverviewPageStateAction({ - tags: filters.tags.map((tag) => tag.value), - locations: filters.locations.map((location) => location.value), - monitorTypes: filters.monitorTypes.map((monitorType) => monitorType.value), - monitorQueryIds: filters.monitorIds.map((monitorId) => monitorId.value), - projects: filters.projects.map((project) => project.value), + tags: filters.tags?.map((tag) => tag.value), + locations: filters.locations?.map((location) => location.value), + monitorTypes: filters.monitorTypes?.map((monitorType) => monitorType.value), + monitorQueryIds: filters.monitorIds?.map((monitorId) => monitorId.value), + projects: filters.projects?.map((project) => project.value), }) ); }, [dispatch, filters]); - return } />; + const hasFilters = !areFiltersEmpty(filters); + + return ( + : null} + hideTitle={true} + /> + ); }; diff --git a/x-pack/plugins/observability_solution/synthetics/public/apps/embeddables/stats_overview/stats_overview_embeddable_factory.tsx b/x-pack/plugins/observability_solution/synthetics/public/apps/embeddables/stats_overview/stats_overview_embeddable_factory.tsx index 07f1e72fa1e98c..83b37f080d422f 100644 --- a/x-pack/plugins/observability_solution/synthetics/public/apps/embeddables/stats_overview/stats_overview_embeddable_factory.tsx +++ b/x-pack/plugins/observability_solution/synthetics/public/apps/embeddables/stats_overview/stats_overview_embeddable_factory.tsx @@ -80,6 +80,9 @@ export const getStatsOverviewEmbeddableFactory = ( initialState: { filters: filters$.getValue(), }, + title: i18n.translate('xpack.synthetics.editSloOverviewEmbeddableTitle.title', { + defaultMessage: 'Create monitor stats', + }), }); filters$.next(result.filters); } catch (e) { diff --git a/x-pack/plugins/observability_solution/synthetics/public/apps/embeddables/synthetics_embeddable_context.tsx b/x-pack/plugins/observability_solution/synthetics/public/apps/embeddables/synthetics_embeddable_context.tsx index 5e7b912d43ebaf..53e242f77c23c7 100644 --- a/x-pack/plugins/observability_solution/synthetics/public/apps/embeddables/synthetics_embeddable_context.tsx +++ b/x-pack/plugins/observability_solution/synthetics/public/apps/embeddables/synthetics_embeddable_context.tsx @@ -7,7 +7,6 @@ import React from 'react'; import { createBrowserHistory } from 'history'; -import { EuiPanel } from '@elastic/eui'; import { Router } from '@kbn/shared-ux-router'; import { Subject } from 'rxjs'; import { Store } from 'redux'; @@ -29,14 +28,7 @@ export const SyntheticsEmbeddableContext: React.FC< - - {children} - + {children} diff --git a/x-pack/plugins/observability_solution/synthetics/public/apps/embeddables/ui_actions/create_monitors_overview_panel_action.tsx b/x-pack/plugins/observability_solution/synthetics/public/apps/embeddables/ui_actions/create_monitors_overview_panel_action.tsx index c3f935add49c40..1e6eb30c7cc02e 100644 --- a/x-pack/plugins/observability_solution/synthetics/public/apps/embeddables/ui_actions/create_monitors_overview_panel_action.tsx +++ b/x-pack/plugins/observability_solution/synthetics/public/apps/embeddables/ui_actions/create_monitors_overview_panel_action.tsx @@ -38,6 +38,12 @@ export function createMonitorsOverviewPanelAction( const initialState = await openMonitorConfiguration({ coreStart, pluginStart, + title: i18n.translate( + 'xpack.synthetics.editSyntheticsOverviewEmbeddableTitle.overview.title', + { + defaultMessage: 'Create monitors overview', + } + ), }); try { embeddable.addNewPanel({ diff --git a/x-pack/plugins/observability_solution/synthetics/public/apps/embeddables/ui_actions/create_stats_overview_panel_action.tsx b/x-pack/plugins/observability_solution/synthetics/public/apps/embeddables/ui_actions/create_stats_overview_panel_action.tsx index 9f88e38c3640c7..f3311bec302f74 100644 --- a/x-pack/plugins/observability_solution/synthetics/public/apps/embeddables/ui_actions/create_stats_overview_panel_action.tsx +++ b/x-pack/plugins/observability_solution/synthetics/public/apps/embeddables/ui_actions/create_stats_overview_panel_action.tsx @@ -39,6 +39,9 @@ export function createStatusOverviewPanelAction( const initialState = await openMonitorConfiguration({ coreStart, pluginStart, + title: i18n.translate('xpack.synthetics.editSyntheticsOverviewEmbeddableTitle.title', { + defaultMessage: 'Create monitor stats', + }), }); embeddable.addNewPanel({ panelType: SYNTHETICS_STATS_OVERVIEW_EMBEDDABLE, diff --git a/x-pack/plugins/observability_solution/synthetics/public/apps/synthetics/components/common/components/embeddable_panel_wrapper.tsx b/x-pack/plugins/observability_solution/synthetics/public/apps/synthetics/components/common/components/embeddable_panel_wrapper.tsx index 1d3328197fb551..168984361795eb 100644 --- a/x-pack/plugins/observability_solution/synthetics/public/apps/synthetics/components/common/components/embeddable_panel_wrapper.tsx +++ b/x-pack/plugins/observability_solution/synthetics/public/apps/synthetics/components/common/components/embeddable_panel_wrapper.tsx @@ -6,37 +6,58 @@ */ import React, { FC } from 'react'; -import { EuiFlexGroup, EuiFlexItem, EuiPanel, EuiProgress, EuiTitle } from '@elastic/eui'; +import { + EuiFlexGroup, + EuiFlexItem, + EuiPanel, + EuiProgress, + EuiSpacer, + EuiTitle, +} from '@elastic/eui'; import { AddToDashboard } from './add_to_dashboard'; import { SYNTHETICS_STATS_OVERVIEW_EMBEDDABLE } from '../../../../embeddables/constants'; -export const EmbeddablePanelWrapper: FC< - React.PropsWithChildren<{ - title: string; - loading?: boolean; - titleAppend?: React.ReactNode; - }> -> = ({ children, title, loading, titleAppend }) => { +interface Props { + title?: string; + loading?: boolean; + hideTitle?: boolean; + titleAppend?: React.ReactNode; +} + +export const EmbeddablePanelWrapper: FC> = ({ + children, + title, + loading, + titleAppend, + hideTitle, +}) => { const isSyntheticsApp = window.location.pathname.includes('/app/synthetics'); + const noTitle = !title && !titleAppend; return ( <> - + + {!noTitle && ( + <> + + + {(!hideTitle || !title) && ( + +

{title}

+ + )} + + {isSyntheticsApp && ( + + + + )} + {titleAppend && {titleAppend}} + + + + )} {loading && } - - - -

{title}

- - - {isSyntheticsApp && ( - - - - )} - {titleAppend && {titleAppend}} - - {children} diff --git a/x-pack/plugins/observability_solution/synthetics/public/apps/synthetics/components/monitors_page/overview/overview/grid_by_group/grid_items_by_group.tsx b/x-pack/plugins/observability_solution/synthetics/public/apps/synthetics/components/monitors_page/overview/overview/grid_by_group/grid_items_by_group.tsx index 1951e0744c9e8b..a2e9226e26162e 100644 --- a/x-pack/plugins/observability_solution/synthetics/public/apps/synthetics/components/monitors_page/overview/overview/grid_by_group/grid_items_by_group.tsx +++ b/x-pack/plugins/observability_solution/synthetics/public/apps/synthetics/components/monitors_page/overview/overview/grid_by_group/grid_items_by_group.tsx @@ -10,6 +10,7 @@ import React, { useRef, useState, FC, PropsWithChildren } from 'react'; import { useSelector } from 'react-redux'; import { get, invert, orderBy } from 'lodash'; import styled from 'styled-components'; +import { i18n } from '@kbn/i18n'; import { OverviewLoader } from '../overview_loader'; import { getSyntheticsFilterDisplayValues, @@ -60,18 +61,25 @@ export const GridItemsByGroup = ({ items: monitorTypes, values: getSyntheticsFilterDisplayValues(monitorTypes, 'monitorTypes', allLocations), otherValues: { - label: 'Invalid monitor type', + label: i18n.translate('xpack.synthetics.monitorsPage.overview.gridItemsByGroup.noType', { + defaultMessage: 'Invalid monitor type', + }), items: allConfigs?.filter((monitor) => !get(monitor, ConfigKey.MONITOR_TYPE)), }, }; break; case 'locationId': selectedGroup = { - key: 'location.label', + key: 'locationLabel', items: locations, values: getSyntheticsFilterDisplayValues(locations, 'locations', allLocations), otherValues: { - label: 'Without any location', + label: i18n.translate( + 'xpack.synthetics.monitorsPage.overview.gridItemsByGroup.noLocations', + { + defaultMessage: 'Without any location', + } + ), items: allConfigs?.filter((monitor) => !get(monitor, 'location')), }, }; @@ -82,7 +90,9 @@ export const GridItemsByGroup = ({ items: tags, values: getSyntheticsFilterDisplayValues(tags, 'tags', allLocations), otherValues: { - label: 'Without any tags', + label: i18n.translate('xpack.synthetics.monitorsPage.overview.gridItemsByGroup.noTags', { + defaultMessage: 'Without any tags', + }), items: allConfigs?.filter((monitor) => get(monitor, 'tags', []).length === 0), }, }; @@ -93,7 +103,12 @@ export const GridItemsByGroup = ({ items: projects, values: getSyntheticsFilterDisplayValues(projects, 'projects', allLocations), otherValues: { - label: 'UI Monitors', + label: i18n.translate( + 'xpack.synthetics.monitorsPage.overview.gridItemsByGroup.uiMonitors', + { + defaultMessage: 'UI Monitors', + } + ), items: allConfigs?.filter((monitor) => !Boolean(monitor.projectId)), }, }; @@ -138,11 +153,11 @@ export const GridItemsByGroup = ({ ); })} - {selectedGroup.otherValues.items?.length && ( + {(selectedGroup.otherValues.items ?? []).length > 0 && ( - + {children} diff --git a/x-pack/plugins/osquery/cypress/cypress_base.config.ts b/x-pack/plugins/osquery/cypress/cypress_base.config.ts index 75109dc423ff3b..cea74dcd9ee603 100644 --- a/x-pack/plugins/osquery/cypress/cypress_base.config.ts +++ b/x-pack/plugins/osquery/cypress/cypress_base.config.ts @@ -10,8 +10,8 @@ import path from 'path'; import { load as loadYaml } from 'js-yaml'; import { readFileSync } from 'fs'; import type { YamlRoleDefinitions } from '@kbn/test-suites-serverless/shared/lib'; -import { setupUserDataLoader } from '@kbn/test-suites-serverless/functional/test_suites/security/cypress/support/setup_data_loader_tasks'; import { samlAuthentication } from '@kbn/security-solution-plugin/public/management/cypress/support/saml_authentication'; +import { setupUserDataLoader } from './support/setup_data_loader_tasks'; import { getFailedSpecVideos } from './support/filter_videos'; const ROLES_YAML_FILE_PATH = path.join( diff --git a/x-pack/plugins/osquery/cypress/e2e/all/alerts_cases.cy.ts b/x-pack/plugins/osquery/cypress/e2e/all/alerts_cases.cy.ts index a5ab52a7bdb76e..2dbd905b4df93f 100644 --- a/x-pack/plugins/osquery/cypress/e2e/all/alerts_cases.cy.ts +++ b/x-pack/plugins/osquery/cypress/e2e/all/alerts_cases.cy.ts @@ -25,7 +25,8 @@ import { } from '../../tasks/live_query'; import { generateRandomStringName, interceptCaseId } from '../../tasks/integrations'; -describe('Alert Event Details - Cases', { tags: ['@ess', '@serverless'] }, () => { +// Failing: See https://github.com/elastic/kibana/issues/197151 +describe.skip('Alert Event Details - Cases', { tags: ['@ess', '@serverless'] }, () => { let ruleId: string; let packId: string; let packName: string; diff --git a/x-pack/plugins/osquery/cypress/e2e/all/alerts_linked_apps.cy.ts b/x-pack/plugins/osquery/cypress/e2e/all/alerts_linked_apps.cy.ts index 6ea1acfebabce6..f7585d32a2bba3 100644 --- a/x-pack/plugins/osquery/cypress/e2e/all/alerts_linked_apps.cy.ts +++ b/x-pack/plugins/osquery/cypress/e2e/all/alerts_linked_apps.cy.ts @@ -18,6 +18,7 @@ import { import { closeModalIfVisible, closeToastIfVisible } from '../../tasks/integrations'; import { RESULTS_TABLE, RESULTS_TABLE_BUTTON } from '../../screens/live_query'; +// Failing: See https://github.com/elastic/kibana/issues/181889 // Failing: See https://github.com/elastic/kibana/issues/181889 describe.skip( 'Alert Event Details', diff --git a/x-pack/plugins/osquery/cypress/support/e2e.ts b/x-pack/plugins/osquery/cypress/support/e2e.ts index 3a989aa2355752..7426498cd28326 100644 --- a/x-pack/plugins/osquery/cypress/support/e2e.ts +++ b/x-pack/plugins/osquery/cypress/support/e2e.ts @@ -34,11 +34,16 @@ registerCypressGrep(); import type { SecuritySolutionDescribeBlockFtrConfig } from '@kbn/security-solution-plugin/scripts/run_cypress/utils'; import { login } from '@kbn/security-solution-plugin/public/management/cypress/tasks/login'; +import type { LoadedRoleAndUser } from '@kbn/test-suites-serverless/shared/lib'; import type { ServerlessRoleName } from './roles'; import { waitUntil } from '../tasks/wait_until'; import { isCloudServerless, isServerless } from '../tasks/serverless'; +export interface LoadUserAndRoleCyTaskOptions { + name: ServerlessRoleName; +} + declare global { // eslint-disable-next-line @typescript-eslint/no-namespace namespace Cypress { @@ -49,6 +54,12 @@ declare global { } interface Chainable { + task( + name: 'loadUserAndRole', + arg: LoadUserAndRoleCyTaskOptions, + options?: Partial + ): Chainable; + getBySel(...args: Parameters): Chainable>; getBySelContains( diff --git a/x-pack/test_serverless/functional/test_suites/security/cypress/support/setup_data_loader_tasks.ts b/x-pack/plugins/osquery/cypress/support/setup_data_loader_tasks.ts similarity index 77% rename from x-pack/test_serverless/functional/test_suites/security/cypress/support/setup_data_loader_tasks.ts rename to x-pack/plugins/osquery/cypress/support/setup_data_loader_tasks.ts index 65cbcf5aac2122..938fa67585f88a 100644 --- a/x-pack/test_serverless/functional/test_suites/security/cypress/support/setup_data_loader_tasks.ts +++ b/x-pack/plugins/osquery/cypress/support/setup_data_loader_tasks.ts @@ -6,12 +6,12 @@ */ import { createRuntimeServices } from '@kbn/security-solution-plugin/scripts/endpoint/common/stack_services'; -import { LoadUserAndRoleCyTaskOptions } from '../cypress'; -import { +import { SecurityRoleAndUserLoader } from '@kbn/test-suites-serverless/shared/lib'; +import type { LoadedRoleAndUser, - SecurityRoleAndUserLoader, YamlRoleDefinitions, -} from '../../../../../shared/lib'; +} from '@kbn/test-suites-serverless/shared/lib'; +import type { LoadUserAndRoleCyTaskOptions } from './e2e'; interface AdditionalDefinitions { roleDefinitions?: YamlRoleDefinitions; @@ -33,9 +33,7 @@ export const setupUserDataLoader = ( }); const roleAndUserLoaderPromise: Promise = stackServicesPromise.then( - ({ kbnClient, log }) => { - return new SecurityRoleAndUserLoader(kbnClient, log, roleDefinitions); - } + ({ kbnClient, log }) => new SecurityRoleAndUserLoader(kbnClient, log, roleDefinitions) ); on('task', { @@ -43,8 +41,7 @@ export const setupUserDataLoader = ( * Loads a user/role into Kibana. Used from `login()` task. * @param name */ - loadUserAndRole: async ({ name }: LoadUserAndRoleCyTaskOptions): Promise => { - return (await roleAndUserLoaderPromise).load(name, additionalRoleName); - }, + loadUserAndRole: async ({ name }: LoadUserAndRoleCyTaskOptions): Promise => + (await roleAndUserLoaderPromise).load(name, additionalRoleName), }); }; diff --git a/x-pack/plugins/osquery/cypress/tasks/navigation.ts b/x-pack/plugins/osquery/cypress/tasks/navigation.ts index 3f7814c7feb2d0..72107207d7a8cd 100644 --- a/x-pack/plugins/osquery/cypress/tasks/navigation.ts +++ b/x-pack/plugins/osquery/cypress/tasks/navigation.ts @@ -47,7 +47,7 @@ export const NEW_FEATURES_TOUR_STORAGE_KEYS = { TIMELINES: 'securitySolution.security.timelineFlyoutHeader.saveTimelineTour', TIMELINE: 'securitySolution.timeline.newFeaturesTour.v8.12', FLYOUT: 'securitySolution.documentDetails.newFeaturesTour.v8.14', - ATTACK_DISCOVERY: 'securitySolution.attackDiscovery.newFeaturesTour.v8.14', + KNOWLEDGE_BASE: 'elasticAssistant.knowledgeBase.newFeaturesTour.v8.16', }; /** diff --git a/x-pack/plugins/search_assistant/public/components/routes/conversations/conversation_view_with_props.tsx b/x-pack/plugins/search_assistant/public/components/routes/conversations/conversation_view_with_props.tsx index f0e4a61895f398..28ed6d00863f34 100644 --- a/x-pack/plugins/search_assistant/public/components/routes/conversations/conversation_view_with_props.tsx +++ b/x-pack/plugins/search_assistant/public/components/routes/conversations/conversation_view_with_props.tsx @@ -30,7 +30,7 @@ export function ConversationViewWithProps() { getConversationHref={(id: string) => http?.basePath.prepend(`/app/searchAssistant/conversations/${id || ''}`) || '' } - scope="search" + scopes={['search']} /> ); } diff --git a/x-pack/plugins/search_assistant/server/functions/index.ts b/x-pack/plugins/search_assistant/server/functions/index.ts index d1eef69615a614..46da6767f359d9 100644 --- a/x-pack/plugins/search_assistant/server/functions/index.ts +++ b/x-pack/plugins/search_assistant/server/functions/index.ts @@ -9,9 +9,10 @@ import { RegistrationCallback } from '@kbn/observability-ai-assistant-plugin/ser export const registerFunctions: (isServerless: boolean) => RegistrationCallback = (isServerless: boolean) => - async ({ client, functions, resources, signal }) => { - functions.registerInstruction({ - instruction: `You are a helpful assistant for Elasticsearch. Your goal is to help Elasticsearch users accomplish tasks using Kibana and Elasticsearch. You can help them construct queries, index data, search data, use Elasticsearch APIs, generate sample data, visualise and analyze data. + async ({ client, functions, resources, signal, scopes }) => { + if (scopes.includes('search')) { + functions.registerInstruction( + `You are a helpful assistant for Elasticsearch. Your goal is to help Elasticsearch users accomplish tasks using Kibana and Elasticsearch. You can help them construct queries, index data, search data, use Elasticsearch APIs, generate sample data, visualise and analyze data. It's very important to not assume what the user means. Ask them for clarification if needed. @@ -27,10 +28,10 @@ export const registerFunctions: (isServerless: boolean) => RegistrationCallback If you want to call a function or tool, only call it a single time per message. Wait until the function has been executed and its results returned to you, before executing the same tool or another tool again if needed. - The user is able to change the language which they want you to reply in on the settings page of the AI Assistant for Observability, which can be found in the ${ + The user is able to change the language which they want you to reply in on the settings page of the AI Assistant for Observability and Search, which can be found in the ${ isServerless ? `Project settings.` : `Stack Management app under the option AI Assistants` }. - If the user asks how to change the language, reply in the same language the user asked in.`, - scopes: ['search'], - }); + If the user asks how to change the language, reply in the same language the user asked in.` + ); + } }; diff --git a/x-pack/plugins/search_indices/public/plugin.ts b/x-pack/plugins/search_indices/public/plugin.ts index 2f9a8ca3cf950d..c9b5c8f4c76596 100644 --- a/x-pack/plugins/search_indices/public/plugin.ts +++ b/x-pack/plugins/search_indices/public/plugin.ts @@ -17,7 +17,7 @@ import type { } from './types'; import { initQueryClient } from './services/query_client'; import { INDICES_APP_ID, START_APP_ID } from '../common'; -import { INDICES_APP_BASE, START_APP_BASE } from './routes'; +import { INDICES_APP_BASE, START_APP_BASE, SearchIndexDetailsTabValues } from './routes'; export class SearchIndicesPlugin implements Plugin @@ -81,8 +81,12 @@ export class SearchIndicesPlugin docLinks.setDocLinks(core.docLinks.links); if (this.pluginEnabled) { indexManagement?.extensionsService.setIndexDetailsPageRoute({ - renderRoute: (indexName) => { - return `/app/elasticsearch/indices/index_details/${indexName}`; + renderRoute: (indexName, detailsTabId) => { + const route = `/app/elasticsearch/indices/index_details/${indexName}`; + if (detailsTabId && SearchIndexDetailsTabValues.includes(detailsTabId)) { + return `${route}/${detailsTabId}`; + } + return route; }, }); } diff --git a/x-pack/plugins/search_indices/public/routes.ts b/x-pack/plugins/search_indices/public/routes.ts index c72e84c66a7d0d..057891d63226d3 100644 --- a/x-pack/plugins/search_indices/public/routes.ts +++ b/x-pack/plugins/search_indices/public/routes.ts @@ -14,5 +14,6 @@ export enum SearchIndexDetailsTabs { SETTINGS = 'settings', } +export const SearchIndexDetailsTabValues: string[] = Object.values(SearchIndexDetailsTabs); export const START_APP_BASE = '/app/elasticsearch/start'; export const INDICES_APP_BASE = '/app/elasticsearch/indices'; diff --git a/x-pack/plugins/search_inference_endpoints/public/assets/images/providers/watsonx_ai.svg b/x-pack/plugins/search_inference_endpoints/public/assets/images/providers/watsonx_ai.svg new file mode 100644 index 00000000000000..29f7a735e66145 --- /dev/null +++ b/x-pack/plugins/search_inference_endpoints/public/assets/images/providers/watsonx_ai.svg @@ -0,0 +1,3 @@ + + + diff --git a/x-pack/plugins/search_inference_endpoints/public/components/all_inference_endpoints/constants.ts b/x-pack/plugins/search_inference_endpoints/public/components/all_inference_endpoints/constants.ts index 3e60bc33b049c4..37c65ebb9a314b 100644 --- a/x-pack/plugins/search_inference_endpoints/public/components/all_inference_endpoints/constants.ts +++ b/x-pack/plugins/search_inference_endpoints/public/components/all_inference_endpoints/constants.ts @@ -32,3 +32,10 @@ export const DEFAULT_INFERENCE_ENDPOINTS_TABLE_STATE: AllInferenceEndpointsTable filterOptions: DEFAULT_FILTER_OPTIONS, queryParams: DEFAULT_QUERY_PARAMS, }; + +export const PIPELINE_URL = 'ingest/ingest_pipelines'; + +export const PRECONFIGURED_ENDPOINTS = { + ELSER: '.elser-2-elasticsearch', + E5: '.multilingual-e5-small-elasticsearch', +}; diff --git a/x-pack/plugins/search_inference_endpoints/public/components/all_inference_endpoints/filter/multi_select_filter.tsx b/x-pack/plugins/search_inference_endpoints/public/components/all_inference_endpoints/filter/multi_select_filter.tsx index 84883c4e854320..790bb5ec099139 100644 --- a/x-pack/plugins/search_inference_endpoints/public/components/all_inference_endpoints/filter/multi_select_filter.tsx +++ b/x-pack/plugins/search_inference_endpoints/public/components/all_inference_endpoints/filter/multi_select_filter.tsx @@ -18,6 +18,7 @@ import { } from '@elastic/eui'; import { css } from '@emotion/react'; import React, { useState } from 'react'; +import _ from 'lodash'; import * as i18n from './translations'; export interface MultiSelectFilterOption { @@ -44,11 +45,14 @@ export const MultiSelectFilter: React.FC = ({ const { euiTheme } = useEuiTheme(); const [isPopoverOpen, setIsPopoverOpen] = useState(false); const toggleIsPopoverOpen = () => setIsPopoverOpen((prevValue) => !prevValue); - const options: MultiSelectFilterOption[] = rawOptions.map(({ key, label }) => ({ - label, - key, - checked: selectedOptionKeys.includes(key) ? 'on' : undefined, - })); + const options: MultiSelectFilterOption[] = _.uniqBy( + rawOptions.map(({ key, label }) => ({ + label, + key, + checked: selectedOptionKeys.includes(key) ? 'on' : undefined, + })), + 'label' + ); return ( diff --git a/x-pack/plugins/search_inference_endpoints/public/components/all_inference_endpoints/render_table_columns/render_actions/actions/component/list_usage_results.test.tsx b/x-pack/plugins/search_inference_endpoints/public/components/all_inference_endpoints/render_table_columns/render_actions/actions/component/list_usage_results.test.tsx index 40f821bc104ae0..2907cc7ef8014a 100644 --- a/x-pack/plugins/search_inference_endpoints/public/components/all_inference_endpoints/render_table_columns/render_actions/actions/component/list_usage_results.test.tsx +++ b/x-pack/plugins/search_inference_endpoints/public/components/all_inference_endpoints/render_table_columns/render_actions/actions/component/list_usage_results.test.tsx @@ -12,11 +12,11 @@ import { render, screen, fireEvent } from '@testing-library/react'; describe('ListUsageResults', () => { const items = [ { - label: 'index-1', + id: 'index-1', type: 'Index', }, { - label: 'pipeline-1', + id: 'pipeline-1', type: 'Pipeline', }, ]; diff --git a/x-pack/plugins/search_inference_endpoints/public/components/all_inference_endpoints/render_table_columns/render_actions/actions/component/list_usage_results.tsx b/x-pack/plugins/search_inference_endpoints/public/components/all_inference_endpoints/render_table_columns/render_actions/actions/component/list_usage_results.tsx index d20520345a8ba5..d42b0f67352525 100644 --- a/x-pack/plugins/search_inference_endpoints/public/components/all_inference_endpoints/render_table_columns/render_actions/actions/component/list_usage_results.tsx +++ b/x-pack/plugins/search_inference_endpoints/public/components/all_inference_endpoints/render_table_columns/render_actions/actions/component/list_usage_results.tsx @@ -34,7 +34,7 @@ export const ListUsageResults: React.FC = ({ list }) => { {list - .filter((item) => item.label.toLowerCase().includes(term.toLowerCase())) + .filter((item) => item.id.toLowerCase().includes(term.toLowerCase())) .map((item, id) => ( ))} diff --git a/x-pack/plugins/search_inference_endpoints/public/components/all_inference_endpoints/render_table_columns/render_actions/actions/component/scan_usage_results.test.tsx b/x-pack/plugins/search_inference_endpoints/public/components/all_inference_endpoints/render_table_columns/render_actions/actions/component/scan_usage_results.test.tsx index d2ec41680d249d..a9cb3f1f8d3891 100644 --- a/x-pack/plugins/search_inference_endpoints/public/components/all_inference_endpoints/render_table_columns/render_actions/actions/component/scan_usage_results.test.tsx +++ b/x-pack/plugins/search_inference_endpoints/public/components/all_inference_endpoints/render_table_columns/render_actions/actions/component/scan_usage_results.test.tsx @@ -19,11 +19,11 @@ const mockOnCheckboxChange = jest.fn(); describe('ScanUsageResults', () => { const items = [ { - label: 'index-1', + id: 'index-1', type: 'Index', }, { - label: 'pipeline-1', + id: 'pipeline-1', type: 'Pipeline', }, ]; @@ -40,7 +40,7 @@ describe('ScanUsageResults', () => { ); }); @@ -58,9 +58,9 @@ describe('ScanUsageResults', () => { it('opens index management in a new tab', () => { fireEvent.click(screen.getByTestId('inferenceManagementOpenIndexManagement')); - expect(mockNavigateToApp).toHaveBeenCalledWith('enterprise_search', { + expect(mockNavigateToApp).toHaveBeenCalledWith('enterpriseSearchContent', { openInNewTab: true, - path: 'content/search_indices', + path: 'search_indices', }); }); diff --git a/x-pack/plugins/search_inference_endpoints/public/components/all_inference_endpoints/render_table_columns/render_actions/actions/component/scan_usage_results.tsx b/x-pack/plugins/search_inference_endpoints/public/components/all_inference_endpoints/render_table_columns/render_actions/actions/component/scan_usage_results.tsx index 0f4aa09c12be43..33d7a4dae891f6 100644 --- a/x-pack/plugins/search_inference_endpoints/public/components/all_inference_endpoints/render_table_columns/render_actions/actions/component/scan_usage_results.tsx +++ b/x-pack/plugins/search_inference_endpoints/public/components/all_inference_endpoints/render_table_columns/render_actions/actions/component/scan_usage_results.tsx @@ -17,30 +17,31 @@ import { import React from 'react'; import { euiThemeVars } from '@kbn/ui-theme'; import { css } from '@emotion/react'; +import { ENTERPRISE_SEARCH_CONTENT_APP_ID } from '@kbn/deeplinks-search'; + import { InferenceUsageInfo } from '../../../../types'; import { useKibana } from '../../../../../../hooks/use_kibana'; import { RenderMessageWithIcon } from './render_message_with_icon'; - import * as i18n from '../delete/confirm_delete_endpoint/translations'; import { ListUsageResults } from './list_usage_results'; interface ScanUsageResultsProps { list: InferenceUsageInfo[]; ignoreWarningCheckbox: boolean; - onCheckboxChange: (state: boolean) => void; + onIgnoreWarningCheckboxChange: (state: boolean) => void; } export const ScanUsageResults: React.FC = ({ list, ignoreWarningCheckbox, - onCheckboxChange, + onIgnoreWarningCheckboxChange, }) => { const { services: { application }, } = useKibana(); - const handleNavigateToIndex = () => { - application?.navigateToApp('enterprise_search', { - path: 'content/search_indices', + const handleNavigateToIndexManagement = () => { + application?.navigateToApp(ENTERPRISE_SEARCH_CONTENT_APP_ID, { + path: 'search_indices', openInNewTab: true, }); }; @@ -59,7 +60,7 @@ export const ScanUsageResults: React.FC = ({ - + = ({ = ({ id={'ignoreWarningCheckbox'} label={i18n.IGNORE_POTENTIAL_ERRORS_LABEL} checked={ignoreWarningCheckbox} - onChange={(e) => onCheckboxChange(e.target.checked)} + onChange={(e) => onIgnoreWarningCheckboxChange(e.target.checked)} /> diff --git a/x-pack/plugins/search_inference_endpoints/public/components/all_inference_endpoints/render_table_columns/render_actions/actions/component/usage_item.test.tsx b/x-pack/plugins/search_inference_endpoints/public/components/all_inference_endpoints/render_table_columns/render_actions/actions/component/usage_item.test.tsx index 7315de521a1c34..6c6899c71922d3 100644 --- a/x-pack/plugins/search_inference_endpoints/public/components/all_inference_endpoints/render_table_columns/render_actions/actions/component/usage_item.test.tsx +++ b/x-pack/plugins/search_inference_endpoints/public/components/all_inference_endpoints/render_table_columns/render_actions/actions/component/usage_item.test.tsx @@ -29,7 +29,7 @@ describe('UsageItem', () => { describe('index', () => { const item: InferenceUsageInfo = { - label: 'index-1', + id: 'index-1', type: 'Index', }; @@ -44,16 +44,16 @@ describe('UsageItem', () => { it('opens index in a new tab', () => { fireEvent.click(screen.getByRole('button')); - expect(mockNavigateToApp).toHaveBeenCalledWith('enterprise_search', { + expect(mockNavigateToApp).toHaveBeenCalledWith('enterpriseSearchContent', { openInNewTab: true, - path: 'content/search_indices/index-1', + path: 'search_indices/index-1', }); }); }); describe('pipeline', () => { const item: InferenceUsageInfo = { - label: 'pipeline-1', + id: 'pipeline-1', type: 'Pipeline', }; diff --git a/x-pack/plugins/search_inference_endpoints/public/components/all_inference_endpoints/render_table_columns/render_actions/actions/component/usage_item.tsx b/x-pack/plugins/search_inference_endpoints/public/components/all_inference_endpoints/render_table_columns/render_actions/actions/component/usage_item.tsx index 90bd050d67b81a..577b9f8aa0e298 100644 --- a/x-pack/plugins/search_inference_endpoints/public/components/all_inference_endpoints/render_table_columns/render_actions/actions/component/usage_item.tsx +++ b/x-pack/plugins/search_inference_endpoints/public/components/all_inference_endpoints/render_table_columns/render_actions/actions/component/usage_item.tsx @@ -14,11 +14,15 @@ import { EuiText, EuiTextTruncate, EuiIcon, + EuiSpacer, } from '@elastic/eui'; import React from 'react'; +import { ENTERPRISE_SEARCH_CONTENT_APP_ID } from '@kbn/deeplinks-search'; +import { MANAGEMENT_APP_ID } from '@kbn/deeplinks-management/constants'; import { useKibana } from '../../../../../../hooks/use_kibana'; import { InferenceUsageInfo } from '../../../../types'; +import { PIPELINE_URL } from '../../../../constants'; interface UsageProps { usageItem: InferenceUsageInfo; @@ -29,27 +33,27 @@ export const UsageItem: React.FC = ({ usageItem }) => { } = useKibana(); const handleNavigateToIndex = () => { if (usageItem.type === 'Index') { - application?.navigateToApp('enterprise_search', { - path: `content/search_indices/${usageItem.label}`, + application?.navigateToApp(ENTERPRISE_SEARCH_CONTENT_APP_ID, { + path: `search_indices/${usageItem.id}`, openInNewTab: true, }); } else if (usageItem.type === 'Pipeline') { - application?.navigateToApp('management', { - path: `ingest/ingest_pipelines?pipeline=${usageItem.label}`, + application?.navigateToApp(MANAGEMENT_APP_ID, { + path: `${PIPELINE_URL}?pipeline=${usageItem.id}`, openInNewTab: true, }); } }; return ( - + - + @@ -58,7 +62,7 @@ export const UsageItem: React.FC = ({ usageItem }) => { - + @@ -66,6 +70,7 @@ export const UsageItem: React.FC = ({ usageItem }) => { + ); diff --git a/x-pack/plugins/search_inference_endpoints/public/components/all_inference_endpoints/render_table_columns/render_actions/actions/delete/confirm_delete_endpoint/index.tsx b/x-pack/plugins/search_inference_endpoints/public/components/all_inference_endpoints/render_table_columns/render_actions/actions/delete/confirm_delete_endpoint/index.tsx index 965f512b32d7d8..06bd585c0eb28e 100644 --- a/x-pack/plugins/search_inference_endpoints/public/components/all_inference_endpoints/render_table_columns/render_actions/actions/delete/confirm_delete_endpoint/index.tsx +++ b/x-pack/plugins/search_inference_endpoints/public/components/all_inference_endpoints/render_table_columns/render_actions/actions/delete/confirm_delete_endpoint/index.tsx @@ -37,7 +37,7 @@ export const ConfirmDeleteEndpointModal: React.FC { + const onIgnoreWarningCheckboxChange = (state: boolean) => { setIgnoreWarningCheckbox(state); if (state) { setDeleteDisabled(false); @@ -50,8 +50,11 @@ export const ConfirmDeleteEndpointModal: React.FC ({ label: index, type: 'Index' })); - const pipelines = data.pipelines.map((pipeline, id) => ({ label: pipeline, type: 'Pipeline' })); + const indices = data.indexes.map((index, id) => ({ id: index, type: 'Index' })); + const pipelines = data.pipelines.map((pipeline, id) => ({ + id: pipeline, + type: 'Pipeline', + })); const usages: InferenceUsageInfo[] = [...indices, ...pipelines]; if (usages.length > 0) { setDeleteDisabled(true); @@ -72,6 +75,7 @@ export const ConfirmDeleteEndpointModal: React.FC {i18n.CONFIRM_DELETE_WARNING} @@ -106,7 +110,7 @@ export const ConfirmDeleteEndpointModal: React.FC )} diff --git a/x-pack/plugins/search_inference_endpoints/public/components/all_inference_endpoints/render_table_columns/render_actions/actions/delete/confirm_delete_endpoint/translations.ts b/x-pack/plugins/search_inference_endpoints/public/components/all_inference_endpoints/render_table_columns/render_actions/actions/delete/confirm_delete_endpoint/translations.ts index d606e6f3c1b0e7..b82fbcdf6b4254 100644 --- a/x-pack/plugins/search_inference_endpoints/public/components/all_inference_endpoints/render_table_columns/render_actions/actions/delete/confirm_delete_endpoint/translations.ts +++ b/x-pack/plugins/search_inference_endpoints/public/components/all_inference_endpoints/render_table_columns/render_actions/actions/delete/confirm_delete_endpoint/translations.ts @@ -19,7 +19,7 @@ export const CONFIRM_DELETE_WARNING = i18n.translate( 'xpack.searchInferenceEndpoints.confirmDeleteEndpoint.confirmQuestion', { defaultMessage: - 'Deleting an inference endpoint currently in use will cause failures in the ingest and query attempts.', + 'Deleting an inference endpoint currently in use will cause failures in ingest and query attempts.', } ); @@ -54,7 +54,7 @@ export const POTENTIAL_FAILURE_LABEL = i18n.translate( export const IGNORE_POTENTIAL_ERRORS_LABEL = i18n.translate( 'xpack.searchInferenceEndpoints.confirmDeleteEndpoint.ignoreErrors', { - defaultMessage: 'Ignore potential errors and force deletion', + defaultMessage: 'Ignore errors and force deletion', } ); diff --git a/x-pack/plugins/search_inference_endpoints/public/components/all_inference_endpoints/render_table_columns/render_actions/actions/delete/delete_action.test.tsx b/x-pack/plugins/search_inference_endpoints/public/components/all_inference_endpoints/render_table_columns/render_actions/actions/delete/delete_action.test.tsx new file mode 100644 index 00000000000000..f5f4a0b7e8bdc9 --- /dev/null +++ b/x-pack/plugins/search_inference_endpoints/public/components/all_inference_endpoints/render_table_columns/render_actions/actions/delete/delete_action.test.tsx @@ -0,0 +1,59 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { render, screen, fireEvent } from '@testing-library/react'; +import { QueryClient, QueryClientProvider } from '@tanstack/react-query'; +import React from 'react'; + +import { DeleteAction } from './delete_action'; +import { InferenceEndpointUI } from '../../../../types'; + +describe('Delete Action', () => { + const mockProvider = { + inference_id: 'my-hugging-face', + service: 'hugging_face', + service_settings: { + api_key: 'aaaa', + url: 'https://dummy.huggingface.com', + }, + task_settings: {}, + } as any; + + const mockItem: InferenceEndpointUI = { + endpoint: 'my-hugging-face', + provider: mockProvider, + type: 'text_embedding', + }; + + const Wrapper = ({ item }: { item: InferenceEndpointUI }) => { + const queryClient = new QueryClient(); + return ( + + + + ); + }; + it('renders', () => { + render(); + + expect(screen.getByTestId('inferenceUIDeleteAction')).toBeEnabled(); + }); + + it('disable the delete action for preconfigured endpoint', () => { + const preconfiguredMockItem = { ...mockItem, endpoint: '.multilingual-e5-small-elasticsearch' }; + render(); + + expect(screen.getByTestId('inferenceUIDeleteAction')).toBeDisabled(); + }); + + it('loads confirm delete modal', () => { + render(); + + fireEvent.click(screen.getByTestId('inferenceUIDeleteAction')); + expect(screen.getByTestId('deleteModalForInferenceUI')).toBeInTheDocument(); + }); +}); diff --git a/x-pack/plugins/search_inference_endpoints/public/components/all_inference_endpoints/render_table_columns/render_actions/actions/delete/delete_action.tsx b/x-pack/plugins/search_inference_endpoints/public/components/all_inference_endpoints/render_table_columns/render_actions/actions/delete/delete_action.tsx index f932a3d25ed21e..fb31aeb31dcaaf 100644 --- a/x-pack/plugins/search_inference_endpoints/public/components/all_inference_endpoints/render_table_columns/render_actions/actions/delete/delete_action.tsx +++ b/x-pack/plugins/search_inference_endpoints/public/components/all_inference_endpoints/render_table_columns/render_actions/actions/delete/delete_action.tsx @@ -8,6 +8,7 @@ import { EuiButtonIcon } from '@elastic/eui'; import { i18n } from '@kbn/i18n'; import React, { useState } from 'react'; +import { isEndpointPreconfigured } from '../../../../../../utils/preconfigured_endpoint_helper'; import { useDeleteEndpoint } from '../../../../../../hooks/use_delete_endpoint'; import { InferenceEndpointUI } from '../../../../types'; import { ConfirmDeleteEndpointModal } from './confirm_delete_endpoint'; @@ -39,6 +40,8 @@ export const DeleteAction: React.FC = ({ selectedEndpoint }) defaultMessage: 'Delete inference endpoint {selectedEndpointName}', values: { selectedEndpointName: selectedEndpoint.endpoint }, })} + data-test-subj="inferenceUIDeleteAction" + disabled={isEndpointPreconfigured(selectedEndpoint.endpoint)} key="delete" iconType="trash" color="danger" diff --git a/x-pack/plugins/search_inference_endpoints/public/components/all_inference_endpoints/render_table_columns/render_endpoint/endpoint_info.tsx b/x-pack/plugins/search_inference_endpoints/public/components/all_inference_endpoints/render_table_columns/render_endpoint/endpoint_info.tsx index 3d810a24a9ffc5..26b12328dafd41 100644 --- a/x-pack/plugins/search_inference_endpoints/public/components/all_inference_endpoints/render_table_columns/render_endpoint/endpoint_info.tsx +++ b/x-pack/plugins/search_inference_endpoints/public/components/all_inference_endpoints/render_table_columns/render_endpoint/endpoint_info.tsx @@ -5,14 +5,28 @@ * 2.0. */ +import { EuiBetaBadge, EuiFlexGroup, EuiFlexItem } from '@elastic/eui'; import React from 'react'; +import { isEndpointPreconfigured } from '../../../../utils/preconfigured_endpoint_helper'; +import * as i18n from './translations'; export interface EndpointInfoProps { inferenceId: string; } export const EndpointInfo: React.FC = ({ inferenceId }) => ( - - {inferenceId} - + + + + {inferenceId} + + + + + {isEndpointPreconfigured(inferenceId) ? ( + + ) : null} + + + ); diff --git a/x-pack/plugins/actions/server/routes/connector/get/transforms/index.ts b/x-pack/plugins/search_inference_endpoints/public/components/all_inference_endpoints/render_table_columns/render_endpoint/translations.ts similarity index 54% rename from x-pack/plugins/actions/server/routes/connector/get/transforms/index.ts rename to x-pack/plugins/search_inference_endpoints/public/components/all_inference_endpoints/render_table_columns/render_endpoint/translations.ts index 44960ddfeec0d8..70b1576a9ddc0e 100644 --- a/x-pack/plugins/actions/server/routes/connector/get/transforms/index.ts +++ b/x-pack/plugins/search_inference_endpoints/public/components/all_inference_endpoints/render_table_columns/render_endpoint/translations.ts @@ -5,6 +5,11 @@ * 2.0. */ -export { transformGetConnectorResponse } from './transform_connector_response/latest'; +import { i18n } from '@kbn/i18n'; -export { transformGetConnectorResponse as transformGetConnectorResponseV1 } from './transform_connector_response/v1'; +export const PRECONFIGURED_LABEL = i18n.translate( + 'xpack.searchInferenceEndpoints.elasticsearch.endpointInfo.preconfigured', + { + defaultMessage: 'PRECONFIGURED', + } +); diff --git a/x-pack/plugins/search_inference_endpoints/public/components/all_inference_endpoints/render_table_columns/render_service_provider/service_provider.tsx b/x-pack/plugins/search_inference_endpoints/public/components/all_inference_endpoints/render_table_columns/render_service_provider/service_provider.tsx index 574b3881f121bd..74f15f22762f16 100644 --- a/x-pack/plugins/search_inference_endpoints/public/components/all_inference_endpoints/render_table_columns/render_service_provider/service_provider.tsx +++ b/x-pack/plugins/search_inference_endpoints/public/components/all_inference_endpoints/render_table_columns/render_service_provider/service_provider.tsx @@ -21,6 +21,7 @@ import googleAIStudioIcon from '../../../../assets/images/providers/google_ai_st import mistralIcon from '../../../../assets/images/providers/mistral.svg'; import amazonBedrockIcon from '../../../../assets/images/providers/amazon_bedrock.svg'; import alibabaCloudAISearchIcon from '../../../../assets/images/providers/alibaba_cloud_ai_search.svg'; +import watsonxAIIcon from '../../../../assets/images/providers/watsonx_ai.svg'; import { ServiceProviderKeys } from '../../types'; import * as i18n from './translations'; @@ -78,6 +79,10 @@ export const SERVICE_PROVIDERS: Record = ({ providerEndpoint }) => { diff --git a/x-pack/plugins/search_inference_endpoints/public/components/all_inference_endpoints/search/table_search.tsx b/x-pack/plugins/search_inference_endpoints/public/components/all_inference_endpoints/search/table_search.tsx index b74e8050e5f92c..b3989d60d9123d 100644 --- a/x-pack/plugins/search_inference_endpoints/public/components/all_inference_endpoints/search/table_search.tsx +++ b/x-pack/plugins/search_inference_endpoints/public/components/all_inference_endpoints/search/table_search.tsx @@ -29,6 +29,7 @@ export const TableSearch: React.FC = ({ searchKey, se onChange={(e) => setSearchKey(e.target.value)} onSearch={onSearch} value={searchKey} + data-test-subj="search-field-endpoints" /> ); }; diff --git a/x-pack/plugins/search_inference_endpoints/public/components/all_inference_endpoints/tabular_page.test.tsx b/x-pack/plugins/search_inference_endpoints/public/components/all_inference_endpoints/tabular_page.test.tsx index cb23ba650e5fae..85718478f65fd8 100644 --- a/x-pack/plugins/search_inference_endpoints/public/components/all_inference_endpoints/tabular_page.test.tsx +++ b/x-pack/plugins/search_inference_endpoints/public/components/all_inference_endpoints/tabular_page.test.tsx @@ -45,6 +45,28 @@ const inferenceEndpoints = [ }, task_settings: {}, }, + { + inference_id: '.elser-2-elasticsearch', + task_type: 'sparse_embedding', + service: 'elasticsearch', + service_settings: { + num_allocations: 1, + num_threads: 1, + model_id: '.elser_model_2', + }, + task_settings: {}, + }, + { + inference_id: '.multilingual-e5-small-elasticsearch', + task_type: 'text_embedding', + service: 'elasticsearch', + service_settings: { + num_allocations: 1, + num_threads: 1, + model_id: '.multilingual-e5-small', + }, + task_settings: {}, + }, ] as InferenceAPIConfigResponse[]; jest.mock('../../hooks/use_delete_endpoint', () => ({ @@ -58,9 +80,11 @@ describe('When the tabular page is loaded', () => { render(); const rows = screen.getAllByRole('row'); - expect(rows[1]).toHaveTextContent('local-model'); - expect(rows[2]).toHaveTextContent('my-elser-model-05'); - expect(rows[3]).toHaveTextContent('third-party-model'); + expect(rows[1]).toHaveTextContent('.elser-2-elasticsearch'); + expect(rows[2]).toHaveTextContent('.multilingual-e5-small-elasticsearch'); + expect(rows[3]).toHaveTextContent('local-model'); + expect(rows[4]).toHaveTextContent('my-elser-model-05'); + expect(rows[5]).toHaveTextContent('third-party-model'); }); it('should display all service and model ids in the table', () => { @@ -68,12 +92,43 @@ describe('When the tabular page is loaded', () => { const rows = screen.getAllByRole('row'); expect(rows[1]).toHaveTextContent('Elasticsearch'); - expect(rows[1]).toHaveTextContent('.own_model'); + expect(rows[1]).toHaveTextContent('.elser_model_2'); expect(rows[2]).toHaveTextContent('Elasticsearch'); - expect(rows[2]).toHaveTextContent('.elser_model_2'); + expect(rows[2]).toHaveTextContent('.multilingual-e5-small'); - expect(rows[3]).toHaveTextContent('OpenAI'); + expect(rows[3]).toHaveTextContent('Elasticsearch'); expect(rows[3]).toHaveTextContent('.own_model'); + + expect(rows[4]).toHaveTextContent('Elasticsearch'); + expect(rows[4]).toHaveTextContent('.elser_model_2'); + + expect(rows[5]).toHaveTextContent('OpenAI'); + expect(rows[5]).toHaveTextContent('.own_model'); + }); + + it('should only disable delete action for preconfigured endpoints', () => { + render(); + + const deleteActions = screen.getAllByTestId('inferenceUIDeleteAction'); + + expect(deleteActions[0]).toBeDisabled(); + expect(deleteActions[1]).toBeDisabled(); + expect(deleteActions[2]).toBeEnabled(); + expect(deleteActions[3]).toBeEnabled(); + expect(deleteActions[4]).toBeEnabled(); + }); + + it('should show preconfigured badge only for preconfigured endpoints', () => { + render(); + + const preconfigured = 'PRECONFIGURED'; + + const rows = screen.getAllByRole('row'); + expect(rows[1]).toHaveTextContent(preconfigured); + expect(rows[2]).toHaveTextContent(preconfigured); + expect(rows[3]).not.toHaveTextContent(preconfigured); + expect(rows[4]).not.toHaveTextContent(preconfigured); + expect(rows[5]).not.toHaveTextContent(preconfigured); }); }); diff --git a/x-pack/plugins/search_inference_endpoints/public/components/all_inference_endpoints/tabular_page.tsx b/x-pack/plugins/search_inference_endpoints/public/components/all_inference_endpoints/tabular_page.tsx index 88a18a25b5a79e..4cf4b3112396dc 100644 --- a/x-pack/plugins/search_inference_endpoints/public/components/all_inference_endpoints/tabular_page.tsx +++ b/x-pack/plugins/search_inference_endpoints/public/components/all_inference_endpoints/tabular_page.tsx @@ -60,7 +60,6 @@ export const TabularPage: React.FC = ({ inferenceEndpoints }) return null; }, sortable: true, - truncateText: true, width: '300px', }, { diff --git a/x-pack/plugins/search_inference_endpoints/public/components/all_inference_endpoints/types.ts b/x-pack/plugins/search_inference_endpoints/public/components/all_inference_endpoints/types.ts index c1f23a3a4f2e37..0eec8a0cb177db 100644 --- a/x-pack/plugins/search_inference_endpoints/public/components/all_inference_endpoints/types.ts +++ b/x-pack/plugins/search_inference_endpoints/public/components/all_inference_endpoints/types.ts @@ -21,6 +21,7 @@ export enum ServiceProviderKeys { hugging_face = 'hugging_face', mistral = 'mistral', openai = 'openai', + watsonxai = 'watsonxai', } export enum SortFieldInferenceEndpoint { @@ -63,6 +64,6 @@ export interface InferenceEndpointUI { } export interface InferenceUsageInfo { - label: string; + id: string; type: string; } diff --git a/x-pack/plugins/search_inference_endpoints/public/components/inference_endpoints_header.tsx b/x-pack/plugins/search_inference_endpoints/public/components/inference_endpoints_header.tsx index f12ef3e9fe8cd9..acb7e82db13b2e 100644 --- a/x-pack/plugins/search_inference_endpoints/public/components/inference_endpoints_header.tsx +++ b/x-pack/plugins/search_inference_endpoints/public/components/inference_endpoints_header.tsx @@ -5,7 +5,7 @@ * 2.0. */ -import { EuiPageTemplate, EuiLink } from '@elastic/eui'; +import { EuiPageTemplate, EuiButtonEmpty } from '@elastic/eui'; import React from 'react'; import * as i18n from '../../common/translations'; import { docLinks } from '../../common/doc_links'; @@ -21,16 +21,28 @@ export const InferenceEndpointsHeader: React.FC = () => { description={i18n.MANAGE_INFERENCE_ENDPOINTS_LABEL} bottomBorder={true} rightSideItems={[ - {i18n.API_DOCUMENTATION_LINK} - , - + , + {i18n.VIEW_YOUR_MODELS_LINK} - , + , ]} /> ); diff --git a/x-pack/plugins/search_inference_endpoints/public/utils/preconfigured_endpoint_helper.test.ts b/x-pack/plugins/search_inference_endpoints/public/utils/preconfigured_endpoint_helper.test.ts new file mode 100644 index 00000000000000..b853109352dd96 --- /dev/null +++ b/x-pack/plugins/search_inference_endpoints/public/utils/preconfigured_endpoint_helper.test.ts @@ -0,0 +1,23 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { PRECONFIGURED_ENDPOINTS } from '../components/all_inference_endpoints/constants'; +import { isEndpointPreconfigured } from './preconfigured_endpoint_helper'; + +describe('Preconfigured Endpoint helper', () => { + it('return true for preconfigured elser', () => { + expect(isEndpointPreconfigured(PRECONFIGURED_ENDPOINTS.ELSER)).toEqual(true); + }); + + it('return true for preconfigured e5', () => { + expect(isEndpointPreconfigured(PRECONFIGURED_ENDPOINTS.E5)).toEqual(true); + }); + + it('return false for other endpoints', () => { + expect(isEndpointPreconfigured('other-endpoints')).toEqual(false); + }); +}); diff --git a/x-pack/plugins/search_inference_endpoints/public/utils/preconfigured_endpoint_helper.ts b/x-pack/plugins/search_inference_endpoints/public/utils/preconfigured_endpoint_helper.ts new file mode 100644 index 00000000000000..418e7e95319ef2 --- /dev/null +++ b/x-pack/plugins/search_inference_endpoints/public/utils/preconfigured_endpoint_helper.ts @@ -0,0 +1,11 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { PRECONFIGURED_ENDPOINTS } from '../components/all_inference_endpoints/constants'; + +export const isEndpointPreconfigured = (endpoint: string) => + Object.values(PRECONFIGURED_ENDPOINTS).includes(endpoint); diff --git a/x-pack/plugins/search_inference_endpoints/tsconfig.json b/x-pack/plugins/search_inference_endpoints/tsconfig.json index 5b4a66e37d2f50..d454be99b65f03 100644 --- a/x-pack/plugins/search_inference_endpoints/tsconfig.json +++ b/x-pack/plugins/search_inference_endpoints/tsconfig.json @@ -31,7 +31,9 @@ "@kbn/test-jest-helpers", "@kbn/kibana-utils-plugin", "@kbn/features-plugin", - "@kbn/ui-theme" + "@kbn/ui-theme", + "@kbn/deeplinks-search", + "@kbn/deeplinks-management" ], "exclude": [ "target/**/*", diff --git a/x-pack/plugins/search_playground/public/components/header.test.tsx b/x-pack/plugins/search_playground/public/components/header.test.tsx new file mode 100644 index 00000000000000..be80e2925a8537 --- /dev/null +++ b/x-pack/plugins/search_playground/public/components/header.test.tsx @@ -0,0 +1,96 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +// create @testing-library/react tests for Header component +// check if EuiButtonGroup is differently labeled based on the selectedPageMode prop + +import { render, screen } from '@testing-library/react'; +import React from 'react'; +import { Header } from './header'; +import { ChatFormFields, PlaygroundPageMode } from '../types'; +import { __IntlProvider as IntlProvider } from '@kbn/i18n-react'; +import { EuiForm } from '@elastic/eui'; +import { FormProvider, useForm } from 'react-hook-form'; + +const MockFormProvider = ({ children }: { children: React.ReactElement }) => { + const methods = useForm({ + values: { + [ChatFormFields.indices]: ['index1', 'index2'], + [ChatFormFields.queryFields]: { index1: ['field1'], index2: ['field1'] }, + [ChatFormFields.sourceFields]: { + index1: ['field1'], + index2: ['field1'], + }, + [ChatFormFields.elasticsearchQuery]: { + retriever: { + rrf: { + retrievers: [ + { standard: { query: { multi_match: { query: '{query}', fields: ['field1'] } } } }, + { standard: { query: { multi_match: { query: '{query}', fields: ['field1'] } } } }, + ], + }, + }, + }, + }, + }); + return {children}; +}; +const MockChatForm = ({ + children, + handleSubmit, +}: { + children: React.ReactElement; + handleSubmit: React.FormEventHandler; +}) => ( + + + {children} + + +); + +describe('Header', () => { + it('renders correctly', () => { + render( + + {}}> +
{}} + selectedPageMode={PlaygroundPageMode.chat} + onSelectPageModeChange={() => {}} + /> + + + ); + + expect(screen.getByTestId('chatMode')).toHaveTextContent('Chat'); + expect(screen.getByTestId('queryMode')).toHaveTextContent('Query'); + }); + + it('renders correctly with preview mode', () => { + render( + + {}}> +
{}} + selectedPageMode={PlaygroundPageMode.search} + onSelectPageModeChange={() => {}} + /> + + + ); + + expect(screen.getByTestId('chatMode')).toHaveTextContent('Preview'); + expect(screen.getByTestId('queryMode')).toHaveTextContent('Query'); + }); +}); diff --git a/x-pack/plugins/search_playground/public/components/header.tsx b/x-pack/plugins/search_playground/public/components/header.tsx index 0d6d48a9034622..bc3b310d8c41fc 100644 --- a/x-pack/plugins/search_playground/public/components/header.tsx +++ b/x-pack/plugins/search_playground/public/components/header.tsx @@ -46,9 +46,14 @@ export const Header: React.FC = ({ const options = [ { id: ViewMode.chat, - label: i18n.translate('xpack.searchPlayground.header.view.chat', { - defaultMessage: 'Chat', - }), + label: + selectedPageMode === PlaygroundPageMode.chat + ? i18n.translate('xpack.searchPlayground.header.view.chat', { + defaultMessage: 'Chat', + }) + : i18n.translate('xpack.searchPlayground.header.view.preview', { + defaultMessage: 'Preview', + }), 'data-test-subj': 'chatMode', }, { diff --git a/x-pack/plugins/security/common/constants.ts b/x-pack/plugins/security/common/constants.ts index 3a9b20bbb0bd77..c75ab77a7de980 100644 --- a/x-pack/plugins/security/common/constants.ts +++ b/x-pack/plugins/security/common/constants.ts @@ -127,3 +127,14 @@ export const API_VERSIONS = { }, }, }; + +/** + * Privileges that define the superuser role or the role equivalent to the superuser role. + */ +export const SUPERUSER_PRIVILEGES = { + kibana: ['*'], + elasticsearch: { + cluster: ['all'], + index: { '*': ['all'] }, + }, +}; diff --git a/x-pack/plugins/security/server/authorization/api_authorization.test.ts b/x-pack/plugins/security/server/authorization/api_authorization.test.ts index e928d73220274c..0181c98d6f1b17 100644 --- a/x-pack/plugins/security/server/authorization/api_authorization.test.ts +++ b/x-pack/plugins/security/server/authorization/api_authorization.test.ts @@ -6,6 +6,7 @@ */ import type { RouteSecurity } from '@kbn/core/server'; +import { ReservedPrivilegesSet } from '@kbn/core/server'; import { coreMock, httpServerMock, @@ -149,7 +150,10 @@ describe('initAPIAuthorization', () => { asserts, }: { security?: RouteSecurity; - kibanaPrivilegesResponse?: Array<{ privilege: string; authorized: boolean }>; + kibanaPrivilegesResponse?: { + privileges: { kibana: Array<{ privilege: string; authorized: boolean }> }; + hasAllRequested?: boolean; + }; kibanaPrivilegesRequestActions?: string[]; asserts: { forbidden?: boolean; @@ -180,11 +184,7 @@ describe('initAPIAuthorization', () => { const mockResponse = httpServerMock.createResponseFactory(); const mockPostAuthToolkit = httpServiceMock.createOnPostAuthToolkit(); - const mockCheckPrivileges = jest.fn().mockReturnValue({ - privileges: { - kibana: kibanaPrivilegesResponse, - }, - }); + const mockCheckPrivileges = jest.fn().mockReturnValue(kibanaPrivilegesResponse); mockAuthz.mode.useRbacForRequest.mockReturnValue(true); mockAuthz.checkPrivilegesDynamicallyWithRequest.mockImplementation((request) => { // hapi conceals the actual "request" from us, so we make sure that the headers are passed to @@ -194,6 +194,12 @@ describe('initAPIAuthorization', () => { return mockCheckPrivileges; }); + mockAuthz.checkPrivilegesWithRequest.mockImplementation((request) => { + expect(request.headers).toMatchObject(headers); + + return { globally: () => kibanaPrivilegesResponse }; + }); + await postAuthHandler(mockRequest, mockResponse, mockPostAuthToolkit); expect(mockAuthz.mode.useRbacForRequest).toHaveBeenCalledWith(mockRequest); @@ -207,11 +213,13 @@ describe('initAPIAuthorization', () => { return; } - expect(mockCheckPrivileges).toHaveBeenCalledWith({ - kibana: kibanaPrivilegesRequestActions!.map((action: string) => - mockAuthz.actions.api.get(action) - ), - }); + if (kibanaPrivilegesRequestActions) { + expect(mockCheckPrivileges).toHaveBeenCalledWith({ + kibana: kibanaPrivilegesRequestActions!.map((action: string) => + mockAuthz.actions.api.get(action) + ), + }); + } if (asserts.forbidden) { expect(mockResponse.forbidden).toHaveBeenCalled(); @@ -239,11 +247,15 @@ describe('initAPIAuthorization', () => { ], }, }, - kibanaPrivilegesResponse: [ - { privilege: 'api:privilege1', authorized: true }, - { privilege: 'api:privilege2', authorized: true }, - { privilege: 'api:privilege3', authorized: false }, - ], + kibanaPrivilegesResponse: { + privileges: { + kibana: [ + { privilege: 'api:privilege1', authorized: true }, + { privilege: 'api:privilege2', authorized: true }, + { privilege: 'api:privilege3', authorized: false }, + ], + }, + }, kibanaPrivilegesRequestActions: ['privilege1', 'privilege2', 'privilege3'], asserts: { authzResult: { @@ -267,10 +279,14 @@ describe('initAPIAuthorization', () => { ], }, }, - kibanaPrivilegesResponse: [ - { privilege: 'api:privilege1', authorized: true }, - { privilege: 'api:privilege2', authorized: true }, - ], + kibanaPrivilegesResponse: { + privileges: { + kibana: [ + { privilege: 'api:privilege1', authorized: true }, + { privilege: 'api:privilege2', authorized: true }, + ], + }, + }, kibanaPrivilegesRequestActions: ['privilege1', 'privilege2'], asserts: { authzResult: { @@ -293,11 +309,15 @@ describe('initAPIAuthorization', () => { ], }, }, - kibanaPrivilegesResponse: [ - { privilege: 'api:privilege1', authorized: false }, - { privilege: 'api:privilege2', authorized: true }, - { privilege: 'api:privilege3', authorized: false }, - ], + kibanaPrivilegesResponse: { + privileges: { + kibana: [ + { privilege: 'api:privilege1', authorized: false }, + { privilege: 'api:privilege2', authorized: true }, + { privilege: 'api:privilege3', authorized: false }, + ], + }, + }, kibanaPrivilegesRequestActions: ['privilege1', 'privilege2', 'privilege3'], asserts: { authzResult: { @@ -317,10 +337,14 @@ describe('initAPIAuthorization', () => { requiredPrivileges: ['privilege1', 'privilege2'], }, }, - kibanaPrivilegesResponse: [ - { privilege: 'api:privilege1', authorized: true }, - { privilege: 'api:privilege2', authorized: true }, - ], + kibanaPrivilegesResponse: { + privileges: { + kibana: [ + { privilege: 'api:privilege1', authorized: true }, + { privilege: 'api:privilege2', authorized: true }, + ], + }, + }, kibanaPrivilegesRequestActions: ['privilege1', 'privilege2'], asserts: { authzResult: { @@ -344,18 +368,54 @@ describe('initAPIAuthorization', () => { ], }, }, - kibanaPrivilegesResponse: [ - { privilege: 'api:privilege1', authorized: true }, - { privilege: 'api:privilege2', authorized: false }, - { privilege: 'api:privilege3', authorized: false }, - ], kibanaPrivilegesRequestActions: ['privilege1', 'privilege2', 'privilege3'], + kibanaPrivilegesResponse: { + privileges: { + kibana: [ + { privilege: 'api:privilege1', authorized: true }, + { privilege: 'api:privilege2', authorized: false }, + { privilege: 'api:privilege3', authorized: false }, + ], + }, + }, asserts: { forbidden: true, }, } ); + testSecurityConfig( + `protected route restricted to only superusers returns forbidden if user not a superuser`, + { + security: { + authz: { + requiredPrivileges: [ReservedPrivilegesSet.superuser], + }, + }, + kibanaPrivilegesResponse: { privileges: { kibana: [] }, hasAllRequested: false }, + asserts: { + forbidden: true, + }, + } + ); + + testSecurityConfig( + `protected route allowed only for superuser access returns "authzResult" if user is superuser`, + { + security: { + authz: { + requiredPrivileges: [ReservedPrivilegesSet.superuser], + }, + }, + kibanaPrivilegesResponse: { privileges: { kibana: [] }, hasAllRequested: true }, + asserts: { + authzResult: { + [ReservedPrivilegesSet.superuser]: true, + }, + }, + } + ); + testSecurityConfig( `protected route returns forbidden if user doesn't have at least one from allRequired privileges requested`, { @@ -369,12 +429,16 @@ describe('initAPIAuthorization', () => { ], }, }, - kibanaPrivilegesResponse: [ - { privilege: 'api:privilege1', authorized: true }, - { privilege: 'api:privilege2', authorized: false }, - { privilege: 'api:privilege3', authorized: false }, - { privilege: 'api:privilege4', authorized: true }, - ], + kibanaPrivilegesResponse: { + privileges: { + kibana: [ + { privilege: 'api:privilege1', authorized: true }, + { privilege: 'api:privilege2', authorized: false }, + { privilege: 'api:privilege3', authorized: false }, + { privilege: 'api:privilege4', authorized: true }, + ], + }, + }, kibanaPrivilegesRequestActions: ['privilege1', 'privilege2', 'privilege3', 'privilege4'], asserts: { forbidden: true, @@ -390,10 +454,14 @@ describe('initAPIAuthorization', () => { requiredPrivileges: ['privilege1', 'privilege2'], }, }, - kibanaPrivilegesResponse: [ - { privilege: 'api:privilege1', authorized: true }, - { privilege: 'api:privilege2', authorized: false }, - ], + kibanaPrivilegesResponse: { + privileges: { + kibana: [ + { privilege: 'api:privilege1', authorized: true }, + { privilege: 'api:privilege2', authorized: false }, + ], + }, + }, kibanaPrivilegesRequestActions: ['privilege1', 'privilege2'], asserts: { forbidden: true, diff --git a/x-pack/plugins/security/server/authorization/api_authorization.ts b/x-pack/plugins/security/server/authorization/api_authorization.ts index 9c67ff8bdff8be..2b99c2a176ac19 100644 --- a/x-pack/plugins/security/server/authorization/api_authorization.ts +++ b/x-pack/plugins/security/server/authorization/api_authorization.ts @@ -14,18 +14,28 @@ import type { PrivilegeSet, RouteAuthz, } from '@kbn/core/server'; +import { ReservedPrivilegesSet } from '@kbn/core/server'; import type { AuthorizationServiceSetup } from '@kbn/security-plugin-types-server'; import type { RecursiveReadonly } from '@kbn/utility-types'; -import { API_OPERATION_PREFIX } from '../../common/constants'; +import { API_OPERATION_PREFIX, SUPERUSER_PRIVILEGES } from '../../common/constants'; const isAuthzDisabled = (authz?: RecursiveReadonly): authz is AuthzDisabled => { return (authz as AuthzDisabled)?.enabled === false; }; +const isReservedPrivilegeSet = (privilege: string): privilege is ReservedPrivilegesSet => { + return Object.hasOwn(ReservedPrivilegesSet, privilege); +}; + export function initAPIAuthorization( http: HttpServiceSetup, - { actions, checkPrivilegesDynamicallyWithRequest, mode }: AuthorizationServiceSetup, + { + actions, + checkPrivilegesDynamicallyWithRequest, + checkPrivilegesWithRequest, + mode, + }: AuthorizationServiceSetup, logger: Logger ) { http.registerOnPostAuth(async (request, response, toolkit) => { @@ -47,24 +57,54 @@ export function initAPIAuthorization( const authz = security.authz as AuthzEnabled; - const requestedPrivileges = authz.requiredPrivileges.flatMap((privilegeEntry) => { - if (typeof privilegeEntry === 'object') { - return [...(privilegeEntry.allRequired ?? []), ...(privilegeEntry.anyRequired ?? [])]; + const { requestedPrivileges, requestedReservedPrivileges } = authz.requiredPrivileges.reduce( + (acc, privilegeEntry) => { + const privileges = + typeof privilegeEntry === 'object' + ? [...(privilegeEntry.allRequired ?? []), ...(privilegeEntry.anyRequired ?? [])] + : [privilegeEntry]; + + for (const privilege of privileges) { + if (isReservedPrivilegeSet(privilege)) { + acc.requestedReservedPrivileges.push(privilege); + } else { + acc.requestedPrivileges.push(privilege); + } + } + + return acc; + }, + { + requestedPrivileges: [] as string[], + requestedReservedPrivileges: [] as string[], } + ); - return privilegeEntry; - }); - - const apiActions = requestedPrivileges.map((permission) => actions.api.get(permission)); const checkPrivileges = checkPrivilegesDynamicallyWithRequest(request); - const checkPrivilegesResponse = await checkPrivileges({ kibana: apiActions }); - const privilegeToApiOperation = (privilege: string) => privilege.replace(API_OPERATION_PREFIX, ''); + const kibanaPrivileges: Record = {}; - for (const kbPrivilege of checkPrivilegesResponse.privileges.kibana) { - kibanaPrivileges[privilegeToApiOperation(kbPrivilege.privilege)] = kbPrivilege.authorized; + if (requestedPrivileges.length > 0) { + const checkPrivilegesResponse = await checkPrivileges({ + kibana: requestedPrivileges.map((permission) => actions.api.get(permission)), + }); + + for (const kbPrivilege of checkPrivilegesResponse.privileges.kibana) { + kibanaPrivileges[privilegeToApiOperation(kbPrivilege.privilege)] = kbPrivilege.authorized; + } + } + + for (const reservedPrivilege of requestedReservedPrivileges) { + if (reservedPrivilege === ReservedPrivilegesSet.superuser) { + const checkSuperuserPrivilegesResponse = await checkPrivilegesWithRequest( + request + ).globally(SUPERUSER_PRIVILEGES); + + kibanaPrivileges[ReservedPrivilegesSet.superuser] = + checkSuperuserPrivilegesResponse.hasAllRequested; + } } const hasRequestedPrivilege = (kbPrivilege: Privilege | PrivilegeSet) => { diff --git a/x-pack/plugins/security_solution/common/api/entity_analytics/entity_store/entities/common.gen.ts b/x-pack/plugins/security_solution/common/api/entity_analytics/entity_store/entities/common.gen.ts index 7359d36c9cbfaf..77607a6ceb8634 100644 --- a/x-pack/plugins/security_solution/common/api/entity_analytics/entity_store/entities/common.gen.ts +++ b/x-pack/plugins/security_solution/common/api/entity_analytics/entity_store/entities/common.gen.ts @@ -24,7 +24,7 @@ export const UserEntity = z.object({ '@timestamp': z.string().datetime(), entity: z.object({ name: z.string(), - source: z.array(z.string()), + source: z.string(), }), user: z.object({ full_name: z.array(z.string()).optional(), @@ -48,7 +48,7 @@ export const HostEntity = z.object({ '@timestamp': z.string().datetime(), entity: z.object({ name: z.string(), - source: z.array(z.string()), + source: z.string(), }), host: z.object({ hostname: z.array(z.string()).optional(), diff --git a/x-pack/plugins/security_solution/common/api/entity_analytics/entity_store/entities/common.schema.yaml b/x-pack/plugins/security_solution/common/api/entity_analytics/entity_store/entities/common.schema.yaml index 35314dfed9f54d..045a04ff4867ae 100644 --- a/x-pack/plugins/security_solution/common/api/entity_analytics/entity_store/entities/common.schema.yaml +++ b/x-pack/plugins/security_solution/common/api/entity_analytics/entity_store/entities/common.schema.yaml @@ -22,12 +22,10 @@ components: - name - source properties: - name: + name: type: string source: - type: array - items: - type: string + type: string user: type: object properties: @@ -84,12 +82,10 @@ components: - name - source properties: - name: + name: type: string source: - type: array - items: - type: string + type: string host: type: object properties: diff --git a/x-pack/plugins/security_solution/common/api/quickstart_client.gen.ts b/x-pack/plugins/security_solution/common/api/quickstart_client.gen.ts index 19fbc38072c14e..25560aeffdbbe6 100644 --- a/x-pack/plugins/security_solution/common/api/quickstart_client.gen.ts +++ b/x-pack/plugins/security_solution/common/api/quickstart_client.gen.ts @@ -361,6 +361,11 @@ import type { ResolveTimelineRequestQueryInput, ResolveTimelineResponse, } from './timeline/resolve_timeline/resolve_timeline_route.gen'; +import type { + CreateRuleMigrationRequestBodyInput, + CreateRuleMigrationResponse, + GetRuleMigrationResponse, +} from '../siem_migrations/model/api/rules/rules_migration.gen'; export interface ClientOptions { kbnClient: KbnClient; @@ -655,6 +660,22 @@ If a record already exists for the specified entity, that record is overwritten }) .catch(catchAxiosErrorFormatAndThrow); } + /** + * Creates a new SIEM rules migration using the original vendor rules provided + */ + async createRuleMigration(props: CreateRuleMigrationProps) { + this.log.info(`${new Date().toISOString()} Calling API CreateRuleMigration`); + return this.kbnClient + .request({ + path: '/internal/siem_migrations/rules', + headers: { + [ELASTIC_HTTP_VERSION_HEADER]: '1', + }, + method: 'POST', + body: props.body, + }) + .catch(catchAxiosErrorFormatAndThrow); + } /** * Create a new Timeline or Timeline template. */ @@ -1396,6 +1417,21 @@ finalize it. }) .catch(catchAxiosErrorFormatAndThrow); } + /** + * Retrieves the rule migrations stored in the system + */ + async getRuleMigration() { + this.log.info(`${new Date().toISOString()} Calling API GetRuleMigration`); + return this.kbnClient + .request({ + path: '/internal/siem_migrations/rules', + headers: { + [ELASTIC_HTTP_VERSION_HEADER]: '1', + }, + method: 'GET', + }) + .catch(catchAxiosErrorFormatAndThrow); + } /** * Get the details of an existing saved Timeline or Timeline template. */ @@ -2039,6 +2075,9 @@ export interface CreateAssetCriticalityRecordProps { export interface CreateRuleProps { body: CreateRuleRequestBodyInput; } +export interface CreateRuleMigrationProps { + body: CreateRuleMigrationRequestBodyInput; +} export interface CreateTimelinesProps { body: CreateTimelinesRequestBodyInput; } diff --git a/x-pack/plugins/security_solution/common/constants.ts b/x-pack/plugins/security_solution/common/constants.ts index 2fd83a4849a75c..d0fb117eafc506 100644 --- a/x-pack/plugins/security_solution/common/constants.ts +++ b/x-pack/plugins/security_solution/common/constants.ts @@ -424,7 +424,6 @@ export const NEW_FEATURES_TOUR_STORAGE_KEYS = { TIMELINES: 'securitySolution.security.timelineFlyoutHeader.saveTimelineTour', TIMELINE: 'securitySolution.timeline.newFeaturesTour.v8.12', FLYOUT: 'securitySolution.documentDetails.newFeaturesTour.v8.14', - ATTACK_DISCOVERY: 'securitySolution.attackDiscovery.newFeaturesTour.v8.14', }; export const RULE_DETAILS_EXECUTION_LOG_TABLE_SHOW_METRIC_COLUMNS_STORAGE_KEY = diff --git a/x-pack/plugins/security_solution/common/endpoint/constants.ts b/x-pack/plugins/security_solution/common/endpoint/constants.ts index 2a11d047dd8655..534d7e5c2b8a4c 100644 --- a/x-pack/plugins/security_solution/common/endpoint/constants.ts +++ b/x-pack/plugins/security_solution/common/endpoint/constants.ts @@ -53,6 +53,7 @@ export const policyIndexPattern = 'metrics-endpoint.policy-*'; export const telemetryIndexPattern = 'metrics-endpoint.telemetry-*'; export const ENDPOINT_HEARTBEAT_INDEX = '.logs-endpoint.heartbeat-default'; +export const ENDPOINT_HEARTBEAT_INDEX_PATTERN = '.logs-endpoint.heartbeat-*'; // File storage indexes supporting endpoint Upload/download export const FILE_STORAGE_METADATA_INDEX = getFileMetadataIndexName('endpoint'); diff --git a/x-pack/plugins/security_solution/common/endpoint/data_loaders/index_endpoint_hearbeats.ts b/x-pack/plugins/security_solution/common/endpoint/data_loaders/index_endpoint_hearbeats.ts index ff6381cb9d3df3..85a6242162086d 100644 --- a/x-pack/plugins/security_solution/common/endpoint/data_loaders/index_endpoint_hearbeats.ts +++ b/x-pack/plugins/security_solution/common/endpoint/data_loaders/index_endpoint_hearbeats.ts @@ -7,7 +7,7 @@ import type { Client, estypes } from '@elastic/elasticsearch'; import type { ToolingLog } from '@kbn/tooling-log'; -import { ENDPOINT_HEARTBEAT_INDEX } from '../constants'; + import { createToolingLogger } from './utils'; export interface IndexedEndpointHeartbeats { @@ -79,7 +79,8 @@ export const indexEndpointHeartbeats = async ( const operations = docs.concat(unbilledDocs).flatMap((doc) => [ { index: { - _index: ENDPOINT_HEARTBEAT_INDEX, + // simulating different namespaces + _index: `.logs-endpoint.heartbeat-${doc.agent.id.slice(-1)}`, op_type: 'create', }, }, diff --git a/x-pack/plugins/security_solution/common/experimental_features.ts b/x-pack/plugins/security_solution/common/experimental_features.ts index 5e438669916c6d..a16b88f649618e 100644 --- a/x-pack/plugins/security_solution/common/experimental_features.ts +++ b/x-pack/plugins/security_solution/common/experimental_features.ts @@ -235,6 +235,11 @@ export const allowedExperimentalValues = Object.freeze({ * can be disabled if necessary in a given environment. */ entityStoreDisabled: false, + + /** + * Enables the siem migrations feature + */ + siemMigrationsEnabled: false, }); type ExperimentalConfigKeys = Array; diff --git a/x-pack/plugins/security_solution/common/siem_migrations/constants.ts b/x-pack/plugins/security_solution/common/siem_migrations/constants.ts new file mode 100644 index 00000000000000..96ca75679f1129 --- /dev/null +++ b/x-pack/plugins/security_solution/common/siem_migrations/constants.ts @@ -0,0 +1,16 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +export const SIEM_MIGRATIONS_PATH = '/internal/siem_migrations' as const; +export const SIEM_RULE_MIGRATIONS_PATH = `${SIEM_MIGRATIONS_PATH}/rules` as const; + +export enum SiemMigrationsStatus { + PENDING = 'pending', + PROCESSING = 'processing', + FINISHED = 'finished', + ERROR = 'error', +} diff --git a/x-pack/plugins/security_solution/common/siem_migrations/model/api/common.gen.ts b/x-pack/plugins/security_solution/common/siem_migrations/model/api/common.gen.ts new file mode 100644 index 00000000000000..620475a6eb73dc --- /dev/null +++ b/x-pack/plugins/security_solution/common/siem_migrations/model/api/common.gen.ts @@ -0,0 +1,38 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +/* + * NOTICE: Do not edit this file manually. + * This file is automatically generated by the OpenAPI Generator, @kbn/openapi-generator. + * + * info: + * title: Common SIEM Migrations Attributes + * version: not applicable + */ + +import { z } from '@kbn/zod'; + +/** + * The GenAI connector id to use. + */ +export type ConnectorId = z.infer; +export const ConnectorId = z.string(); + +/** + * The LangSmith options object. + */ +export type LangSmithOptions = z.infer; +export const LangSmithOptions = z.object({ + /** + * The project name. + */ + project_name: z.string(), + /** + * The API key to use for tracing. + */ + api_key: z.string(), +}); diff --git a/x-pack/plugins/security_solution/common/siem_migrations/model/api/common.schema.yaml b/x-pack/plugins/security_solution/common/siem_migrations/model/api/common.schema.yaml new file mode 100644 index 00000000000000..97450d191f3009 --- /dev/null +++ b/x-pack/plugins/security_solution/common/siem_migrations/model/api/common.schema.yaml @@ -0,0 +1,24 @@ +openapi: 3.0.3 +info: + title: Common SIEM Migrations Attributes + version: 'not applicable' +paths: {} +components: + x-codegen-enabled: true + schemas: + ConnectorId: + type: string + description: The GenAI connector id to use. + LangSmithOptions: + type: object + description: The LangSmith options object. + required: + - project_name + - api_key + properties: + project_name: + type: string + description: The project name. + api_key: + type: string + description: The API key to use for tracing. diff --git a/x-pack/plugins/security_solution/common/siem_migrations/model/api/rules/rules_migration.gen.ts b/x-pack/plugins/security_solution/common/siem_migrations/model/api/rules/rules_migration.gen.ts new file mode 100644 index 00000000000000..fa8a1cc8a67782 --- /dev/null +++ b/x-pack/plugins/security_solution/common/siem_migrations/model/api/rules/rules_migration.gen.ts @@ -0,0 +1,34 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +/* + * NOTICE: Do not edit this file manually. + * This file is automatically generated by the OpenAPI Generator, @kbn/openapi-generator. + * + * info: + * title: SIEM Rules Migration API endpoint + * version: 1 + */ + +import { z } from '@kbn/zod'; + +import { OriginalRule, RuleMigration } from '../../rule_migration.gen'; + +export type CreateRuleMigrationRequestBody = z.infer; +export const CreateRuleMigrationRequestBody = z.array(OriginalRule); +export type CreateRuleMigrationRequestBodyInput = z.input; + +export type CreateRuleMigrationResponse = z.infer; +export const CreateRuleMigrationResponse = z.object({ + /** + * The migration id created. + */ + migration_id: z.string(), +}); + +export type GetRuleMigrationResponse = z.infer; +export const GetRuleMigrationResponse = z.array(RuleMigration); diff --git a/x-pack/plugins/security_solution/common/siem_migrations/model/api/rules/rules_migration.schema.yaml b/x-pack/plugins/security_solution/common/siem_migrations/model/api/rules/rules_migration.schema.yaml new file mode 100644 index 00000000000000..40596ba7e712d5 --- /dev/null +++ b/x-pack/plugins/security_solution/common/siem_migrations/model/api/rules/rules_migration.schema.yaml @@ -0,0 +1,52 @@ +openapi: 3.0.3 +info: + title: SIEM Rules Migration API endpoint + version: '1' +paths: + /internal/siem_migrations/rules: + post: + summary: Creates a new rule migration + operationId: CreateRuleMigration + x-codegen-enabled: true + description: Creates a new SIEM rules migration using the original vendor rules provided + tags: + - SIEM Migrations + - Rule Migrations + requestBody: + required: true + content: + application/json: + schema: + type: array + items: + $ref: '../../rule_migration.schema.yaml#/components/schemas/OriginalRule' + responses: + 200: + description: Indicates migration have been created correctly. + content: + application/json: + schema: + type: object + required: + - migration_id + properties: + migration_id: + type: string + description: The migration id created. + get: + summary: Retrieves rule migrations + operationId: GetRuleMigration + x-codegen-enabled: true + description: Retrieves the rule migrations stored in the system + tags: + - SIEM Migrations + - Rule Migrations + responses: + 200: + description: Indicates rule migrations have been retrieved correctly. + content: + application/json: + schema: + type: array + items: + $ref: '../../rule_migration.schema.yaml#/components/schemas/RuleMigration' diff --git a/x-pack/plugins/security_solution/common/siem_migrations/model/rule_migration.gen.ts b/x-pack/plugins/security_solution/common/siem_migrations/model/rule_migration.gen.ts new file mode 100644 index 00000000000000..0e07ef2f208dae --- /dev/null +++ b/x-pack/plugins/security_solution/common/siem_migrations/model/rule_migration.gen.ts @@ -0,0 +1,124 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +/* + * NOTICE: Do not edit this file manually. + * This file is automatically generated by the OpenAPI Generator, @kbn/openapi-generator. + * + * info: + * title: Common Splunk Rules Attributes + * version: not applicable + */ + +import { z } from '@kbn/zod'; + +/** + * The original rule to migrate. + */ +export type OriginalRule = z.infer; +export const OriginalRule = z.object({ + /** + * The original rule id. + */ + id: z.string(), + /** + * The original rule vendor identifier. + */ + vendor: z.literal('splunk'), + /** + * The original rule name. + */ + title: z.string(), + /** + * The original rule description. + */ + description: z.string(), + /** + * The original rule query. + */ + query: z.string(), + /** + * The original rule query language. + */ + query_language: z.string(), + /** + * The original rule Mitre Attack technique IDs. + */ + mitre_attack_ids: z.array(z.string()).optional(), +}); + +/** + * The migrated elastic rule. + */ +export type ElasticRule = z.infer; +export const ElasticRule = z.object({ + /** + * The migrated rule title. + */ + title: z.string(), + /** + * The migrated rule description. + */ + description: z.string().optional(), + /** + * The migrated rule severity. + */ + severity: z.string().optional(), + /** + * The translated elastic query. + */ + query: z.string(), + /** + * The translated elastic query language. + */ + query_language: z.literal('esql').default('esql'), + /** + * The Elastic prebuilt rule id matched. + */ + prebuilt_rule_id: z.string().optional(), + /** + * The Elastic rule id installed as a result. + */ + id: z.string().optional(), +}); + +/** + * The rule migration document object. + */ +export type RuleMigration = z.infer; +export const RuleMigration = z.object({ + /** + * The moment of creation + */ + '@timestamp': z.string(), + /** + * The migration id. + */ + migration_id: z.string(), + original_rule: OriginalRule, + elastic_rule: ElasticRule.optional(), + /** + * The translation state. + */ + translation_state: z.enum(['complete', 'partial', 'untranslatable']).optional(), + /** + * The status of the rule migration. + */ + status: z.enum(['pending', 'processing', 'finished', 'error']).default('pending'), + /** + * The comments for the migration including a summary from the LLM in markdown. + */ + comments: z.array(z.string()).optional(), + /** + * The moment of the last update + */ + updated_at: z.string().optional(), + /** + * The user who last updated the migration + */ + updated_by: z.string().optional(), +}); diff --git a/x-pack/plugins/security_solution/common/siem_migrations/model/rule_migration.schema.yaml b/x-pack/plugins/security_solution/common/siem_migrations/model/rule_migration.schema.yaml new file mode 100644 index 00000000000000..9ec825389a52bc --- /dev/null +++ b/x-pack/plugins/security_solution/common/siem_migrations/model/rule_migration.schema.yaml @@ -0,0 +1,124 @@ +openapi: 3.0.3 +info: + title: Common Splunk Rules Attributes + version: 'not applicable' +paths: {} +components: + x-codegen-enabled: true + schemas: + OriginalRule: + type: object + description: The original rule to migrate. + required: + - id + - vendor + - title + - description + - query + - query_language + properties: + id: + type: string + description: The original rule id. + vendor: + type: string + description: The original rule vendor identifier. + enum: + - splunk + title: + type: string + description: The original rule name. + description: + type: string + description: The original rule description. + query: + type: string + description: The original rule query. + query_language: + type: string + description: The original rule query language. + mitre_attack_ids: + type: array + items: + type: string + description: The original rule Mitre Attack technique IDs. + + ElasticRule: + type: object + description: The migrated elastic rule. + required: + - title + - query + - query_language + properties: + title: + type: string + description: The migrated rule title. + description: + type: string + description: The migrated rule description. + severity: + type: string + description: The migrated rule severity. + query: + type: string + description: The translated elastic query. + query_language: + type: string + description: The translated elastic query language. + enum: + - esql + default: esql + prebuilt_rule_id: + type: string + description: The Elastic prebuilt rule id matched. + id: + type: string + description: The Elastic rule id installed as a result. + + RuleMigration: + type: object + description: The rule migration document object. + required: + - '@timestamp' + - migration_id + - original_rule + - status + properties: + "@timestamp": + type: string + description: The moment of creation + migration_id: + type: string + description: The migration id. + original_rule: + $ref: '#/components/schemas/OriginalRule' + elastic_rule: + $ref: '#/components/schemas/ElasticRule' + translation_state: + type: string + description: The translation state. + enum: + - complete + - partial + - untranslatable + status: + type: string + description: The status of the rule migration. + enum: # should match SiemMigrationsStatus enum at ../constants.ts + - pending + - processing + - finished + - error + default: pending + comments: + type: array + description: The comments for the migration including a summary from the LLM in markdown. + items: + type: string + updated_at: + type: string + description: The moment of the last update + updated_by: + type: string + description: The user who last updated the migration diff --git a/x-pack/plugins/security_solution/docs/openapi/ess/security_solution_entity_analytics_api_2023_10_31.bundled.schema.yaml b/x-pack/plugins/security_solution/docs/openapi/ess/security_solution_entity_analytics_api_2023_10_31.bundled.schema.yaml index d3cce9170ae6a2..fef2850b44c909 100644 --- a/x-pack/plugins/security_solution/docs/openapi/ess/security_solution_entity_analytics_api_2023_10_31.bundled.schema.yaml +++ b/x-pack/plugins/security_solution/docs/openapi/ess/security_solution_entity_analytics_api_2023_10_31.bundled.schema.yaml @@ -925,9 +925,7 @@ components: name: type: string source: - items: - type: string - type: array + type: string required: - name - source @@ -1077,9 +1075,7 @@ components: name: type: string source: - items: - type: string - type: array + type: string required: - name - source diff --git a/x-pack/plugins/security_solution/docs/openapi/serverless/security_solution_entity_analytics_api_2023_10_31.bundled.schema.yaml b/x-pack/plugins/security_solution/docs/openapi/serverless/security_solution_entity_analytics_api_2023_10_31.bundled.schema.yaml index eecca3fe07ae6f..3a5054f17a4609 100644 --- a/x-pack/plugins/security_solution/docs/openapi/serverless/security_solution_entity_analytics_api_2023_10_31.bundled.schema.yaml +++ b/x-pack/plugins/security_solution/docs/openapi/serverless/security_solution_entity_analytics_api_2023_10_31.bundled.schema.yaml @@ -925,9 +925,7 @@ components: name: type: string source: - items: - type: string - type: array + type: string required: - name - source @@ -1077,9 +1075,7 @@ components: name: type: string source: - items: - type: string - type: array + type: string required: - name - source diff --git a/x-pack/plugins/security_solution/public/app/home/template_wrapper/index.tsx b/x-pack/plugins/security_solution/public/app/home/template_wrapper/index.tsx index b6492ef97cae79..19e8d55aa2dd5c 100644 --- a/x-pack/plugins/security_solution/public/app/home/template_wrapper/index.tsx +++ b/x-pack/plugins/security_solution/public/app/home/template_wrapper/index.tsx @@ -5,14 +5,13 @@ * 2.0. */ -import React, { type ReactNode, useMemo, useState, useCallback } from 'react'; +import React, { type ReactNode, useMemo } from 'react'; import styled from 'styled-components'; import { EuiThemeProvider, useEuiTheme, type EuiThemeComputed } from '@elastic/eui'; import { IS_DRAGGING_CLASS_NAME } from '@kbn/securitysolution-t-grid'; import { KibanaPageTemplate } from '@kbn/shared-ux-page-kibana-template'; import type { KibanaPageTemplateProps } from '@kbn/shared-ux-page-kibana-template'; import { ExpandableFlyoutProvider } from '@kbn/expandable-flyout'; -import { AttackDiscoveryTour } from '../../../attack_discovery/tour'; import { URL_PARAM_KEY } from '../../../common/hooks/use_url_state'; import { SecuritySolutionFlyout, TimelineFlyout } from '../../../flyout'; import { useSecuritySolutionNavigation } from '../../../common/components/navigation/use_security_solution_navigation'; @@ -56,11 +55,7 @@ export type SecuritySolutionTemplateWrapperProps = Omit = React.memo(({ children, ...rest }) => { - const [didMount, setDidMount] = useState(false); - const onMount = useCallback(() => { - setDidMount(true); - }, []); - const solutionNavProps = useSecuritySolutionNavigation(onMount); + const solutionNavProps = useSecuritySolutionNavigation(); const [isTimelineBottomBarVisible] = useShowTimeline(); const getTimelineShowStatus = useMemo(() => getTimelineShowStatusByIdSelector(), []); const { show: isShowingTimelineOverlay } = useDeepEqualSelector((state) => @@ -107,8 +102,6 @@ export const SecuritySolutionTemplateWrapper: React.FC - - {didMount && } {isTimelineBottomBarVisible && ( diff --git a/x-pack/plugins/security_solution/public/app/solution_navigation/links/sections/investigations_translations.ts b/x-pack/plugins/security_solution/public/app/solution_navigation/links/sections/investigations_translations.ts index d70717783870a5..931c3c20d40029 100644 --- a/x-pack/plugins/security_solution/public/app/solution_navigation/links/sections/investigations_translations.ts +++ b/x-pack/plugins/security_solution/public/app/solution_navigation/links/sections/investigations_translations.ts @@ -24,7 +24,8 @@ export const TIMELINE_DESCRIPTION = i18n.translate( export const NOTE_DESCRIPTION = i18n.translate( 'xpack.securitySolution.navLinks.investigations.note.title', { - defaultMessage: 'Oversee, revise and revisit the annotations within each document and timeline', + defaultMessage: + 'Oversee, revise, and revisit the notes attached to alerts, events and Timelines.', } ); diff --git a/x-pack/plugins/security_solution/public/assistant/stack_management/management_settings.tsx b/x-pack/plugins/security_solution/public/assistant/stack_management/management_settings.tsx index d2434e02641ad9..766bbffb5e9a76 100644 --- a/x-pack/plugins/security_solution/public/assistant/stack_management/management_settings.tsx +++ b/x-pack/plugins/security_solution/public/assistant/stack_management/management_settings.tsx @@ -19,7 +19,7 @@ import { import { useConversation } from '@kbn/elastic-assistant/impl/assistant/use_conversation'; import type { FetchConversationsResponse } from '@kbn/elastic-assistant/impl/assistant/api'; import { SECURITY_AI_SETTINGS } from '@kbn/elastic-assistant/impl/assistant/settings/translations'; -import { CONNECTORS_TAB } from '@kbn/elastic-assistant/impl/assistant/settings/const'; +import { CONVERSATIONS_TAB } from '@kbn/elastic-assistant/impl/assistant/settings/const'; import type { SettingsTabs } from '@kbn/elastic-assistant/impl/assistant/settings/types'; import { useKibana } from '../../common/lib/kibana'; @@ -68,7 +68,7 @@ export const ManagementSettings = React.memo(() => { const [searchParams] = useSearchParams(); const currentTab = useMemo( - () => (searchParams.get('tab') as SettingsTabs) ?? CONNECTORS_TAB, + () => (searchParams.get('tab') as SettingsTabs) ?? CONVERSATIONS_TAB, [searchParams] ); diff --git a/x-pack/plugins/security_solution/public/attack_discovery/tour/index.test.tsx b/x-pack/plugins/security_solution/public/attack_discovery/tour/index.test.tsx deleted file mode 100644 index fc3f2a2344a140..00000000000000 --- a/x-pack/plugins/security_solution/public/attack_discovery/tour/index.test.tsx +++ /dev/null @@ -1,137 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import React from 'react'; - -import { useIsElementMounted } from '../../detection_engine/rule_management_ui/components/rules_table/rules_table/guided_onboarding/use_is_element_mounted'; -import { render, screen } from '@testing-library/react'; -import { - createMockStore, - createSecuritySolutionStorageMock, - TestProviders, -} from '../../common/mock'; -import { useKibana as mockUseKibana } from '../../common/lib/kibana/__mocks__'; -import { useKibana } from '../../common/lib/kibana'; -import { AttackDiscoveryTour } from '.'; -import { ATTACK_DISCOVERY_TOUR_CONFIG_ANCHORS } from './step_config'; -import { NEW_FEATURES_TOUR_STORAGE_KEYS, SecurityPageName } from '../../../common/constants'; -import type { RouteSpyState } from '../../common/utils/route/types'; -import { useRouteSpy } from '../../common/utils/route/use_route_spy'; - -const mockRouteSpy: RouteSpyState = { - pageName: SecurityPageName.overview, - detailName: undefined, - tabName: undefined, - search: '', - pathName: '/', -}; -jest.mock( - '../../detection_engine/rule_management_ui/components/rules_table/rules_table/guided_onboarding/use_is_element_mounted' -); -jest.mock('../../common/lib/kibana'); -jest.mock('../../common/utils/route/use_route_spy'); -jest.mock('@elastic/eui', () => { - const original = jest.requireActual('@elastic/eui'); - return { - ...original, - EuiTourStep: () =>
, - }; -}); -const mockedUseKibana = mockUseKibana(); - -const { storage: storageMock } = createSecuritySolutionStorageMock(); -const mockStore = createMockStore(undefined, undefined, undefined, storageMock); - -const TestComponent = () => { - return ( - -
- - - ); -}; - -describe('Attack discovery tour', () => { - beforeAll(() => { - (useIsElementMounted as jest.Mock).mockReturnValue(true); - (useRouteSpy as jest.Mock).mockReturnValue([mockRouteSpy]); - }); - - beforeEach(() => { - (useKibana as jest.Mock).mockReturnValue({ - ...mockedUseKibana, - services: { - ...mockedUseKibana.services, - storage: storageMock, - }, - }); - - storageMock.clear(); - }); - afterEach(() => { - jest.clearAllMocks(); - }); - - it('should not render tour step 1 when element is not mounted', () => { - (useIsElementMounted as jest.Mock).mockReturnValueOnce(false); - render(); - expect(screen.queryByTestId('attackDiscovery-tour-step-1')).toBeNull(); - }); - - it('should not render any tour steps when tour is not activated', () => { - storageMock.set(NEW_FEATURES_TOUR_STORAGE_KEYS.ATTACK_DISCOVERY, { - currentTourStep: 1, - isTourActive: false, - }); - render(); - expect(screen.queryByTestId('attackDiscovery-tour-step-1')).toBeNull(); - expect(screen.queryByTestId('attackDiscovery-tour-step-2')).toBeNull(); - }); - - it('should not render any tour steps when tour is on step 2 and page is not attack discovery', () => { - storageMock.set(NEW_FEATURES_TOUR_STORAGE_KEYS.ATTACK_DISCOVERY, { - currentTourStep: 2, - isTourActive: true, - }); - const { debug } = render(); - expect(screen.queryByTestId('attackDiscovery-tour-step-1')).toBeNull(); - debug(); - }); - - it('should render tour step 1 when element is mounted', async () => { - const { getByTestId } = render(); - - expect(getByTestId('attackDiscovery-tour-step-1')).toBeInTheDocument(); - }); - - it('should render tour video when tour is on step 2 and page is attack discovery', () => { - (useRouteSpy as jest.Mock).mockReturnValue([ - { ...mockRouteSpy, pageName: SecurityPageName.attackDiscovery }, - ]); - storageMock.set(NEW_FEATURES_TOUR_STORAGE_KEYS.ATTACK_DISCOVERY, { - currentTourStep: 2, - isTourActive: true, - }); - const { getByTestId } = render(); - expect(screen.queryByTestId('attackDiscovery-tour-step-1')).toBeNull(); - expect(getByTestId('attackDiscovery-tour-step-2')).toBeInTheDocument(); - }); - - it('should advance to tour step 2 when page is attack discovery', () => { - (useRouteSpy as jest.Mock).mockReturnValue([ - { ...mockRouteSpy, pageName: SecurityPageName.attackDiscovery }, - ]); - storageMock.set(NEW_FEATURES_TOUR_STORAGE_KEYS.ATTACK_DISCOVERY, { - currentTourStep: 1, - isTourActive: true, - }); - render(); - expect( - storageMock.get(NEW_FEATURES_TOUR_STORAGE_KEYS.ATTACK_DISCOVERY).currentTourStep - ).toEqual(2); - }); -}); diff --git a/x-pack/plugins/security_solution/public/attack_discovery/tour/index.tsx b/x-pack/plugins/security_solution/public/attack_discovery/tour/index.tsx deleted file mode 100644 index ebddaca6d3f451..00000000000000 --- a/x-pack/plugins/security_solution/public/attack_discovery/tour/index.tsx +++ /dev/null @@ -1,133 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -/* - * The attack discovery tour for 8.14 - * - * */ - -import React, { useCallback, useEffect, useMemo, useState } from 'react'; -import { EuiButton, EuiButtonEmpty, EuiTourStep } from '@elastic/eui'; -import { useRouteSpy } from '../../common/utils/route/use_route_spy'; -import { VideoToast } from './video_toast'; -import { useIsElementMounted } from '../../detection_engine/rule_management_ui/components/rules_table/rules_table/guided_onboarding/use_is_element_mounted'; -import { NEW_FEATURES_TOUR_STORAGE_KEYS, SecurityPageName } from '../../../common/constants'; -import { useKibana, useNavigation } from '../../common/lib/kibana'; -import { attackDiscoveryTourStepOne, tourConfig } from './step_config'; -import * as i18n from './translations'; - -interface TourState { - currentTourStep: number; - isTourActive: boolean; -} - -const AttackDiscoveryTourComp = () => { - const { - services: { storage }, - } = useKibana(); - - const { navigateTo } = useNavigation(); - const [{ pageName }] = useRouteSpy(); - const [tourState, setTourState] = useState( - storage.get(NEW_FEATURES_TOUR_STORAGE_KEYS.ATTACK_DISCOVERY) ?? tourConfig - ); - - const advanceToVideoStep = useCallback(() => { - setTourState((prev) => { - storage.set(NEW_FEATURES_TOUR_STORAGE_KEYS.ATTACK_DISCOVERY, { - ...prev, - currentTourStep: 2, - }); - return { - ...prev, - currentTourStep: 2, - }; - }); - }, [storage]); - - useEffect(() => { - if (tourState.isTourActive && pageName === SecurityPageName.attackDiscovery) { - advanceToVideoStep(); - } - }, [advanceToVideoStep, pageName, tourState.isTourActive]); - - const finishTour = useCallback(() => { - setTourState((prev) => { - storage.set(NEW_FEATURES_TOUR_STORAGE_KEYS.ATTACK_DISCOVERY, { - ...prev, - isTourActive: false, - }); - return { - ...prev, - isTourActive: false, - }; - }); - }, [storage]); - - const navigateToAttackDiscovery = useCallback(() => { - navigateTo({ - deepLinkId: SecurityPageName.attackDiscovery, - }); - }, [navigateTo]); - - const nextStep = useCallback(() => { - if (tourState.currentTourStep === 1) { - navigateToAttackDiscovery(); - advanceToVideoStep(); - } - }, [tourState.currentTourStep, navigateToAttackDiscovery, advanceToVideoStep]); - - const footerAction = useMemo( - () => [ - // if exit, set tour to the video step without navigating to the page - - {i18n.ATTACK_DISCOVERY_TOUR_EXIT} - , - // if next, set tour to the video step and navigate to the page - - {i18n.ATTACK_DISCOVERY_TRY_IT} - , - ], - [advanceToVideoStep, nextStep] - ); - - const isElementAtCurrentStepMounted = useIsElementMounted(attackDiscoveryTourStepOne?.anchor); - - const isTestAutomation = - window.Cypress != null || // TODO: temporary workaround to disable the tour when running in Cypress, because the tour breaks other projects Cypress tests - navigator.webdriver === true; // TODO: temporary workaround to disable the tour when running in the FTR, because the tour breaks other projects FTR tests - - if ( - isTestAutomation || - !tourState.isTourActive || - (tourState.currentTourStep === 1 && !isElementAtCurrentStepMounted) - ) { - return null; - } - - return tourState.currentTourStep === 1 ? ( - - ) : pageName === SecurityPageName.attackDiscovery ? ( - - ) : null; -}; - -export const AttackDiscoveryTour = React.memo(AttackDiscoveryTourComp); diff --git a/x-pack/plugins/security_solution/public/attack_discovery/tour/translations.ts b/x-pack/plugins/security_solution/public/attack_discovery/tour/translations.ts deleted file mode 100644 index eadfb384297c03..00000000000000 --- a/x-pack/plugins/security_solution/public/attack_discovery/tour/translations.ts +++ /dev/null @@ -1,59 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { i18n } from '@kbn/i18n'; - -export const ATTACK_DISCOVERY_TOUR_ATTACK_DISCOVERY_TITLE = i18n.translate( - 'xpack.securitySolution.attackDiscovery.tour.navStep.title', - { - defaultMessage: 'Introducing attack discovery', - } -); - -export const ATTACK_DISCOVERY_TOUR_ATTACK_DISCOVERY_DESC = i18n.translate( - 'xpack.securitySolution.attackDiscovery.tour.navStep.desc', - { - defaultMessage: - 'Leverage Generative AI to find relationships among your alerts and describe attack chains.', - } -); - -export const ATTACK_DISCOVERY_TOUR_VIDEO_STEP_TITLE = i18n.translate( - 'xpack.securitySolution.attackDiscovery.tour.videoStep.title', - { - defaultMessage: 'Start discovering attacks', - } -); - -export const ATTACK_DISCOVERY_TOUR_VIDEO_STEP_DESC = i18n.translate( - 'xpack.securitySolution.attackDiscovery.tour.videoStep.desc', - { - defaultMessage: - 'Dive into data-driven attack discoveries and streamline your workflow with our intuitive AI technology, designed to elevate your productivity instantly.', - } -); - -export const ATTACK_DISCOVERY_TOUR_EXIT = i18n.translate( - 'xpack.securitySolution.attackDiscovery.tour.exit', - { - defaultMessage: 'Close', - } -); - -export const ATTACK_DISCOVERY_TRY_IT = i18n.translate( - 'xpack.securitySolution.attackDiscovery.tour.tryIt', - { - defaultMessage: 'Try it', - } -); - -export const WATCH_OVERVIEW_VIDEO = i18n.translate( - 'xpack.securitySolution.attackDiscovery.tour.video', - { - defaultMessage: 'Watch overview video', - } -); diff --git a/x-pack/plugins/security_solution/public/common/components/header_actions/add_note_icon_item.test.tsx b/x-pack/plugins/security_solution/public/common/components/header_actions/add_note_icon_item.test.tsx index 98dfc83e9d3e8a..b07aa7aedfcade 100644 --- a/x-pack/plugins/security_solution/public/common/components/header_actions/add_note_icon_item.test.tsx +++ b/x-pack/plugins/security_solution/public/common/components/header_actions/add_note_icon_item.test.tsx @@ -37,7 +37,7 @@ const renderTestComponent = (props: Partial = { timelineType: TimelineTypeEnum.default, eventId: 'event-1', - ariaLabel: 'Add Note', + ariaLabel: 'Add note', toggleShowNotes: toggleShowNotesMock, notesCount: 2, ...props, @@ -76,12 +76,12 @@ describe('AddEventNoteAction', () => { expect(NotesButtonMock).toHaveBeenCalledWith( expect.objectContaining({ - ariaLabel: 'Add Note', + ariaLabel: 'Add note', 'data-test-subj': 'add-note', isDisabled: false, timelineType: TimelineTypeEnum.default, toggleShowNotes: expect.any(Function), - toolTip: '2 Notes available. Click to view them & add more.', + toolTip: '2 notes available. Click to view them and add more.', eventId: 'event-1', notesCount: 2, }), @@ -98,12 +98,12 @@ describe('AddEventNoteAction', () => { expect(NotesButtonMock).toHaveBeenCalledWith( expect.objectContaining({ - ariaLabel: 'Add Note', + ariaLabel: 'Add note', 'data-test-subj': 'add-note', isDisabled: false, timelineType: TimelineTypeEnum.default, toggleShowNotes: expect.any(Function), - toolTip: '1 Note available. Click to view it & add more.', + toolTip: '1 note available. Click to view it and add more.', eventId: 'event-2', notesCount: 1, }), @@ -120,12 +120,12 @@ describe('AddEventNoteAction', () => { expect(NotesButtonMock).toHaveBeenCalledWith( expect.objectContaining({ - ariaLabel: 'Add Note', + ariaLabel: 'Add note', 'data-test-subj': 'add-note', isDisabled: false, timelineType: TimelineTypeEnum.default, toggleShowNotes: expect.any(Function), - toolTip: 'Add Note', + toolTip: 'Add note', eventId: 'event-3', notesCount: 0, }), diff --git a/x-pack/plugins/security_solution/public/common/components/header_actions/add_note_icon_item.tsx b/x-pack/plugins/security_solution/public/common/components/header_actions/add_note_icon_item.tsx index f9539b9062331d..f931042863a62c 100644 --- a/x-pack/plugins/security_solution/public/common/components/header_actions/add_note_icon_item.tsx +++ b/x-pack/plugins/security_solution/public/common/components/header_actions/add_note_icon_item.tsx @@ -6,12 +6,34 @@ */ import React, { useMemo } from 'react'; +import { i18n } from '@kbn/i18n'; import { NotesButton } from '../../../timelines/components/timeline/properties/helpers'; import { type TimelineType, TimelineTypeEnum } from '../../../../common/api/timeline'; import { useUserPrivileges } from '../user_privileges'; -import * as i18n from './translations'; import { ActionIconItem } from './action_icon_item'; +const NOTES_DISABLE_TOOLTIP = i18n.translate( + 'xpack.securitySolution.timeline.body.notes.disableEventTooltip', + { + defaultMessage: 'Notes cannot be added here while editing a template Timeline.', + } +); +const NOTES_ADD_TOOLTIP = i18n.translate( + 'xpack.securitySolution.timeline.body.notes.addNoteTooltip', + { + defaultMessage: 'Add note', + } +); +const NOTES_COUNT_TOOLTIP = ({ notesCount }: { notesCount: number }) => + i18n.translate( + 'xpack.securitySolution.timeline.body.notes.addNote.multipleNotesAvailableTooltip', + { + values: { notesCount }, + defaultMessage: + '{notesCount} {notesCount, plural, one {note} other {notes} } available. Click to view {notesCount, plural, one {it} other {them}} and add more.', + } + ); + interface AddEventNoteActionProps { ariaLabel?: string; timelineType: TimelineType; @@ -33,7 +55,7 @@ const AddEventNoteActionComponent: React.FC = ({ const { kibanaSecuritySolutionsPrivileges } = useUserPrivileges(); const NOTES_TOOLTIP = useMemo( - () => (notesCount > 0 ? i18n.NOTES_COUNT_TOOLTIP({ notesCount }) : i18n.NOTES_ADD_TOOLTIP), + () => (notesCount > 0 ? NOTES_COUNT_TOOLTIP({ notesCount }) : NOTES_ADD_TOOLTIP), [notesCount] ); @@ -45,9 +67,7 @@ const AddEventNoteActionComponent: React.FC = ({ isDisabled={kibanaSecuritySolutionsPrivileges.crud === false} timelineType={timelineType} toggleShowNotes={toggleShowNotes} - toolTip={ - timelineType === TimelineTypeEnum.template ? i18n.NOTES_DISABLE_TOOLTIP : NOTES_TOOLTIP - } + toolTip={timelineType === TimelineTypeEnum.template ? NOTES_DISABLE_TOOLTIP : NOTES_TOOLTIP} eventId={eventId} notesCount={notesCount} /> diff --git a/x-pack/plugins/security_solution/public/common/components/header_actions/translations.ts b/x-pack/plugins/security_solution/public/common/components/header_actions/translations.ts index 10832ccfac1e59..03ff7503643c93 100644 --- a/x-pack/plugins/security_solution/public/common/components/header_actions/translations.ts +++ b/x-pack/plugins/security_solution/public/common/components/header_actions/translations.ts @@ -14,30 +14,6 @@ export const OPEN_SESSION_VIEW = i18n.translate( } ); -export const NOTES_DISABLE_TOOLTIP = i18n.translate( - 'xpack.securitySolution.timeline.body.notes.disableEventTooltip', - { - defaultMessage: 'Notes may not be added here while editing a template timeline', - } -); - -export const NOTES_ADD_TOOLTIP = i18n.translate( - 'xpack.securitySolution.timeline.body.notes.addNoteTooltip', - { - defaultMessage: 'Add Note', - } -); - -export const NOTES_COUNT_TOOLTIP = ({ notesCount }: { notesCount: number }) => - i18n.translate( - 'xpack.securitySolution.timeline.body.notes.addNote.multipleNotesAvailableTooltip', - { - values: { notesCount }, - defaultMessage: - '{notesCount} {notesCount, plural, one {Note} other {Notes} } available. Click to view {notesCount, plural, one {it} other {them}} & add more.', - } - ); - export const SORT_FIELDS = i18n.translate('xpack.securitySolution.timeline.sortFieldsButton', { defaultMessage: 'Sort fields', }); diff --git a/x-pack/plugins/security_solution/public/common/components/navigation/security_side_nav/security_side_nav.tsx b/x-pack/plugins/security_solution/public/common/components/navigation/security_side_nav/security_side_nav.tsx index 6b327df2a847c4..47ff3e6e4fad14 100644 --- a/x-pack/plugins/security_solution/public/common/components/navigation/security_side_nav/security_side_nav.tsx +++ b/x-pack/plugins/security_solution/public/common/components/navigation/security_side_nav/security_side_nav.tsx @@ -137,7 +137,7 @@ const usePanelBottomOffset = (): string | undefined => { * Main security navigation component. * It takes the links to render from the generic application `links` configs. */ -export const SecuritySideNav: React.FC<{ onMount?: () => void }> = ({ onMount }) => { +export const SecuritySideNav: React.FC = () => { const items = useSolutionSideNavItems(); const selectedId = useSelectedId(); const panelTopOffset = usePanelTopOffset(); @@ -151,7 +151,6 @@ export const SecuritySideNav: React.FC<{ onMount?: () => void }> = ({ onMount }) void -): KibanaPageTemplateProps['solutionNav'] => { +export const useSecuritySolutionNavigation = (): KibanaPageTemplateProps['solutionNav'] => { const { chrome } = useKibana().services; const chromeStyle$ = useMemo(() => chrome.getChromeStyle$(), [chrome]); const chromeStyle = useObservable(chromeStyle$, 'classic'); @@ -41,7 +39,7 @@ export const useSecuritySolutionNavigation = ( canBeCollapsed: true, name: translatedNavTitle, icon: 'logoSecurity', - children: , + children: , closeFlyoutButtonPosition: 'inside', }; }; diff --git a/x-pack/plugins/security_solution/public/common/lib/telemetry/constants.ts b/x-pack/plugins/security_solution/public/common/lib/telemetry/constants.ts index 5126d75178f5f9..cb247891d79b36 100644 --- a/x-pack/plugins/security_solution/public/common/lib/telemetry/constants.ts +++ b/x-pack/plugins/security_solution/public/common/lib/telemetry/constants.ts @@ -35,6 +35,8 @@ export enum TELEMETRY_EVENT { DASHBOARD = 'navigate_to_dashboard', CREATE_DASHBOARD = 'create_dashboard', + ONBOARDING = 'onboarding', + // value list OPEN_VALUE_LIST_MODAL = 'open_value_list_modal', CREATE_VALUE_LIST_ITEM = 'create_value_list_item', diff --git a/x-pack/plugins/security_solution/public/detection_engine/rule_management/api/api.test.ts b/x-pack/plugins/security_solution/public/detection_engine/rule_management/api/api.test.ts index d10bb4bb03e084..bc7c288906e8e8 100644 --- a/x-pack/plugins/security_solution/public/detection_engine/rule_management/api/api.test.ts +++ b/x-pack/plugins/security_solution/public/detection_engine/rule_management/api/api.test.ts @@ -854,9 +854,7 @@ describe('Detections Rules API', () => { expect(fetchMock).toHaveBeenCalledWith( expect.any(String), expect.objectContaining({ - query: expect.objectContaining({ - filter: 'alert.id:"alert:id1" or alert.id:"alert:id2"', - }), + body: '{"filter":"alert.id:\\"alert:id1\\" or alert.id:\\"alert:id2\\"","fields":"[\\"muteAll\\",\\"activeSnoozes\\",\\"isSnoozedUntil\\",\\"snoozeSchedule\\"]","per_page":2}', }) ); }); @@ -867,9 +865,7 @@ describe('Detections Rules API', () => { expect(fetchMock).toHaveBeenCalledWith( expect.any(String), expect.objectContaining({ - query: expect.objectContaining({ - per_page: 2, - }), + body: '{"filter":"alert.id:\\"alert:id1\\" or alert.id:\\"alert:id2\\"","fields":"[\\"muteAll\\",\\"activeSnoozes\\",\\"isSnoozedUntil\\",\\"snoozeSchedule\\"]","per_page":2}', }) ); }); @@ -880,14 +876,7 @@ describe('Detections Rules API', () => { expect(fetchMock).toHaveBeenCalledWith( expect.any(String), expect.objectContaining({ - query: expect.objectContaining({ - fields: JSON.stringify([ - 'muteAll', - 'activeSnoozes', - 'isSnoozedUntil', - 'snoozeSchedule', - ]), - }), + body: '{"filter":"alert.id:\\"alert:id1\\" or alert.id:\\"alert:id2\\"","fields":"[\\"muteAll\\",\\"activeSnoozes\\",\\"isSnoozedUntil\\",\\"snoozeSchedule\\"]","per_page":2}', }) ); }); diff --git a/x-pack/plugins/security_solution/public/detection_engine/rule_management/api/api.ts b/x-pack/plugins/security_solution/public/detection_engine/rule_management/api/api.ts index c86606d0d81377..1e2ee1be7a47a1 100644 --- a/x-pack/plugins/security_solution/public/detection_engine/rule_management/api/api.ts +++ b/x-pack/plugins/security_solution/public/detection_engine/rule_management/api/api.ts @@ -241,12 +241,12 @@ export const fetchRulesSnoozeSettings = async ({ const response = await KibanaServices.get().http.fetch( INTERNAL_ALERTING_API_FIND_RULES_PATH, { - method: 'GET', - query: { + method: 'POST', + body: JSON.stringify({ filter: ids.map((x) => `alert.id:"alert:${x}"`).join(' or '), fields: JSON.stringify(['muteAll', 'activeSnoozes', 'isSnoozedUntil', 'snoozeSchedule']), per_page: ids.length, - }, + }), signal, } ); diff --git a/x-pack/plugins/security_solution/public/detection_engine/rule_management/api/hooks/use_fetch_rules_snooze_settings_query.ts b/x-pack/plugins/security_solution/public/detection_engine/rule_management/api/hooks/use_fetch_rules_snooze_settings_query.ts index 8d2ca14d79f9b1..a0eedb35d4fa1b 100644 --- a/x-pack/plugins/security_solution/public/detection_engine/rule_management/api/hooks/use_fetch_rules_snooze_settings_query.ts +++ b/x-pack/plugins/security_solution/public/detection_engine/rule_management/api/hooks/use_fetch_rules_snooze_settings_query.ts @@ -13,7 +13,7 @@ import type { RulesSnoozeSettingsMap } from '../../logic'; import { fetchRulesSnoozeSettings } from '../api'; import { DEFAULT_QUERY_OPTIONS } from './constants'; -const FETCH_RULE_SNOOZE_SETTINGS_QUERY_KEY = ['GET', INTERNAL_ALERTING_API_FIND_RULES_PATH]; +const FETCH_RULE_SNOOZE_SETTINGS_QUERY_KEY = ['POST', INTERNAL_ALERTING_API_FIND_RULES_PATH]; /** * A wrapper around useQuery provides default values to the underlying query, diff --git a/x-pack/plugins/security_solution/public/entity_analytics/components/entity_store/components/entity_source_filter.tsx b/x-pack/plugins/security_solution/public/entity_analytics/components/entity_store/components/entity_source_filter.tsx index aac8aad170f3f5..bc295b6cde439a 100644 --- a/x-pack/plugins/security_solution/public/entity_analytics/components/entity_store/components/entity_source_filter.tsx +++ b/x-pack/plugins/security_solution/public/entity_analytics/components/entity_store/components/entity_source_filter.tsx @@ -8,30 +8,26 @@ import React from 'react'; import { i18n } from '@kbn/i18n'; import { MultiselectFilter } from '../../../../common/components/multiselect_filter'; +import { EntitySourceTag } from '../types'; interface SourceFilterProps { - selectedItems: EntitySource[]; - onChange: (selectedItems: EntitySource[]) => void; + selectedItems: EntitySourceTag[]; + onChange: (selectedItems: EntitySourceTag[]) => void; } -export enum EntitySource { - CSV_UPLOAD = 'CSV upload', - EVENTS = 'Events', -} -// TODO Fix the Entity Source field before using it export const EntitySourceFilter: React.FC = ({ selectedItems, onChange }) => { return ( - + title={i18n.translate( 'xpack.securitySolution.entityAnalytics.entityStore.entitySource.filterTitle', { defaultMessage: 'Source', } )} - items={Object.values(EntitySource)} + items={Object.values(EntitySourceTag)} selectedItems={selectedItems} onSelectionChange={onChange} - width={140} + width={190} /> ); }; diff --git a/x-pack/plugins/security_solution/public/entity_analytics/components/entity_store/entities_list.test.tsx b/x-pack/plugins/security_solution/public/entity_analytics/components/entity_store/entities_list.test.tsx index b105a87fd8720e..0e598d6463c5a0 100644 --- a/x-pack/plugins/security_solution/public/entity_analytics/components/entity_store/entities_list.test.tsx +++ b/x-pack/plugins/security_solution/public/entity_analytics/components/entity_store/entities_list.test.tsx @@ -33,7 +33,7 @@ const responseData: ListEntitiesResponse = { user: { name: entityName }, entity: { name: entityName, - source: ['source'], + source: 'test-index', }, }, ], @@ -106,7 +106,7 @@ describe('EntitiesList', () => { fireEvent.click(columnHeader); expect(mockUseEntitiesListQuery).toHaveBeenCalledWith( expect.objectContaining({ - sortField: 'entity.displayName.keyword', + sortField: 'entity.name.text', sortOrder: 'asc', }) ); diff --git a/x-pack/plugins/security_solution/public/entity_analytics/components/entity_store/entities_list.tsx b/x-pack/plugins/security_solution/public/entity_analytics/components/entity_store/entities_list.tsx index a6e058af343929..aa03e41c553cb4 100644 --- a/x-pack/plugins/security_solution/public/entity_analytics/components/entity_store/entities_list.tsx +++ b/x-pack/plugins/security_solution/public/entity_analytics/components/entity_store/entities_list.tsx @@ -6,9 +6,8 @@ */ import React, { useCallback, useEffect, useMemo, useState } from 'react'; -import { EuiFilterGroup, EuiFlexGroup, EuiFlexItem, EuiTitle } from '@elastic/eui'; +import { EuiFilterGroup, EuiFlexGroup, EuiFlexItem } from '@elastic/eui'; import { noop } from 'lodash/fp'; -import { FormattedMessage } from '@kbn/i18n-react'; import { i18n } from '@kbn/i18n'; import { useErrorToast } from '../../../common/hooks/use_error_toast'; import type { CriticalityLevels } from '../../../../common/constants'; @@ -21,12 +20,13 @@ import { EntityType } from '../../../../common/api/entity_analytics/entity_store import type { Criteria } from '../../../explore/components/paginated_table'; import { PaginatedTable } from '../../../explore/components/paginated_table'; import { SeverityFilter } from '../severity/severity_filter'; -import type { EntitySource } from './components/entity_source_filter'; +import { EntitySourceFilter } from './components/entity_source_filter'; import { useEntitiesListFilters } from './hooks/use_entities_list_filters'; import { AssetCriticalityFilter } from '../asset_criticality/asset_criticality_filter'; import { useEntitiesListQuery } from './hooks/use_entities_list_query'; import { ENTITIES_LIST_TABLE_ID, rowItems } from './constants'; import { useEntitiesListColumns } from './hooks/use_entities_list_columns'; +import type { EntitySourceTag } from './types'; export const EntitiesList: React.FC = () => { const { deleteQuery, setQuery, isInitializing, from, to } = useGlobalTime(); @@ -34,13 +34,13 @@ export const EntitiesList: React.FC = () => { const [limit, setLimit] = useState(10); const { toggleStatus } = useQueryToggle(ENTITIES_LIST_TABLE_ID); const [sorting, setSorting] = useState({ - field: 'entity.lastSeenTimestamp', + field: '@timestamp', direction: Direction.desc, }); const [selectedSeverities, setSelectedSeverities] = useState([]); const [selectedCriticalities, setSelectedCriticalities] = useState([]); - const [selectedSources, _] = useState([]); + const [selectedSources, setSelectedSources] = useState([]); const filter = useEntitiesListFilters({ selectedSeverities, @@ -115,16 +115,19 @@ export const EntitiesList: React.FC = () => { activePage={(data?.page ?? 1) - 1} columns={columns} headerCount={data?.total ?? 0} - headerTitle={ - -

- -

- - } + titleSize="s" + headerTitle={i18n.translate( + 'xpack.securitySolution.entityAnalytics.entityStore.entitiesList.tableTitle', + { + defaultMessage: 'Entities', + } + )} + headerTooltip={i18n.translate( + 'xpack.securitySolution.entityAnalytics.entityStore.entitiesList.tableTooltip', + { + defaultMessage: 'Entity data can take a couple of minutes to appear', + } + )} limit={limit} loading={isLoading || isRefetching} isInspect={false} @@ -147,6 +150,7 @@ export const EntitiesList: React.FC = () => { selectedItems={selectedCriticalities} onChange={setSelectedCriticalities} /> + diff --git a/x-pack/plugins/security_solution/public/entity_analytics/components/entity_store/helpers.test.ts b/x-pack/plugins/security_solution/public/entity_analytics/components/entity_store/helpers.test.ts index 6e3ba0e6d09d17..55fb85bf9158b8 100644 --- a/x-pack/plugins/security_solution/public/entity_analytics/components/entity_store/helpers.test.ts +++ b/x-pack/plugins/security_solution/public/entity_analytics/components/entity_store/helpers.test.ts @@ -5,40 +5,70 @@ * 2.0. */ -import { isUserEntity } from './helpers'; +import { isUserEntity, sourceFieldToText } from './helpers'; import type { Entity, UserEntity, } from '../../../../common/api/entity_analytics/entity_store/entities/common.gen'; +import { render } from '@testing-library/react'; +import { TestProviders } from '@kbn/timelines-plugin/public/mock'; -describe('isUserEntity', () => { - it('should return true if the record is a UserEntity', () => { - const userEntity: UserEntity = { - '@timestamp': '2021-08-02T14:00:00.000Z', - user: { - name: 'test_user', - }, - entity: { - name: 'test_user', - source: ['logs-test'], - }, - }; - - expect(isUserEntity(userEntity)).toBe(true); +describe('helpers', () => { + describe('isUserEntity', () => { + it('should return true if the record is a UserEntity', () => { + const userEntity: UserEntity = { + '@timestamp': '2021-08-02T14:00:00.000Z', + user: { + name: 'test_user', + }, + entity: { + name: 'test_user', + source: 'logs-test', + }, + }; + + expect(isUserEntity(userEntity)).toBe(true); + }); + + it('should return false if the record is not a UserEntity', () => { + const nonUserEntity: Entity = { + '@timestamp': '2021-08-02T14:00:00.000Z', + host: { + name: 'test_host', + }, + entity: { + name: 'test_host', + source: 'logs-test', + }, + }; + + expect(isUserEntity(nonUserEntity)).toBe(false); + }); }); - it('should return false if the record is not a UserEntity', () => { - const nonUserEntity: Entity = { - '@timestamp': '2021-08-02T14:00:00.000Z', - host: { - name: 'test_host', - }, - entity: { - name: 'test_host', - source: ['logs-test'], - }, - }; - - expect(isUserEntity(nonUserEntity)).toBe(false); + describe('sourceFieldToText', () => { + it("should return 'Events' if the value isn't risk or asset", () => { + const { container } = render(sourceFieldToText('anything'), { + wrapper: TestProviders, + }); + + expect(container).toHaveTextContent('Events'); + }); + + it("should return 'Risk' if the value is a risk index", () => { + const { container } = render(sourceFieldToText('risk-score.risk-score-default'), { + wrapper: TestProviders, + }); + + expect(container).toHaveTextContent('Risk'); + }); + + it("should return 'Asset Criticality' if the value is a asset criticality index", () => { + const { container } = render(sourceFieldToText('.asset-criticality.asset-criticality-*'), { + wrapper: TestProviders, + }); + + expect(container).toHaveTextContent('Asset Criticality'); + }); }); }); diff --git a/x-pack/plugins/security_solution/public/entity_analytics/components/entity_store/helpers.ts b/x-pack/plugins/security_solution/public/entity_analytics/components/entity_store/helpers.ts deleted file mode 100644 index 61e9b2be8b0ab3..00000000000000 --- a/x-pack/plugins/security_solution/public/entity_analytics/components/entity_store/helpers.ts +++ /dev/null @@ -1,14 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import type { - Entity, - UserEntity, -} from '../../../../common/api/entity_analytics/entity_store/entities/common.gen'; - -export const isUserEntity = (record: Entity): record is UserEntity => - !!(record as UserEntity)?.user; diff --git a/x-pack/plugins/security_solution/public/entity_analytics/components/entity_store/helpers.tsx b/x-pack/plugins/security_solution/public/entity_analytics/components/entity_store/helpers.tsx new file mode 100644 index 00000000000000..e339a63be70647 --- /dev/null +++ b/x-pack/plugins/security_solution/public/entity_analytics/components/entity_store/helpers.tsx @@ -0,0 +1,46 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ +import React from 'react'; +import { FormattedMessage } from '@kbn/i18n-react'; +import { + ASSET_CRITICALITY_INDEX_PATTERN, + RISK_SCORE_INDEX_PATTERN, +} from '../../../../common/constants'; +import type { + Entity, + UserEntity, +} from '../../../../common/api/entity_analytics/entity_store/entities/common.gen'; + +export const isUserEntity = (record: Entity): record is UserEntity => + !!(record as UserEntity)?.user; + +export const sourceFieldToText = (source: string) => { + if (source.match(`^${RISK_SCORE_INDEX_PATTERN}`)) { + return ( + + ); + } + + if (source.match(`^${ASSET_CRITICALITY_INDEX_PATTERN}`)) { + return ( + + ); + } + + return ( + + ); +}; diff --git a/x-pack/plugins/security_solution/public/entity_analytics/components/entity_store/hooks/use_entities_list_columns.tsx b/x-pack/plugins/security_solution/public/entity_analytics/components/entity_store/hooks/use_entities_list_columns.tsx index 52439d10a0000f..974a80454ee21b 100644 --- a/x-pack/plugins/security_solution/public/entity_analytics/components/entity_store/hooks/use_entities_list_columns.tsx +++ b/x-pack/plugins/security_solution/public/entity_analytics/components/entity_store/hooks/use_entities_list_columns.tsx @@ -17,9 +17,9 @@ import { RiskScoreLevel } from '../../severity/common'; import { getEmptyTagValue } from '../../../../common/components/empty_value'; import type { Columns } from '../../../../explore/components/paginated_table'; import type { Entity } from '../../../../../common/api/entity_analytics/entity_store/entities/common.gen'; -import type { CriticalityLevels } from '../../../../../common/constants'; +import { type CriticalityLevels } from '../../../../../common/constants'; import { ENTITIES_LIST_TABLE_ID } from '../constants'; -import { isUserEntity } from '../helpers'; +import { isUserEntity, sourceFieldToText } from '../helpers'; import { CRITICALITY_LEVEL_TITLE } from '../../asset_criticality/translations'; export type EntitiesListColumns = [ @@ -79,7 +79,7 @@ export const useEntitiesListColumns = (): EntitiesListColumns => { width: '5%', }, { - field: 'entity.displayName.keyword', + field: 'entity.name.text', name: ( { truncateText: { lines: 2 }, render: (source: string | undefined) => { if (source != null) { - return {source}; + return sourceFieldToText(source); } return getEmptyTagValue(); diff --git a/x-pack/plugins/security_solution/public/entity_analytics/components/entity_store/hooks/use_entities_list_filters.test.ts b/x-pack/plugins/security_solution/public/entity_analytics/components/entity_store/hooks/use_entities_list_filters.test.ts index de5f706d4524c1..cdf0583374538d 100644 --- a/x-pack/plugins/security_solution/public/entity_analytics/components/entity_store/hooks/use_entities_list_filters.test.ts +++ b/x-pack/plugins/security_solution/public/entity_analytics/components/entity_store/hooks/use_entities_list_filters.test.ts @@ -11,7 +11,7 @@ import { useGlobalFilterQuery } from '../../../../common/hooks/use_global_filter import type { QueryDslQueryContainer } from '@elastic/elasticsearch/lib/api/types'; import { CriticalityLevels } from '../../../../../common/constants'; import { RiskSeverity } from '../../../../../common/search_strategy'; -import { EntitySource } from '../components/entity_source_filter'; +import { EntitySourceTag } from '../types'; jest.mock('../../../../common/hooks/use_global_filter_query'); @@ -52,7 +52,6 @@ describe('useEntitiesListFilters', () => { { term: { 'host.risk.calculated_level': RiskSeverity.High } }, { term: { 'user.risk.calculated_level': RiskSeverity.High } }, ], - minimum_should_match: 1, }, }, ]; @@ -72,7 +71,6 @@ describe('useEntitiesListFilters', () => { const expectedFilters: QueryDslQueryContainer[] = [ { bool: { - minimum_should_match: 1, should: [ { term: { @@ -97,13 +95,48 @@ describe('useEntitiesListFilters', () => { useEntitiesListFilters({ selectedSeverities: [], selectedCriticalities: [], - selectedSources: [EntitySource.CSV_UPLOAD, EntitySource.EVENTS], + selectedSources: [EntitySourceTag.criticality, EntitySourceTag.risk], }) ); const expectedFilters: QueryDslQueryContainer[] = [ - { term: { 'entity.source': EntitySource.CSV_UPLOAD } }, - { term: { 'entity.source': EntitySource.EVENTS } }, + { + bool: { + should: [ + { wildcard: { 'entity.source': '.asset-criticality.asset-criticality-*' } }, + { wildcard: { 'entity.source': 'risk-score.risk-score-*' } }, + ], + }, + }, + ]; + + expect(result.current).toEqual(expectedFilters); + }); + + it('should return source events filters when events is selected', () => { + const { result } = renderHook(() => + useEntitiesListFilters({ + selectedSeverities: [], + selectedCriticalities: [], + selectedSources: [EntitySourceTag.events], + }) + ); + + const expectedFilters: QueryDslQueryContainer[] = [ + { + bool: { + should: [ + { + bool: { + must_not: [ + { wildcard: { 'entity.source': '.asset-criticality.asset-criticality-*' } }, + { wildcard: { 'entity.source': 'risk-score.risk-score-*' } }, + ], + }, + }, + ], + }, + }, ]; expect(result.current).toEqual(expectedFilters); @@ -132,7 +165,7 @@ describe('useEntitiesListFilters', () => { useEntitiesListFilters({ selectedSeverities: [RiskSeverity.Low], selectedCriticalities: [CriticalityLevels.HIGH_IMPACT], - selectedSources: [EntitySource.CSV_UPLOAD], + selectedSources: [EntitySourceTag.risk], }) ); @@ -143,16 +176,18 @@ describe('useEntitiesListFilters', () => { { term: { 'host.risk.calculated_level': RiskSeverity.Low } }, { term: { 'user.risk.calculated_level': RiskSeverity.Low } }, ], - minimum_should_match: 1, }, }, { bool: { should: [{ term: { 'asset.criticality': CriticalityLevels.HIGH_IMPACT } }], - minimum_should_match: 1, }, }, - { term: { 'entity.source': EntitySource.CSV_UPLOAD } }, + { + bool: { + should: [{ wildcard: { 'entity.source': 'risk-score.risk-score-*' } }], + }, + }, globalQuery, ]; diff --git a/x-pack/plugins/security_solution/public/entity_analytics/components/entity_store/hooks/use_entities_list_filters.ts b/x-pack/plugins/security_solution/public/entity_analytics/components/entity_store/hooks/use_entities_list_filters.ts index 634f3f61c15901..ba720025f4a590 100644 --- a/x-pack/plugins/security_solution/public/entity_analytics/components/entity_store/hooks/use_entities_list_filters.ts +++ b/x-pack/plugins/security_solution/public/entity_analytics/components/entity_store/hooks/use_entities_list_filters.ts @@ -7,15 +7,19 @@ import type { QueryDslQueryContainer } from '@elastic/elasticsearch/lib/api/types'; import { useMemo } from 'react'; -import type { CriticalityLevels } from '../../../../../common/constants'; +import { + ASSET_CRITICALITY_INDEX_PATTERN, + RISK_SCORE_INDEX_PATTERN, + type CriticalityLevels, +} from '../../../../../common/constants'; import type { RiskSeverity } from '../../../../../common/search_strategy'; import { useGlobalFilterQuery } from '../../../../common/hooks/use_global_filter_query'; -import type { EntitySource } from '../components/entity_source_filter'; +import { EntitySourceTag } from '../types'; interface UseEntitiesListFiltersParams { selectedSeverities: RiskSeverity[]; selectedCriticalities: CriticalityLevels[]; - selectedSources: EntitySource[]; + selectedSources: EntitySourceTag[]; } export const useEntitiesListFilters = ({ @@ -35,17 +39,20 @@ export const useEntitiesListFilters = ({ 'asset.criticality': value, }, })), - minimum_should_match: 1, }, }, ] : []; - const sourceFilter: QueryDslQueryContainer[] = selectedSources.map((value) => ({ - term: { - 'entity.source': value, - }, - })); + const sourceFilter: QueryDslQueryContainer[] = selectedSources.length + ? [ + { + bool: { + should: selectedSources.map((tag) => getSourceTagFilterQuery(tag)), + }, + }, + ] + : []; const severityFilter: QueryDslQueryContainer[] = selectedSeverities.length ? [ @@ -63,7 +70,6 @@ export const useEntitiesListFilters = ({ }, }, ]), - minimum_should_match: 1, }, }, ] @@ -80,3 +86,37 @@ export const useEntitiesListFilters = ({ return filterList; }, [globalQuery, selectedCriticalities, selectedSeverities, selectedSources]); }; + +const getSourceTagFilterQuery = (tag: EntitySourceTag): QueryDslQueryContainer => { + if (tag === EntitySourceTag.risk) { + return { + wildcard: { + 'entity.source': RISK_SCORE_INDEX_PATTERN, + }, + }; + } + if (tag === EntitySourceTag.criticality) { + return { + wildcard: { + 'entity.source': ASSET_CRITICALITY_INDEX_PATTERN, + }, + }; + } + + return { + bool: { + must_not: [ + { + wildcard: { + 'entity.source': ASSET_CRITICALITY_INDEX_PATTERN, + }, + }, + { + wildcard: { + 'entity.source': RISK_SCORE_INDEX_PATTERN, + }, + }, + ], + }, + }; +}; diff --git a/x-pack/plugins/security_solution/public/entity_analytics/components/entity_store/types.ts b/x-pack/plugins/security_solution/public/entity_analytics/components/entity_store/types.ts new file mode 100644 index 00000000000000..0adabf36eb4363 --- /dev/null +++ b/x-pack/plugins/security_solution/public/entity_analytics/components/entity_store/types.ts @@ -0,0 +1,12 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +export enum EntitySourceTag { + 'risk' = 'Risk', + 'criticality' = 'Asset Criticality', + 'events' = 'Events', +} diff --git a/x-pack/plugins/security_solution/public/entity_analytics/components/risk_summary_flyout/common.tsx b/x-pack/plugins/security_solution/public/entity_analytics/components/risk_summary_flyout/common.tsx index 1f9832b79654c8..1f7c0724a6e676 100644 --- a/x-pack/plugins/security_solution/public/entity_analytics/components/risk_summary_flyout/common.tsx +++ b/x-pack/plugins/security_solution/public/entity_analytics/components/risk_summary_flyout/common.tsx @@ -24,7 +24,7 @@ interface EntityData { risk: RiskStats; } -export const buildColumns: () => Array> = () => [ +export const columnsArray: Array> = [ { field: 'category', name: ( diff --git a/x-pack/plugins/security_solution/public/entity_analytics/components/risk_summary_flyout/risk_summary.tsx b/x-pack/plugins/security_solution/public/entity_analytics/components/risk_summary_flyout/risk_summary.tsx index fee62f34dfdeec..fe32fad5b00702 100644 --- a/x-pack/plugins/security_solution/public/entity_analytics/components/risk_summary_flyout/risk_summary.tsx +++ b/x-pack/plugins/security_solution/public/entity_analytics/components/risk_summary_flyout/risk_summary.tsx @@ -36,7 +36,7 @@ import type { RiskScoreState } from '../../api/hooks/use_risk_score'; import { getRiskScoreSummaryAttributes } from '../../lens_attributes/risk_score_summary'; import { - buildColumns, + columnsArray, getEntityData, getItems, isUserRiskData, @@ -80,9 +80,6 @@ const FlyoutRiskSummaryComponent = ({ }, [entityData?.name, entityData?.risk?.calculated_level, riskData]); const xsFontSize = useEuiFontSize('xxs').fontSize; - - const columns = useMemo(() => buildColumns(), []); - const rows = useMemo(() => getItems(entityData), [entityData]); const onToggle = useCallback( @@ -263,7 +260,7 @@ const FlyoutRiskSummaryComponent = ({ { return ( + + diff --git a/x-pack/plugins/security_solution/public/explore/components/paginated_table/index.tsx b/x-pack/plugins/security_solution/public/explore/components/paginated_table/index.tsx index 82cde8a24f1539..7fe4f0c0110b03 100644 --- a/x-pack/plugins/security_solution/public/explore/components/paginated_table/index.tsx +++ b/x-pack/plugins/security_solution/public/explore/components/paginated_table/index.tsx @@ -9,6 +9,7 @@ import type { EuiBasicTableProps, EuiGlobalToastListToast as Toast, EuiTableRowCellProps, + EuiTitleSize, } from '@elastic/eui'; import { EuiBasicTable, @@ -107,6 +108,7 @@ export interface BasicTableProps { dataTestSubj?: string; headerCount: number; headerFilters?: string | React.ReactNode; + titleSize?: EuiTitleSize; headerSupplement?: React.ReactElement; headerTitle: string | React.ReactElement; headerTooltip?: string; @@ -148,6 +150,7 @@ const PaginatedTableComponent: FC = ({ dataTestSubj = DEFAULT_DATA_TEST_SUBJ, headerCount, headerFilters, + titleSize, headerSupplement, headerTitle, headerTooltip, @@ -277,6 +280,7 @@ const PaginatedTableComponent: FC = ({ { /** @@ -34,7 +34,7 @@ export const AnalyzerPanel: React.FC = ({ resolverComponentI const { openPreviewPanel } = useExpandableFlyoutApi(); const openPreview = useCallback( - ({ documentId, indexName, scopeId }) => + ({ documentId, indexName, scopeId, isAlert }) => () => { openPreviewPanel({ id: DocumentDetailsPreviewPanelKey, @@ -43,7 +43,7 @@ export const AnalyzerPanel: React.FC = ({ resolverComponentI indexName, scopeId, isPreviewMode: true, - banner: ALERT_PREVIEW_BANNER, + banner: isAlert ? ALERT_PREVIEW_BANNER : EVENT_PREVIEW_BANNER, }, }); }, diff --git a/x-pack/plugins/security_solution/public/flyout/document_details/left/components/attach_to_active_timeline.test.tsx b/x-pack/plugins/security_solution/public/flyout/document_details/left/components/attach_to_active_timeline.test.tsx index 610354f8af8228..51f5641af0f9ce 100644 --- a/x-pack/plugins/security_solution/public/flyout/document_details/left/components/attach_to_active_timeline.test.tsx +++ b/x-pack/plugins/security_solution/public/flyout/document_details/left/components/attach_to_active_timeline.test.tsx @@ -50,13 +50,13 @@ describe('AttachToActiveTimeline', () => { expect(getByTestId(SAVE_TIMELINE_BUTTON_TEST_ID)).toBeInTheDocument(); expect(getByTestId(SAVE_TIMELINE_BUTTON_TEST_ID)).toHaveStyle('background-color: #FEC514'); - expect(getByTestId(SAVE_TIMELINE_BUTTON_TEST_ID)).toHaveTextContent('Save timeline'); + expect(getByTestId(SAVE_TIMELINE_BUTTON_TEST_ID)).toHaveTextContent('Save current Timeline'); expect(queryByTestId(ATTACH_TO_TIMELINE_CHECKBOX_TEST_ID)).not.toBeInTheDocument(); expect(getByTestId(ATTACH_TO_TIMELINE_CALLOUT_TEST_ID)).toBeInTheDocument(); expect(getByTestId(ATTACH_TO_TIMELINE_CALLOUT_TEST_ID)).toHaveClass('euiCallOut--warning'); - expect(getByText('Attach to timeline')).toBeInTheDocument(); + expect(getByText('Attach to current Timeline')).toBeInTheDocument(); expect( - getByText('Before attaching a note to the timeline, you need to save the timeline first.') + getByText('You must save the current Timeline before attaching notes to it.') ).toBeInTheDocument(); }); @@ -76,7 +76,7 @@ describe('AttachToActiveTimeline', () => { }, }); - const { getByTestId, getByText, queryByTestId } = render( + const { getByTestId, getByText, getAllByText, queryByTestId } = render( { expect(getByTestId(ATTACH_TO_TIMELINE_CHECKBOX_TEST_ID)).toBeInTheDocument(); expect(getByTestId(ATTACH_TO_TIMELINE_CALLOUT_TEST_ID)).toBeInTheDocument(); expect(getByTestId(ATTACH_TO_TIMELINE_CALLOUT_TEST_ID)).toHaveClass('euiCallOut--primary'); - expect(getByText('Attach to timeline')).toBeInTheDocument(); - expect( - getByText('You can associate the newly created note to the active timeline.') - ).toBeInTheDocument(); + expect(getAllByText('Attach to current Timeline')).toHaveLength(2); + expect(getByText('Also attach this note to the current Timeline.')).toBeInTheDocument(); }); it('should call the callback when user click on the checkbox', () => { diff --git a/x-pack/plugins/security_solution/public/flyout/document_details/left/components/attach_to_active_timeline.tsx b/x-pack/plugins/security_solution/public/flyout/document_details/left/components/attach_to_active_timeline.tsx index 77b34045612759..c8cd3609478810 100644 --- a/x-pack/plugins/security_solution/public/flyout/document_details/left/components/attach_to_active_timeline.tsx +++ b/x-pack/plugins/security_solution/public/flyout/document_details/left/components/attach_to_active_timeline.tsx @@ -26,31 +26,31 @@ const timelineCheckBoxId = 'xpack.securitySolution.flyout.notes.attachToTimeline export const ATTACH_TO_TIMELINE_CALLOUT_TITLE = i18n.translate( 'xpack.securitySolution.flyout.left.notes.attachToTimeline.calloutTitle', { - defaultMessage: 'Attach to timeline', + defaultMessage: 'Attach to current Timeline', } ); export const SAVED_TIMELINE_CALLOUT_CONTENT = i18n.translate( 'xpack.securitySolution.flyout.left.notes.attachToTimeline.calloutContent', { - defaultMessage: 'You can associate the newly created note to the active timeline.', + defaultMessage: 'Also attach this note to the current Timeline.', } ); export const UNSAVED_TIMELINE_CALLOUT_CONTENT = i18n.translate( 'xpack.securitySolution.flyout.left.notes.attachToTimeline.calloutContent', { - defaultMessage: 'Before attaching a note to the timeline, you need to save the timeline first.', + defaultMessage: 'You must save the current Timeline before attaching notes to it.', } ); export const ATTACH_TO_TIMELINE_CHECKBOX = i18n.translate( 'xpack.securitySolution.flyout.left.notes.attachToTimeline.checkboxLabel', { - defaultMessage: 'Attach to active timeline', + defaultMessage: 'Attach to current Timeline', } ); export const SAVE_TIMELINE_BUTTON = i18n.translate( - 'xpack.securitySolution.flyout.left.notes.savedTimelineButtonLabel', + 'xpack.securitySolution.flyout.left.notes.attachToTimeline.savedTimelineButtonLabel', { - defaultMessage: 'Save timeline', + defaultMessage: 'Save current Timeline', } ); diff --git a/x-pack/plugins/security_solution/public/flyout/document_details/left/components/notes_details.tsx b/x-pack/plugins/security_solution/public/flyout/document_details/left/components/notes_details.tsx index f97ca576d2385a..8877e1759c475c 100644 --- a/x-pack/plugins/security_solution/public/flyout/document_details/left/components/notes_details.tsx +++ b/x-pack/plugins/security_solution/public/flyout/document_details/left/components/notes_details.tsx @@ -33,6 +33,8 @@ import { import { useDocumentDetailsContext } from '../../shared/context'; import { useUserPrivileges } from '../../../../common/components/user_privileges'; import { useWhichFlyout } from '../../shared/hooks/use_which_flyout'; +import { BasicAlertDataContext } from './investigation_guide_view'; +import { useInvestigationGuide } from '../../shared/hooks/use_investigation_guide'; export const FETCH_NOTES_ERROR = i18n.translate( 'xpack.securitySolution.flyout.left.notes.fetchNotesErrorLabel', @@ -42,7 +44,7 @@ export const FETCH_NOTES_ERROR = i18n.translate( ); export const NO_NOTES = (isAlert: boolean) => i18n.translate('xpack.securitySolution.flyout.left.notes.noNotesLabel', { - defaultMessage: 'No notes have been created for this {value}', + defaultMessage: 'No notes have been created for this {value}.', values: { value: isAlert ? 'alert' : 'event' }, }); @@ -55,6 +57,10 @@ export const NotesDetails = memo(() => { const dispatch = useDispatch(); const { eventId, dataFormattedForFieldBrowser } = useDocumentDetailsContext(); const { kibanaSecuritySolutionsPrivileges } = useUserPrivileges(); + const { basicAlertData: basicData } = useInvestigationGuide({ + dataFormattedForFieldBrowser, + }); + const canCreateNotes = kibanaSecuritySolutionsPrivileges.crud; // will drive the value we send to the AddNote component @@ -130,7 +136,7 @@ export const NotesDetails = memo(() => { ); return ( - <> + {fetchStatus === ReqStatus.Loading && ( )} @@ -156,7 +162,7 @@ export const NotesDetails = memo(() => { )} - + ); }); diff --git a/x-pack/plugins/security_solution/public/flyout/document_details/preview/constants.ts b/x-pack/plugins/security_solution/public/flyout/document_details/preview/constants.ts index 0c07633c4c11e5..0d91a4852ece0e 100644 --- a/x-pack/plugins/security_solution/public/flyout/document_details/preview/constants.ts +++ b/x-pack/plugins/security_solution/public/flyout/document_details/preview/constants.ts @@ -8,12 +8,17 @@ import { i18n } from '@kbn/i18n'; export const ALERT_PREVIEW_BANNER = { - title: i18n.translate( - 'xpack.securitySolution.flyout.left.insights.correlations.alertPreviewTitle', - { - defaultMessage: 'Preview alert details', - } - ), + title: i18n.translate('xpack.securitySolution.flyout.preview.alertPreviewTitle', { + defaultMessage: 'Preview alert details', + }), + backgroundColor: 'warning', + textColor: 'warning', +}; + +export const EVENT_PREVIEW_BANNER = { + title: i18n.translate('xpack.securitySolution.flyout.preview.eventPreviewTitle', { + defaultMessage: 'Preview event details', + }), backgroundColor: 'warning', textColor: 'warning', }; diff --git a/x-pack/plugins/security_solution/public/flyout/document_details/preview/footer.test.tsx b/x-pack/plugins/security_solution/public/flyout/document_details/preview/footer.test.tsx index 4abd9ab7763aca..2eee16007f91c1 100644 --- a/x-pack/plugins/security_solution/public/flyout/document_details/preview/footer.test.tsx +++ b/x-pack/plugins/security_solution/public/flyout/document_details/preview/footer.test.tsx @@ -34,7 +34,7 @@ describe('', () => { jest.mocked(useExpandableFlyoutApi).mockReturnValue(mockFlyoutApi); }); - it('should render footer', () => { + it('should render footer for alert', () => { const { getByTestId } = render( @@ -43,6 +43,20 @@ describe('', () => { ); expect(getByTestId(PREVIEW_FOOTER_TEST_ID)).toBeInTheDocument(); + expect(getByTestId(PREVIEW_FOOTER_TEST_ID)).toHaveTextContent('Show full alert details'); + }); + + it('should render footer for event', () => { + const { getByTestId } = render( + + 'event' }} + > + + + + ); + expect(getByTestId(PREVIEW_FOOTER_TEST_ID)).toHaveTextContent('Show full event details'); }); it('should open document details flyout when clicked', () => { diff --git a/x-pack/plugins/security_solution/public/flyout/document_details/preview/footer.tsx b/x-pack/plugins/security_solution/public/flyout/document_details/preview/footer.tsx index 404a3debefc2e6..f437c9e77a158c 100644 --- a/x-pack/plugins/security_solution/public/flyout/document_details/preview/footer.tsx +++ b/x-pack/plugins/security_solution/public/flyout/document_details/preview/footer.tsx @@ -6,10 +6,12 @@ */ import { EuiLink, EuiFlexGroup, EuiFlexItem } from '@elastic/eui'; -import React, { useCallback } from 'react'; +import React, { useCallback, useMemo } from 'react'; import { i18n } from '@kbn/i18n'; import { useExpandableFlyoutApi } from '@kbn/expandable-flyout'; import { FlyoutFooter } from '@kbn/security-solution-common'; +import { getField } from '../shared/utils'; +import { EventKind } from '../shared/constants/event_kinds'; import { DocumentDetailsRightPanelKey } from '../shared/constants/panel_keys'; import { useDocumentDetailsContext } from '../shared/context'; import { PREVIEW_FOOTER_TEST_ID, PREVIEW_FOOTER_LINK_TEST_ID } from './test_ids'; @@ -19,10 +21,15 @@ import { useKibana } from '../../../common/lib/kibana'; * Footer at the bottom of preview panel with a link to open document details flyout */ export const PreviewPanelFooter = () => { - const { eventId, indexName, scopeId } = useDocumentDetailsContext(); + const { eventId, indexName, scopeId, getFieldsData } = useDocumentDetailsContext(); const { openFlyout } = useExpandableFlyoutApi(); const { telemetry } = useKibana().services; + const isAlert = useMemo( + () => getField(getFieldsData('event.kind')) === EventKind.signal, + [getFieldsData] + ); + const openDocumentFlyout = useCallback(() => { openFlyout({ right: { @@ -49,9 +56,12 @@ export const PreviewPanelFooter = () => { target="_blank" data-test-subj={PREVIEW_FOOTER_LINK_TEST_ID} > - {i18n.translate('xpack.securitySolution.flyout.preview.openFlyoutLabel', { - defaultMessage: 'Show full alert details', - })} + <> + {i18n.translate('xpack.securitySolution.flyout.preview.openFlyoutLabel', { + values: { isAlert }, + defaultMessage: 'Show full {isAlert, select, true{alert} other{event}} details', + })} + diff --git a/x-pack/plugins/security_solution/public/flyout/document_details/right/footer.tsx b/x-pack/plugins/security_solution/public/flyout/document_details/right/footer.tsx index be162a24dde200..e5a5fb12915a6b 100644 --- a/x-pack/plugins/security_solution/public/flyout/document_details/right/footer.tsx +++ b/x-pack/plugins/security_solution/public/flyout/document_details/right/footer.tsx @@ -8,9 +8,7 @@ import type { FC } from 'react'; import React, { useCallback, useMemo, useState } from 'react'; import { useExpandableFlyoutApi } from '@kbn/expandable-flyout'; -import styled from 'styled-components'; -import { euiThemeVars } from '@kbn/ui-theme'; -import { EuiFlexGroup, EuiFlexItem, useEuiTheme } from '@elastic/eui'; +import { EuiFlexGroup, EuiFlexItem, useEuiTheme, EuiFlyoutFooter, EuiPanel } from '@elastic/eui'; import { find } from 'lodash/fp'; import { FLYOUT_FOOTER_TEST_ID } from './test_ids'; import type { Status } from '../../../../common/api/detection_engine'; @@ -27,10 +25,6 @@ import { useExceptionFlyout } from '../../../detections/components/alerts_table/ import { isActiveTimeline } from '../../../helpers'; import { useEventFilterModal } from '../../../detections/components/alerts_table/timeline_actions/use_event_filter_modal'; -const StyledEuiFlyoutFooter = styled('div')` - padding: ${euiThemeVars.euiPanelPaddingModifiers.paddingMedium}; -`; - interface AlertSummaryData { /** * Status of the alert (open, closed...) @@ -182,27 +176,29 @@ export const PanelFooter: FC = ({ isPreview }) => { return ( <> - - - - {dataAsNestedObject && ( - - )} - - - + + + + + {dataAsNestedObject && ( + + )} + + + + {openAddExceptionFlyout && alertSummaryData.ruleId != null && diff --git a/x-pack/plugins/security_solution/public/management/components/endpoint_response_actions_list/components/actions_log_users_filter.test.tsx b/x-pack/plugins/security_solution/public/management/components/endpoint_response_actions_list/components/actions_log_users_filter.test.tsx index 5d47cfb3b43c3f..535c0114426dd3 100644 --- a/x-pack/plugins/security_solution/public/management/components/endpoint_response_actions_list/components/actions_log_users_filter.test.tsx +++ b/x-pack/plugins/security_solution/public/management/components/endpoint_response_actions_list/components/actions_log_users_filter.test.tsx @@ -15,9 +15,7 @@ import { import { ActionsLogUsersFilter } from './actions_log_users_filter'; import { MANAGEMENT_PATH } from '../../../../../common/constants'; -// FLAKY: https://github.com/elastic/kibana/issues/193554 -// FLAKY: https://github.com/elastic/kibana/issues/193092 -describe.skip('Users filter', () => { +describe('Users filter', () => { let render: ( props?: React.ComponentProps ) => ReturnType; @@ -29,7 +27,7 @@ describe.skip('Users filter', () => { const filterPrefix = 'users-filter'; let onChangeUsersFilter: jest.Mock; - beforeEach(async () => { + beforeEach(() => { onChangeUsersFilter = jest.fn(); mockedContext = createAppRootMockRenderer(); ({ history } = mockedContext); @@ -58,8 +56,8 @@ describe.skip('Users filter', () => { render(); const searchInput = renderResult.getByTestId(`${testPrefix}-${filterPrefix}-search`); - await userEvent.type(searchInput, 'usernameX'); - await userEvent.type(searchInput, '{enter}'); + await userEvent.type(searchInput, 'usernameX', { delay: 10 }); + await userEvent.keyboard('{enter}'); expect(onChangeUsersFilter).toHaveBeenCalledWith(['usernameX']); }); @@ -67,8 +65,8 @@ describe.skip('Users filter', () => { render(); const searchInput = renderResult.getByTestId(`${testPrefix}-${filterPrefix}-search`); - await userEvent.type(searchInput, 'usernameX,usernameY,usernameZ'); - await userEvent.type(searchInput, '{enter}'); + await userEvent.type(searchInput, 'usernameX,usernameY,usernameZ', { delay: 10 }); + await userEvent.keyboard('{enter}'); expect(onChangeUsersFilter).toHaveBeenCalledWith(['usernameX', 'usernameY', 'usernameZ']); }); @@ -76,8 +74,8 @@ describe.skip('Users filter', () => { render(); const searchInput = renderResult.getByTestId(`${testPrefix}-${filterPrefix}-search`); - await userEvent.type(searchInput, ' usernameX '); - await userEvent.type(searchInput, '{enter}'); + await userEvent.type(searchInput, ' usernameX ', { delay: 10 }); + await userEvent.keyboard('{enter}'); expect(onChangeUsersFilter).toHaveBeenCalledWith(['usernameX']); }); @@ -85,8 +83,8 @@ describe.skip('Users filter', () => { render(); const searchInput = renderResult.getByTestId(`${testPrefix}-${filterPrefix}-search`); - await userEvent.type(searchInput, ' , usernameX ,usernameY , '); - await userEvent.type(searchInput, '{enter}'); + await userEvent.type(searchInput, ' , usernameX ,usernameY , ', { delay: 10 }); + await userEvent.keyboard('{enter}'); expect(onChangeUsersFilter).toHaveBeenCalledWith(['usernameX', 'usernameY']); }); }); diff --git a/x-pack/plugins/security_solution/public/management/cypress/e2e/serverless/metering.cy.ts b/x-pack/plugins/security_solution/public/management/cypress/e2e/serverless/metering.cy.ts index baa2b37aa09761..ad56520d208f12 100644 --- a/x-pack/plugins/security_solution/public/management/cypress/e2e/serverless/metering.cy.ts +++ b/x-pack/plugins/security_solution/public/management/cypress/e2e/serverless/metering.cy.ts @@ -25,7 +25,7 @@ describe( ftrConfig: { kbnServerArgs: [ `--xpack.securitySolutionServerless.usageReportingTaskInterval=1m`, - `--xpack.securitySolutionServerless.usageApi.url=https://localhost:3623`, + `--xpack.securitySolutionServerless.usageApi.url=http://localhost:3623`, ], }, }, diff --git a/x-pack/plugins/security_solution/public/management/hooks/artifacts/use_list_artifact.test.tsx b/x-pack/plugins/security_solution/public/management/hooks/artifacts/use_list_artifact.test.tsx index 8f6e5c4353206b..52120153dd0796 100644 --- a/x-pack/plugins/security_solution/public/management/hooks/artifacts/use_list_artifact.test.tsx +++ b/x-pack/plugins/security_solution/public/management/hooks/artifacts/use_list_artifact.test.tsx @@ -16,7 +16,8 @@ import { renderQuery, } from '../test_utils'; -describe('List artifact hook', () => { +// FLAKY: https://github.com/elastic/kibana/issues/196724 +describe.skip('List artifact hook', () => { let result: ReturnType; let searchableFields: string[]; let options: diff --git a/x-pack/plugins/security_solution/public/management/links.ts b/x-pack/plugins/security_solution/public/management/links.ts index c83a7360910fa5..27b5b62eac6f8c 100644 --- a/x-pack/plugins/security_solution/public/management/links.ts +++ b/x-pack/plugins/security_solution/public/management/links.ts @@ -223,7 +223,7 @@ export const links: LinkItem = { title: NOTES, description: i18n.translate('xpack.securitySolution.appLinks.notesDescription', { defaultMessage: - 'Oversee, revise and revisit the annotations within each document and timeline.', + 'Oversee, revise, and revisit the notes attached to alerts, events and Timelines.', }), landingIcon: 'filebeatApp', path: NOTES_PATH, diff --git a/x-pack/plugins/security_solution/public/management/pages/blocklist/view/components/blocklist_form.test.tsx b/x-pack/plugins/security_solution/public/management/pages/blocklist/view/components/blocklist_form.test.tsx index 21798594641d8b..1c2ed0fd028b92 100644 --- a/x-pack/plugins/security_solution/public/management/pages/blocklist/view/components/blocklist_form.test.tsx +++ b/x-pack/plugins/security_solution/public/management/pages/blocklist/view/components/blocklist_form.test.tsx @@ -462,6 +462,18 @@ describe('blocklist form', () => { expect(screen.queryByText(ERRORS.INVALID_PATH)).toBeTruthy(); }); + it('should prevail duplicate value warning on lost focus', async () => { + const item = createItem({ + os_types: [OperatingSystem.WINDOWS], + entries: [createEntry('file.Ext.code_signature', ['valid', 'invalid'])], + }); + render(createProps({ item })); + await user.type(screen.getByRole('combobox'), 'invalid{enter}'); + expect(screen.queryByText(ERRORS.DUPLICATE_VALUE)).toBeTruthy(); + await user.click(screen.getByTestId('blocklist-form-os-select')); + expect(screen.queryByText(ERRORS.DUPLICATE_VALUE)).toBeTruthy(); + }); + it('should warn if single duplicate value entry', async () => { const hash = 'C3AB8FF13720E8AD9047DD39466B3C8974E592C2FA383D4A3960714CAEF0C4F2'; const item = createItem({ diff --git a/x-pack/plugins/security_solution/public/management/pages/blocklist/view/components/blocklist_form.tsx b/x-pack/plugins/security_solution/public/management/pages/blocklist/view/components/blocklist_form.tsx index 2163a0f1568335..fcdcc016c3f379 100644 --- a/x-pack/plugins/security_solution/public/management/pages/blocklist/view/components/blocklist_form.tsx +++ b/x-pack/plugins/security_solution/public/management/pages/blocklist/view/components/blocklist_form.tsx @@ -114,10 +114,8 @@ function isValid(itemValidation: ItemValidation): boolean { // eslint-disable-next-line react/display-name export const BlockListForm = memo( ({ item, policies, policiesIsLoading, onChange, mode }) => { - const [visited, setVisited] = useState<{ name: boolean; value: boolean }>({ - name: false, - value: false, - }); + const [nameVisited, setNameVisited] = useState(false); + const [valueVisited, setValueVisited] = useState({ value: false }); // Use object to trigger re-render const warningsRef = useRef({ name: {}, value: {} }); const errorsRef = useRef({ name: {}, value: {} }); const [selectedPolicies, setSelectedPolicies] = useState([]); @@ -269,57 +267,75 @@ export const BlockListForm = memo( ); }, [displaySingleValueInput]); - const validateValues = useCallback((nextItem: ArtifactFormComponentProps['item']) => { - const os = ((nextItem.os_types ?? [])[0] as OperatingSystem) ?? OperatingSystem.WINDOWS; - const { - field = 'file.hash.*', - type = ListOperatorTypeEnum.MATCH_ANY, - value = [], - } = (nextItem.entries[0] ?? {}) as BlocklistEntry; - - // value can be a string when isOperator is selected - const values = Array.isArray(value) ? value : [value].filter(Boolean); - - const newValueWarnings: ItemValidationNodes = {}; - const newNameErrors: ItemValidationNodes = {}; - const newValueErrors: ItemValidationNodes = {}; - // error if name empty - if (!nextItem.name.trim()) { - newNameErrors.NAME_REQUIRED = createValidationMessage(ERRORS.NAME_REQUIRED); - } + const validateValues = useCallback( + (nextItem: ArtifactFormComponentProps['item'], cleanState = false) => { + const os = ((nextItem.os_types ?? [])[0] as OperatingSystem) ?? OperatingSystem.WINDOWS; + const { + field = 'file.hash.*', + type = ListOperatorTypeEnum.MATCH_ANY, + value = [], + } = (nextItem.entries[0] ?? {}) as BlocklistEntry; + + // value can be a string when isOperator is selected + const values = Array.isArray(value) ? value : [value].filter(Boolean); + + const newValueWarnings: ItemValidationNodes = cleanState + ? {} + : { ...warningsRef.current.value }; + const newNameErrors: ItemValidationNodes = cleanState ? {} : { ...errorsRef.current.name }; + const newValueErrors: ItemValidationNodes = cleanState + ? {} + : { ...errorsRef.current.value }; + + // error if name empty + if (!nextItem.name.trim()) { + newNameErrors.NAME_REQUIRED = createValidationMessage(ERRORS.NAME_REQUIRED); + } else { + delete newNameErrors.NAME_REQUIRED; + } - // error if no values - if (!values.length) { - newValueErrors.VALUE_REQUIRED = createValidationMessage(ERRORS.VALUE_REQUIRED); - } + // error if no values + if (!values.length) { + newValueErrors.VALUE_REQUIRED = createValidationMessage(ERRORS.VALUE_REQUIRED); + } else { + delete newValueErrors.VALUE_REQUIRED; + } - // error if invalid hash - if (field === 'file.hash.*' && values.some((v) => !isValidHash(v))) { - newValueErrors.INVALID_HASH = createValidationMessage(ERRORS.INVALID_HASH); - } + // error if invalid hash + if (field === 'file.hash.*' && values.some((v) => !isValidHash(v))) { + newValueErrors.INVALID_HASH = createValidationMessage(ERRORS.INVALID_HASH); + } else { + delete newValueErrors.INVALID_HASH; + } - const isInvalidPath = values.some((v) => !isPathValid({ os, field, type, value: v })); - // warn if invalid path - if (field !== 'file.hash.*' && isInvalidPath) { - newValueWarnings.INVALID_PATH = createValidationMessage(ERRORS.INVALID_PATH); - } - // warn if duplicates - if (values.length !== uniq(values).length) { - newValueWarnings.DUPLICATE_VALUES = createValidationMessage(ERRORS.DUPLICATE_VALUES); - } + const isInvalidPath = values.some((v) => !isPathValid({ os, field, type, value: v })); + // warn if invalid path + if (field !== 'file.hash.*' && isInvalidPath) { + newValueWarnings.INVALID_PATH = createValidationMessage(ERRORS.INVALID_PATH); + } else { + delete newValueWarnings.INVALID_PATH; + } + // warn if duplicates + if (values.length !== uniq(values).length) { + newValueWarnings.DUPLICATE_VALUES = createValidationMessage(ERRORS.DUPLICATE_VALUES); + } else { + delete newValueWarnings.DUPLICATE_VALUES; + } - warningsRef.current = { ...warningsRef.current, value: newValueWarnings }; - errorsRef.current = { name: newNameErrors, value: newValueErrors }; - }, []); + warningsRef.current = { ...warningsRef.current, value: newValueWarnings }; + errorsRef.current = { name: newNameErrors, value: newValueErrors }; + }, + [] + ); const handleOnNameBlur = useCallback(() => { validateValues(item); - setVisited((prevVisited) => ({ ...prevVisited, name: true })); + setNameVisited(true); }, [item, validateValues]); const handleOnValueBlur = useCallback(() => { validateValues(item); - setVisited((prevVisited) => ({ ...prevVisited, value: true })); + setValueVisited({ value: true }); }, [item, validateValues]); const handleOnNameChange = useCallback( @@ -463,7 +479,7 @@ export const BlockListForm = memo( }; // trigger re-render without modifying item - setVisited((prevVisited) => ({ ...prevVisited })); + setValueVisited((prevState) => ({ ...prevState })); }, [blocklistEntry] ); @@ -495,7 +511,7 @@ export const BlockListForm = memo( entries: [{ ...blocklistEntry, value }], } as ArtifactFormComponentProps['item']; - validateValues(nextItem); + validateValues(nextItem, true); onChange({ isValid: isValid(errorsRef.current), item: nextItem, @@ -518,7 +534,7 @@ export const BlockListForm = memo( validateValues(nextItem as ArtifactFormComponentProps['item']); nextItem.entries[0].value = uniq(nextItem.entries[0].value); - setVisited((prevVisited) => ({ ...prevVisited, value: true })); + setValueVisited({ value: true }); onChange({ isValid: isValid(errorsRef.current), item: nextItem as ArtifactFormComponentProps['item'], @@ -563,7 +579,7 @@ export const BlockListForm = memo( @@ -572,7 +588,7 @@ export const BlockListForm = memo( value={item.name} onChange={handleOnNameChange} onBlur={handleOnNameBlur} - required={visited.name} + required={nameVisited} maxLength={256} data-test-subj={getTestId('name-input')} fullWidth @@ -651,7 +667,7 @@ export const BlockListForm = memo( { @@ -69,8 +72,8 @@ export const SearchRow = React.memo(() => { id={associatedSelectId} options={associatedNoteSelectOptions} onChange={onAssociatedNoteSelectChange} - prepend={FILTER_SELECT} - aria-label={FILTER_SELECT} + prepend={ATTACH_FILTER} + aria-label={ATTACH_FILTER} data-test-subj={ASSOCIATED_NOT_SELECT_TEST_ID} /> diff --git a/x-pack/plugins/security_solution/public/onboarding/common/lib/__mocks__/telemetry.ts b/x-pack/plugins/security_solution/public/onboarding/common/lib/__mocks__/telemetry.ts new file mode 100644 index 00000000000000..5d1c3feb56ed92 --- /dev/null +++ b/x-pack/plugins/security_solution/public/onboarding/common/lib/__mocks__/telemetry.ts @@ -0,0 +1,8 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +export const trackOnboardingLinkClick = jest.fn(); diff --git a/x-pack/plugins/security_solution/public/onboarding/common/lib/telemetry.ts b/x-pack/plugins/security_solution/public/onboarding/common/lib/telemetry.ts new file mode 100644 index 00000000000000..a88ae651ae6009 --- /dev/null +++ b/x-pack/plugins/security_solution/public/onboarding/common/lib/telemetry.ts @@ -0,0 +1,12 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { METRIC_TYPE, TELEMETRY_EVENT, track } from '../../../common/lib/telemetry'; + +export const trackOnboardingLinkClick = (linkId: string) => { + track(METRIC_TYPE.CLICK, `${TELEMETRY_EVENT.ONBOARDING}_${linkId}`); +}; diff --git a/x-pack/plugins/security_solution/public/onboarding/components/constants.ts b/x-pack/plugins/security_solution/public/onboarding/components/constants.ts new file mode 100644 index 00000000000000..5862eadb32051d --- /dev/null +++ b/x-pack/plugins/security_solution/public/onboarding/components/constants.ts @@ -0,0 +1,14 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +export const TELEMETRY_HEADER_CARD = `header_card`; + +export enum OnboardingHeaderCardId { + video = 'video', + teammates = 'teammates', + demo = 'demo', +} diff --git a/x-pack/plugins/security_solution/public/onboarding/components/onboarding_body/cards/integrations/callouts/agent_required_callout.test.tsx b/x-pack/plugins/security_solution/public/onboarding/components/onboarding_body/cards/integrations/callouts/agent_required_callout.test.tsx index dbd0c105d27a1f..53e8b6c34e8f29 100644 --- a/x-pack/plugins/security_solution/public/onboarding/components/onboarding_body/cards/integrations/callouts/agent_required_callout.test.tsx +++ b/x-pack/plugins/security_solution/public/onboarding/components/onboarding_body/cards/integrations/callouts/agent_required_callout.test.tsx @@ -14,8 +14,10 @@ import React from 'react'; import { render } from '@testing-library/react'; import { AgentRequiredCallout } from './agent_required_callout'; import { TestProviders } from '../../../../../../common/mock/test_providers'; +import { trackOnboardingLinkClick } from '../../../../../common/lib/telemetry'; jest.mock('../../../../../../common/lib/kibana'); +jest.mock('../../../../../common/lib/telemetry'); describe('AgentRequiredCallout', () => { beforeEach(() => { @@ -30,4 +32,12 @@ describe('AgentRequiredCallout', () => { ).toBeInTheDocument(); expect(getByTestId('agentLink')).toBeInTheDocument(); }); + + it('should track the agent link click', () => { + const { getByTestId } = render(, { wrapper: TestProviders }); + + getByTestId('agentLink').click(); + + expect(trackOnboardingLinkClick).toHaveBeenCalledWith('agent_required'); + }); }); diff --git a/x-pack/plugins/security_solution/public/onboarding/components/onboarding_body/cards/integrations/callouts/agent_required_callout.tsx b/x-pack/plugins/security_solution/public/onboarding/components/onboarding_body/cards/integrations/callouts/agent_required_callout.tsx index aad22c959bc655..b1d18b138487bf 100644 --- a/x-pack/plugins/security_solution/public/onboarding/components/onboarding_body/cards/integrations/callouts/agent_required_callout.tsx +++ b/x-pack/plugins/security_solution/public/onboarding/components/onboarding_body/cards/integrations/callouts/agent_required_callout.tsx @@ -11,16 +11,22 @@ import { EuiIcon } from '@elastic/eui'; import { LinkAnchor } from '../../../../../../common/components/links'; import { CardCallOut } from '../../common/card_callout'; import { useNavigation } from '../../../../../../common/lib/kibana'; -import { FLEET_APP_ID, ADD_AGENT_PATH } from '../constants'; +import { FLEET_APP_ID, ADD_AGENT_PATH, TELEMETRY_AGENT_REQUIRED } from '../constants'; +import { trackOnboardingLinkClick } from '../../../../../common/lib/telemetry'; const fleetAgentLinkProps = { appId: FLEET_APP_ID, path: ADD_AGENT_PATH }; export const AgentRequiredCallout = React.memo(() => { const { getAppUrl, navigateTo } = useNavigation(); const addAgentLink = getAppUrl(fleetAgentLinkProps); - const onAddAgentClick = useCallback(() => { - navigateTo(fleetAgentLinkProps); - }, [navigateTo]); + const onAddAgentClick = useCallback( + (e: React.MouseEvent) => { + e.preventDefault(); + trackOnboardingLinkClick(TELEMETRY_AGENT_REQUIRED); + navigateTo(fleetAgentLinkProps); + }, + [navigateTo] + ); return ( ({ - useKibana: jest.fn(), -})); +jest.mock('../../../../../../common/lib/kibana'); +jest.mock('../../../../../common/lib/telemetry'); describe('AgentlessAvailableCallout', () => { const mockUseKibana = useKibana as jest.Mock; @@ -62,4 +62,14 @@ describe('AgentlessAvailableCallout', () => { ).toBeInTheDocument(); expect(getByTestId('agentlessLearnMoreLink')).toBeInTheDocument(); }); + + it('should track the agentless learn more link click', () => { + const { getByTestId } = render(, { + wrapper: TestProviders, + }); + + getByTestId('agentlessLearnMoreLink').click(); + + expect(trackOnboardingLinkClick).toHaveBeenCalledWith('agentless_learn_more'); + }); }); diff --git a/x-pack/plugins/security_solution/public/onboarding/components/onboarding_body/cards/integrations/callouts/agentless_available_callout.tsx b/x-pack/plugins/security_solution/public/onboarding/components/onboarding_body/cards/integrations/callouts/agentless_available_callout.tsx index f802f83efb7e58..eaf8cbaa3b2875 100644 --- a/x-pack/plugins/security_solution/public/onboarding/components/onboarding_body/cards/integrations/callouts/agentless_available_callout.tsx +++ b/x-pack/plugins/security_solution/public/onboarding/components/onboarding_body/cards/integrations/callouts/agentless_available_callout.tsx @@ -5,19 +5,25 @@ * 2.0. */ -import React from 'react'; +import React, { useCallback } from 'react'; import { FormattedMessage } from '@kbn/i18n-react'; import { EuiIcon, useEuiTheme } from '@elastic/eui'; import { css } from '@emotion/react'; import { useKibana } from '../../../../../../common/lib/kibana'; import { LinkAnchor } from '../../../../../../common/components/links'; +import { trackOnboardingLinkClick } from '../../../../../common/lib/telemetry'; import { CardCallOut } from '../../common/card_callout'; +import { TELEMETRY_AGENTLESS_LEARN_MORE } from '../constants'; export const AgentlessAvailableCallout = React.memo(() => { const { euiTheme } = useEuiTheme(); const { docLinks } = useKibana().services; + const onClick = useCallback(() => { + trackOnboardingLinkClick(TELEMETRY_AGENTLESS_LEARN_MORE); + }, []); + /* @ts-expect-error: add the blog link to `packages/kbn-doc-links/src/get_doc_links.ts` when it is ready and remove this exit condition*/ if (!docLinks.links.fleet.agentlessBlog) { return null; @@ -54,6 +60,7 @@ export const AgentlessAvailableCallout = React.memo(() => { { + beforeEach(() => { + jest.clearAllMocks(); + }); + + it('renders the callout', () => { + const { getByTestId, getByText } = render(, { wrapper: TestProviders }); + + expect( + getByText('Orchestrate response across endpoint vendors with bidirectional integrations') + ).toBeInTheDocument(); + expect(getByTestId('endpointLearnMoreLink')).toBeInTheDocument(); + }); + + it('should track the agent link click', () => { + const { getByTestId } = render(, { wrapper: TestProviders }); + + getByTestId('endpointLearnMoreLink').click(); + + expect(trackOnboardingLinkClick).toHaveBeenCalledWith('endpoint_learn_more'); + }); +}); diff --git a/x-pack/plugins/security_solution/public/onboarding/components/onboarding_body/cards/integrations/callouts/endpoint_callout.tsx b/x-pack/plugins/security_solution/public/onboarding/components/onboarding_body/cards/integrations/callouts/endpoint_callout.tsx index 2ff48a1992d1d3..d5b0199c9f4015 100644 --- a/x-pack/plugins/security_solution/public/onboarding/components/onboarding_body/cards/integrations/callouts/endpoint_callout.tsx +++ b/x-pack/plugins/security_solution/public/onboarding/components/onboarding_body/cards/integrations/callouts/endpoint_callout.tsx @@ -5,7 +5,7 @@ * 2.0. */ -import React from 'react'; +import React, { useCallback } from 'react'; import { FormattedMessage } from '@kbn/i18n-react'; import { EuiIcon, useEuiTheme } from '@elastic/eui'; import { css } from '@emotion/react'; @@ -13,10 +13,15 @@ import { css } from '@emotion/react'; import { useKibana } from '../../../../../../common/lib/kibana/kibana_react'; import { LinkAnchor } from '../../../../../../common/components/links'; import { CardCallOut } from '../../common/card_callout'; +import { trackOnboardingLinkClick } from '../../../../../common/lib/telemetry'; +import { TELEMETRY_ENDPOINT_LEARN_MORE } from '../constants'; export const EndpointCallout = React.memo(() => { const { euiTheme } = useEuiTheme(); const { docLinks } = useKibana().services; + const onClick = useCallback(() => { + trackOnboardingLinkClick(TELEMETRY_ENDPOINT_LEARN_MORE); + }, []); return ( { data-test-subj="endpointLearnMoreLink" external={true} target="_blank" + onClick={onClick} > { const { href: integrationUrl, onClick: onAddIntegrationClicked } = useAddIntegrationsUrl(); + const onClick = useCallback( + (e: React.MouseEvent) => { + e.preventDefault(); + trackOnboardingLinkClick(TELEMETRY_MANAGE_INTEGRATIONS); + onAddIntegrationClicked(e); + }, + [onAddIntegrationClicked] + ); + if (!installedIntegrationsCount) { return null; } @@ -41,7 +52,7 @@ export const ManageIntegrationsCallout = React.memo( ), link: ( diff --git a/x-pack/plugins/security_solution/public/onboarding/components/onboarding_body/cards/integrations/constants.ts b/x-pack/plugins/security_solution/public/onboarding/components/onboarding_body/cards/integrations/constants.ts index e245de61294784..c748f5205e7aad 100644 --- a/x-pack/plugins/security_solution/public/onboarding/components/onboarding_body/cards/integrations/constants.ts +++ b/x-pack/plugins/security_solution/public/onboarding/components/onboarding_body/cards/integrations/constants.ts @@ -24,3 +24,9 @@ export const SCROLL_ELEMENT_ID = 'integrations-scroll-container'; export const SEARCH_FILTER_CATEGORIES: CategoryFacet[] = []; export const WITH_SEARCH_BOX_HEIGHT = '568px'; export const WITHOUT_SEARCH_BOX_HEIGHT = '513px'; +export const TELEMETRY_MANAGE_INTEGRATIONS = `manage_integrations`; +export const TELEMETRY_ENDPOINT_LEARN_MORE = `endpoint_learn_more`; +export const TELEMETRY_AGENTLESS_LEARN_MORE = `agentless_learn_more`; +export const TELEMETRY_AGENT_REQUIRED = `agent_required`; +export const TELEMETRY_INTEGRATION_CARD = `card`; +export const TELEMETRY_INTEGRATION_TAB = `tab`; diff --git a/x-pack/plugins/security_solution/public/onboarding/components/onboarding_body/cards/integrations/integration_card_grid_tabs.test.tsx b/x-pack/plugins/security_solution/public/onboarding/components/onboarding_body/cards/integrations/integration_card_grid_tabs.test.tsx index f55cc8cd50b2d9..c88ffb6a598b71 100644 --- a/x-pack/plugins/security_solution/public/onboarding/components/onboarding_body/cards/integrations/integration_card_grid_tabs.test.tsx +++ b/x-pack/plugins/security_solution/public/onboarding/components/onboarding_body/cards/integrations/integration_card_grid_tabs.test.tsx @@ -15,9 +15,11 @@ import { useStoredIntegrationTabId, } from '../../../../hooks/use_stored_state'; import { DEFAULT_TAB } from './constants'; +import { trackOnboardingLinkClick } from '../../../../common/lib/telemetry'; jest.mock('../../../onboarding_context'); jest.mock('../../../../hooks/use_stored_state'); +jest.mock('../../../../common/lib/telemetry'); jest.mock('../../../../../common/lib/kibana', () => ({ ...jest.requireActual('../../../../../common/lib/kibana'), @@ -118,6 +120,33 @@ describe('IntegrationsCardGridTabsComponent', () => { expect(mockSetTabId).toHaveBeenCalledWith('user'); }); + it('tracks the tab clicks', () => { + (useStoredIntegrationTabId as jest.Mock).mockReturnValue(['recommended', mockSetTabId]); + + mockUseAvailablePackages.mockReturnValue({ + isLoading: false, + filteredCards: [], + setCategory: mockSetCategory, + setSelectedSubCategory: mockSetSelectedSubCategory, + setSearchTerm: mockSetSearchTerm, + }); + + const { getByTestId } = render( + + ); + + const tabButton = getByTestId('user'); + + act(() => { + fireEvent.click(tabButton); + }); + + expect(trackOnboardingLinkClick).toHaveBeenCalledWith('tab_user'); + }); + it('renders no search tools when showSearchTools is false', async () => { mockUseAvailablePackages.mockReturnValue({ isLoading: false, diff --git a/x-pack/plugins/security_solution/public/onboarding/components/onboarding_body/cards/integrations/integration_card_grid_tabs.tsx b/x-pack/plugins/security_solution/public/onboarding/components/onboarding_body/cards/integrations/integration_card_grid_tabs.tsx index fc30fb0d6c6175..e1ce7f5cdecf18 100644 --- a/x-pack/plugins/security_solution/public/onboarding/components/onboarding_body/cards/integrations/integration_card_grid_tabs.tsx +++ b/x-pack/plugins/security_solution/public/onboarding/components/onboarding_body/cards/integrations/integration_card_grid_tabs.tsx @@ -21,6 +21,7 @@ import { LOADING_SKELETON_TEXT_LINES, SCROLL_ELEMENT_ID, SEARCH_FILTER_CATEGORIES, + TELEMETRY_INTEGRATION_TAB, WITHOUT_SEARCH_BOX_HEIGHT, WITH_SEARCH_BOX_HEIGHT, } from './constants'; @@ -28,6 +29,7 @@ import { INTEGRATION_TABS, INTEGRATION_TABS_BY_ID } from './integration_tabs_con import { useIntegrationCardList } from './use_integration_card_list'; import { IntegrationTabId } from './types'; import { IntegrationCardTopCallout } from './callouts/integration_card_top_callout'; +import { trackOnboardingLinkClick } from '../../../../common/lib/telemetry'; export interface IntegrationsCardGridTabsProps { installedIntegrationsCount: number; @@ -55,8 +57,10 @@ export const IntegrationsCardGridTabsComponent = React.memo { const id = stringId as IntegrationTabId; + const trackId = `${TELEMETRY_INTEGRATION_TAB}_${id}`; scrollElement.current?.scrollTo?.(0, 0); setSelectedTabIdToStorage(id); + trackOnboardingLinkClick(trackId); }, [setSelectedTabIdToStorage] ); diff --git a/x-pack/plugins/security_solution/public/onboarding/components/onboarding_body/cards/integrations/use_integration_card_list.test.ts b/x-pack/plugins/security_solution/public/onboarding/components/onboarding_body/cards/integrations/use_integration_card_list.test.ts index 9c4e1978f27b79..19ab340276b83d 100644 --- a/x-pack/plugins/security_solution/public/onboarding/components/onboarding_body/cards/integrations/use_integration_card_list.test.ts +++ b/x-pack/plugins/security_solution/public/onboarding/components/onboarding_body/cards/integrations/use_integration_card_list.test.ts @@ -6,12 +6,14 @@ */ import { renderHook } from '@testing-library/react-hooks'; import { useIntegrationCardList } from './use_integration_card_list'; +import { trackOnboardingLinkClick } from '../../../../common/lib/telemetry'; +jest.mock('../../../../common/lib/telemetry'); jest.mock('../../../../../common/lib/kibana', () => ({ ...jest.requireActual('../../../../../common/lib/kibana'), useNavigation: jest.fn().mockReturnValue({ navigateTo: jest.fn(), - getAppUrl: jest.fn(), + getAppUrl: jest.fn().mockReturnValue(''), }), })); @@ -73,4 +75,17 @@ describe('useIntegrationCardList', () => { expect(result.current).toEqual([mockFilteredCards.featuredCards['epr:endpoint']]); }); + + it('tracks integration card click', () => { + const { result } = renderHook(() => + useIntegrationCardList({ + integrationsList: mockIntegrationsList, + }) + ); + + const card = result.current[0]; + card.onCardClick?.(); + + expect(trackOnboardingLinkClick).toHaveBeenCalledWith('card_epr:endpoint'); + }); }); diff --git a/x-pack/plugins/security_solution/public/onboarding/components/onboarding_body/cards/integrations/use_integration_card_list.ts b/x-pack/plugins/security_solution/public/onboarding/components/onboarding_body/cards/integrations/use_integration_card_list.ts index 2a9675f91e9a8e..ccea5299551c1d 100644 --- a/x-pack/plugins/security_solution/public/onboarding/components/onboarding_body/cards/integrations/use_integration_card_list.ts +++ b/x-pack/plugins/security_solution/public/onboarding/components/onboarding_body/cards/integrations/use_integration_card_list.ts @@ -20,8 +20,10 @@ import { MAX_CARD_HEIGHT_IN_PX, ONBOARDING_APP_ID, ONBOARDING_LINK, + TELEMETRY_INTEGRATION_CARD, } from './constants'; import type { GetAppUrl, NavigateTo } from '../../../../../common/lib/kibana'; +import { trackOnboardingLinkClick } from '../../../../common/lib/telemetry'; const addPathParamToUrl = (url: string, onboardingLink: string) => { const encoded = encodeURIComponent(onboardingLink); @@ -97,6 +99,8 @@ const addSecuritySpecificProps = ({ showInstallationStatus: true, url, onCardClick: () => { + const trackId = `${TELEMETRY_INTEGRATION_CARD}_${card.id}`; + trackOnboardingLinkClick(trackId); if (url.startsWith(APP_INTEGRATIONS_PATH)) { navigateTo({ appId: INTEGRATION_APP_ID, diff --git a/x-pack/plugins/security_solution/public/onboarding/components/onboarding_footer/constants.ts b/x-pack/plugins/security_solution/public/onboarding/components/onboarding_footer/constants.ts new file mode 100644 index 00000000000000..f67b991e0ea756 --- /dev/null +++ b/x-pack/plugins/security_solution/public/onboarding/components/onboarding_footer/constants.ts @@ -0,0 +1,16 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +export const TELEMETRY_FOOTER_LINK = `footer_link`; + +export enum OnboardingFooterLinkItemId { + video = 'video', + documentation = 'documentation', + demo = 'demo', + forum = 'forum', + labs = 'labs', +} diff --git a/x-pack/plugins/security_solution/public/onboarding/components/onboarding_footer/footer_items.ts b/x-pack/plugins/security_solution/public/onboarding/components/onboarding_footer/footer_items.ts index e0e2b272da3aa4..f064947f657a40 100644 --- a/x-pack/plugins/security_solution/public/onboarding/components/onboarding_footer/footer_items.ts +++ b/x-pack/plugins/security_solution/public/onboarding/components/onboarding_footer/footer_items.ts @@ -9,11 +9,12 @@ import documentation from './images/documentation.png'; import forum from './images/forum.png'; import demo from './images/demo.png'; import labs from './images/labs.png'; +import { OnboardingFooterLinkItemId } from './constants'; export const footerItems = [ { icon: documentation, - key: 'documentation', + id: OnboardingFooterLinkItemId.documentation, title: i18n.translate('xpack.securitySolution.onboarding.footer.documentation.title', { defaultMessage: 'Browse documentation', }), @@ -32,7 +33,7 @@ export const footerItems = [ }, { icon: forum, - key: 'forum', + id: OnboardingFooterLinkItemId.forum, title: i18n.translate('xpack.securitySolution.onboarding.footer.forum.title', { defaultMessage: 'Explore forum', }), @@ -48,7 +49,7 @@ export const footerItems = [ }, { icon: demo, - key: 'demo', + id: OnboardingFooterLinkItemId.demo, title: i18n.translate('xpack.securitySolution.onboarding.footer.demo.title', { defaultMessage: 'View demo project', }), @@ -64,7 +65,7 @@ export const footerItems = [ }, { icon: labs, - key: 'labs', + id: OnboardingFooterLinkItemId.labs, title: i18n.translate('xpack.securitySolution.onboarding.footer.labs.title', { defaultMessage: 'Elastic Security Labs', }), diff --git a/x-pack/plugins/security_solution/public/onboarding/components/onboarding_footer/onboarding_footer.test.tsx b/x-pack/plugins/security_solution/public/onboarding/components/onboarding_footer/onboarding_footer.test.tsx new file mode 100644 index 00000000000000..ae80d0c9273c36 --- /dev/null +++ b/x-pack/plugins/security_solution/public/onboarding/components/onboarding_footer/onboarding_footer.test.tsx @@ -0,0 +1,52 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import React from 'react'; +import { render } from '@testing-library/react'; +import { trackOnboardingLinkClick } from '../../common/lib/telemetry'; +import { FooterLinkItem } from './onboarding_footer'; +import { OnboardingFooterLinkItemId, TELEMETRY_FOOTER_LINK } from './constants'; + +jest.mock('../../common/lib/telemetry'); + +describe('OnboardingFooterComponent', () => { + beforeEach(() => { + jest.clearAllMocks(); + }); + + it('FooterLinkItems should render the title and description', () => { + const { getByText } = render( + + ); + + expect(getByText('Mock Title')).toBeInTheDocument(); + expect(getByText('Mock Description')).toBeInTheDocument(); + }); + + it('FooterLinkItems should track the link click', () => { + const { getByTestId } = render( + + ); + + getByTestId('footerLinkItem').click(); + expect(trackOnboardingLinkClick).toHaveBeenCalledWith( + `${TELEMETRY_FOOTER_LINK}_${OnboardingFooterLinkItemId.documentation}` + ); + }); +}); diff --git a/x-pack/plugins/security_solution/public/onboarding/components/onboarding_footer/onboarding_footer.tsx b/x-pack/plugins/security_solution/public/onboarding/components/onboarding_footer/onboarding_footer.tsx index af0f7bdd6e5ef8..fdf743d339a607 100644 --- a/x-pack/plugins/security_solution/public/onboarding/components/onboarding_footer/onboarding_footer.tsx +++ b/x-pack/plugins/security_solution/public/onboarding/components/onboarding_footer/onboarding_footer.tsx @@ -5,33 +5,71 @@ * 2.0. */ -import React from 'react'; +import React, { useCallback } from 'react'; import { EuiFlexGroup, EuiFlexItem, EuiLink, EuiSpacer, EuiText, EuiTitle } from '@elastic/eui'; import { useFooterStyles } from './onboarding_footer.styles'; import { footerItems } from './footer_items'; +import { trackOnboardingLinkClick } from '../../common/lib/telemetry'; +import type { OnboardingFooterLinkItemId } from './constants'; +import { TELEMETRY_FOOTER_LINK } from './constants'; export const OnboardingFooter = React.memo(() => { const styles = useFooterStyles(); return ( - {footerItems.map((item) => ( - - {item.title} - - -

{item.title}

- - - {item.description} - - - - {item.link.title} - - - + {footerItems.map(({ id, title, icon, description, link }) => ( + ))} ); }); OnboardingFooter.displayName = 'OnboardingFooter'; + +interface FooterLinkItemProps { + id: OnboardingFooterLinkItemId; + title: string; + icon: string; + description: string; + link: { href: string; title: string }; +} + +export const FooterLinkItem = React.memo( + ({ id, title, icon, description, link }) => { + const onClickWithReport = useCallback(() => { + trackOnboardingLinkClick(`${TELEMETRY_FOOTER_LINK}_${id}`); + }, [id]); + + return ( + + {title} + + +

{title}

+ + + {description} + + + {/* eslint-disable-next-line @elastic/eui/href-or-on-click */} + + {link.title} + + + + ); + } +); + +FooterLinkItem.displayName = 'FooterLinkItem'; diff --git a/x-pack/plugins/security_solution/public/onboarding/components/onboarding_header/cards/common/link_card.test.tsx b/x-pack/plugins/security_solution/public/onboarding/components/onboarding_header/cards/common/link_card.test.tsx index 7499e3feaf5f2c..83bfa317d8fbbe 100644 --- a/x-pack/plugins/security_solution/public/onboarding/components/onboarding_header/cards/common/link_card.test.tsx +++ b/x-pack/plugins/security_solution/public/onboarding/components/onboarding_header/cards/common/link_card.test.tsx @@ -8,6 +8,10 @@ import React from 'react'; import { render } from '@testing-library/react'; import { LinkCard } from './link_card'; +import { OnboardingHeaderCardId, TELEMETRY_HEADER_CARD } from '../../../constants'; +import { trackOnboardingLinkClick } from '../../../../common/lib/telemetry'; + +jest.mock('../../../../common/lib/telemetry'); describe('DataIngestionHubHeaderCardComponent', () => { beforeEach(() => { @@ -17,6 +21,7 @@ describe('DataIngestionHubHeaderCardComponent', () => { it('should render the title, description, and icon', () => { const { getByTestId, getByText } = render( { expect(getByTestId('data-ingestion-header-card-icon')).toHaveAttribute('src', 'mockIcon.png'); }); + it('should track the link card click', () => { + const { getByTestId } = render( + + ); + + getByTestId('headerCardLink').click(); + expect(trackOnboardingLinkClick).toHaveBeenCalledWith( + `${TELEMETRY_HEADER_CARD}_${OnboardingHeaderCardId.demo}` + ); + }); + it('should apply dark mode styles when color mode is DARK', () => { const { container } = render( = React.memo( - ({ icon, title, description, onClick, href, target, linkText }) => { + ({ id, icon, title, description, onClick, href, target, linkText }) => { const cardStyles = useCardStyles(); const cardClassName = classNames(cardStyles, 'headerCard'); + + const onClickWithReport = useCallback(() => { + trackOnboardingLinkClick(`${TELEMETRY_HEADER_CARD}_${id}`); + onClick?.(); + }, [id, onClick]); + return ( = React.memo( {/* eslint-disable-next-line @elastic/eui/href-or-on-click */} - + {linkText} diff --git a/x-pack/plugins/security_solution/public/onboarding/components/onboarding_header/cards/demo_card/demo_card.tsx b/x-pack/plugins/security_solution/public/onboarding/components/onboarding_header/cards/demo_card/demo_card.tsx index dfb8da662060e8..b86ae2dcd219d1 100644 --- a/x-pack/plugins/security_solution/public/onboarding/components/onboarding_header/cards/demo_card/demo_card.tsx +++ b/x-pack/plugins/security_solution/public/onboarding/components/onboarding_header/cards/demo_card/demo_card.tsx @@ -10,10 +10,12 @@ import { LinkCard } from '../common/link_card'; import demoImage from './images/demo_card.png'; import darkDemoImage from './images/demo_card_dark.png'; import * as i18n from './translations'; +import { OnboardingHeaderCardId } from '../../../constants'; export const DemoCard = React.memo<{ isDarkMode: boolean }>(({ isDarkMode }) => { return ( (({ isDarkMode } const usersUrl = useObservable(usersUrl$, undefined); return ( (({ isDarkMode }) => { const [isModalVisible, setIsModalVisible] = useState(false); + const closeVideoModal = useCallback(() => { setIsModalVisible(false); }, []); @@ -24,6 +26,7 @@ export const VideoCard = React.memo<{ isDarkMode: boolean }>(({ isDarkMode }) => return ( <> ', () => { '@timestamp': 1726589803115, event: { id: 'event id', + kind: 'signal', }, }} /> @@ -141,6 +142,7 @@ describe('', () => { documentId: 'test _id', indexName: '_index', scopeId: 'test', + isAlert: true, }); }); }); diff --git a/x-pack/plugins/security_solution/public/resolver/view/panels/node_events_of_type.tsx b/x-pack/plugins/security_solution/public/resolver/view/panels/node_events_of_type.tsx index 07a1ee9464cc15..77bb59769b8d5a 100644 --- a/x-pack/plugins/security_solution/public/resolver/view/panels/node_events_of_type.tsx +++ b/x-pack/plugins/security_solution/public/resolver/view/panels/node_events_of_type.tsx @@ -30,15 +30,18 @@ import { useFormattedDate } from './use_formatted_date'; import { expandDottedObject } from '../../../../common/utils/expand_dotted'; import type { State } from '../../../common/store/types'; import { userRequestedAdditionalRelatedEvents } from '../../store/data/action'; +import { EventKind } from '../../../flyout/document_details/shared/constants/event_kinds'; export type NodeEventOnClick = ({ documentId, indexName, scopeId, + isAlert, }: { documentId: string | undefined; indexName: string | undefined; scopeId: string; + isAlert: boolean; }) => () => void; /** @@ -128,6 +131,7 @@ export const NodeEventsListItem = memo(function ({ const expandedEvent = expandDottedObject(event); const timestamp = eventModel.eventTimestamp(expandedEvent); const eventID = eventModel.eventID(expandedEvent); + const isAlert = eventModel.eventKind(expandedEvent)[0] === EventKind.signal; const documentId = eventModel.documentID(expandedEvent); const indexName = eventModel.indexName(expandedEvent); const winlogRecordID = eventModel.winlogRecordID(expandedEvent); @@ -172,7 +176,7 @@ export const NodeEventsListItem = memo(function ({ {nodeEventOnClick ? ( diff --git a/x-pack/plugins/security_solution/public/timelines/components/notes/save_timeline.test.tsx b/x-pack/plugins/security_solution/public/timelines/components/notes/save_timeline.test.tsx index 36a45e993674fc..8a024aec798408 100644 --- a/x-pack/plugins/security_solution/public/timelines/components/notes/save_timeline.test.tsx +++ b/x-pack/plugins/security_solution/public/timelines/components/notes/save_timeline.test.tsx @@ -42,11 +42,11 @@ describe('SaveTimelineCallout', () => { expect(getByTestId(SAVE_TIMELINE_BUTTON_TEST_ID)).toBeInTheDocument(); expect(getByTestId(SAVE_TIMELINE_BUTTON_TEST_ID)).toHaveStyle('background-color: #BD271E'); - expect(getByTestId(SAVE_TIMELINE_BUTTON_TEST_ID)).toHaveTextContent('Save timeline'); + expect(getByTestId(SAVE_TIMELINE_BUTTON_TEST_ID)).toHaveTextContent('Save Timeline'); expect(getByTestId(SAVE_TIMELINE_CALLOUT_TEST_ID)).toBeInTheDocument(); - expect(getAllByText('Save timeline')).toHaveLength(2); + expect(getAllByText('Save Timeline')).toHaveLength(2); expect( - getByText('You need to save your timeline before creating notes for it.') + getByText('You must save this Timeline before attaching notes to it.') ).toBeInTheDocument(); }); }); diff --git a/x-pack/plugins/security_solution/public/timelines/components/notes/save_timeline.tsx b/x-pack/plugins/security_solution/public/timelines/components/notes/save_timeline.tsx index 0c0a56f2699d33..12efd2db689b7c 100644 --- a/x-pack/plugins/security_solution/public/timelines/components/notes/save_timeline.tsx +++ b/x-pack/plugins/security_solution/public/timelines/components/notes/save_timeline.tsx @@ -16,19 +16,19 @@ import { SaveTimelineButton } from '../modal/actions/save_timeline_button'; export const SAVE_TIMELINE_CALLOUT_TITLE = i18n.translate( 'xpack.securitySolution.timeline.notes.saveTimeline.calloutTitle', { - defaultMessage: 'Save timeline', + defaultMessage: 'Save Timeline', } ); export const SAVE_TIMELINE_CALLOUT_CONTENT = i18n.translate( 'xpack.securitySolution.timeline.notes.saveTimeline.calloutContent', { - defaultMessage: 'You need to save your timeline before creating notes for it.', + defaultMessage: 'You must save this Timeline before attaching notes to it.', } ); export const SAVE_TIMELINE_BUTTON = i18n.translate( - 'xpack.securitySolution.flyout.left.notes.savedTimelineButtonLabel', + 'xpack.securitySolution.flyout.left.notes.saveTimeline.buttonLabel', { - defaultMessage: 'Save timeline', + defaultMessage: 'Save Timeline', } ); diff --git a/x-pack/plugins/security_solution/public/timelines/components/timeline/tabs/notes/index.tsx b/x-pack/plugins/security_solution/public/timelines/components/timeline/tabs/notes/index.tsx index 737001125c9901..aad74f15d4f62b 100644 --- a/x-pack/plugins/security_solution/public/timelines/components/timeline/tabs/notes/index.tsx +++ b/x-pack/plugins/security_solution/public/timelines/components/timeline/tabs/notes/index.tsx @@ -59,7 +59,7 @@ export const FETCH_NOTES_ERROR = i18n.translate( } ); export const NO_NOTES = i18n.translate('xpack.securitySolution.notes.noNotesLabel', { - defaultMessage: 'No notes have yet been created for this timeline', + defaultMessage: 'No notes have been created for this Timeline.', }); interface NotesTabContentProps { diff --git a/x-pack/plugins/security_solution/public/timelines/components/timeline/tabs/query/query_tab_unified_components.test.tsx b/x-pack/plugins/security_solution/public/timelines/components/timeline/tabs/query/query_tab_unified_components.test.tsx index 9d450f46f4b012..107c1661836471 100644 --- a/x-pack/plugins/security_solution/public/timelines/components/timeline/tabs/query/query_tab_unified_components.test.tsx +++ b/x-pack/plugins/security_solution/public/timelines/components/timeline/tabs/query/query_tab_unified_components.test.tsx @@ -918,7 +918,7 @@ describe('query tab with unified timeline', () => { await waitFor(() => { expect(screen.getByTestId('timeline-notes-tool-tip')).toBeInTheDocument(); expect(screen.getByTestId('timeline-notes-tool-tip')).toHaveTextContent( - '1 Note available. Click to view it & add more.' + '1 note available. Click to view it and add more.' ); }); }, @@ -975,7 +975,7 @@ describe('query tab with unified timeline', () => { await waitFor(() => { expect(screen.getByTestId('timeline-notes-tool-tip')).toBeVisible(); expect(screen.getByTestId('timeline-notes-tool-tip')).toHaveTextContent( - '1 Note available. Click to view it & add more.' + '1 note available. Click to view it and add more.' ); }); }, diff --git a/x-pack/plugins/security_solution/scripts/endpoint/agent_downloader_cli/agent_downloader.ts b/x-pack/plugins/security_solution/scripts/endpoint/agent_downloader_cli/agent_downloader.ts index 8366c77575e70c..a3e250a464b9c4 100644 --- a/x-pack/plugins/security_solution/scripts/endpoint/agent_downloader_cli/agent_downloader.ts +++ b/x-pack/plugins/security_solution/scripts/endpoint/agent_downloader_cli/agent_downloader.ts @@ -45,7 +45,7 @@ const downloadAndStoreElasticAgent = async ( ): Promise => { const versionsToDownload = getVersionsToDownload(version); - // Although we have a list of versions to try downloading, we only need to download one, and will return as soon as it succeeds. + // Download all the versions in the list for (const versionToDownload of versionsToDownload) { try { const { url } = await getAgentDownloadUrl(versionToDownload, closestMatch, log); @@ -53,13 +53,10 @@ const downloadAndStoreElasticAgent = async ( await downloadAndStoreAgent(url, fileName); log.info(`Successfully downloaded and stored version ${versionToDownload}`); - return; // Exit once successful } catch (error) { log.error(`Failed to download or store version ${versionToDownload}: ${error.message}`); } } - - log.error(`Failed to download agent for any available version: ${versionsToDownload.join(', ')}`); }; export const agentDownloaderRunner: RunFn = async (cliContext) => { diff --git a/x-pack/plugins/security_solution/scripts/endpoint/common/agent_downloads_service.ts b/x-pack/plugins/security_solution/scripts/endpoint/common/agent_downloads_service.ts index 4c963332ad0c2a..10d5eaf5432413 100644 --- a/x-pack/plugins/security_solution/scripts/endpoint/common/agent_downloads_service.ts +++ b/x-pack/plugins/security_solution/scripts/endpoint/common/agent_downloads_service.ts @@ -113,8 +113,14 @@ class AgentDownloadStorage extends SettingsStorage await handleProcessInterruptions( async () => { - const { body } = await nodeFetch(agentDownloadUrl); - await finished(body.pipe(outputStream)); + try { + const { body } = await nodeFetch(agentDownloadUrl); + await finished(body.pipe(outputStream)); + } catch (error) { + this.log.error(`Error during download attempt ${attempt}: ${error.message}`); + // Ensure any errors here propagate and trigger retry + throw error; + } }, () => fs.unlinkSync(newDownloadInfo.fullFilePath) // Clean up on interruption ); diff --git a/x-pack/plugins/security_solution/scripts/endpoint/common/connectors_services.ts b/x-pack/plugins/security_solution/scripts/endpoint/common/connectors_services.ts index 3fb2971f1236d2..62ce76437c1d69 100644 --- a/x-pack/plugins/security_solution/scripts/endpoint/common/connectors_services.ts +++ b/x-pack/plugins/security_solution/scripts/endpoint/common/connectors_services.ts @@ -7,8 +7,7 @@ import type { KbnClient } from '@kbn/test'; import type { AllConnectorsResponseV1 } from '@kbn/actions-plugin/common/routes/connector/response'; -import type { bodySchema } from '@kbn/actions-plugin/server/routes/create'; -import type { TypeOf } from '@kbn/config-schema'; +import type { CreateConnectorRequestBodyV1 } from '@kbn/actions-plugin/common/routes/connector/apis/create'; import type { Connector } from '@kbn/actions-plugin/server/application/connector/types'; import { catchAxiosErrorFormatAndThrow } from '../../../common/endpoint/format_axios_error'; @@ -46,8 +45,6 @@ export const fetchConnectorByType = async ( } }; -type CreateConnectorBody = TypeOf; - /** * Creates a connector in the stack * @param kbnClient @@ -55,7 +52,7 @@ type CreateConnectorBody = TypeOf; */ export const createConnector = async ( kbnClient: KbnClient, - createPayload: CreateConnectorBody + createPayload: CreateConnectorRequestBodyV1 ): Promise => { return kbnClient .request({ diff --git a/x-pack/plugins/security_solution/scripts/endpoint/common/roles_users/serverless/es_serverless_resources/roles.yml b/x-pack/plugins/security_solution/scripts/endpoint/common/roles_users/serverless/es_serverless_resources/roles.yml index 3fd3bd2e3233e7..4c17bfa922d2ee 100644 --- a/x-pack/plugins/security_solution/scripts/endpoint/common/roles_users/serverless/es_serverless_resources/roles.yml +++ b/x-pack/plugins/security_solution/scripts/endpoint/common/roles_users/serverless/es_serverless_resources/roles.yml @@ -53,6 +53,7 @@ viewer: - ".fleet-actions*" - "risk-score.risk-score-*" - ".asset-criticality.asset-criticality-*" + - ".entities.v1.latest.security_*" - ".ml-anomalies-*" privileges: - read @@ -117,6 +118,7 @@ editor: - "maintenance" - names: - ".asset-criticality.asset-criticality-*" + - .entities.v1.latest.security_* privileges: - "read" - "write" @@ -181,6 +183,7 @@ t1_analyst: - ".fleet-actions*" - risk-score.risk-score-* - .asset-criticality.asset-criticality-* + - .entities.v1.latest.security_* - ".ml-anomalies-*" privileges: - read @@ -231,6 +234,7 @@ t2_analyst: - .fleet-agents* - .fleet-actions* - risk-score.risk-score-* + - .entities.v1.latest.security_* - ".ml-anomalies-*" privileges: - read @@ -295,6 +299,7 @@ t3_analyst: - .fleet-agents* - .fleet-actions* - risk-score.risk-score-* + - .entities.v1.latest.security_* - ".ml-anomalies-*" privileges: - read @@ -363,6 +368,7 @@ threat_intelligence_analyst: - .fleet-agents* - .fleet-actions* - risk-score.risk-score-* + - .entities.v1.latest.security_* - ".ml-anomalies-*" privileges: - read @@ -424,6 +430,7 @@ rule_author: - .fleet-agents* - .fleet-actions* - risk-score.risk-score-* + - .entities.v1.latest.security_* - ".ml-anomalies-*" privileges: - read @@ -468,6 +475,7 @@ soc_manager: - packetbeat-* - winlogbeat-* - .asset-criticality.asset-criticality-* + - .entities.v1.latest.security_* privileges: - read - write @@ -491,6 +499,7 @@ soc_manager: - .fleet-agents* - .fleet-actions* - risk-score.risk-score-* + - .asset-criticality.asset-criticality-* - ".ml-anomalies-*" privileges: - read @@ -563,6 +572,7 @@ detections_admin: - all - names: - .asset-criticality.asset-criticality-* + - .entities.v1.latest.security_* privileges: - read - write @@ -611,6 +621,7 @@ platform_engineer: - all - names: - .asset-criticality.asset-criticality-* + - .entities.v1.latest.security_* privileges: - read - write @@ -670,6 +681,7 @@ endpoint_operations_analyst: - .lists* - .items* - risk-score.risk-score-* + - .entities.v1.latest.security_* - ".ml-anomalies-*" privileges: - read @@ -740,6 +752,7 @@ endpoint_policy_manager: - packetbeat-* - winlogbeat-* - risk-score.risk-score-* + - .entities.v1.latest.security_* - ".ml-anomalies-*" privileges: - read diff --git a/x-pack/plugins/security_solution/server/endpoint/routes/metadata/index.ts b/x-pack/plugins/security_solution/server/endpoint/routes/metadata/index.ts index 9603e9e9a6d48a..2f6e46d1d77278 100644 --- a/x-pack/plugins/security_solution/server/endpoint/routes/metadata/index.ts +++ b/x-pack/plugins/security_solution/server/endpoint/routes/metadata/index.ts @@ -95,6 +95,7 @@ export function registerEndpointRoutes( access: 'public', path: METADATA_TRANSFORMS_STATUS_ROUTE, options: { authRequired: true, tags: ['access:securitySolution'] }, + // @ts-expect-error TODO(https://github.com/elastic/kibana/issues/196095): Replace {RouteDeprecationInfo} deprecated: true, }) .addVersion( diff --git a/x-pack/plugins/security_solution/server/endpoint/routes/suggestions/index.ts b/x-pack/plugins/security_solution/server/endpoint/routes/suggestions/index.ts index a4853d9772ad7b..677fb004ee862f 100644 --- a/x-pack/plugins/security_solution/server/endpoint/routes/suggestions/index.ts +++ b/x-pack/plugins/security_solution/server/endpoint/routes/suggestions/index.ts @@ -43,6 +43,7 @@ export function registerEndpointSuggestionsRoutes( access: 'public', path: SUGGESTIONS_ROUTE, options: { authRequired: true, tags: ['access:securitySolution'] }, + // @ts-expect-error TODO(https://github.com/elastic/kibana/issues/196095): Replace {RouteDeprecationInfo} deprecated: true, }) .addVersion( diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/prebuilt_rules/api/perform_rule_upgrade/diffable_rule_fields_mappings.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/prebuilt_rules/api/perform_rule_upgrade/diffable_rule_fields_mappings.ts index d56747f9db2649..8a796b5db1e288 100644 --- a/x-pack/plugins/security_solution/server/lib/detection_engine/prebuilt_rules/api/perform_rule_upgrade/diffable_rule_fields_mappings.ts +++ b/x-pack/plugins/security_solution/server/lib/detection_engine/prebuilt_rules/api/perform_rule_upgrade/diffable_rule_fields_mappings.ts @@ -7,6 +7,8 @@ import { get } from 'lodash'; import type { RuleSchedule, + DataSourceIndexPatterns, + DataSourceDataView, InlineKqlQuery, ThreeWayDiff, DiffableRuleTypes, @@ -195,6 +197,10 @@ export const transformDiffableFieldValues = ( } else if (fieldName === 'saved_id' && isInlineQuery(diffableFieldValue)) { // saved_id should be set only for rules with SavedKqlQuery, undefined otherwise return { type: 'TRANSFORMED_FIELD', value: undefined }; + } else if (fieldName === 'data_view_id' && isDataSourceIndexPatterns(diffableFieldValue)) { + return { type: 'TRANSFORMED_FIELD', value: undefined }; + } else if (fieldName === 'index' && isDataSourceDataView(diffableFieldValue)) { + return { type: 'TRANSFORMED_FIELD', value: undefined }; } return { type: 'NON_TRANSFORMED_FIELD' }; @@ -209,3 +215,18 @@ function isInlineQuery(value: unknown): value is InlineKqlQuery { typeof value === 'object' && value !== null && 'type' in value && value.type === 'inline_query' ); } + +function isDataSourceIndexPatterns(value: unknown): value is DataSourceIndexPatterns { + return ( + typeof value === 'object' && + value !== null && + 'type' in value && + value.type === 'index_patterns' + ); +} + +function isDataSourceDataView(value: unknown): value is DataSourceDataView { + return ( + typeof value === 'object' && value !== null && 'type' in value && value.type === 'data_view' + ); +} diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/routes/__mocks__/request_context.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/routes/__mocks__/request_context.ts index f562ea7f7bf5f1..ebc1706b309f83 100644 --- a/x-pack/plugins/security_solution/server/lib/detection_engine/routes/__mocks__/request_context.ts +++ b/x-pack/plugins/security_solution/server/lib/detection_engine/routes/__mocks__/request_context.ts @@ -42,6 +42,7 @@ import { auditLoggerMock } from '@kbn/security-plugin/server/audit/mocks'; import { detectionRulesClientMock } from '../../rule_management/logic/detection_rules_client/__mocks__/detection_rules_client'; import { packageServiceMock } from '@kbn/fleet-plugin/server/services/epm/package_service.mock'; import type { EndpointInternalFleetServicesInterface } from '../../../../endpoint/services/fleet'; +import { siemMigrationsServiceMock } from '../../../siem_migrations/__mocks__/mocks'; export const createMockClients = () => { const core = coreMock.createRequestHandlerContext(); @@ -78,6 +79,7 @@ export const createMockClients = () => { internalFleetServices: { packages: packageServiceMock.createClient(), }, + siemMigrationsClient: siemMigrationsServiceMock.createClient(), }; }; @@ -163,6 +165,7 @@ const createSecuritySolutionRequestContextMock = ( getAssetCriticalityDataClient: jest.fn(() => clients.assetCriticalityDataClient), getAuditLogger: jest.fn(() => mockAuditLogger), getEntityStoreDataClient: jest.fn(() => clients.entityStoreDataClient), + getSiemMigrationsClient: jest.fn(() => clients.siemMigrationsClient), }; }; diff --git a/x-pack/plugins/security_solution/server/lib/entity_analytics/entity_store/constants.ts b/x-pack/plugins/security_solution/server/lib/entity_analytics/entity_store/constants.ts index addf432f20398f..796932d79b364d 100644 --- a/x-pack/plugins/security_solution/server/lib/entity_analytics/entity_store/constants.ts +++ b/x-pack/plugins/security_solution/server/lib/entity_analytics/entity_store/constants.ts @@ -9,7 +9,7 @@ import type { EngineStatus } from '../../../../common/api/entity_analytics'; export const DEFAULT_LOOKBACK_PERIOD = '24h'; -export const DEFAULT_INTERVAL = '15s'; +export const DEFAULT_INTERVAL = '30s'; export const ENGINE_STATUS: Record, EngineStatus> = { INSTALLING: 'installing', diff --git a/x-pack/plugins/security_solution/server/lib/entity_analytics/entity_store/elasticsearch_assets/ingest_pipeline.ts b/x-pack/plugins/security_solution/server/lib/entity_analytics/entity_store/elasticsearch_assets/ingest_pipeline.ts index 58e78b5983fa0e..c2a5bff51f8305 100644 --- a/x-pack/plugins/security_solution/server/lib/entity_analytics/entity_store/elasticsearch_assets/ingest_pipeline.ts +++ b/x-pack/plugins/security_solution/server/lib/entity_analytics/entity_store/elasticsearch_assets/ingest_pipeline.ts @@ -67,7 +67,7 @@ const buildIngestPipeline = ({ { set: { field: '@timestamp', - value: '{{entity.lastSeenTimestamp}}', + value: '{{entity.last_seen_timestamp}}', }, }, { diff --git a/x-pack/plugins/security_solution/server/lib/entity_analytics/entity_store/elasticsearch_assets/ingest_processor_steps/remove_entity_definition_fields_step.ts b/x-pack/plugins/security_solution/server/lib/entity_analytics/entity_store/elasticsearch_assets/ingest_processor_steps/remove_entity_definition_fields_step.ts index ad6a459f7ae80e..96677a9c8a9b26 100644 --- a/x-pack/plugins/security_solution/server/lib/entity_analytics/entity_store/elasticsearch_assets/ingest_processor_steps/remove_entity_definition_fields_step.ts +++ b/x-pack/plugins/security_solution/server/lib/entity_analytics/entity_store/elasticsearch_assets/ingest_processor_steps/remove_entity_definition_fields_step.ts @@ -15,13 +15,12 @@ export const removeEntityDefinitionFieldsStep = (): IngestProcessorContainer => remove: { ignore_failure: true, field: [ - 'entity.lastSeenTimestamp', - 'entity.schemaVersion', - 'entity.definitionVersion', - 'entity.identityFields', - 'entity.definitionId', - 'entity.displayName', - 'entity.firstSeenTimestamp', + 'entity.last_seen_timestamp', + 'entity.schema_version', + 'entity.definition_version', + 'entity.identity_fields', + 'entity.definition_id', + 'entity.display_name', ], }, }); diff --git a/x-pack/plugins/security_solution/server/lib/entity_analytics/entity_store/routes/entities/list.ts b/x-pack/plugins/security_solution/server/lib/entity_analytics/entity_store/routes/entities/list.ts index 6aaab39656e7d7..3eefcb7de5752d 100644 --- a/x-pack/plugins/security_solution/server/lib/entity_analytics/entity_store/routes/entities/list.ts +++ b/x-pack/plugins/security_solution/server/lib/entity_analytics/entity_store/routes/entities/list.ts @@ -53,7 +53,7 @@ export const listEntitiesRoute = (router: EntityAnalyticsRoutesDeps['router'], l const { page = 1, per_page: perPage = 10, - sort_field: sortField = 'entity.lastSeenTimestamp', + sort_field: sortField = '@timestamp', sort_order: sortOrder = 'desc', entities_types: entityTypes, filterQuery, diff --git a/x-pack/plugins/security_solution/server/lib/entity_analytics/entity_store/united_entity_definitions/entity_types/common.ts b/x-pack/plugins/security_solution/server/lib/entity_analytics/entity_store/united_entity_definitions/entity_types/common.ts index 2f0213d5f38202..ac974bf119d4aa 100644 --- a/x-pack/plugins/security_solution/server/lib/entity_analytics/entity_store/united_entity_definitions/entity_types/common.ts +++ b/x-pack/plugins/security_solution/server/lib/entity_analytics/entity_store/united_entity_definitions/entity_types/common.ts @@ -7,7 +7,7 @@ import type { EntityType } from '../../../../../../common/api/entity_analytics/entity_store'; import { getIdentityFieldForEntityType } from '../../utils'; -import { collectValues, newestValue } from '../definition_utils'; +import { oldestValue, newestValue } from '../definition_utils'; import type { UnitedDefinitionField } from '../types'; export const getCommonUnitedFieldDefinitions = ({ @@ -19,10 +19,9 @@ export const getCommonUnitedFieldDefinitions = ({ }): UnitedDefinitionField[] => { const identityField = getIdentityFieldForEntityType(entityType); return [ - collectValues({ + oldestValue({ sourceField: '_index', field: 'entity.source', - fieldHistoryLength, }), newestValue({ field: 'asset.criticality' }), newestValue({ diff --git a/x-pack/plugins/security_solution/server/lib/entity_analytics/entity_store/united_entity_definitions/entity_types/host.ts b/x-pack/plugins/security_solution/server/lib/entity_analytics/entity_store/united_entity_definitions/entity_types/host.ts index e8d812d73ff272..db9266997743e6 100644 --- a/x-pack/plugins/security_solution/server/lib/entity_analytics/entity_store/united_entity_definitions/entity_types/host.ts +++ b/x-pack/plugins/security_solution/server/lib/entity_analytics/entity_store/united_entity_definitions/entity_types/host.ts @@ -18,6 +18,8 @@ export const getHostUnitedDefinition: UnitedDefinitionBuilder = (fieldHistoryLen collect({ field: 'host.domain' }), collect({ field: 'host.hostname' }), collect({ field: 'host.id' }), + collect({ field: 'host.os.name' }), + collect({ field: 'host.os.type' }), collect({ field: 'host.ip', mapping: { diff --git a/x-pack/plugins/security_solution/server/lib/entity_analytics/entity_store/united_entity_definitions/get_united_definition.test.ts b/x-pack/plugins/security_solution/server/lib/entity_analytics/entity_store/united_entity_definitions/get_united_definition.test.ts index 2657917d45a78e..d9c54e1fcd288e 100644 --- a/x-pack/plugins/security_solution/server/lib/entity_analytics/entity_store/united_entity_definitions/get_united_definition.test.ts +++ b/x-pack/plugins/security_solution/server/lib/entity_analytics/entity_store/united_entity_definitions/get_united_definition.test.ts @@ -59,6 +59,12 @@ describe('getUnitedEntityDefinition', () => { "host.name": Object { "type": "keyword", }, + "host.os.name": Object { + "type": "keyword", + }, + "host.os.type": Object { + "type": "keyword", + }, "host.risk.calculated_level": Object { "type": "keyword", }, @@ -95,6 +101,16 @@ describe('getUnitedEntityDefinition', () => { "maxLength": 10, "operation": "collect_values", }, + Object { + "field": "host.os.name", + "maxLength": 10, + "operation": "collect_values", + }, + Object { + "field": "host.os.type", + "maxLength": 10, + "operation": "collect_values", + }, Object { "field": "host.ip", "maxLength": 10, @@ -117,8 +133,7 @@ describe('getUnitedEntityDefinition', () => { }, Object { "field": "entity.source", - "maxLength": 10, - "operation": "collect_values", + "operation": "prefer_oldest_value", }, Object { "field": "asset.criticality", @@ -185,6 +200,22 @@ describe('getUnitedEntityDefinition', () => { "destination": "host.id", "source": "host.id", }, + Object { + "aggregation": Object { + "limit": 10, + "type": "terms", + }, + "destination": "host.os.name", + "source": "host.os.name", + }, + Object { + "aggregation": Object { + "limit": 10, + "type": "terms", + }, + "destination": "host.os.type", + "source": "host.os.type", + }, Object { "aggregation": Object { "limit": 10, @@ -219,8 +250,10 @@ describe('getUnitedEntityDefinition', () => { }, Object { "aggregation": Object { - "limit": 10, - "type": "terms", + "sort": Object { + "@timestamp": "asc", + }, + "type": "top_value", }, "destination": "entity.source", "source": "_index", @@ -373,8 +406,7 @@ describe('getUnitedEntityDefinition', () => { }, Object { "field": "entity.source", - "maxLength": 10, - "operation": "collect_values", + "operation": "prefer_oldest_value", }, Object { "field": "asset.criticality", @@ -467,8 +499,10 @@ describe('getUnitedEntityDefinition', () => { }, Object { "aggregation": Object { - "limit": 10, - "type": "terms", + "sort": Object { + "@timestamp": "asc", + }, + "type": "top_value", }, "destination": "entity.source", "source": "_index", diff --git a/x-pack/plugins/security_solution/server/lib/entity_analytics/risk_score/configurations.ts b/x-pack/plugins/security_solution/server/lib/entity_analytics/risk_score/configurations.ts index 6dbf68c699fd5e..610ada87f51595 100644 --- a/x-pack/plugins/security_solution/server/lib/entity_analytics/risk_score/configurations.ts +++ b/x-pack/plugins/security_solution/server/lib/entity_analytics/risk_score/configurations.ts @@ -129,6 +129,9 @@ export const riskScoreFieldMap: FieldMap = { } as const; export const mappingComponentName = '.risk-score-mappings'; +export const nameSpaceAwareMappingsComponentName = (namespace: string): string => { + return `${mappingComponentName}-${namespace}`; +}; export const totalFieldsLimit = 1000; export const getIndexPatternDataStream = (namespace: string): IIndexPatternString => ({ diff --git a/x-pack/plugins/security_solution/server/lib/entity_analytics/risk_score/risk_score_data_client.test.ts b/x-pack/plugins/security_solution/server/lib/entity_analytics/risk_score/risk_score_data_client.test.ts index 2ddd04a7669442..cec3330af52e6a 100644 --- a/x-pack/plugins/security_solution/server/lib/entity_analytics/risk_score/risk_score_data_client.test.ts +++ b/x-pack/plugins/security_solution/server/lib/entity_analytics/risk_score/risk_score_data_client.test.ts @@ -40,6 +40,7 @@ jest.spyOn(transforms, 'scheduleTransformNow').mockResolvedValue(Promise.resolve describe('RiskScoreDataClient', () => { let riskScoreDataClient: RiskScoreDataClient; + let riskScoreDataClientWithNameSpace: RiskScoreDataClient; let mockSavedObjectClient: ReturnType; let logger: ReturnType; const esClient = elasticsearchServiceMock.createScopedClusterClient().asCurrentUser; @@ -56,6 +57,8 @@ describe('RiskScoreDataClient', () => { namespace: 'default', }; riskScoreDataClient = new RiskScoreDataClient(options); + const optionsWithNamespace = { ...options, namespace: 'space-1' }; + riskScoreDataClientWithNameSpace = new RiskScoreDataClient(optionsWithNamespace); }); afterEach(() => { @@ -80,369 +83,396 @@ describe('RiskScoreDataClient', () => { }); describe('init success', () => { - it('should initialize risk engine resources', async () => { - await riskScoreDataClient.init(); + it('should initialize risk engine resources in the appropriate space', async () => { + const assertComponentTemplate = (namespace: string) => { + expect(createOrUpdateComponentTemplate).toHaveBeenCalledWith( + expect.objectContaining({ + logger, + esClient, + template: expect.objectContaining({ + name: `.risk-score-mappings-${namespace}`, + _meta: { + managed: true, + }, + }), + totalFieldsLimit: 1000, + }) + ); + }; - expect(createOrUpdateComponentTemplate).toHaveBeenCalledWith( - expect.objectContaining({ + const assertIndexTemplate = (namespace: string) => { + expect(createOrUpdateIndexTemplate).toHaveBeenCalledWith({ logger, esClient, - template: expect.objectContaining({ - name: '.risk-score-mappings', - _meta: { - managed: true, - }, - }), - totalFieldsLimit: 1000, - }) - ); - expect((createOrUpdateComponentTemplate as jest.Mock).mock.lastCall[0].template.template) - .toMatchInlineSnapshot(` - Object { - "mappings": Object { - "dynamic": "strict", - "properties": Object { - "@timestamp": Object { - "ignore_malformed": false, - "type": "date", + template: { + name: `.risk-score.risk-score-${namespace}-index-template`, + body: { + data_stream: { hidden: true }, + index_patterns: [`risk-score.risk-score-${namespace}`], + composed_of: [`.risk-score-mappings-${namespace}`], + template: { + lifecycle: {}, + settings: { + 'index.mapping.total_fields.limit': totalFieldsLimit, + }, + mappings: { + dynamic: false, + _meta: { + kibana: { + version: '8.9.0', + }, + managed: true, + namespace, }, - "host": Object { - "properties": Object { - "name": Object { - "type": "keyword", - }, - "risk": Object { - "properties": Object { - "calculated_level": Object { - "type": "keyword", - }, - "calculated_score": Object { - "type": "float", - }, - "calculated_score_norm": Object { - "type": "float", - }, - "category_1_count": Object { - "type": "long", - }, - "category_1_score": Object { - "type": "float", - }, - "id_field": Object { - "type": "keyword", - }, - "id_value": Object { - "type": "keyword", - }, - "inputs": Object { - "properties": Object { - "category": Object { - "type": "keyword", - }, - "description": Object { - "type": "keyword", - }, - "id": Object { - "type": "keyword", - }, - "index": Object { - "type": "keyword", - }, - "risk_score": Object { - "type": "float", - }, - "timestamp": Object { - "type": "date", - }, + }, + }, + _meta: { + kibana: { + version: '8.9.0', + }, + managed: true, + namespace, + }, + }, + }, + }); + }; + + const assertDataStream = (namespace: string) => { + expect(createDataStream).toHaveBeenCalledWith({ + logger, + esClient, + totalFieldsLimit, + indexPatterns: { + template: `.risk-score.risk-score-${namespace}-index-template`, + alias: `risk-score.risk-score-${namespace}`, + }, + }); + }; + + const assertIndex = (namespace: string) => { + expect(createOrUpdateIndex).toHaveBeenCalledWith({ + logger, + esClient, + options: { + index: `risk-score.risk-score-latest-${namespace}`, + mappings: { + dynamic: false, + properties: { + '@timestamp': { + ignore_malformed: false, + type: 'date', + }, + host: { + properties: { + name: { + type: 'keyword', + }, + risk: { + properties: { + calculated_level: { + type: 'keyword', + }, + calculated_score: { + type: 'float', + }, + calculated_score_norm: { + type: 'float', + }, + category_1_count: { + type: 'long', + }, + category_1_score: { + type: 'float', + }, + id_field: { + type: 'keyword', + }, + id_value: { + type: 'keyword', + }, + inputs: { + properties: { + category: { + type: 'keyword', + }, + description: { + type: 'keyword', + }, + id: { + type: 'keyword', + }, + index: { + type: 'keyword', + }, + risk_score: { + type: 'float', + }, + timestamp: { + type: 'date', }, - "type": "object", - }, - "notes": Object { - "type": "keyword", }, + type: 'object', + }, + notes: { + type: 'keyword', }, - "type": "object", }, + type: 'object', }, }, - "user": Object { - "properties": Object { - "name": Object { - "type": "keyword", - }, - "risk": Object { - "properties": Object { - "calculated_level": Object { - "type": "keyword", - }, - "calculated_score": Object { - "type": "float", - }, - "calculated_score_norm": Object { - "type": "float", - }, - "category_1_count": Object { - "type": "long", - }, - "category_1_score": Object { - "type": "float", - }, - "id_field": Object { - "type": "keyword", - }, - "id_value": Object { - "type": "keyword", - }, - "inputs": Object { - "properties": Object { - "category": Object { - "type": "keyword", - }, - "description": Object { - "type": "keyword", - }, - "id": Object { - "type": "keyword", - }, - "index": Object { - "type": "keyword", - }, - "risk_score": Object { - "type": "float", - }, - "timestamp": Object { - "type": "date", - }, + }, + user: { + properties: { + name: { + type: 'keyword', + }, + risk: { + properties: { + calculated_level: { + type: 'keyword', + }, + calculated_score: { + type: 'float', + }, + calculated_score_norm: { + type: 'float', + }, + category_1_count: { + type: 'long', + }, + category_1_score: { + type: 'float', + }, + id_field: { + type: 'keyword', + }, + id_value: { + type: 'keyword', + }, + inputs: { + properties: { + category: { + type: 'keyword', + }, + description: { + type: 'keyword', + }, + id: { + type: 'keyword', + }, + index: { + type: 'keyword', + }, + risk_score: { + type: 'float', + }, + timestamp: { + type: 'date', }, - "type": "object", - }, - "notes": Object { - "type": "keyword", }, + type: 'object', + }, + notes: { + type: 'keyword', }, - "type": "object", }, + type: 'object', }, }, }, }, - "settings": Object {}, - } - `); + }, + }, + }); + }; - expect(createOrUpdateIndexTemplate).toHaveBeenCalledWith({ - logger, - esClient, - template: { - name: '.risk-score.risk-score-default-index-template', - body: { - data_stream: { hidden: true }, - index_patterns: ['risk-score.risk-score-default'], - composed_of: ['.risk-score-mappings'], - template: { - lifecycle: {}, - settings: { - 'index.mapping.total_fields.limit': totalFieldsLimit, - }, - mappings: { - dynamic: false, - _meta: { - kibana: { - version: '8.9.0', - }, - managed: true, - namespace: 'default', - }, + const assertTransform = (namespace: string) => { + expect(transforms.createTransform).toHaveBeenCalledWith({ + logger, + esClient, + transform: { + dest: { + index: `risk-score.risk-score-latest-${namespace}`, + }, + frequency: '1h', + latest: { + sort: '@timestamp', + unique_key: ['host.name', 'user.name'], + }, + source: { + index: [`risk-score.risk-score-${namespace}`], + }, + sync: { + time: { + delay: '0s', + field: '@timestamp', }, }, + transform_id: `risk_score_latest_transform_${namespace}`, + settings: { + unattended: true, + }, _meta: { - kibana: { - version: '8.9.0', - }, + version: 2, managed: true, - namespace: 'default', + managed_by: 'security-entity-analytics', }, }, - }, - }); + }); + }; - expect(createDataStream).toHaveBeenCalledWith({ - logger, - esClient, - totalFieldsLimit, - indexPatterns: { - template: `.risk-score.risk-score-default-index-template`, - alias: `risk-score.risk-score-default`, - }, - }); + // Default namespace + esClient.cluster.existsComponentTemplate.mockResolvedValue(false); + await riskScoreDataClient.init(); + assertComponentTemplate('default'); + assertIndexTemplate('default'); + assertDataStream('default'); + assertIndex('default'); + assertTransform('default'); - expect(createOrUpdateIndex).toHaveBeenCalledWith({ - logger, - esClient, - options: { - index: `risk-score.risk-score-latest-default`, - mappings: { - dynamic: false, - properties: { - '@timestamp': { - ignore_malformed: false, - type: 'date', - }, - host: { - properties: { - name: { - type: 'keyword', - }, - risk: { - properties: { - calculated_level: { - type: 'keyword', - }, - calculated_score: { - type: 'float', - }, - calculated_score_norm: { - type: 'float', - }, - category_1_count: { - type: 'long', - }, - category_1_score: { - type: 'float', - }, - id_field: { - type: 'keyword', - }, - id_value: { - type: 'keyword', - }, - inputs: { - properties: { - category: { - type: 'keyword', - }, - description: { - type: 'keyword', - }, - id: { - type: 'keyword', - }, - index: { - type: 'keyword', - }, - risk_score: { - type: 'float', - }, - timestamp: { - type: 'date', + // Space-1 namespace + esClient.cluster.existsComponentTemplate.mockResolvedValue(false); + await riskScoreDataClientWithNameSpace.init(); + assertComponentTemplate('space-1'); + assertIndexTemplate('space-1'); + assertDataStream('space-1'); + assertIndex('space-1'); + assertTransform('space-1'); + + expect((createOrUpdateComponentTemplate as jest.Mock).mock.lastCall[0].template.template) + .toMatchInlineSnapshot(` + Object { + "mappings": Object { + "dynamic": "strict", + "properties": Object { + "@timestamp": Object { + "ignore_malformed": false, + "type": "date", + }, + "host": Object { + "properties": Object { + "name": Object { + "type": "keyword", + }, + "risk": Object { + "properties": Object { + "calculated_level": Object { + "type": "keyword", + }, + "calculated_score": Object { + "type": "float", + }, + "calculated_score_norm": Object { + "type": "float", + }, + "category_1_count": Object { + "type": "long", + }, + "category_1_score": Object { + "type": "float", + }, + "id_field": Object { + "type": "keyword", + }, + "id_value": Object { + "type": "keyword", + }, + "inputs": Object { + "properties": Object { + "category": Object { + "type": "keyword", + }, + "description": Object { + "type": "keyword", + }, + "id": Object { + "type": "keyword", + }, + "index": Object { + "type": "keyword", + }, + "risk_score": Object { + "type": "float", + }, + "timestamp": Object { + "type": "date", + }, }, + "type": "object", + }, + "notes": Object { + "type": "keyword", }, - type: 'object', - }, - notes: { - type: 'keyword', }, + "type": "object", }, - type: 'object', }, }, - }, - user: { - properties: { - name: { - type: 'keyword', - }, - risk: { - properties: { - calculated_level: { - type: 'keyword', - }, - calculated_score: { - type: 'float', - }, - calculated_score_norm: { - type: 'float', - }, - category_1_count: { - type: 'long', - }, - category_1_score: { - type: 'float', - }, - id_field: { - type: 'keyword', - }, - id_value: { - type: 'keyword', - }, - inputs: { - properties: { - category: { - type: 'keyword', - }, - description: { - type: 'keyword', - }, - id: { - type: 'keyword', - }, - index: { - type: 'keyword', - }, - risk_score: { - type: 'float', - }, - timestamp: { - type: 'date', + "user": Object { + "properties": Object { + "name": Object { + "type": "keyword", + }, + "risk": Object { + "properties": Object { + "calculated_level": Object { + "type": "keyword", + }, + "calculated_score": Object { + "type": "float", + }, + "calculated_score_norm": Object { + "type": "float", + }, + "category_1_count": Object { + "type": "long", + }, + "category_1_score": Object { + "type": "float", + }, + "id_field": Object { + "type": "keyword", + }, + "id_value": Object { + "type": "keyword", + }, + "inputs": Object { + "properties": Object { + "category": Object { + "type": "keyword", + }, + "description": Object { + "type": "keyword", + }, + "id": Object { + "type": "keyword", + }, + "index": Object { + "type": "keyword", + }, + "risk_score": Object { + "type": "float", + }, + "timestamp": Object { + "type": "date", + }, }, + "type": "object", + }, + "notes": Object { + "type": "keyword", }, - type: 'object', - }, - notes: { - type: 'keyword', }, + "type": "object", }, - type: 'object', }, }, }, }, - }, - }, - }); - - expect(transforms.createTransform).toHaveBeenCalledWith({ - logger, - esClient, - transform: { - dest: { - index: 'risk-score.risk-score-latest-default', - }, - frequency: '1h', - latest: { - sort: '@timestamp', - unique_key: ['host.name', 'user.name'], - }, - source: { - index: ['risk-score.risk-score-default'], - }, - sync: { - time: { - delay: '0s', - field: '@timestamp', - }, - }, - transform_id: 'risk_score_latest_transform_default', - settings: { - unattended: true, - }, - _meta: { - version: 2, - managed: true, - managed_by: 'security-entity-analytics', - }, - }, - }); + "settings": Object {}, + } + `); }); }); @@ -479,7 +509,7 @@ describe('RiskScoreDataClient', () => { expect(esClient.transform.deleteTransform).toHaveBeenCalledTimes(1); expect(esClient.indices.deleteDataStream).toHaveBeenCalledTimes(1); expect(esClient.indices.deleteIndexTemplate).toHaveBeenCalledTimes(1); - expect(esClient.cluster.deleteComponentTemplate).toHaveBeenCalledTimes(1); + expect(esClient.cluster.deleteComponentTemplate).toHaveBeenCalledTimes(2); expect(errors).toEqual([]); }); diff --git a/x-pack/plugins/security_solution/server/lib/entity_analytics/risk_score/risk_score_data_client.ts b/x-pack/plugins/security_solution/server/lib/entity_analytics/risk_score/risk_score_data_client.ts index 0b3c38f3602fd9..2ae05e4c862271 100644 --- a/x-pack/plugins/security_solution/server/lib/entity_analytics/risk_score/risk_score_data_client.ts +++ b/x-pack/plugins/security_solution/server/lib/entity_analytics/risk_score/risk_score_data_client.ts @@ -22,6 +22,7 @@ import { getIndexPatternDataStream, getTransformOptions, mappingComponentName, + nameSpaceAwareMappingsComponentName, riskScoreFieldMap, totalFieldsLimit, } from './configurations'; @@ -114,12 +115,42 @@ export class RiskScoreDataClient { namespace, }; + // Check if there are any existing component templates with the namespace in the name + + const oldComponentTemplateExists = await esClient.cluster.existsComponentTemplate({ + name: mappingComponentName, + }); + // If present then copy the contents to a new component template with the namespace in the name + if (oldComponentTemplateExists) { + const oldComponentTemplateResponse = await esClient.cluster.getComponentTemplate( + { + name: mappingComponentName, + }, + { ignore: [404] } + ); + const oldComponentTemplate = oldComponentTemplateResponse?.component_templates[0]; + const newComponentTemplateName = nameSpaceAwareMappingsComponentName(namespace); + await esClient.cluster.putComponentTemplate({ + name: newComponentTemplateName, + body: oldComponentTemplate.component_template, + }); + } + + // Delete the component template without the namespace in the name + await esClient.cluster.deleteComponentTemplate( + { + name: mappingComponentName, + }, + { ignore: [404] } + ); + + // Update the new component template with the required data await Promise.all([ createOrUpdateComponentTemplate({ logger: this.options.logger, esClient, template: { - name: mappingComponentName, + name: nameSpaceAwareMappingsComponentName(namespace), _meta: { managed: true, }, @@ -132,6 +163,7 @@ export class RiskScoreDataClient { }), ]); + // Reference the new component template in the index template await createOrUpdateIndexTemplate({ logger: this.options.logger, esClient, @@ -140,7 +172,7 @@ export class RiskScoreDataClient { body: { data_stream: { hidden: true }, index_patterns: [indexPatterns.alias], - composed_of: [mappingComponentName], + composed_of: [nameSpaceAwareMappingsComponentName(namespace)], template: { lifecycle: {}, settings: { @@ -235,6 +267,15 @@ export class RiskScoreDataClient { ) .catch(addError); + await esClient.cluster + .deleteComponentTemplate( + { + name: nameSpaceAwareMappingsComponentName(namespace), + }, + { ignore: [404] } + ) + .catch(addError); + await esClient.cluster .deleteComponentTemplate( { diff --git a/x-pack/plugins/security_solution/server/lib/siem_migrations/__mocks__/mocks.ts b/x-pack/plugins/security_solution/server/lib/siem_migrations/__mocks__/mocks.ts new file mode 100644 index 00000000000000..fcf119e19ece5b --- /dev/null +++ b/x-pack/plugins/security_solution/server/lib/siem_migrations/__mocks__/mocks.ts @@ -0,0 +1,24 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { createRuleMigrationClient } from '../rules/__mocks__/mocks'; + +const createClient = () => ({ rules: createRuleMigrationClient() }); + +export const mockSetup = jest.fn().mockResolvedValue(undefined); +export const mockCreateClient = jest.fn().mockReturnValue(createClient()); +export const mockStop = jest.fn(); + +export const siemMigrationsServiceMock = { + create: () => + jest.fn().mockImplementation(() => ({ + setup: mockSetup, + createClient: mockCreateClient, + stop: mockStop, + })), + createClient: () => createClient(), +}; diff --git a/x-pack/plugins/security_solution/server/lib/siem_migrations/routes.ts b/x-pack/plugins/security_solution/server/lib/siem_migrations/routes.ts new file mode 100644 index 00000000000000..4d7b91cc5bfc38 --- /dev/null +++ b/x-pack/plugins/security_solution/server/lib/siem_migrations/routes.ts @@ -0,0 +1,21 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import type { Logger } from '@kbn/core/server'; +import { registerSiemRuleMigrationsRoutes } from './rules/api'; +import type { SecuritySolutionPluginRouter } from '../../types'; +import type { ConfigType } from '../../config'; + +export const registerSiemMigrationsRoutes = ( + router: SecuritySolutionPluginRouter, + config: ConfigType, + logger: Logger +) => { + if (config.experimentalFeatures.siemMigrationsEnabled) { + registerSiemRuleMigrationsRoutes(router, logger); + } +}; diff --git a/x-pack/plugins/security_solution/server/lib/siem_migrations/rules/__mocks__/mocks.ts b/x-pack/plugins/security_solution/server/lib/siem_migrations/rules/__mocks__/mocks.ts new file mode 100644 index 00000000000000..8233151f513e41 --- /dev/null +++ b/x-pack/plugins/security_solution/server/lib/siem_migrations/rules/__mocks__/mocks.ts @@ -0,0 +1,21 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import type { SiemRuleMigrationsClient } from '../types'; + +export const createRuleMigrationClient = (): SiemRuleMigrationsClient => ({ + create: jest.fn().mockResolvedValue({ success: true }), + search: jest.fn().mockResolvedValue([]), +}); + +export const mockSetup = jest.fn(); +export const mockGetClient = jest.fn().mockReturnValue(createRuleMigrationClient()); + +export const MockSiemRuleMigrationsService = jest.fn().mockImplementation(() => ({ + setup: mockSetup, + getClient: mockGetClient, +})); diff --git a/x-pack/plugins/security_solution/server/lib/siem_migrations/rules/__mocks__/siem_rule_migrations_service.ts b/x-pack/plugins/security_solution/server/lib/siem_migrations/rules/__mocks__/siem_rule_migrations_service.ts new file mode 100644 index 00000000000000..fc06996366520b --- /dev/null +++ b/x-pack/plugins/security_solution/server/lib/siem_migrations/rules/__mocks__/siem_rule_migrations_service.ts @@ -0,0 +1,9 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { MockSiemRuleMigrationsService } from './mocks'; +export const SiemRuleMigrationsService = MockSiemRuleMigrationsService; diff --git a/x-pack/plugins/security_solution/server/lib/siem_migrations/rules/api/create.ts b/x-pack/plugins/security_solution/server/lib/siem_migrations/rules/api/create.ts new file mode 100644 index 00000000000000..e2cf97dd094a9d --- /dev/null +++ b/x-pack/plugins/security_solution/server/lib/siem_migrations/rules/api/create.ts @@ -0,0 +1,64 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import type { IKibanaResponse, Logger } from '@kbn/core/server'; +import { buildRouteValidationWithZod } from '@kbn/zod-helpers'; +import { v4 as uuidV4 } from 'uuid'; +import type { RuleMigration } from '../../../../../common/siem_migrations/model/rule_migration.gen'; +import type { CreateRuleMigrationResponse } from '../../../../../common/siem_migrations/model/api/rules/rules_migration.gen'; +import { CreateRuleMigrationRequestBody } from '../../../../../common/siem_migrations/model/api/rules/rules_migration.gen'; +import { + SIEM_RULE_MIGRATIONS_PATH, + SiemMigrationsStatus, +} from '../../../../../common/siem_migrations/constants'; +import type { SecuritySolutionPluginRouter } from '../../../../types'; + +export const registerSiemRuleMigrationsCreateRoute = ( + router: SecuritySolutionPluginRouter, + logger: Logger +) => { + router.versioned + .post({ + path: SIEM_RULE_MIGRATIONS_PATH, + access: 'internal', + options: { tags: ['access:securitySolution'] }, + }) + .addVersion( + { + version: '1', + validate: { + request: { body: buildRouteValidationWithZod(CreateRuleMigrationRequestBody) }, + }, + }, + async (context, req, res): Promise> => { + const originalRules = req.body; + try { + const ctx = await context.resolve(['core', 'actions', 'securitySolution']); + + const siemMigrationClient = ctx.securitySolution.getSiemMigrationsClient(); + + const migrationId = uuidV4(); + const timestamp = new Date().toISOString(); + + const ruleMigrations = originalRules.map((originalRule) => ({ + '@timestamp': timestamp, + migration_id: migrationId, + original_rule: originalRule, + status: SiemMigrationsStatus.PENDING, + })); + await siemMigrationClient.rules.create(ruleMigrations); + + return res.ok({ body: { migration_id: migrationId } }); + } catch (err) { + logger.error(err); + return res.badRequest({ + body: err.message, + }); + } + } + ); +}; diff --git a/x-pack/plugins/security_solution/server/lib/siem_migrations/rules/api/index.ts b/x-pack/plugins/security_solution/server/lib/siem_migrations/rules/api/index.ts new file mode 100644 index 00000000000000..0de49eb7df92ba --- /dev/null +++ b/x-pack/plugins/security_solution/server/lib/siem_migrations/rules/api/index.ts @@ -0,0 +1,17 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import type { Logger } from '@kbn/core/server'; +import type { SecuritySolutionPluginRouter } from '../../../../types'; +import { registerSiemRuleMigrationsCreateRoute } from './create'; + +export const registerSiemRuleMigrationsRoutes = ( + router: SecuritySolutionPluginRouter, + logger: Logger +) => { + registerSiemRuleMigrationsCreateRoute(router, logger); +}; diff --git a/x-pack/plugins/security_solution/server/lib/siem_migrations/rules/data_stream/__mocks__/mocks.ts b/x-pack/plugins/security_solution/server/lib/siem_migrations/rules/data_stream/__mocks__/mocks.ts new file mode 100644 index 00000000000000..103c0f9b0c9529 --- /dev/null +++ b/x-pack/plugins/security_solution/server/lib/siem_migrations/rules/data_stream/__mocks__/mocks.ts @@ -0,0 +1,15 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +export const mockIndexName = 'mocked_data_stream_name'; +export const mockInstall = jest.fn().mockResolvedValue(undefined); +export const mockInstallSpace = jest.fn().mockResolvedValue(mockIndexName); + +export const MockRuleMigrationsDataStream = jest.fn().mockImplementation(() => ({ + install: mockInstall, + installSpace: mockInstallSpace, +})); diff --git a/x-pack/plugins/security_solution/server/lib/siem_migrations/rules/data_stream/__mocks__/rule_migrations_data_stream.ts b/x-pack/plugins/security_solution/server/lib/siem_migrations/rules/data_stream/__mocks__/rule_migrations_data_stream.ts new file mode 100644 index 00000000000000..eb04aec6c60e59 --- /dev/null +++ b/x-pack/plugins/security_solution/server/lib/siem_migrations/rules/data_stream/__mocks__/rule_migrations_data_stream.ts @@ -0,0 +1,9 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { MockRuleMigrationsDataStream } from './mocks'; +export const RuleMigrationsDataStream = MockRuleMigrationsDataStream; diff --git a/x-pack/plugins/security_solution/server/lib/siem_migrations/rules/data_stream/rule_migrations_data_stream.test.ts b/x-pack/plugins/security_solution/server/lib/siem_migrations/rules/data_stream/rule_migrations_data_stream.test.ts new file mode 100644 index 00000000000000..56510da48f1bbe --- /dev/null +++ b/x-pack/plugins/security_solution/server/lib/siem_migrations/rules/data_stream/rule_migrations_data_stream.test.ts @@ -0,0 +1,118 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { RuleMigrationsDataStream } from './rule_migrations_data_stream'; +import { Subject } from 'rxjs'; +import type { InstallParams } from '@kbn/data-stream-adapter'; +import { DataStreamSpacesAdapter } from '@kbn/data-stream-adapter'; +import { elasticsearchServiceMock } from '@kbn/core-elasticsearch-server-mocks'; +import { loggerMock } from '@kbn/logging-mocks'; + +jest.mock('@kbn/data-stream-adapter'); + +const MockedDataStreamSpacesAdapter = DataStreamSpacesAdapter as unknown as jest.MockedClass< + typeof DataStreamSpacesAdapter +>; + +const esClient = elasticsearchServiceMock.createStart().client.asInternalUser; + +describe('SiemRuleMigrationsDataStream', () => { + beforeEach(() => { + jest.clearAllMocks(); + }); + + describe('constructor', () => { + it('should create DataStreamSpacesAdapter', () => { + new RuleMigrationsDataStream({ kibanaVersion: '8.13.0' }); + expect(MockedDataStreamSpacesAdapter).toHaveBeenCalledTimes(1); + }); + + it('should create component templates', () => { + new RuleMigrationsDataStream({ kibanaVersion: '8.13.0' }); + const [dataStreamSpacesAdapter] = MockedDataStreamSpacesAdapter.mock.instances; + expect(dataStreamSpacesAdapter.setComponentTemplate).toHaveBeenCalledWith( + expect.objectContaining({ name: '.kibana.siem-rule-migrations' }) + ); + }); + + it('should create index templates', () => { + new RuleMigrationsDataStream({ kibanaVersion: '8.13.0' }); + const [dataStreamSpacesAdapter] = MockedDataStreamSpacesAdapter.mock.instances; + expect(dataStreamSpacesAdapter.setIndexTemplate).toHaveBeenCalledWith( + expect.objectContaining({ name: '.kibana.siem-rule-migrations' }) + ); + }); + }); + + describe('install', () => { + it('should install data stream', async () => { + const dataStream = new RuleMigrationsDataStream({ kibanaVersion: '8.13.0' }); + const params: InstallParams = { + esClient, + logger: loggerMock.create(), + pluginStop$: new Subject(), + }; + await dataStream.install(params); + const [dataStreamSpacesAdapter] = MockedDataStreamSpacesAdapter.mock.instances; + expect(dataStreamSpacesAdapter.install).toHaveBeenCalledWith(params); + }); + + it('should log error', async () => { + const dataStream = new RuleMigrationsDataStream({ kibanaVersion: '8.13.0' }); + const params: InstallParams = { + esClient, + logger: loggerMock.create(), + pluginStop$: new Subject(), + }; + const [dataStreamSpacesAdapter] = MockedDataStreamSpacesAdapter.mock.instances; + const error = new Error('test-error'); + (dataStreamSpacesAdapter.install as jest.Mock).mockRejectedValueOnce(error); + + await dataStream.install(params); + expect(params.logger.error).toHaveBeenCalledWith(expect.any(String), error); + }); + }); + + describe('installSpace', () => { + it('should install space data stream', async () => { + const dataStream = new RuleMigrationsDataStream({ kibanaVersion: '8.13.0' }); + const params: InstallParams = { + esClient, + logger: loggerMock.create(), + pluginStop$: new Subject(), + }; + const [dataStreamSpacesAdapter] = MockedDataStreamSpacesAdapter.mock.instances; + (dataStreamSpacesAdapter.install as jest.Mock).mockResolvedValueOnce(undefined); + + await dataStream.install(params); + await dataStream.installSpace('space1'); + + expect(dataStreamSpacesAdapter.getInstalledSpaceName).toHaveBeenCalledWith('space1'); + expect(dataStreamSpacesAdapter.installSpace).toHaveBeenCalledWith('space1'); + }); + + it('should not install space data stream if install not executed', async () => { + const dataStream = new RuleMigrationsDataStream({ kibanaVersion: '8.13.0' }); + await expect(dataStream.installSpace('space1')).rejects.toThrowError(); + }); + + it('should throw error if main install had error', async () => { + const dataStream = new RuleMigrationsDataStream({ kibanaVersion: '8.13.0' }); + const params: InstallParams = { + esClient, + logger: loggerMock.create(), + pluginStop$: new Subject(), + }; + const [dataStreamSpacesAdapter] = MockedDataStreamSpacesAdapter.mock.instances; + const error = new Error('test-error'); + (dataStreamSpacesAdapter.install as jest.Mock).mockRejectedValueOnce(error); + await dataStream.install(params); + + await expect(dataStream.installSpace('space1')).rejects.toThrowError(error); + }); + }); +}); diff --git a/x-pack/plugins/security_solution/server/lib/siem_migrations/rules/data_stream/rule_migrations_data_stream.ts b/x-pack/plugins/security_solution/server/lib/siem_migrations/rules/data_stream/rule_migrations_data_stream.ts new file mode 100644 index 00000000000000..83eb471e0cee34 --- /dev/null +++ b/x-pack/plugins/security_solution/server/lib/siem_migrations/rules/data_stream/rule_migrations_data_stream.ts @@ -0,0 +1,57 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { DataStreamSpacesAdapter, type InstallParams } from '@kbn/data-stream-adapter'; +import { ruleMigrationsFieldMap } from './rule_migrations_field_map'; + +const TOTAL_FIELDS_LIMIT = 2500; + +const DATA_STREAM_NAME = '.kibana.siem-rule-migrations'; +const ECS_COMPONENT_TEMPLATE_NAME = 'ecs'; + +export class RuleMigrationsDataStream { + private readonly dataStream: DataStreamSpacesAdapter; + private installPromise?: Promise; + + constructor({ kibanaVersion }: { kibanaVersion: string }) { + this.dataStream = new DataStreamSpacesAdapter(DATA_STREAM_NAME, { + kibanaVersion, + totalFieldsLimit: TOTAL_FIELDS_LIMIT, + }); + this.dataStream.setComponentTemplate({ + name: DATA_STREAM_NAME, + fieldMap: ruleMigrationsFieldMap, + }); + + this.dataStream.setIndexTemplate({ + name: DATA_STREAM_NAME, + componentTemplateRefs: [DATA_STREAM_NAME, ECS_COMPONENT_TEMPLATE_NAME], + }); + } + + async install(params: InstallParams) { + try { + this.installPromise = this.dataStream.install(params); + await this.installPromise; + } catch (err) { + params.logger.error(`Error installing siem rule migrations data stream. ${err.message}`, err); + } + } + + async installSpace(spaceId: string): Promise { + if (!this.installPromise) { + throw new Error('Siem rule migrations data stream not installed'); + } + // wait for install to complete, may reject if install failed, routes should handle this + await this.installPromise; + let dataStreamName = await this.dataStream.getInstalledSpaceName(spaceId); + if (!dataStreamName) { + dataStreamName = await this.dataStream.installSpace(spaceId); + } + return dataStreamName; + } +} diff --git a/x-pack/plugins/security_solution/server/lib/siem_migrations/rules/data_stream/rule_migrations_field_map.ts b/x-pack/plugins/security_solution/server/lib/siem_migrations/rules/data_stream/rule_migrations_field_map.ts new file mode 100644 index 00000000000000..ba9a706957bcb0 --- /dev/null +++ b/x-pack/plugins/security_solution/server/lib/siem_migrations/rules/data_stream/rule_migrations_field_map.ts @@ -0,0 +1,35 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import type { FieldMap, SchemaFieldMapKeys } from '@kbn/data-stream-adapter'; +import type { RuleMigration } from '../../../../../common/siem_migrations/model/rule_migration.gen'; + +export const ruleMigrationsFieldMap: FieldMap> = { + '@timestamp': { type: 'date', required: false }, + migration_id: { type: 'keyword', required: true }, + status: { type: 'keyword', required: true }, + original_rule: { type: 'nested', required: true }, + 'original_rule.vendor': { type: 'keyword', required: true }, + 'original_rule.id': { type: 'keyword', required: true }, + 'original_rule.title': { type: 'keyword', required: true }, + 'original_rule.description': { type: 'keyword', required: false }, + 'original_rule.query': { type: 'text', required: true }, + 'original_rule.query_language': { type: 'keyword', required: true }, + 'original_rule.mitre_attack_ids': { type: 'keyword', array: true, required: false }, + elastic_rule: { type: 'nested', required: false }, + 'elastic_rule.title': { type: 'keyword', required: true }, + 'elastic_rule.query': { type: 'text', required: true }, + 'elastic_rule.query_language': { type: 'keyword', required: true }, + 'elastic_rule.description': { type: 'keyword', required: false }, + 'elastic_rule.severity': { type: 'keyword', required: false }, + 'elastic_rule.prebuilt_rule_id': { type: 'keyword', required: false }, + 'elastic_rule.id': { type: 'keyword', required: false }, + translation_state: { type: 'keyword', required: false }, + comments: { type: 'text', array: true, required: false }, + updated_at: { type: 'date', required: false }, + updated_by: { type: 'keyword', required: false }, +}; diff --git a/x-pack/plugins/security_solution/server/lib/siem_migrations/rules/siem_rule_migrations_service.test.ts b/x-pack/plugins/security_solution/server/lib/siem_migrations/rules/siem_rule_migrations_service.test.ts new file mode 100644 index 00000000000000..390d302264cea7 --- /dev/null +++ b/x-pack/plugins/security_solution/server/lib/siem_migrations/rules/siem_rule_migrations_service.test.ts @@ -0,0 +1,115 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ +import { + loggingSystemMock, + elasticsearchServiceMock, + httpServerMock, +} from '@kbn/core/server/mocks'; +import { SiemRuleMigrationsService } from './siem_rule_migrations_service'; +import { Subject } from 'rxjs'; +import type { RuleMigration } from '../../../../common/siem_migrations/model/rule_migration.gen'; +import { + MockRuleMigrationsDataStream, + mockInstall, + mockInstallSpace, + mockIndexName, +} from './data_stream/__mocks__/mocks'; +import type { KibanaRequest } from '@kbn/core/server'; + +jest.mock('./data_stream/rule_migrations_data_stream'); + +describe('SiemRuleMigrationsService', () => { + let ruleMigrationsService: SiemRuleMigrationsService; + const kibanaVersion = '8.16.0'; + + const esClusterClient = elasticsearchServiceMock.createClusterClient(); + const logger = loggingSystemMock.createLogger(); + const pluginStop$ = new Subject(); + + beforeEach(() => { + jest.clearAllMocks(); + ruleMigrationsService = new SiemRuleMigrationsService(logger, kibanaVersion); + }); + + it('should instantiate the rule migrations data stream adapter', () => { + expect(MockRuleMigrationsDataStream).toHaveBeenCalledWith({ kibanaVersion }); + }); + + describe('when setup is called', () => { + it('should set esClusterClient and call dataStreamAdapter.install', () => { + ruleMigrationsService.setup({ esClusterClient, pluginStop$ }); + + expect(mockInstall).toHaveBeenCalledWith({ + esClient: esClusterClient.asInternalUser, + logger, + pluginStop$, + }); + }); + }); + + describe('when getClient is called', () => { + let request: KibanaRequest; + beforeEach(() => { + request = httpServerMock.createKibanaRequest(); + }); + + describe('without setup', () => { + it('should throw an error', () => { + expect(() => { + ruleMigrationsService.getClient({ spaceId: 'default', request }); + }).toThrowError('ES client not available, please call setup first'); + }); + }); + + describe('with setup', () => { + beforeEach(() => { + ruleMigrationsService.setup({ esClusterClient, pluginStop$ }); + }); + + it('should call installSpace', () => { + ruleMigrationsService.getClient({ spaceId: 'default', request }); + + expect(mockInstallSpace).toHaveBeenCalledWith('default'); + }); + + it('should return a client with create and search methods after setup', () => { + const client = ruleMigrationsService.getClient({ spaceId: 'default', request }); + + expect(client).toHaveProperty('create'); + expect(client).toHaveProperty('search'); + }); + + it('should call ES bulk create API with the correct parameters with create is called', async () => { + const client = ruleMigrationsService.getClient({ spaceId: 'default', request }); + + const ruleMigrations = [{ migration_id: 'dummy_migration_id' } as RuleMigration]; + await client.create(ruleMigrations); + + expect(esClusterClient.asScoped().asCurrentUser.bulk).toHaveBeenCalledWith( + expect.objectContaining({ + body: [{ create: { _index: mockIndexName } }, { migration_id: 'dummy_migration_id' }], + refresh: 'wait_for', + }) + ); + }); + + it('should call ES search API with the correct parameters with search is called', async () => { + const client = ruleMigrationsService.getClient({ spaceId: 'default', request }); + + const term = { migration_id: 'dummy_migration_id' }; + await client.search(term); + + expect(esClusterClient.asScoped().asCurrentUser.search).toHaveBeenCalledWith( + expect.objectContaining({ + index: mockIndexName, + body: { query: { term } }, + }) + ); + }); + }); + }); +}); diff --git a/x-pack/plugins/security_solution/server/lib/siem_migrations/rules/siem_rule_migrations_service.ts b/x-pack/plugins/security_solution/server/lib/siem_migrations/rules/siem_rule_migrations_service.ts new file mode 100644 index 00000000000000..5b20f957cb6fad --- /dev/null +++ b/x-pack/plugins/security_solution/server/lib/siem_migrations/rules/siem_rule_migrations_service.ts @@ -0,0 +1,56 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import type { IClusterClient, Logger } from '@kbn/core/server'; +import { RuleMigrationsDataStream } from './data_stream/rule_migrations_data_stream'; +import type { + SiemRuleMigrationsClient, + SiemRulesMigrationsSetupParams, + SiemRuleMigrationsGetClientParams, +} from './types'; + +export class SiemRuleMigrationsService { + private dataStreamAdapter: RuleMigrationsDataStream; + private esClusterClient?: IClusterClient; + + constructor(private logger: Logger, kibanaVersion: string) { + this.dataStreamAdapter = new RuleMigrationsDataStream({ kibanaVersion }); + } + + setup({ esClusterClient, ...params }: SiemRulesMigrationsSetupParams) { + this.esClusterClient = esClusterClient; + const esClient = esClusterClient.asInternalUser; + this.dataStreamAdapter.install({ ...params, esClient, logger: this.logger }).catch((err) => { + this.logger.error(`Error installing data stream for rule migrations: ${err.message}`); + throw err; + }); + } + + getClient({ spaceId, request }: SiemRuleMigrationsGetClientParams): SiemRuleMigrationsClient { + if (!this.esClusterClient) { + throw new Error('ES client not available, please call setup first'); + } + // Installs the data stream for the specific space. it will only install if it hasn't been installed yet. + // The adapter stores the data stream name promise, it will return it directly when the data stream is known to be installed. + const dataStreamNamePromise = this.dataStreamAdapter.installSpace(spaceId); + + const esClient = this.esClusterClient.asScoped(request).asCurrentUser; + return { + create: async (ruleMigrations) => { + const _index = await dataStreamNamePromise; + return esClient.bulk({ + refresh: 'wait_for', + body: ruleMigrations.flatMap((ruleMigration) => [{ create: { _index } }, ruleMigration]), + }); + }, + search: async (term) => { + const index = await dataStreamNamePromise; + return esClient.search({ index, body: { query: { term } } }); + }, + }; + } +} diff --git a/x-pack/plugins/security_solution/server/lib/siem_migrations/rules/types.ts b/x-pack/plugins/security_solution/server/lib/siem_migrations/rules/types.ts new file mode 100644 index 00000000000000..1892032a217230 --- /dev/null +++ b/x-pack/plugins/security_solution/server/lib/siem_migrations/rules/types.ts @@ -0,0 +1,30 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import type { BulkResponse, SearchResponse } from '@elastic/elasticsearch/lib/api/types'; +import type { IClusterClient, KibanaRequest } from '@kbn/core/server'; +import type { Subject } from 'rxjs'; +import type { RuleMigration } from '../../../../common/siem_migrations/model/rule_migration.gen'; + +export interface SiemRulesMigrationsSetupParams { + esClusterClient: IClusterClient; + pluginStop$: Subject; + tasksTimeoutMs?: number; +} + +export interface SiemRuleMigrationsGetClientParams { + request: KibanaRequest; + spaceId: string; +} + +export interface RuleMigrationSearchParams { + migration_id?: string; +} +export interface SiemRuleMigrationsClient { + create: (body: RuleMigration[]) => Promise; + search: (params: RuleMigrationSearchParams) => Promise; +} diff --git a/x-pack/plugins/security_solution/server/lib/siem_migrations/siem_migrations_service.test.ts b/x-pack/plugins/security_solution/server/lib/siem_migrations/siem_migrations_service.test.ts new file mode 100644 index 00000000000000..3d9e5b9fe179bb --- /dev/null +++ b/x-pack/plugins/security_solution/server/lib/siem_migrations/siem_migrations_service.test.ts @@ -0,0 +1,97 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ +import { + loggingSystemMock, + elasticsearchServiceMock, + httpServerMock, +} from '@kbn/core/server/mocks'; +import { SiemMigrationsService } from './siem_migrations_service'; +import { MockSiemRuleMigrationsService, mockSetup, mockGetClient } from './rules/__mocks__/mocks'; +import type { ConfigType } from '../../config'; + +jest.mock('./rules/siem_rule_migrations_service'); + +const mockReplaySubject$ = { next: jest.fn(), complete: jest.fn() }; +jest.mock('rxjs', () => ({ + ...jest.requireActual('rxjs'), + ReplaySubject: jest.fn().mockImplementation(() => mockReplaySubject$), +})); + +describe('SiemMigrationsService', () => { + let siemMigrationsService: SiemMigrationsService; + const kibanaVersion = '8.16.0'; + + const esClusterClient = elasticsearchServiceMock.createClusterClient(); + const logger = loggingSystemMock.createLogger(); + + beforeEach(() => { + jest.clearAllMocks(); + }); + + describe('with siemMigrationsEnabled flag', () => { + beforeEach(() => { + siemMigrationsService = new SiemMigrationsService( + { experimentalFeatures: { siemMigrationsEnabled: true } } as ConfigType, + logger, + kibanaVersion + ); + }); + + it('should instantiate the rule migrations service', async () => { + expect(MockSiemRuleMigrationsService).toHaveBeenCalledWith(logger, kibanaVersion); + }); + + describe('when setup is called', () => { + it('should call siemRuleMigrationsService setup', async () => { + siemMigrationsService.setup({ esClusterClient, tasksTimeoutMs: 100 }); + + expect(mockSetup).toHaveBeenCalledWith({ + esClusterClient, + tasksTimeoutMs: 100, + pluginStop$: mockReplaySubject$, + }); + }); + }); + + describe('when createClient is called', () => { + it('should create rules client', async () => { + const request = httpServerMock.createKibanaRequest(); + siemMigrationsService.createClient({ spaceId: 'default', request }); + expect(mockGetClient).toHaveBeenCalledWith({ spaceId: 'default', request }); + }); + }); + + describe('when stop is called', () => { + it('should trigger the pluginStop subject', async () => { + siemMigrationsService.stop(); + expect(mockReplaySubject$.next).toHaveBeenCalled(); + expect(mockReplaySubject$.complete).toHaveBeenCalled(); + }); + }); + }); + + describe('without siemMigrationsEnabled flag', () => { + beforeEach(() => { + siemMigrationsService = new SiemMigrationsService( + { experimentalFeatures: { siemMigrationsEnabled: false } } as ConfigType, + logger, + kibanaVersion + ); + }); + + it('should instantiate the rule migrations service', async () => { + expect(MockSiemRuleMigrationsService).toHaveBeenCalledWith(logger, kibanaVersion); + }); + + describe('when setup is called', () => { + it('should not call siemRuleMigrationsService setup', async () => { + siemMigrationsService.setup({ esClusterClient, tasksTimeoutMs: 100 }); + expect(mockSetup).not.toHaveBeenCalled(); + }); + }); + }); +}); diff --git a/x-pack/plugins/security_solution/server/lib/siem_migrations/siem_migrations_service.ts b/x-pack/plugins/security_solution/server/lib/siem_migrations/siem_migrations_service.ts new file mode 100644 index 00000000000000..b84281eb13d9bd --- /dev/null +++ b/x-pack/plugins/security_solution/server/lib/siem_migrations/siem_migrations_service.ts @@ -0,0 +1,43 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import type { Logger } from '@kbn/core/server'; +import { ReplaySubject, type Subject } from 'rxjs'; +import type { ConfigType } from '../../config'; +import { SiemRuleMigrationsService } from './rules/siem_rule_migrations_service'; +import type { + SiemMigrationsClient, + SiemMigrationsSetupParams, + SiemMigrationsGetClientParams, +} from './types'; + +export class SiemMigrationsService { + private pluginStop$: Subject; + private rules: SiemRuleMigrationsService; + + constructor(private config: ConfigType, logger: Logger, kibanaVersion: string) { + this.pluginStop$ = new ReplaySubject(1); + this.rules = new SiemRuleMigrationsService(logger, kibanaVersion); + } + + setup(params: SiemMigrationsSetupParams) { + if (this.config.experimentalFeatures.siemMigrationsEnabled) { + this.rules.setup({ ...params, pluginStop$: this.pluginStop$ }); + } + } + + createClient(params: SiemMigrationsGetClientParams): SiemMigrationsClient { + return { + rules: this.rules.getClient(params), + }; + } + + stop() { + this.pluginStop$.next(); + this.pluginStop$.complete(); + } +} diff --git a/x-pack/plugins/security_solution/server/lib/siem_migrations/types.ts b/x-pack/plugins/security_solution/server/lib/siem_migrations/types.ts new file mode 100644 index 00000000000000..b5647ff65e2143 --- /dev/null +++ b/x-pack/plugins/security_solution/server/lib/siem_migrations/types.ts @@ -0,0 +1,20 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import type { IClusterClient } from '@kbn/core/server'; +import type { SiemRuleMigrationsClient, SiemRuleMigrationsGetClientParams } from './rules/types'; + +export interface SiemMigrationsSetupParams { + esClusterClient: IClusterClient; + tasksTimeoutMs?: number; +} + +export type SiemMigrationsGetClientParams = SiemRuleMigrationsGetClientParams; + +export interface SiemMigrationsClient { + rules: SiemRuleMigrationsClient; +} diff --git a/x-pack/plugins/security_solution/server/plugin.ts b/x-pack/plugins/security_solution/server/plugin.ts index 2ac776d37f1e55..794c37cd38b406 100644 --- a/x-pack/plugins/security_solution/server/plugin.ts +++ b/x-pack/plugins/security_solution/server/plugin.ts @@ -123,6 +123,7 @@ import { getAssistantTools } from './assistant/tools'; import { turnOffAgentPolicyFeatures } from './endpoint/migrations/turn_off_agent_policy_features'; import { getCriblPackagePolicyPostCreateOrUpdateCallback } from './security_integrations'; import { scheduleEntityAnalyticsMigration } from './lib/entity_analytics/migrations'; +import { SiemMigrationsService } from './lib/siem_migrations/siem_migrations_service'; export type { SetupPlugins, StartPlugins, PluginSetup, PluginStart } from './plugin_contract'; @@ -135,6 +136,7 @@ export class Plugin implements ISecuritySolutionPlugin { private readonly ruleMonitoringService: IRuleMonitoringService; private readonly endpointAppContextService = new EndpointAppContextService(); + private readonly siemMigrationsService: SiemMigrationsService; private readonly telemetryReceiver: ITelemetryReceiver; private readonly telemetryEventsSender: ITelemetryEventsSender; private readonly asyncTelemetryEventsSender: IAsyncTelemetryEventsSender; @@ -160,6 +162,11 @@ export class Plugin implements ISecuritySolutionPlugin { this.logger, this.config.experimentalFeatures ); + this.siemMigrationsService = new SiemMigrationsService( + this.config, + this.logger, + this.pluginContext.env.packageInfo.version + ); this.ruleMonitoringService = createRuleMonitoringService(this.config, this.logger); this.telemetryEventsSender = new TelemetryEventsSender(this.logger); @@ -236,6 +243,7 @@ export class Plugin implements ISecuritySolutionPlugin { plugins, endpointAppContextService: this.endpointAppContextService, ruleMonitoringService: this.ruleMonitoringService, + siemMigrationsService: this.siemMigrationsService, kibanaVersion: pluginContext.env.packageInfo.version, kibanaBranch: pluginContext.env.packageInfo.branch, buildFlavor: pluginContext.env.packageInfo.buildFlavor, @@ -427,7 +435,7 @@ export class Plugin implements ISecuritySolutionPlugin { core .getStartServices() - .then(async ([_, depsStart]) => { + .then(async ([coreStart, depsStart]) => { appClientFactory.setup({ getSpaceId: depsStart.spaces?.spacesService?.getSpaceId, config, @@ -477,6 +485,8 @@ export class Plugin implements ISecuritySolutionPlugin { * Register a config for the security guide */ plugins.guidedOnboarding?.registerGuideConfig(siemGuideId, getSiemGuideConfig()); + + this.siemMigrationsService.setup({ esClusterClient: coreStart.elasticsearch.client }); }) .catch(() => {}); // it shouldn't reject, but just in case @@ -715,6 +725,7 @@ export class Plugin implements ISecuritySolutionPlugin { this.endpointAppContextService.stop(); this.policyWatcher?.stop(); this.completeExternalResponseActionsTask.stop().catch(() => {}); + this.siemMigrationsService.stop(); licenseService.stop(); } } diff --git a/x-pack/plugins/security_solution/server/request_context_factory.ts b/x-pack/plugins/security_solution/server/request_context_factory.ts index d2bd579dc6b032..8e3af9b9bce8af 100644 --- a/x-pack/plugins/security_solution/server/request_context_factory.ts +++ b/x-pack/plugins/security_solution/server/request_context_factory.ts @@ -32,6 +32,7 @@ import { AssetCriticalityDataClient } from './lib/entity_analytics/asset_critica import { createDetectionRulesClient } from './lib/detection_engine/rule_management/logic/detection_rules_client/detection_rules_client'; import { buildMlAuthz } from './lib/machine_learning/authz'; import { EntityStoreDataClient } from './lib/entity_analytics/entity_store/entity_store_data_client'; +import type { SiemMigrationsService } from './lib/siem_migrations/siem_migrations_service'; export interface IRequestContextFactory { create( @@ -47,6 +48,7 @@ interface ConstructorOptions { plugins: SecuritySolutionPluginSetupDependencies; endpointAppContextService: EndpointAppContextService; ruleMonitoringService: IRuleMonitoringService; + siemMigrationsService: SiemMigrationsService; kibanaVersion: string; kibanaBranch: string; buildFlavor: BuildFlavor; @@ -64,7 +66,14 @@ export class RequestContextFactory implements IRequestContextFactory { request: KibanaRequest ): Promise { const { options, appClientFactory } = this; - const { config, core, plugins, endpointAppContextService, ruleMonitoringService } = options; + const { + config, + core, + plugins, + endpointAppContextService, + ruleMonitoringService, + siemMigrationsService, + } = options; const { lists, ruleRegistry, security } = plugins; @@ -157,6 +166,10 @@ export class RequestContextFactory implements IRequestContextFactory { }) ), + getSiemMigrationsClient: memoize(() => + siemMigrationsService.createClient({ request, spaceId: getSpaceId() }) + ), + getExceptionListClient: () => { if (!lists) { return null; diff --git a/x-pack/plugins/security_solution/server/routes/index.ts b/x-pack/plugins/security_solution/server/routes/index.ts index 6f245bd04a02b6..0b80d142e14cec 100644 --- a/x-pack/plugins/security_solution/server/routes/index.ts +++ b/x-pack/plugins/security_solution/server/routes/index.ts @@ -61,6 +61,7 @@ import { suggestUserProfilesRoute } from '../lib/detection_engine/routes/users/s import { registerTimelineRoutes } from '../lib/timeline/routes'; import { getFleetManagedIndexTemplatesRoute } from '../lib/security_integrations/cribl/routes'; import { registerEntityAnalyticsRoutes } from '../lib/entity_analytics/register_entity_analytics_routes'; +import { registerSiemMigrationsRoutes } from '../lib/siem_migrations/routes'; export const initRoutes = ( router: SecuritySolutionPluginRouter, @@ -138,13 +139,17 @@ export const initRoutes = ( // Dashboards registerDashboardsRoutes(router, logger); registerTagsRoutes(router, logger); + const { previewTelemetryUrlEnabled } = config.experimentalFeatures; + if (previewTelemetryUrlEnabled) { // telemetry preview endpoint for e2e integration tests only at the moment. telemetryDetectionRulesPreviewRoute(router, logger, previewTelemetryReceiver, telemetrySender); } registerEntityAnalyticsRoutes({ router, config, getStartServices, logger }); + registerSiemMigrationsRoutes(router, config, logger); + // Security Integrations getFleetManagedIndexTemplatesRoute(router); }; diff --git a/x-pack/plugins/security_solution/server/types.ts b/x-pack/plugins/security_solution/server/types.ts index 31e10b70adbcf9..1355904dbe7f71 100644 --- a/x-pack/plugins/security_solution/server/types.ts +++ b/x-pack/plugins/security_solution/server/types.ts @@ -35,6 +35,7 @@ import type { RiskScoreDataClient } from './lib/entity_analytics/risk_score/risk import type { AssetCriticalityDataClient } from './lib/entity_analytics/asset_criticality'; import type { IDetectionRulesClient } from './lib/detection_engine/rule_management/logic/detection_rules_client/detection_rules_client_interface'; import type { EntityStoreDataClient } from './lib/entity_analytics/entity_store/entity_store_data_client'; +import type { SiemMigrationsClient } from './lib/siem_migrations/types'; export { AppClient }; export interface SecuritySolutionApiRequestHandlerContext { @@ -57,6 +58,7 @@ export interface SecuritySolutionApiRequestHandlerContext { getRiskScoreDataClient: () => RiskScoreDataClient; getAssetCriticalityDataClient: () => AssetCriticalityDataClient; getEntityStoreDataClient: () => EntityStoreDataClient; + getSiemMigrationsClient: () => SiemMigrationsClient; } export type SecuritySolutionRequestHandlerContext = CustomRequestHandlerContext<{ diff --git a/x-pack/plugins/security_solution/server/ui_settings.ts b/x-pack/plugins/security_solution/server/ui_settings.ts index 842b8bbeceff83..6aeb86750be7af 100644 --- a/x-pack/plugins/security_solution/server/ui_settings.ts +++ b/x-pack/plugins/security_solution/server/ui_settings.ts @@ -343,6 +343,7 @@ export const initUiSettings = ( max: 1000, defaultValue: DEFAULT_MAX_UNASSOCIATED_NOTES, }), + category: [APP_ID], requiresPageReload: false, }, [EXCLUDED_DATA_TIERS_FOR_RULE_EXECUTION]: { diff --git a/x-pack/plugins/security_solution/tsconfig.json b/x-pack/plugins/security_solution/tsconfig.json index 5098a75e00cf27..0459b62bb1f6f5 100644 --- a/x-pack/plugins/security_solution/tsconfig.json +++ b/x-pack/plugins/security_solution/tsconfig.json @@ -230,5 +230,6 @@ "@kbn/core-security-server-mocks", "@kbn/serverless", "@kbn/core-user-profile-browser", + "@kbn/data-stream-adapter", ] } diff --git a/x-pack/plugins/security_solution_serverless/server/common/services/usage_reporting_service.test.ts b/x-pack/plugins/security_solution_serverless/server/common/services/usage_reporting_service.test.ts index e43df68cc200b4..e1fec63213dfbb 100644 --- a/x-pack/plugins/security_solution_serverless/server/common/services/usage_reporting_service.test.ts +++ b/x-pack/plugins/security_solution_serverless/server/common/services/usage_reporting_service.test.ts @@ -14,8 +14,8 @@ import { KBN_CERT_PATH, KBN_KEY_PATH, CA_CERT_PATH } from '@kbn/dev-utils'; import type { UsageApiConfigSchema } from '../../config'; import type { UsageRecord } from '../../types'; +import { USAGE_REPORTING_ENDPOINT } from '../../constants'; import { UsageReportingService } from './usage_reporting_service'; -import { USAGE_REPORTING_ENDPOINT, USAGE_SERVICE_USAGE_URL } from '../../constants'; jest.mock('node-fetch'); const { Response } = jest.requireActual('node-fetch'); @@ -24,6 +24,8 @@ describe('UsageReportingService', () => { let usageApiConfig: UsageApiConfigSchema; let service: UsageReportingService; + const kibanaVersion = '8.16.0'; + function generateUsageApiConfig(overrides?: Partial): UsageApiConfigSchema { const DEFAULT_USAGE_API_CONFIG = { enabled: false }; usageApiConfig = merge(DEFAULT_USAGE_API_CONFIG, overrides); @@ -34,7 +36,7 @@ describe('UsageReportingService', () => { function setupService( usageApi: UsageApiConfigSchema = generateUsageApiConfig() ): UsageReportingService { - service = new UsageReportingService(usageApi); + service = new UsageReportingService(usageApi, kibanaVersion); return service; } @@ -59,61 +61,42 @@ describe('UsageReportingService', () => { setupService(); }); - it('should still work if usageApi.url is not provided', async () => { + it('should not set agent if the URL is not https', async () => { + const url = 'http://usage-api.example'; + setupService(generateUsageApiConfig({ url })); const usageRecord = generateUsageRecord(); const records: UsageRecord[] = [usageRecord]; const mockResponse = new Response(null, { status: 200 }); - (fetch as jest.MockedFunction).mockResolvedValueOnce(mockResponse); + (fetch as jest.MockedFunction).mockResolvedValue(mockResponse); const response = await service.reportUsage(records); expect(fetch).toHaveBeenCalledTimes(1); - expect(fetch).toHaveBeenCalledWith(USAGE_SERVICE_USAGE_URL, { + expect(fetch).toHaveBeenCalledWith(`${url}${USAGE_REPORTING_ENDPOINT}`, { method: 'post', body: JSON.stringify(records), - headers: { 'Content-Type': 'application/json' }, - agent: expect.any(https.Agent), + headers: { + 'Content-Type': 'application/json', + 'User-Agent': `Kibana/${kibanaVersion} node-fetch`, + }, }); expect(response).toBe(mockResponse); }); - it('should use an agent with rejectUnauthorized false if config.enabled is false', async () => { + it('should throw if url not provided', async () => { const usageRecord = generateUsageRecord(); const records: UsageRecord[] = [usageRecord]; - const mockResponse = new Response(null, { status: 200 }); - (fetch as jest.MockedFunction).mockResolvedValueOnce(mockResponse); - - const response = await service.reportUsage(records); - - expect(fetch).toHaveBeenCalledTimes(1); - expect(fetch).toHaveBeenCalledWith(USAGE_SERVICE_USAGE_URL, { - method: 'post', - body: JSON.stringify(records), - headers: { 'Content-Type': 'application/json' }, - agent: expect.objectContaining({ - options: expect.objectContaining({ rejectUnauthorized: false }), - }), - }); - expect(response).toBe(mockResponse); + await expect(service.reportUsage(records)).rejects.toThrowError('usage-api url not provided'); }); - it('should not set agent if the URL is not https', async () => { - const url = 'http://usage-api.example'; + it('should throw if TLS configs not provided', async () => { + const url = 'https://some-url'; setupService(generateUsageApiConfig({ url })); const usageRecord = generateUsageRecord(); const records: UsageRecord[] = [usageRecord]; - const mockResponse = new Response(null, { status: 200 }); - (fetch as jest.MockedFunction).mockResolvedValue(mockResponse); - - const response = await service.reportUsage(records); - - expect(fetch).toHaveBeenCalledTimes(1); - expect(fetch).toHaveBeenCalledWith(`${url}${USAGE_REPORTING_ENDPOINT}`, { - method: 'post', - body: JSON.stringify(records), - headers: { 'Content-Type': 'application/json' }, - }); - expect(response).toBe(mockResponse); + await expect(service.reportUsage(records)).rejects.toThrowError( + 'usage-api TLS configs not provided' + ); }); }); @@ -132,7 +115,7 @@ describe('UsageReportingService', () => { setupService(generateUsageApiConfig(DEFAULT_CONFIG)); }); - it('should use usageApi.url if provided', async () => { + it('should correctly use usageApi.url', async () => { const usageRecord = generateUsageRecord(); const records: UsageRecord[] = [usageRecord]; const mockResponse = new Response(null, { status: 200 }); @@ -145,7 +128,10 @@ describe('UsageReportingService', () => { expect(fetch).toHaveBeenCalledWith(url, { method: 'post', body: JSON.stringify(records), - headers: { 'Content-Type': 'application/json' }, + headers: { + 'Content-Type': 'application/json', + 'User-Agent': `Kibana/${kibanaVersion} node-fetch`, + }, agent: expect.any(https.Agent), }); expect(response).toBe(mockResponse); @@ -164,7 +150,10 @@ describe('UsageReportingService', () => { expect(fetch).toHaveBeenCalledWith(url, { method: 'post', body: JSON.stringify(records), - headers: { 'Content-Type': 'application/json' }, + headers: { + 'Content-Type': 'application/json', + 'User-Agent': `Kibana/${kibanaVersion} node-fetch`, + }, agent: expect.objectContaining({ options: expect.objectContaining({ cert: expect.any(String), diff --git a/x-pack/plugins/security_solution_serverless/server/common/services/usage_reporting_service.ts b/x-pack/plugins/security_solution_serverless/server/common/services/usage_reporting_service.ts index ee402872ef33a8..e7cabdf3e6f279 100644 --- a/x-pack/plugins/security_solution_serverless/server/common/services/usage_reporting_service.ts +++ b/x-pack/plugins/security_solution_serverless/server/common/services/usage_reporting_service.ts @@ -15,18 +15,24 @@ import { SslConfig, sslSchema } from '@kbn/server-http-tools'; import type { UsageRecord } from '../../types'; import type { UsageApiConfigSchema, TlsConfigSchema } from '../../config'; -import { USAGE_REPORTING_ENDPOINT, USAGE_SERVICE_USAGE_URL } from '../../constants'; +import { USAGE_REPORTING_ENDPOINT } from '../../constants'; export class UsageReportingService { private agent: https.Agent | undefined; - constructor(private readonly config: UsageApiConfigSchema) {} + constructor( + private readonly config: UsageApiConfigSchema, + private readonly kibanaVersion: string + ) {} public async reportUsage(records: UsageRecord[]): Promise { const reqArgs: RequestInit = { method: 'post', body: JSON.stringify(records), - headers: { 'Content-Type': 'application/json' }, + headers: { + 'Content-Type': 'application/json', + 'User-Agent': `Kibana/${this.kibanaVersion} node-fetch`, + }, }; if (this.usageApiUrl.includes('https')) { reqArgs.agent = this.httpAgent; @@ -36,7 +42,7 @@ export class UsageReportingService { private get tlsConfigs(): NonNullable { if (!this.config.tls) { - throw new Error('UsageReportingService: usageApi.tls configs not provided'); + throw new Error('usage-api TLS configs not provided'); } return this.config.tls; @@ -44,7 +50,7 @@ export class UsageReportingService { private get usageApiUrl(): string { if (!this.config.url) { - return USAGE_SERVICE_USAGE_URL; + throw new Error('usage-api url not provided'); } return `${this.config.url}${USAGE_REPORTING_ENDPOINT}`; @@ -55,11 +61,6 @@ export class UsageReportingService { return this.agent; } - if (!this.config.enabled) { - this.agent = new https.Agent({ rejectUnauthorized: false }); - return this.agent; - } - const tlsConfig = new SslConfig( sslSchema.validate({ enabled: true, diff --git a/x-pack/plugins/security_solution_serverless/server/constants.ts b/x-pack/plugins/security_solution_serverless/server/constants.ts index 411a7209682deb..7a5e20c76273bf 100644 --- a/x-pack/plugins/security_solution_serverless/server/constants.ts +++ b/x-pack/plugins/security_solution_serverless/server/constants.ts @@ -5,9 +5,5 @@ * 2.0. */ -const namespace = 'elastic-system'; -const USAGE_SERVICE_BASE_API_URL = `https://usage-api.${namespace}/api`; -const USAGE_SERVICE_BASE_API_URL_V1 = `${USAGE_SERVICE_BASE_API_URL}/v1`; -export const USAGE_SERVICE_USAGE_URL = `${USAGE_SERVICE_BASE_API_URL_V1}/usage`; export const USAGE_REPORTING_ENDPOINT = '/api/v1/usage'; export const METERING_SERVICE_BATCH_SIZE = 1000; diff --git a/x-pack/plugins/security_solution_serverless/server/endpoint/services/metering_service.test.ts b/x-pack/plugins/security_solution_serverless/server/endpoint/services/metering_service.test.ts index 9ef80a63f0a4a6..323d85e9b9ab5c 100644 --- a/x-pack/plugins/security_solution_serverless/server/endpoint/services/metering_service.test.ts +++ b/x-pack/plugins/security_solution_serverless/server/endpoint/services/metering_service.test.ts @@ -5,16 +5,18 @@ * 2.0. */ -import { loggingSystemMock } from '@kbn/core-logging-server-mocks'; -import { type ElasticsearchClientMock, elasticsearchServiceMock } from '@kbn/core/server/mocks'; +import type { ElasticsearchClientMock } from '@kbn/core/server/mocks'; import type { AggregationsAggregate, SearchResponse } from '@elastic/elasticsearch/lib/api/types'; import type { CloudSetup } from '@kbn/cloud-plugin/server'; import type { EndpointHeartbeat } from '@kbn/security-solution-plugin/common/endpoint/types'; -import { ENDPOINT_HEARTBEAT_INDEX } from '@kbn/security-solution-plugin/common/endpoint/constants'; -import { ProductLine, ProductTier } from '../../../common/product'; +import { elasticsearchServiceMock } from '@kbn/core/server/mocks'; +import { ENDPOINT_HEARTBEAT_INDEX_PATTERN } from '@kbn/security-solution-plugin/common/endpoint/constants'; +import { loggingSystemMock } from '@kbn/core-logging-server-mocks'; import type { ServerlessSecurityConfig } from '../../config'; + +import { ProductLine, ProductTier } from '../../../common/product'; import { METERING_TASK } from '../constants/metering'; import { EndpointMeteringService } from './metering_service'; @@ -59,7 +61,7 @@ describe('EndpointMeteringService', () => { hits: { hits: [ { - _index: ENDPOINT_HEARTBEAT_INDEX, + _index: ENDPOINT_HEARTBEAT_INDEX_PATTERN, _id: 'test-heartbeat-doc-id', _source: { agent: { diff --git a/x-pack/plugins/security_solution_serverless/server/endpoint/services/metering_service.ts b/x-pack/plugins/security_solution_serverless/server/endpoint/services/metering_service.ts index 2d253633b72314..3f3ff94d0aa77c 100644 --- a/x-pack/plugins/security_solution_serverless/server/endpoint/services/metering_service.ts +++ b/x-pack/plugins/security_solution_serverless/server/endpoint/services/metering_service.ts @@ -7,9 +7,10 @@ import type { AggregationsAggregate, SearchResponse } from '@elastic/elasticsearch/lib/api/types'; import type { ElasticsearchClient } from '@kbn/core/server'; -import { ENDPOINT_HEARTBEAT_INDEX } from '@kbn/security-solution-plugin/common/endpoint/constants'; import type { EndpointHeartbeat } from '@kbn/security-solution-plugin/common/endpoint/types'; +import { ENDPOINT_HEARTBEAT_INDEX_PATTERN } from '@kbn/security-solution-plugin/common/endpoint/constants'; + import { METERING_SERVICE_BATCH_SIZE } from '../../constants'; import { ProductLine, ProductTier } from '../../../common/product'; @@ -83,7 +84,7 @@ export class EndpointMeteringService { ): Promise>> { return esClient.search( { - index: ENDPOINT_HEARTBEAT_INDEX, + index: ENDPOINT_HEARTBEAT_INDEX_PATTERN, sort: 'event.ingested', size: METERING_SERVICE_BATCH_SIZE, query: { diff --git a/x-pack/plugins/security_solution_serverless/server/plugin.ts b/x-pack/plugins/security_solution_serverless/server/plugin.ts index c249e48ca13a0b..3e58f0fd9f7903 100644 --- a/x-pack/plugins/security_solution_serverless/server/plugin.ts +++ b/x-pack/plugins/security_solution_serverless/server/plugin.ts @@ -45,6 +45,7 @@ export class SecuritySolutionServerlessPlugin SecuritySolutionServerlessPluginStartDeps > { + private kibanaVersion: string; private config: ServerlessSecurityConfig; private cloudSecurityUsageReportingTask: SecurityUsageReportingTask | undefined; private endpointUsageReportingTask: SecurityUsageReportingTask | undefined; @@ -53,10 +54,14 @@ export class SecuritySolutionServerlessPlugin private readonly usageReportingService: UsageReportingService; constructor(private readonly initializerContext: PluginInitializerContext) { + this.kibanaVersion = initializerContext.env.packageInfo.version; this.config = this.initializerContext.config.get(); this.logger = this.initializerContext.logger.get(); - this.usageReportingService = new UsageReportingService(this.config.usageApi); + this.usageReportingService = new UsageReportingService( + this.config.usageApi, + this.kibanaVersion + ); const productTypesStr = JSON.stringify(this.config.productTypes, null, 2); this.logger.info(`Security Solution running with product types:\n${productTypesStr}`); diff --git a/x-pack/plugins/security_solution_serverless/server/task_manager/usage_reporting_task.ts b/x-pack/plugins/security_solution_serverless/server/task_manager/usage_reporting_task.ts index 6eb682a84d4748..d2cf2de4a9a04a 100644 --- a/x-pack/plugins/security_solution_serverless/server/task_manager/usage_reporting_task.ts +++ b/x-pack/plugins/security_solution_serverless/server/task_manager/usage_reporting_task.ts @@ -188,7 +188,6 @@ export class SecurityUsageReportingTask { usageRecords.length }) usage records starting from ${lastSuccessfulReport.toISOString()}: ${err} ` ); - shouldRunAgain = true; } } diff --git a/x-pack/plugins/serverless_observability/public/plugin.ts b/x-pack/plugins/serverless_observability/public/plugin.ts index 25cb2dae38192d..05d598b2b3a7ea 100644 --- a/x-pack/plugins/serverless_observability/public/plugin.ts +++ b/x-pack/plugins/serverless_observability/public/plugin.ts @@ -59,7 +59,7 @@ export class ServerlessObservabilityPlugin observabilityAiAssistantManagement: { category: appCategories.OTHER, title: i18n.translate('xpack.serverlessObservability.aiAssistantManagementTitle', { - defaultMessage: 'AI Assistant for Observability Settings', + defaultMessage: 'AI Assistant for Observability and Search Settings', }), description: i18n.translate( 'xpack.serverlessObservability.aiAssistantManagementDescription', diff --git a/x-pack/plugins/spaces/public/management/components/enabled_features/__snapshots__/enabled_features.test.tsx.snap b/x-pack/plugins/spaces/public/management/components/enabled_features/__snapshots__/enabled_features.test.tsx.snap index 9babe0f1699924..c3558f91936ba1 100644 --- a/x-pack/plugins/spaces/public/management/components/enabled_features/__snapshots__/enabled_features.test.tsx.snap +++ b/x-pack/plugins/spaces/public/management/components/enabled_features/__snapshots__/enabled_features.test.tsx.snap @@ -29,12 +29,10 @@ exports[`EnabledFeatures renders as expected 1`] = ` id="xpack.spaces.management.enabledSpaceFeatures.chooseFeaturesToDisplayMessage" values={ Object { - "solutionView": - - , + "solutionView": , } } /> diff --git a/x-pack/plugins/spaces/public/management/components/enabled_features/enabled_features.tsx b/x-pack/plugins/spaces/public/management/components/enabled_features/enabled_features.tsx index 377f4c51ff0c53..e045321cafac65 100644 --- a/x-pack/plugins/spaces/public/management/components/enabled_features/enabled_features.tsx +++ b/x-pack/plugins/spaces/public/management/components/enabled_features/enabled_features.tsx @@ -43,12 +43,10 @@ export const EnabledFeatures: FunctionComponent = (props) => { defaultMessage="Choose the features to display in the navigation menu for users of this space. If you want to focus on a single solution, you can simplify the navigation even more by selecting a {solutionView}." values={{ solutionView: ( - - - + ), }} /> diff --git a/x-pack/plugins/spaces/public/management/components/solution_view/solution_view.tsx b/x-pack/plugins/spaces/public/management/components/solution_view/solution_view.tsx index 4bf5e437f73507..2d4818ff0b9344 100644 --- a/x-pack/plugins/spaces/public/management/components/solution_view/solution_view.tsx +++ b/x-pack/plugins/spaces/public/management/components/solution_view/solution_view.tsx @@ -111,7 +111,7 @@ export const SolutionView: FunctionComponent = ({ return ( - + @@ -163,6 +163,7 @@ export const SolutionView: FunctionComponent = ({ onChange={(solution) => { onChange({ ...space, solution }); }} + fullWidth={true} placeholder={i18n.translate( 'xpack.spaces.management.navigation.solutionViewDefaultValue', { defaultMessage: 'Select solution view' } @@ -180,7 +181,7 @@ export const SolutionView: FunctionComponent = ({ /> - + = ({ > - + @@ -246,7 +246,7 @@ export const EditSpace: FC = ({ - +
{shouldShowSolutionBadge ? ( { expect(subscription).toHaveBeenNthCalledWith(2, 8); }); + test('should decrease configuration at the next interval when a 503 error is emitted', async () => { + const { subscription, errors$ } = setupScenario(10); + errors$.next(SavedObjectsErrorHelpers.createGenericNotFoundEsUnavailableError('a', 'b')); + clock.tick(ADJUST_THROUGHPUT_INTERVAL - 1); + expect(subscription).toHaveBeenCalledTimes(1); + expect(subscription).toHaveBeenNthCalledWith(1, 10); + clock.tick(1); + expect(subscription).toHaveBeenCalledTimes(2); + expect(subscription).toHaveBeenNthCalledWith(2, 8); + }); + test('should log a warning when the configuration changes from the starting value', async () => { const { errors$ } = setupScenario(10); errors$.next(SavedObjectsErrorHelpers.createTooManyRequestsError('a', 'b')); @@ -235,6 +246,17 @@ describe('createManagedConfiguration()', () => { expect(subscription).toHaveBeenNthCalledWith(2, 8); }); + test('should decrease configuration at the next interval when a 503 error is emitted', async () => { + const { subscription, errors$ } = setupScenario(10, CLAIM_STRATEGY_MGET); + errors$.next(SavedObjectsErrorHelpers.createGenericNotFoundEsUnavailableError('a', 'b')); + clock.tick(ADJUST_THROUGHPUT_INTERVAL - 1); + expect(subscription).toHaveBeenCalledTimes(1); + expect(subscription).toHaveBeenNthCalledWith(1, 10); + clock.tick(1); + expect(subscription).toHaveBeenCalledTimes(2); + expect(subscription).toHaveBeenNthCalledWith(2, 8); + }); + test('should log a warning when the configuration changes from the starting value', async () => { const { errors$ } = setupScenario(10, CLAIM_STRATEGY_MGET); errors$.next(SavedObjectsErrorHelpers.createTooManyRequestsError('a', 'b')); @@ -305,6 +327,16 @@ describe('createManagedConfiguration()', () => { expect(subscription).toHaveBeenNthCalledWith(2, 120); }); + test('should increase configuration at the next interval when a 503 error is emitted', async () => { + const { subscription, errors$ } = setupScenario(100); + errors$.next(SavedObjectsErrorHelpers.createGenericNotFoundEsUnavailableError('a', 'b')); + clock.tick(ADJUST_THROUGHPUT_INTERVAL - 1); + expect(subscription).toHaveBeenCalledTimes(1); + clock.tick(1); + expect(subscription).toHaveBeenCalledTimes(2); + expect(subscription).toHaveBeenNthCalledWith(2, 120); + }); + test('should log a warning when the configuration changes from the starting value', async () => { const { errors$ } = setupScenario(100); errors$.next(SavedObjectsErrorHelpers.createTooManyRequestsError('a', 'b')); diff --git a/x-pack/plugins/task_manager/server/lib/create_managed_configuration.ts b/x-pack/plugins/task_manager/server/lib/create_managed_configuration.ts index 3036eb2008de6a..a0adee6d058182 100644 --- a/x-pack/plugins/task_manager/server/lib/create_managed_configuration.ts +++ b/x-pack/plugins/task_manager/server/lib/create_managed_configuration.ts @@ -161,7 +161,10 @@ function countErrors(errors$: Observable, countInterval: number): Observa interval(countInterval).pipe(map(() => FLUSH_MARKER)), errors$.pipe( filter( - (e) => SavedObjectsErrorHelpers.isTooManyRequestsError(e) || isEsCannotExecuteScriptError(e) + (e) => + SavedObjectsErrorHelpers.isTooManyRequestsError(e) || + SavedObjectsErrorHelpers.isEsUnavailableError(e) || + isEsCannotExecuteScriptError(e) ) ) ).pipe( diff --git a/x-pack/plugins/translations/translations/fr-FR.json b/x-pack/plugins/translations/translations/fr-FR.json index fc240ba84ad299..dc00787a579c62 100644 --- a/x-pack/plugins/translations/translations/fr-FR.json +++ b/x-pack/plugins/translations/translations/fr-FR.json @@ -2480,45 +2480,10 @@ "discover.localMenu.saveTitle": "Enregistrer", "discover.localMenu.shareSearchDescription": "Partager la recherche", "discover.localMenu.shareTitle": "Partager", - "discover.logs.dataTable.controlColumn.actions.button.degradedDoc": "Accès à un document dégradé avec le champ {ignoredProperty}", - "discover.logs.dataTable.controlColumn.actions.button.degradedDocNotPresent": "Tous les champs de ce document ont été analysés correctement", - "discover.logs.dataTable.controlColumn.actions.button.degradedDocPresent": "Ce document n'a pas pu être analysé correctement. Tous les champs n'ont pas été remplis correctement", - "discover.logs.dataTable.controlColumn.actions.button.stacktrace.available": "Traces d'appel disponibles", - "discover.logs.dataTable.controlColumn.actions.button.stacktrace.notAvailable": "Traces d'appel indisponibles", - "discover.logs.dataTable.header.actions.tooltip.expand": "Développer les détails du log", - "discover.logs.dataTable.header.actions.tooltip.paragraph": "Les champs fournissant des informations exploitables, comme :", - "discover.logs.dataTable.header.actions.tooltip.stacktrace": "L'accès aux traces d'appel disponibles est basé sur :", - "discover.logs.dataTable.header.content.tooltip.paragraph1": "Affiche le {logLevel} du document et les champs {message}.", - "discover.logs.dataTable.header.content.tooltip.paragraph2": "Lorsque le champ de message est vide, l'une des informations suivantes s'affiche :", - "discover.logs.dataTable.header.popover.actions": "Actions", - "discover.logs.dataTable.header.popover.actions.lowercase": "actions", "discover.logs.dataTable.header.popover.content": "Contenu", "discover.logs.dataTable.header.popover.resource": "Ressource", - "discover.logs.dataTable.header.resource.tooltip.paragraph": "Les champs fournissant des informations sur la source du document, comme :", - "discover.logs.flyoutDetail.accordion.title.cloud": "Cloud", - "discover.logs.flyoutDetail.accordion.title.other": "Autre", - "discover.logs.flyoutDetail.accordion.title.serviceInfra": "Service et Infrastructure", - "discover.logs.flyoutDetail.label.cloudAvailabilityZone": "Zone de disponibilité du cloud", - "discover.logs.flyoutDetail.label.cloudInstanceId": "ID d'instance du cloud", - "discover.logs.flyoutDetail.label.cloudProjectId": "ID de projet du cloud", - "discover.logs.flyoutDetail.label.cloudProvider": "Fournisseur cloud", - "discover.logs.flyoutDetail.label.cloudRegion": "Région du cloud", - "discover.logs.flyoutDetail.label.dataset": "Ensemble de données", - "discover.logs.flyoutDetail.label.hostName": "Nom d'hôte", - "discover.logs.flyoutDetail.label.logPathFile": "Fichier de chemin d'accès au log", - "discover.logs.flyoutDetail.label.message": "Répartition du contenu", - "discover.logs.flyoutDetail.label.namespace": "Espace de nom", - "discover.logs.flyoutDetail.label.orchestratorClusterName": "Nom de cluster de l'orchestrateur", - "discover.logs.flyoutDetail.label.orchestratorResourceId": "ID de ressource de l'orchestrateur", - "discover.logs.flyoutDetail.label.service": "Service", - "discover.logs.flyoutDetail.label.shipper": "Agent de transfert", - "discover.logs.flyoutDetail.label.trace": "Trace", - "discover.logs.flyoutDetail.section.showMore": "+ {hiddenCount} autres", - "discover.logs.flyoutDetail.value.hover.copyToClipboard": "Copier dans le presse-papiers", "discover.logs.flyoutDetail.value.hover.filterFor": "Filtrer sur cette {value}", - "discover.logs.flyoutDetail.value.hover.filterForFieldPresent": "Filtrer sur le champ", "discover.logs.flyoutDetail.value.hover.filterOut": "Exclure cette {value}", - "discover.logs.flyoutDetail.value.hover.toggleColumn": "Afficher/Masquer la colonne dans le tableau", "discover.logs.popoverAction.closePopover": "Fermer la fenêtre contextuelle", "discover.logs.popoverAction.copyValue": "Copier la valeur", "discover.logs.popoverAction.copyValueAriaText": "Copier la valeur de {fieldName}", @@ -6109,10 +6074,6 @@ "reporting.jobWarning.csvContainsFormulas": "Votre fichier CSV contient des caractères que les applications de feuilles de calcul pourraient considérer comme des formules.", "reporting.jobWarning.exportTypeDeprecated": "Il s'agit d'un type d'exportation déclassé. L'automatisation de ce rapport devra être à nouveau créée pour une question de compatibilité avec les futures versions de Kibana.", "reporting.jobWarning.maxSizeReachedTooltip": "Votre recherche a atteint la taille maximale et contient des données partielles.", - "reporting.pngV2.generateButtonLabel": "Exporter un fichier", - "reporting.pngV2.helpText": "Sélectionnez le type de fichier que vous souhaitez exporter pour cette visualisation.", - "reporting.printablePdfV2.generateButtonLabel": "Exporter un fichier", - "reporting.printablePdfV2.helpText": "Sélectionnez le type de fichier que vous souhaitez exporter pour cette visualisation.", "reporting.share.contextMenu.export.csvReportsButtonLabel": "Exporter", "reporting.share.csv.reporting.helpTextCSV": "Exporter un fichier CSV à partir de ce {objectType}.", "reporting.share.generateButtonLabelCSV": "Générer un CSV", @@ -7150,6 +7111,8 @@ "share.dashboard.link.description": "Partagez un lien direct avec cette recherche.", "share.embed.dashboard.helpText": "Intégrez ce tableau de bord dans une autre page web. Sélectionnez les éléments à inclure dans la vue intégrable.", "share.embed.helpText": "Intégrez ce {objectType} dans une autre page web.", + "share.export.generateButtonLabel": "Exporter un fichier", + "share.export.helpText": "Sélectionnez le type de fichier que vous souhaitez exporter pour cette visualisation.", "share.fileType": "Type de fichier", "share.link.copied": "Texte copié", "share.link.copyEmbedCodeButton": "Copier le code intégré", @@ -16295,11 +16258,6 @@ "xpack.enterpriseSearch.connectorDeployment.indexCreatedFlexItemLabel": "Index créé", "xpack.enterpriseSearch.connectorDeployment.orLabel": "ou", "xpack.enterpriseSearch.connectorDeployment.p.addTheFollowingConfigurationLabel": "Cloner ou télécharger le référentiel sur votre machine locale", - "xpack.enterpriseSearch.connectorDeployment.p.changeOutputPathLabel": "Modifiez la valeur d'argument {output} pour le chemin auquel vous voulez enregistrer le fichier de configuration.", - "xpack.enterpriseSearch.connectorDeployment.p.compileAndRunLabel": "Compiler et exécuter", - "xpack.enterpriseSearch.connectorDeployment.p.downloadConfigurationLabel": "Vous pouvez soit télécharger le fichier de configuration manuellement, soit exécuter la commande suivante", - "xpack.enterpriseSearch.connectorDeployment.p.editConfigLabel": "Modifiez le fichier {configYaml} et fournissez la configuration suivante", - "xpack.enterpriseSearch.connectorDeployment.p.editConfigYamlLabel": "Modifiez le fichier {configYaml} et fournissez les informations de connexion suivantes", "xpack.enterpriseSearch.connectorDeployment.p.runTheFollowingCommandLabel": "Exécutez la commande suivante dans votre terminal. Assurez-vous que Docker est installé sur votre machine", "xpack.enterpriseSearch.connectorDescriptionBadge.client.chooseADataSourceLabel": "Choisissez une source de données à synchroniser", "xpack.enterpriseSearch.connectorDescriptionBadge.client.configureConnectorLabel": "Déployez le code du connecteur sur votre propre infrastructure en l'exécutant depuis la source ou à l'aide de Docker", @@ -24833,7 +24791,6 @@ "xpack.lens.app.convertedLabel": "{title} (converti)", "xpack.lens.app.createVisualizationLabel": "ES|QL", "xpack.lens.app.docLoadingError": "Erreur lors du chargement du document enregistré", - "xpack.lens.app.downloadButtonFormulasWarning": "Votre fichier CSV contient des caractères que les applications de feuilles de calcul pourraient considérer comme des formules.", "xpack.lens.app.editLensEmbeddableLabel": "Modifier la visualisation", "xpack.lens.app.editVisualizationLabel": "Modifier la visualisation {lang}", "xpack.lens.app.exploreDataInDiscover": "Explorer dans Discover", @@ -24873,7 +24830,6 @@ "xpack.lens.app.unsavedWorkTitle": "Modifications non enregistrées", "xpack.lens.app.updatePanel": "Mettre à jour le panneau sur {originatingAppName}", "xpack.lens.app404": "404 Page introuvable", - "xpack.lens.application.csvPanelContent.downloadButtonLabel": "Générer un CSV", "xpack.lens.application.csvPanelContent.generationDescription": "Téléchargez les données affichées dans la visualisation.", "xpack.lens.appName": "Visualisation Lens", "xpack.lens.axisExtent.axisExtent.custom": "Personnalisé", @@ -25627,8 +25583,6 @@ "xpack.lens.settings.title": "Paramètres Lens", "xpack.lens.settingWithSiblingFlyout.back": "Retour", "xpack.lens.share.csvButton": "Télécharger CSV", - "xpack.lens.share.export": "Exporter un fichier", - "xpack.lens.share.helpText": "Exportez un CVS de cette visualisation.", "xpack.lens.shared.axisNameLabel": "Titre de l'axe", "xpack.lens.shared.labelTruncation": "Troncature d'étiquette", "xpack.lens.shared.Lagend ": "Ligne d'en-tête", @@ -35302,13 +35256,6 @@ "xpack.securitySolution.attackDiscovery.summaryCount.alertsLabel": "{alertsCount} {alertsCount, plural, =1 {alerte} other {alertes}}", "xpack.securitySolution.attackDiscovery.summaryCount.discoveriesLabel": "{attackDiscoveriesCount} {attackDiscoveriesCount, plural, =1 {découverte} other {découvertes}}", "xpack.securitySolution.attackDiscovery.summaryCount.lastGeneratedLabel": "Généré", - "xpack.securitySolution.attackDiscovery.tour.exit": "Fermer", - "xpack.securitySolution.attackDiscovery.tour.navStep.desc": "Tirez parti de l’IA générative pour trouver des relations entre vos alertes et détailler les chaînes d’attaque.", - "xpack.securitySolution.attackDiscovery.tour.navStep.title": "Présentation d’Attack Discovery", - "xpack.securitySolution.attackDiscovery.tour.tryIt": "Essayer", - "xpack.securitySolution.attackDiscovery.tour.video": "Regardez la vidéo de présentation", - "xpack.securitySolution.attackDiscovery.tour.videoStep.desc": "Plongez dans les découvertes d'attaques axées sur les données et rationalisez votre flux de travail grâce à notre technologie d'IA intuitive, conçue pour accroître instantanément votre productivité.", - "xpack.securitySolution.attackDiscovery.tour.videoStep.title": "Démarrez la découverte des attaques", "xpack.securitySolution.auditd.abortedAuditStartupDescription": "démarrage de l'audit abandonné", "xpack.securitySolution.auditd.accessErrorDescription": "erreur d'accès", "xpack.securitySolution.auditd.accessPermissionDescription": "autorisation d'accès", @@ -38718,7 +38665,6 @@ "xpack.securitySolution.flyout.entityDetails.valuesColumnTitle": "Valeurs", "xpack.securitySolution.flyout.host.preview.viewDetailsLabel": "Ouvrir le menu volant des détails de l'hôte", "xpack.securitySolution.flyout.left.insights.buttonGroupLegendLabel": "Options des informations exploitables", - "xpack.securitySolution.flyout.left.insights.correlations.alertPreviewTitle": "Aperçu des détails de l'alerte", "xpack.securitySolution.flyout.left.insights.correlations.ancestryAlertsNoDataDescription": "Aucune alerte associée par ancêtre.", "xpack.securitySolution.flyout.left.insights.correlations.ancestryAlertsTitle": "{count} {count, plural, one {alerte associée} other {alertes associées}} par ancêtre", "xpack.securitySolution.flyout.left.insights.correlations.nameColumnLabel": "Nom", @@ -38794,7 +38740,6 @@ "xpack.securitySolution.flyout.left.visualize.sessionViewButtonLabel": "Vue de session", "xpack.securitySolution.flyout.left.visualize.tabLabel": "Visualize", "xpack.securitySolution.flyout.preview.alertReason.panelTitle": "Raison d'alerte", - "xpack.securitySolution.flyout.preview.openFlyoutLabel": "Afficher tous les détails de l'alerte", "xpack.securitySolution.flyout.preview.rule.aboutLabel": "À propos", "xpack.securitySolution.flyout.preview.rule.actionsLabel": "Actions", "xpack.securitySolution.flyout.preview.rule.definitionLabel": "Définition", @@ -44455,7 +44400,6 @@ "xpack.synthetics.overview.status.filters.legend": "Statut du moniteur", "xpack.synthetics.overview.status.filters.pending": "En attente", "xpack.synthetics.overview.status.filters.up": "Opérationnel", - "xpack.synthetics.overview.status.headingText": "Statut actuel", "xpack.synthetics.overview.status.pending.description": "En attente", "xpack.synthetics.overview.status.up.description": "Opérationnel", "xpack.synthetics.overview.SyntheticsHeading": "Moniteurs", diff --git a/x-pack/plugins/translations/translations/ja-JP.json b/x-pack/plugins/translations/translations/ja-JP.json index 4d39022965da0b..8345a6b36ae8f8 100644 --- a/x-pack/plugins/translations/translations/ja-JP.json +++ b/x-pack/plugins/translations/translations/ja-JP.json @@ -2479,45 +2479,10 @@ "discover.localMenu.saveTitle": "保存", "discover.localMenu.shareSearchDescription": "検索を共有します", "discover.localMenu.shareTitle": "共有", - "discover.logs.dataTable.controlColumn.actions.button.degradedDoc": "{ignoredProperty}フィールドの劣化したドキュメントにアクセス", - "discover.logs.dataTable.controlColumn.actions.button.degradedDocNotPresent": "このドキュメントのすべてのフィールドは正しく解析されました", - "discover.logs.dataTable.controlColumn.actions.button.degradedDocPresent": "このドキュメントを正しく解析できませんでした。一部のフィールドが正しく入力されていません", - "discover.logs.dataTable.controlColumn.actions.button.stacktrace.available": "スタックトレースがあります", - "discover.logs.dataTable.controlColumn.actions.button.stacktrace.notAvailable": "スタックトレースがありません", - "discover.logs.dataTable.header.actions.tooltip.expand": "ログの詳細を展開", - "discover.logs.dataTable.header.actions.tooltip.paragraph": "次のようなアクショナブルな情報を提供するフィールド:", - "discover.logs.dataTable.header.actions.tooltip.stacktrace": "次に基づいて使用可能なスタックトレースにアクセス:", - "discover.logs.dataTable.header.content.tooltip.paragraph1": "ドキュメントの{logLevel}と{message}フィールドを表示します。", - "discover.logs.dataTable.header.content.tooltip.paragraph2": "メッセージフィールドが空のときには、次のいずれかが表示されます。", - "discover.logs.dataTable.header.popover.actions": "アクション", - "discover.logs.dataTable.header.popover.actions.lowercase": "アクション", "discover.logs.dataTable.header.popover.content": "コンテンツ", "discover.logs.dataTable.header.popover.resource": "リソース", - "discover.logs.dataTable.header.resource.tooltip.paragraph": "次のようなドキュメントのソースに関する情報を提供するフィールド:", - "discover.logs.flyoutDetail.accordion.title.cloud": "クラウド", - "discover.logs.flyoutDetail.accordion.title.other": "Other", - "discover.logs.flyoutDetail.accordion.title.serviceInfra": "サービスとインフラストラクチャー", - "discover.logs.flyoutDetail.label.cloudAvailabilityZone": "クラウドアベイラビリティゾーン", - "discover.logs.flyoutDetail.label.cloudInstanceId": "クラウドインスタンスID", - "discover.logs.flyoutDetail.label.cloudProjectId": "クラウドプロジェクトID", - "discover.logs.flyoutDetail.label.cloudProvider": "クラウドプロバイダー", - "discover.logs.flyoutDetail.label.cloudRegion": "クラウドリージョン", - "discover.logs.flyoutDetail.label.dataset": "データセット", - "discover.logs.flyoutDetail.label.hostName": "ホスト名", - "discover.logs.flyoutDetail.label.logPathFile": "ログパスファイル", - "discover.logs.flyoutDetail.label.message": "コンテンツの内訳", - "discover.logs.flyoutDetail.label.namespace": "名前空間", - "discover.logs.flyoutDetail.label.orchestratorClusterName": "オーケストレータークラスター名", - "discover.logs.flyoutDetail.label.orchestratorResourceId": "オーケストレーターリソースID", - "discover.logs.flyoutDetail.label.service": "サービス", - "discover.logs.flyoutDetail.label.shipper": "シッパー", - "discover.logs.flyoutDetail.label.trace": "トレース", - "discover.logs.flyoutDetail.section.showMore": "+ その他{hiddenCount}件", - "discover.logs.flyoutDetail.value.hover.copyToClipboard": "クリップボードにコピー", "discover.logs.flyoutDetail.value.hover.filterFor": "この{value}でフィルターを適用", - "discover.logs.flyoutDetail.value.hover.filterForFieldPresent": "フィールド表示のフィルター", "discover.logs.flyoutDetail.value.hover.filterOut": "この{value}を除外", - "discover.logs.flyoutDetail.value.hover.toggleColumn": "表の列を切り替える", "discover.logs.popoverAction.closePopover": "ポップオーバーを閉じる", "discover.logs.popoverAction.copyValue": "値をコピー", "discover.logs.popoverAction.copyValueAriaText": "{fieldName}の値をコピー", @@ -5863,10 +5828,6 @@ "reporting.jobWarning.csvContainsFormulas": "CSVには、スプレッドシートアプリケーションで式と解釈される可能性のある文字が含まれています。", "reporting.jobWarning.exportTypeDeprecated": "これは廃止予定のエクスポートタイプです。将来のバージョンのKibanaとの互換性のためには、このレポートの自動化を再作成する必要があります。", "reporting.jobWarning.maxSizeReachedTooltip": "レポートが最大サイズに達し、部分データが含まれています。", - "reporting.pngV2.generateButtonLabel": "ファイルのエクスポート", - "reporting.pngV2.helpText": "このビジュアライゼーションでエクスポートするファイルタイプを選択します。", - "reporting.printablePdfV2.generateButtonLabel": "ファイルのエクスポート", - "reporting.printablePdfV2.helpText": "このビジュアライゼーションでエクスポートするファイルタイプを選択します。", "reporting.share.contextMenu.export.csvReportsButtonLabel": "エクスポート", "reporting.share.csv.reporting.helpTextCSV": "この{objectType}のCSVをエクスポートします。", "reporting.share.generateButtonLabelCSV": "CSVを生成", @@ -6904,6 +6865,8 @@ "share.dashboard.link.description": "この検索への直接リンクを共有します。", "share.embed.dashboard.helpText": "このダッシュボードを別のWebページに埋め込みます。埋め込み可能なビューに含める項目を選択します。", "share.embed.helpText": "この{objectType}を別のWebページに埋め込みます。", + "share.export.generateButtonLabel": "ファイルのエクスポート", + "share.export.helpText": "このビジュアライゼーションでエクスポートするファイルタイプを選択します。", "share.fileType": "ファイルタイプ", "share.link.copied": "テキストがコピーされました", "share.link.copyEmbedCodeButton": "埋め込みコードをコピー", @@ -16041,11 +16004,6 @@ "xpack.enterpriseSearch.connectorDeployment.indexCreatedFlexItemLabel": "インデックスが作成されました", "xpack.enterpriseSearch.connectorDeployment.orLabel": "または", "xpack.enterpriseSearch.connectorDeployment.p.addTheFollowingConfigurationLabel": "リポジトリを複製するか、ローカルコンピューターにダウンロード", - "xpack.enterpriseSearch.connectorDeployment.p.changeOutputPathLabel": "{output}引数値を、構成ファイルを保存するパスに変更します。", - "xpack.enterpriseSearch.connectorDeployment.p.compileAndRunLabel": "コンパイルして実行", - "xpack.enterpriseSearch.connectorDeployment.p.downloadConfigurationLabel": "手動で構成ファイルをダウンロードするか、次のコマンドを実行できます", - "xpack.enterpriseSearch.connectorDeployment.p.editConfigLabel": "{configYaml}ファイルを編集し、次の構成を入力", - "xpack.enterpriseSearch.connectorDeployment.p.editConfigYamlLabel": "{configYaml}ファイルを編集し、次の資格情報を入力", "xpack.enterpriseSearch.connectorDeployment.p.runTheFollowingCommandLabel": "ターミナルで次のコマンドを実行します。コンピューターにDockerがインストールされていることを確認します", "xpack.enterpriseSearch.connectorDescriptionBadge.client.chooseADataSourceLabel": "同期したいデータソースを選択します。", "xpack.enterpriseSearch.connectorDescriptionBadge.client.configureConnectorLabel": "ソースから実行するか、Dockerを使用して、独自のインフラにコネクターコードをデプロイします。", @@ -24580,7 +24538,6 @@ "xpack.lens.app.convertedLabel": "{title}(変換後)", "xpack.lens.app.createVisualizationLabel": "ES|QL", "xpack.lens.app.docLoadingError": "保存されたドキュメントの保存中にエラーが発生", - "xpack.lens.app.downloadButtonFormulasWarning": "CSVには、スプレッドシートアプリケーションで式と解釈される可能性のある文字が含まれています。", "xpack.lens.app.editLensEmbeddableLabel": "ビジュアライゼーションを編集", "xpack.lens.app.editVisualizationLabel": "{lang}ビジュアライゼーションを編集", "xpack.lens.app.exploreDataInDiscover": "Discoverで探索", @@ -24621,7 +24578,6 @@ "xpack.lens.app.unsavedWorkTitle": "保存されていない変更", "xpack.lens.app.updatePanel": "{originatingAppName}でパネルを更新", "xpack.lens.app404": "404 Not Found", - "xpack.lens.application.csvPanelContent.downloadButtonLabel": "CSVを生成", "xpack.lens.application.csvPanelContent.generationDescription": "ビジュアライゼーションに表示されるデータをダウンロードします。", "xpack.lens.appName": "Lensビジュアライゼーション", "xpack.lens.axisExtent.axisExtent.custom": "カスタム", @@ -25374,8 +25330,6 @@ "xpack.lens.settings.title": "Lens設定", "xpack.lens.settingWithSiblingFlyout.back": "戻る", "xpack.lens.share.csvButton": "CSV をダウンロード", - "xpack.lens.share.export": "ファイルのエクスポート", - "xpack.lens.share.helpText": "このビジュアライゼーションのCSVをエクスポートします。", "xpack.lens.shared.axisNameLabel": "軸のタイトル", "xpack.lens.shared.labelTruncation": "ラベルの切り捨て", "xpack.lens.shared.Lagend ": "系列ヘッダー", @@ -35047,13 +35001,6 @@ "xpack.securitySolution.attackDiscovery.summaryCount.alertsLabel": "{alertsCount} {alertsCount, plural, other {件のアラート}}", "xpack.securitySolution.attackDiscovery.summaryCount.discoveriesLabel": "{attackDiscoveriesCount} {attackDiscoveriesCount, plural, other {件の検出}}", "xpack.securitySolution.attackDiscovery.summaryCount.lastGeneratedLabel": "生成済み", - "xpack.securitySolution.attackDiscovery.tour.exit": "閉じる", - "xpack.securitySolution.attackDiscovery.tour.navStep.desc": "生成AIを活用して、アラート全体の関係を特定し、攻撃チェーンを解析します。", - "xpack.securitySolution.attackDiscovery.tour.navStep.title": "Attack Discoveryの概要", - "xpack.securitySolution.attackDiscovery.tour.tryIt": "お試しください", - "xpack.securitySolution.attackDiscovery.tour.video": "概要動画を視聴", - "xpack.securitySolution.attackDiscovery.tour.videoStep.desc": "データ主導のAttack Discoveryを導入し、生産性を即時に高めるために設計されたElasticの直感的なAI技術でワークフローを合理化しましょう。", - "xpack.securitySolution.attackDiscovery.tour.videoStep.title": "攻撃の検出を開始", "xpack.securitySolution.auditd.abortedAuditStartupDescription": "中断された監査のスタートアップ", "xpack.securitySolution.auditd.accessErrorDescription": "アクセスエラー", "xpack.securitySolution.auditd.accessPermissionDescription": "アクセス権限", @@ -38461,7 +38408,6 @@ "xpack.securitySolution.flyout.entityDetails.valuesColumnTitle": "値", "xpack.securitySolution.flyout.host.preview.viewDetailsLabel": "ホスト詳細フライアウトを開く", "xpack.securitySolution.flyout.left.insights.buttonGroupLegendLabel": "インサイトオプション", - "xpack.securitySolution.flyout.left.insights.correlations.alertPreviewTitle": "アラート詳細を表示", "xpack.securitySolution.flyout.left.insights.correlations.ancestryAlertsNoDataDescription": "上位項目に関連するアラートはありません。", "xpack.securitySolution.flyout.left.insights.correlations.ancestryAlertsTitle": "上位項目に関連する{count}件の{count, plural, other {アラート}}", "xpack.securitySolution.flyout.left.insights.correlations.nameColumnLabel": "名前", @@ -38537,7 +38483,6 @@ "xpack.securitySolution.flyout.left.visualize.sessionViewButtonLabel": "セッションビュー", "xpack.securitySolution.flyout.left.visualize.tabLabel": "可視化", "xpack.securitySolution.flyout.preview.alertReason.panelTitle": "アラートの理由", - "xpack.securitySolution.flyout.preview.openFlyoutLabel": "完全なアラート詳細を表示", "xpack.securitySolution.flyout.preview.rule.aboutLabel": "概要", "xpack.securitySolution.flyout.preview.rule.actionsLabel": "アクション", "xpack.securitySolution.flyout.preview.rule.definitionLabel": "定義", @@ -44195,7 +44140,6 @@ "xpack.synthetics.overview.status.filters.legend": "監視ステータス", "xpack.synthetics.overview.status.filters.pending": "保留中", "xpack.synthetics.overview.status.filters.up": "アップ", - "xpack.synthetics.overview.status.headingText": "現在のステータス", "xpack.synthetics.overview.status.pending.description": "保留中", "xpack.synthetics.overview.status.up.description": "アップ", "xpack.synthetics.overview.SyntheticsHeading": "監視", diff --git a/x-pack/plugins/translations/translations/zh-CN.json b/x-pack/plugins/translations/translations/zh-CN.json index 27ee1dd00a5632..38fa5dab8a44a3 100644 --- a/x-pack/plugins/translations/translations/zh-CN.json +++ b/x-pack/plugins/translations/translations/zh-CN.json @@ -2481,45 +2481,10 @@ "discover.localMenu.saveTitle": "保存", "discover.localMenu.shareSearchDescription": "共享搜索", "discover.localMenu.shareTitle": "共享", - "discover.logs.dataTable.controlColumn.actions.button.degradedDoc": "包含 {ignoredProperty} 字段的已降级文档的访问权限", - "discover.logs.dataTable.controlColumn.actions.button.degradedDocNotPresent": "此文档中的所有字段均进行了正确解析", - "discover.logs.dataTable.controlColumn.actions.button.degradedDocPresent": "无法正确解析此文档。并非所有字段都进行了正确填充", - "discover.logs.dataTable.controlColumn.actions.button.stacktrace.available": "堆栈跟踪可用", - "discover.logs.dataTable.controlColumn.actions.button.stacktrace.notAvailable": "堆栈跟踪不可用", - "discover.logs.dataTable.header.actions.tooltip.expand": "展开日志详情", - "discover.logs.dataTable.header.actions.tooltip.paragraph": "提供可操作信息的字段,例如:", - "discover.logs.dataTable.header.actions.tooltip.stacktrace": "基于以下项访问可用堆栈跟踪:", - "discover.logs.dataTable.header.content.tooltip.paragraph1": "显示该文档的 {logLevel} 和 {message} 字段。", - "discover.logs.dataTable.header.content.tooltip.paragraph2": "消息字段为空时,将显示以下项之一:", - "discover.logs.dataTable.header.popover.actions": "操作", - "discover.logs.dataTable.header.popover.actions.lowercase": "操作", "discover.logs.dataTable.header.popover.content": "内容", "discover.logs.dataTable.header.popover.resource": "资源", - "discover.logs.dataTable.header.resource.tooltip.paragraph": "提供有关文档来源信息的字段,例如:", - "discover.logs.flyoutDetail.accordion.title.cloud": "云", - "discover.logs.flyoutDetail.accordion.title.other": "其他", - "discover.logs.flyoutDetail.accordion.title.serviceInfra": "服务和基础设施", - "discover.logs.flyoutDetail.label.cloudAvailabilityZone": "云可用区", - "discover.logs.flyoutDetail.label.cloudInstanceId": "云实例 ID", - "discover.logs.flyoutDetail.label.cloudProjectId": "云项目 ID", - "discover.logs.flyoutDetail.label.cloudProvider": "云服务提供商", - "discover.logs.flyoutDetail.label.cloudRegion": "云区域", - "discover.logs.flyoutDetail.label.dataset": "数据集", - "discover.logs.flyoutDetail.label.hostName": "主机名", - "discover.logs.flyoutDetail.label.logPathFile": "日志路径文件", - "discover.logs.flyoutDetail.label.message": "内容细目", - "discover.logs.flyoutDetail.label.namespace": "命名空间", - "discover.logs.flyoutDetail.label.orchestratorClusterName": "Orchestrator 集群名称", - "discover.logs.flyoutDetail.label.orchestratorResourceId": "Orchestrator 资源 ID", - "discover.logs.flyoutDetail.label.service": "服务", - "discover.logs.flyoutDetail.label.shipper": "采集器", - "discover.logs.flyoutDetail.label.trace": "跟踪", - "discover.logs.flyoutDetail.section.showMore": "+ 另外 {hiddenCount} 个", - "discover.logs.flyoutDetail.value.hover.copyToClipboard": "复制到剪贴板", "discover.logs.flyoutDetail.value.hover.filterFor": "筛留此 {value}", - "discover.logs.flyoutDetail.value.hover.filterForFieldPresent": "筛留存在的字段", "discover.logs.flyoutDetail.value.hover.filterOut": "筛除此 {value}", - "discover.logs.flyoutDetail.value.hover.toggleColumn": "在表中切换列", "discover.logs.popoverAction.closePopover": "关闭弹出框", "discover.logs.popoverAction.copyValue": "复制值", "discover.logs.popoverAction.copyValueAriaText": "复制 {fieldName} 的值", @@ -5876,10 +5841,6 @@ "reporting.jobWarning.csvContainsFormulas": "您的 CSV 包含电子表格应用程序可能解释为公式的字符。", "reporting.jobWarning.exportTypeDeprecated": "这是已弃用的导出类型。此报告的自动化将需要重新创建,才能与未来版本的 Kibana 兼容。", "reporting.jobWarning.maxSizeReachedTooltip": "您的搜索已达到最大大小,仅包含部分数据。", - "reporting.pngV2.generateButtonLabel": "导出文件", - "reporting.pngV2.helpText": "为此可视化选择您要导出的文件类型。", - "reporting.printablePdfV2.generateButtonLabel": "导出文件", - "reporting.printablePdfV2.helpText": "为此可视化选择您要导出的文件类型。", "reporting.share.contextMenu.export.csvReportsButtonLabel": "导出", "reporting.share.csv.reporting.helpTextCSV": "导出此 {objectType} 的 CSV。", "reporting.share.generateButtonLabelCSV": "生成 CSV", @@ -6919,6 +6880,8 @@ "share.dashboard.link.description": "共享指向此搜索的直接链接。", "share.embed.dashboard.helpText": "将此仪表板嵌入到其他网页。选择要在可嵌入视图中包括哪些项目。", "share.embed.helpText": "将此 {objectType} 嵌入到其他网页。", + "share.export.generateButtonLabel": "导出文件", + "share.export.helpText": "为此可视化选择您要导出的文件类型。", "share.fileType": "文件类型", "share.link.copied": "文本已复制", "share.link.copyEmbedCodeButton": "复制嵌入代码", @@ -16070,11 +16033,6 @@ "xpack.enterpriseSearch.connectorDeployment.indexCreatedFlexItemLabel": "索引已创建", "xpack.enterpriseSearch.connectorDeployment.orLabel": "或", "xpack.enterpriseSearch.connectorDeployment.p.addTheFollowingConfigurationLabel": "克隆此存储库或将其下载到本地计算机", - "xpack.enterpriseSearch.connectorDeployment.p.changeOutputPathLabel": "将 {output} 参数值更改为要在其中保存配置文件的路径。", - "xpack.enterpriseSearch.connectorDeployment.p.compileAndRunLabel": "编译并运行", - "xpack.enterpriseSearch.connectorDeployment.p.downloadConfigurationLabel": "您可以手动下载配置文件,也可以运行以下命令", - "xpack.enterpriseSearch.connectorDeployment.p.editConfigLabel": "编辑 {configYaml} 文件并提供以下配置", - "xpack.enterpriseSearch.connectorDeployment.p.editConfigYamlLabel": "编辑 {configYaml} 文件并提供后续凭据", "xpack.enterpriseSearch.connectorDeployment.p.runTheFollowingCommandLabel": "在终端中运行以下命令。确保已在计算机上安装 Docker", "xpack.enterpriseSearch.connectorDescriptionBadge.client.chooseADataSourceLabel": "选择要同步的数据源", "xpack.enterpriseSearch.connectorDescriptionBadge.client.configureConnectorLabel": "通过从源运行或使用 Docker 在您自己的基础设施上部署连接器代码", @@ -24614,7 +24572,6 @@ "xpack.lens.app.convertedLabel": "{title}(已转换)", "xpack.lens.app.createVisualizationLabel": "ES|QL", "xpack.lens.app.docLoadingError": "加载已保存文档时出错", - "xpack.lens.app.downloadButtonFormulasWarning": "您的 CSV 包含电子表格应用程序可能解释为公式的字符。", "xpack.lens.app.editLensEmbeddableLabel": "编辑可视化", "xpack.lens.app.editVisualizationLabel": "编辑 {lang} 可视化", "xpack.lens.app.exploreDataInDiscover": "在 Discover 中浏览", @@ -24655,7 +24612,6 @@ "xpack.lens.app.unsavedWorkTitle": "未保存的更改", "xpack.lens.app.updatePanel": "更新 {originatingAppName} 中的面板", "xpack.lens.app404": "404 找不到", - "xpack.lens.application.csvPanelContent.downloadButtonLabel": "生成 CSV", "xpack.lens.application.csvPanelContent.generationDescription": "下载在可视化中显示的数据。", "xpack.lens.appName": "Lens 可视化", "xpack.lens.axisExtent.axisExtent.custom": "定制", @@ -25409,8 +25365,6 @@ "xpack.lens.settings.title": "Lens 设置", "xpack.lens.settingWithSiblingFlyout.back": "返回", "xpack.lens.share.csvButton": "下载 CSV", - "xpack.lens.share.export": "导出文件", - "xpack.lens.share.helpText": "导出此可视化的 CSV。", "xpack.lens.shared.axisNameLabel": "轴标题", "xpack.lens.shared.labelTruncation": "标签截断", "xpack.lens.shared.Lagend ": "序列标题", @@ -35090,13 +35044,6 @@ "xpack.securitySolution.attackDiscovery.summaryCount.alertsLabel": "{alertsCount} 个{alertsCount, plural, other {告警}}", "xpack.securitySolution.attackDiscovery.summaryCount.discoveriesLabel": "{attackDiscoveriesCount} 个{attackDiscoveriesCount, plural, other {发现}}", "xpack.securitySolution.attackDiscovery.summaryCount.lastGeneratedLabel": "已生成", - "xpack.securitySolution.attackDiscovery.tour.exit": "关闭", - "xpack.securitySolution.attackDiscovery.tour.navStep.desc": "利用生成式 AI 找出您的告警之间的关系并描述攻击链。", - "xpack.securitySolution.attackDiscovery.tour.navStep.title": "Attack Discovery 简介", - "xpack.securitySolution.attackDiscovery.tour.tryIt": "试用", - "xpack.securitySolution.attackDiscovery.tour.video": "观看概述视频", - "xpack.securitySolution.attackDiscovery.tour.videoStep.desc": "深入了解数据驱动式 Attack Discovery,并利用旨在即时提高生产力的直观式 AI 技术精简您的工作流。", - "xpack.securitySolution.attackDiscovery.tour.videoStep.title": "开始发现攻击", "xpack.securitySolution.auditd.abortedAuditStartupDescription": "已中止审计启动", "xpack.securitySolution.auditd.accessErrorDescription": "访问错误", "xpack.securitySolution.auditd.accessPermissionDescription": "访问权限", @@ -38507,7 +38454,6 @@ "xpack.securitySolution.flyout.entityDetails.valuesColumnTitle": "值", "xpack.securitySolution.flyout.host.preview.viewDetailsLabel": "打开主机详情浮出控件", "xpack.securitySolution.flyout.left.insights.buttonGroupLegendLabel": "洞见选项", - "xpack.securitySolution.flyout.left.insights.correlations.alertPreviewTitle": "预览告警详情", "xpack.securitySolution.flyout.left.insights.correlations.ancestryAlertsNoDataDescription": "无告警与体系相关。", "xpack.securitySolution.flyout.left.insights.correlations.ancestryAlertsTitle": "{count} 个{count, plural, other {告警}}与体系相关", "xpack.securitySolution.flyout.left.insights.correlations.nameColumnLabel": "名称", @@ -38583,7 +38529,6 @@ "xpack.securitySolution.flyout.left.visualize.sessionViewButtonLabel": "会话视图", "xpack.securitySolution.flyout.left.visualize.tabLabel": "Visualize", "xpack.securitySolution.flyout.preview.alertReason.panelTitle": "告警原因", - "xpack.securitySolution.flyout.preview.openFlyoutLabel": "显示完整告警详情", "xpack.securitySolution.flyout.preview.rule.aboutLabel": "关于", "xpack.securitySolution.flyout.preview.rule.actionsLabel": "操作", "xpack.securitySolution.flyout.preview.rule.definitionLabel": "定义", @@ -44245,7 +44190,6 @@ "xpack.synthetics.overview.status.filters.legend": "监测状态", "xpack.synthetics.overview.status.filters.pending": "待处理", "xpack.synthetics.overview.status.filters.up": "运行", - "xpack.synthetics.overview.status.headingText": "当前状态", "xpack.synthetics.overview.status.pending.description": "待处理", "xpack.synthetics.overview.status.up.description": "运行", "xpack.synthetics.overview.SyntheticsHeading": "监测", diff --git a/x-pack/plugins/triggers_actions_ui/public/application/sections/alerts_table/alerts_table.test.tsx b/x-pack/plugins/triggers_actions_ui/public/application/sections/alerts_table/alerts_table.test.tsx index d410e8ee9d43ec..bcd9026992d15e 100644 --- a/x-pack/plugins/triggers_actions_ui/public/application/sections/alerts_table/alerts_table.test.tsx +++ b/x-pack/plugins/triggers_actions_ui/public/application/sections/alerts_table/alerts_table.test.tsx @@ -694,6 +694,42 @@ describe('AlertsTable', () => { expect(await screen.findByTestId(TEST_ID.FIELD_BROWSER_CUSTOM_CREATE_BTN)).toBeVisible(); }); + + it('The column state is synced correctly between the column selector and the field selector', async () => { + const columnToHide = tableProps.columns[0]; + render( + + ); + + const fieldBrowserBtn = await screen.findByTestId(TEST_ID.FIELD_BROWSER_BTN); + const columnSelectorBtn = await screen.findByTestId('dataGridColumnSelectorButton'); + + // Open the column visibility selector and hide the column + fireEvent.click(columnSelectorBtn); + const columnVisibilityToggle = await screen.findByTestId( + `dataGridColumnSelectorToggleColumnVisibility-${columnToHide.id}` + ); + fireEvent.click(columnVisibilityToggle); + + // Open the field browser + fireEvent.click(fieldBrowserBtn); + expect(await screen.findByTestId(TEST_ID.FIELD_BROWSER)).toBeVisible(); + + // The column should be checked in the field browser, independent of its visibility status + const columnCheckbox: HTMLInputElement = await screen.findByTestId( + `field-${columnToHide.id}-checkbox` + ); + expect(columnCheckbox).toBeChecked(); + }); }); describe('cases column', () => { diff --git a/x-pack/plugins/triggers_actions_ui/public/application/sections/alerts_table/alerts_table.tsx b/x-pack/plugins/triggers_actions_ui/public/application/sections/alerts_table/alerts_table.tsx index 617b0f9c70a0a2..61c65eded27b5a 100644 --- a/x-pack/plugins/triggers_actions_ui/public/application/sections/alerts_table/alerts_table.tsx +++ b/x-pack/plugins/triggers_actions_ui/public/application/sections/alerts_table/alerts_table.tsx @@ -413,7 +413,7 @@ const AlertsTable: React.FunctionComponent = memo((props: Aler rowSelection: bulkActionsState.rowSelection, alerts, isLoading, - columnIds: visibleColumns, + columnIds: columns.map((column) => column.id), onToggleColumn, onResetColumns, browserFields, @@ -431,7 +431,7 @@ const AlertsTable: React.FunctionComponent = memo((props: Aler alertsCount, bulkActionsState, isLoading, - visibleColumns, + columns, onToggleColumn, onResetColumns, browserFields, diff --git a/x-pack/plugins/upgrade_assistant/README.md b/x-pack/plugins/upgrade_assistant/README.md index 30b403f6d6230d..2acac8e3e734d6 100644 --- a/x-pack/plugins/upgrade_assistant/README.md +++ b/x-pack/plugins/upgrade_assistant/README.md @@ -17,7 +17,7 @@ When we want to enable ML model snapshot deprecation warnings again we need to c * Migrating system indices (`featureSet.migrateSystemIndices`): Migrating system indices should only be enabled for major version upgrades. This config hides the second step from the UA UI for migrating system indices. * Reindex corrective actions (`featureSet.reindexCorrectiveActions`): Deprecations with reindexing corrective actions are only enabled for major version upgrades. Currently, the reindex actions include some logic that is specific to the [8.0 upgrade](https://github.com/elastic/kibana/blob/main/x-pack/plugins/upgrade_assistant/server/lib/reindexing/index_settings.ts). End users could get into a bad situation if this is enabled before this logic is fixed. -### Deprecations +## Deprecations There are three sources of deprecation information: @@ -275,6 +275,47 @@ PUT .reporting-*/_settings } ``` +#### Kibana API deprecations: +Run kibana locally with the test example plugin that has deprecated routes +``` +yarn start --plugin-path=examples/routing_example --plugin-path=examples/developer_examples +``` + +The following comprehensive deprecated routes examples are registered inside the folder: `examples/routing_example/server/routes/deprecated_routes` + +Run them in the console to trigger the deprecation condition so they show up in the UA: + +``` +# Versioned routes: Version 1 is deprecated +GET kbn:/api/routing_example/d/versioned?apiVersion=1 +GET kbn:/api/routing_example/d/versioned?apiVersion=2 + +# Non-versioned routes +GET kbn:/api/routing_example/d/removed_route +POST kbn:/api/routing_example/d/migrated_route +{} +``` + +1. You can also mark as deprecated in the UA to remove the deprecation from the list. +2. Check the telemetry response to see the reported data about the deprecated route. +3. Calling version 2 of the API does not do anything since it is not deprecated unlike version `1` (`GET kbn:/api/routing_example/d/versioned?apiVersion=2`) +4. Internally you can see the deprecations counters from the dev console by running the following: +``` +GET .kibana_usage_counters/_search +{ + "query": { + "bool": { + "should": [ + {"match": { "usage-counter.counterType": "deprecated_api_call:total"}}, + {"match": { "usage-counter.counterType": "deprecated_api_call:resolved"}}, + {"match": { "usage-counter.counterType": "deprecated_api_call:marked_as_resolved"}} + ] + } + } +} + +``` + For a complete list of Kibana deprecations, refer to the [8.0 Kibana deprecations meta issue](https://github.com/elastic/kibana/issues/109166). ### Errors diff --git a/x-pack/plugins/upgrade_assistant/public/application/components/kibana_deprecations/deprecation_details_flyout.tsx b/x-pack/plugins/upgrade_assistant/public/application/components/kibana_deprecations/deprecation_details_flyout.tsx index a6ea9a26c9bb83..beb4c7c0c678c9 100644 --- a/x-pack/plugins/upgrade_assistant/public/application/components/kibana_deprecations/deprecation_details_flyout.tsx +++ b/x-pack/plugins/upgrade_assistant/public/application/components/kibana_deprecations/deprecation_details_flyout.tsx @@ -50,6 +50,12 @@ const i18nTexts = { defaultMessage: 'Quick resolve', } ), + markAsResolvedButtonLabel: i18n.translate( + 'xpack.upgradeAssistant.kibanaDeprecations.flyout.quickResolveButtonLabel', + { + defaultMessage: 'Mark as Resolved', + } + ), retryQuickResolveButtonLabel: i18n.translate( 'xpack.upgradeAssistant.kibanaDeprecations.flyout.retryQuickResolveButtonLabel', { @@ -97,7 +103,15 @@ const i18nTexts = { ), }; -const getQuickResolveButtonLabel = (deprecationResolutionState?: DeprecationResolutionState) => { +interface AvailableCorrectiveActions { + api: boolean; + manual: boolean; + markAsResolved: boolean; +} +const getQuickResolveButtonLabel = ( + deprecationResolutionState: DeprecationResolutionState | undefined, + avilableCorrectiveActions: AvailableCorrectiveActions +) => { if (deprecationResolutionState?.resolveDeprecationStatus === 'in_progress') { return i18nTexts.quickResolveInProgressButtonLabel; } @@ -110,7 +124,13 @@ const getQuickResolveButtonLabel = (deprecationResolutionState?: DeprecationReso return i18nTexts.retryQuickResolveButtonLabel; } - return i18nTexts.quickResolveButtonLabel; + if (avilableCorrectiveActions.api) { + return i18nTexts.quickResolveButtonLabel; + } + + if (avilableCorrectiveActions.markAsResolved) { + return i18nTexts.markAsResolvedButtonLabel; + } }; export const DeprecationDetailsFlyout = ({ @@ -120,9 +140,19 @@ export const DeprecationDetailsFlyout = ({ deprecationResolutionState, }: DeprecationDetailsFlyoutProps) => { const { documentationUrl, message, correctiveActions, title } = deprecation; + const messages = Array.isArray(message) ? message : [message]; + const isCurrent = deprecationResolutionState?.id === deprecation.id; + const avilableCorrectiveActions: AvailableCorrectiveActions = { + api: !!correctiveActions.api, + manual: correctiveActions.manualSteps && correctiveActions.manualSteps.length > 0, + markAsResolved: !!correctiveActions.mark_as_resolved_api, + }; const isResolved = isCurrent && deprecationResolutionState?.resolveDeprecationStatus === 'ok'; + const hasResolveButton = + avilableCorrectiveActions.api || avilableCorrectiveActions.markAsResolved; + const onResolveDeprecation = useCallback(() => { uiMetricService.trackUiMetric(METRIC_TYPE.CLICK, UIM_KIBANA_QUICK_RESOLVE_CLICK); resolveDeprecation(deprecation); @@ -155,7 +185,11 @@ export const DeprecationDetailsFlyout = ({ )} -

{message}

+ {messages.map((m, i) => ( +

+ {m} +

+ ))} {documentationUrl && (

@@ -221,7 +255,7 @@ export const DeprecationDetailsFlyout = ({ {/* Only show the "Quick resolve" button if deprecation supports it and deprecation is not yet resolved */} - {correctiveActions.api && !isResolved && ( + {hasResolveButton && !isResolved && ( - {getQuickResolveButtonLabel(deprecationResolutionState)} + {getQuickResolveButtonLabel(deprecationResolutionState, avilableCorrectiveActions)} )} diff --git a/x-pack/plugins/upgrade_assistant/public/application/components/kibana_deprecations/kibana_deprecations.tsx b/x-pack/plugins/upgrade_assistant/public/application/components/kibana_deprecations/kibana_deprecations.tsx index d76f1afa9e612c..0d433a59ee2d95 100644 --- a/x-pack/plugins/upgrade_assistant/public/application/components/kibana_deprecations/kibana_deprecations.tsx +++ b/x-pack/plugins/upgrade_assistant/public/application/components/kibana_deprecations/kibana_deprecations.tsx @@ -126,9 +126,9 @@ export const KibanaDeprecationsList = ({ const [flyoutContent, setFlyoutContent] = useState( undefined ); - const [deprecationResolutionState, setDeprecationResolutionState] = useState< - DeprecationResolutionState | undefined - >(undefined); + const [deprecationResolutionStates, setDeprecationResolutionStates] = useState< + Record + >({}); const { services: { @@ -194,17 +194,25 @@ export const KibanaDeprecationsList = ({ const resolveDeprecation = useCallback( async (deprecationDetails: KibanaDeprecationDetails) => { - setDeprecationResolutionState({ - id: deprecationDetails.id, - resolveDeprecationStatus: 'in_progress', + setDeprecationResolutionStates((states) => { + states[deprecationDetails.id] = { + id: deprecationDetails.id, + resolveDeprecationStatus: 'in_progress', + }; + + return states; }); const response = await deprecations.resolveDeprecation(deprecationDetails); - setDeprecationResolutionState({ - id: deprecationDetails.id, - resolveDeprecationStatus: response.status, - resolveDeprecationError: response.status === 'fail' ? response.reason : undefined, + setDeprecationResolutionStates((states) => { + states[deprecationDetails.id] = { + id: deprecationDetails.id, + resolveDeprecationStatus: response.status, + resolveDeprecationError: response.status === 'fail' ? response.reason : undefined, + }; + + return states; }); closeFlyout(); @@ -221,10 +229,7 @@ export const KibanaDeprecationsList = ({ deprecation: flyoutContent, closeFlyout, resolveDeprecation, - deprecationResolutionState: - deprecationResolutionState && flyoutContent.id === deprecationResolutionState.id - ? deprecationResolutionState - : undefined, + deprecationResolutionState: deprecationResolutionStates[flyoutContent.id], }, flyoutProps: { onClose: closeFlyout, @@ -236,7 +241,7 @@ export const KibanaDeprecationsList = ({ }, [ addContentToGlobalFlyout, closeFlyout, - deprecationResolutionState, + deprecationResolutionStates, flyoutContent, resolveDeprecation, ]); @@ -310,7 +315,7 @@ export const KibanaDeprecationsList = ({ deprecations={kibanaDeprecations} reload={getAllDeprecations} toggleFlyout={toggleFlyout} - deprecationResolutionState={deprecationResolutionState} + deprecationResolutionStates={deprecationResolutionStates} />

); diff --git a/x-pack/plugins/upgrade_assistant/public/application/components/kibana_deprecations/kibana_deprecations_table.tsx b/x-pack/plugins/upgrade_assistant/public/application/components/kibana_deprecations/kibana_deprecations_table.tsx index 6a757d0cb2b0bf..8d223dedca4908 100644 --- a/x-pack/plugins/upgrade_assistant/public/application/components/kibana_deprecations/kibana_deprecations_table.tsx +++ b/x-pack/plugins/upgrade_assistant/public/application/components/kibana_deprecations/kibana_deprecations_table.tsx @@ -56,6 +56,12 @@ const i18nTexts = { defaultMessage: 'Feature', } ), + apiDeprecationTypeCellLabel: i18n.translate( + 'xpack.upgradeAssistant.kibanaDeprecations.table.apiDeprecationTypeCellLabel', + { + defaultMessage: 'API', + } + ), unknownDeprecationTypeCellLabel: i18n.translate( 'xpack.upgradeAssistant.kibanaDeprecations.table.unknownDeprecationTypeCellLabel', { @@ -86,14 +92,14 @@ interface Props { deprecations?: KibanaDeprecationDetails[]; reload: () => void; toggleFlyout: (newFlyoutContent?: KibanaDeprecationDetails) => void; - deprecationResolutionState?: DeprecationResolutionState; + deprecationResolutionStates: Record; } export const KibanaDeprecationsTable: React.FunctionComponent = ({ deprecations, reload, toggleFlyout, - deprecationResolutionState, + deprecationResolutionStates, }) => { const columns: Array> = [ { @@ -135,6 +141,8 @@ export const KibanaDeprecationsTable: React.FunctionComponent = ({ return i18nTexts.configDeprecationTypeCellLabel; case 'feature': return i18nTexts.featureDeprecationTypeCellLabel; + case 'api': + return i18nTexts.apiDeprecationTypeCellLabel; case 'uncategorized': default: return i18nTexts.unknownDeprecationTypeCellLabel; @@ -155,7 +163,8 @@ export const KibanaDeprecationsTable: React.FunctionComponent = ({ ); }, @@ -191,6 +200,10 @@ export const KibanaDeprecationsTable: React.FunctionComponent = ({ value: 'feature', name: i18nTexts.featureDeprecationTypeCellLabel, }, + { + value: 'api', + name: i18nTexts.apiDeprecationTypeCellLabel, + }, { value: 'uncategorized', name: i18nTexts.unknownDeprecationTypeCellLabel, diff --git a/x-pack/plugins/upgrade_assistant/public/application/components/kibana_deprecations/resolution_table_cell.tsx b/x-pack/plugins/upgrade_assistant/public/application/components/kibana_deprecations/resolution_table_cell.tsx index 373c9e7b43f520..502c31ae90744c 100644 --- a/x-pack/plugins/upgrade_assistant/public/application/components/kibana_deprecations/resolution_table_cell.tsx +++ b/x-pack/plugins/upgrade_assistant/public/application/components/kibana_deprecations/resolution_table_cell.tsx @@ -19,7 +19,7 @@ import { i18n } from '@kbn/i18n'; import type { DeprecationResolutionState } from './kibana_deprecations'; -const i18nTexts = { +const manualI18nTexts = { manualCellLabel: i18n.translate( 'xpack.upgradeAssistant.kibanaDeprecations.table.manualCellLabel', { @@ -32,31 +32,34 @@ const i18nTexts = { defaultMessage: 'This issue needs to be resolved manually.', } ), - automatedCellLabel: i18n.translate( +}; + +const automatedI18nTexts = { + resolutionTypeCellLabel: i18n.translate( 'xpack.upgradeAssistant.kibanaDeprecations.table.automatedCellLabel', { defaultMessage: 'Automated', } ), - automationInProgressCellLabel: i18n.translate( + resolutionProgressCellLabel: i18n.translate( 'xpack.upgradeAssistant.kibanaDeprecations.table.automationInProgressCellLabel', { defaultMessage: 'Resolution in progress…', } ), - automationCompleteCellLabel: i18n.translate( + resolutionCompleteCellLabel: i18n.translate( 'xpack.upgradeAssistant.kibanaDeprecations.table.automationCompleteCellLabel', { defaultMessage: 'Resolved', } ), - automationFailedCellLabel: i18n.translate( + resolutionFailedCellLabel: i18n.translate( 'xpack.upgradeAssistant.kibanaDeprecations.table.automationFailedCellLabel', { defaultMessage: 'Resolution failed', } ), - automatedCellTooltipLabel: i18n.translate( + resolutionCellTooltipLabel: i18n.translate( 'xpack.upgradeAssistant.kibanaDeprecations.table.automatedCellTooltipLabel', { defaultMessage: 'This issue can be resolved automatically.', @@ -64,18 +67,56 @@ const i18nTexts = { ), }; +const markAsResolvedI18nTexts = { + resolutionTypeCellLabel: i18n.translate( + 'xpack.upgradeAssistant.kibanaDeprecations.table.markAsResolvedCellLabel', + { + defaultMessage: 'Mark as resolved', + } + ), + resolutionProgressCellLabel: i18n.translate( + 'xpack.upgradeAssistant.kibanaDeprecations.table.markAsResolvedInProgressCellLabel', + { + defaultMessage: 'Marking as resolved…', + } + ), + resolutionCompleteCellLabel: i18n.translate( + 'xpack.upgradeAssistant.kibanaDeprecations.table.markAsResolvedCompleteCellLabel', + { + defaultMessage: 'Marked as resolved', + } + ), + resolutionFailedCellLabel: i18n.translate( + 'xpack.upgradeAssistant.kibanaDeprecations.table.markAsResolvedFailedCellLabel', + { + defaultMessage: 'Failed to mark as resolved', + } + ), + resolutionCellTooltipLabel: i18n.translate( + 'xpack.upgradeAssistant.kibanaDeprecations.table.markAsResolvedCellTooltipLabel', + { + defaultMessage: 'This issue can be marked as resolved.', + } + ), +}; + interface Props { deprecationId: string; isAutomated: boolean; + canBeMarkedAsResolved: boolean; deprecationResolutionState?: DeprecationResolutionState; } export const ResolutionTableCell: React.FunctionComponent = ({ deprecationId, isAutomated, + canBeMarkedAsResolved, deprecationResolutionState, }) => { - if (isAutomated) { + if (isAutomated || canBeMarkedAsResolved) { + const resolutionI18nTexts = isAutomated ? automatedI18nTexts : markAsResolvedI18nTexts; + const euiIconType = isAutomated ? 'indexSettings' : 'clickLeft'; + if (deprecationResolutionState?.id === deprecationId) { const { resolveDeprecationStatus } = deprecationResolutionState; @@ -87,7 +128,7 @@ export const ResolutionTableCell: React.FunctionComponent = ({ - {i18nTexts.automationInProgressCellLabel} + {resolutionI18nTexts.resolutionProgressCellLabel} ); @@ -98,7 +139,7 @@ export const ResolutionTableCell: React.FunctionComponent = ({ - {i18nTexts.automationFailedCellLabel} + {resolutionI18nTexts.resolutionFailedCellLabel} ); @@ -110,7 +151,7 @@ export const ResolutionTableCell: React.FunctionComponent = ({ - {i18nTexts.automationCompleteCellLabel} + {resolutionI18nTexts.resolutionCompleteCellLabel} ); @@ -118,13 +159,13 @@ export const ResolutionTableCell: React.FunctionComponent = ({ } return ( - + - + - {i18nTexts.automatedCellLabel} + {resolutionI18nTexts.resolutionTypeCellLabel} @@ -134,11 +175,11 @@ export const ResolutionTableCell: React.FunctionComponent = ({ return ( - {i18nTexts.manualCellLabel} + {manualI18nTexts.manualCellLabel} ); diff --git a/x-pack/test/alerting_api_integration/observability/custom_threshold_rule/avg_pct_fired.ts b/x-pack/test/alerting_api_integration/observability/custom_threshold_rule/avg_pct_fired.ts deleted file mode 100644 index dc6197320ecf03..00000000000000 --- a/x-pack/test/alerting_api_integration/observability/custom_threshold_rule/avg_pct_fired.ts +++ /dev/null @@ -1,271 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { omit } from 'lodash'; -import { cleanup, generate, Dataset, PartialConfig } from '@kbn/data-forge'; -import { Aggregators } from '@kbn/observability-plugin/common/custom_threshold_rule/types'; -import { FIRED_ACTIONS_ID } from '@kbn/observability-plugin/server/lib/rules/custom_threshold/constants'; -import expect from '@kbn/expect'; -import { OBSERVABILITY_THRESHOLD_RULE_TYPE_ID } from '@kbn/rule-data-utils'; -import { parseSearchParams } from '@kbn/share-plugin/common/url_service'; -import { COMPARATORS } from '@kbn/alerting-comparators'; -import { createIndexConnector, createRule } from '../helpers/alerting_api_helper'; -import { - waitForAlertInIndex, - waitForDocumentInIndex, - waitForRuleStatus, -} from '../helpers/alerting_wait_for_helpers'; -import { FtrProviderContext } from '../../common/ftr_provider_context'; -import { ActionDocument, LogsExplorerLocatorParsedParams } from './typings'; -import { ISO_DATE_REGEX } from './constants'; - -// eslint-disable-next-line import/no-default-export -export default function ({ getService }: FtrProviderContext) { - const esClient = getService('es'); - const supertest = getService('supertest'); - const esDeleteAllIndices = getService('esDeleteAllIndices'); - const logger = getService('log'); - const retryService = getService('retry'); - - describe('Custom Threshold rule - AVG - PCT - FIRED', () => { - const CUSTOM_THRESHOLD_RULE_ALERT_INDEX = '.alerts-observability.threshold.alerts-default'; - const ALERT_ACTION_INDEX = 'alert-action-threshold'; - const DATA_VIEW_TITLE = 'kbn-data-forge-fake_hosts.fake_hosts-*'; - const DATA_VIEW_NAME = 'ad-hoc-data-view-name'; - const DATA_VIEW_ID = 'data-view-id'; - const MOCKED_AD_HOC_DATA_VIEW = { - id: DATA_VIEW_ID, - title: DATA_VIEW_TITLE, - timeFieldName: '@timestamp', - sourceFilters: [], - fieldFormats: {}, - runtimeFieldMap: {}, - allowNoIndex: false, - name: DATA_VIEW_NAME, - allowHidden: false, - }; - let dataForgeConfig: PartialConfig; - let dataForgeIndices: string[]; - let actionId: string; - let ruleId: string; - let alertId: string; - - before(async () => { - dataForgeConfig = { - schedule: [ - { - template: 'good', - start: 'now-10m', - end: 'now+5m', - metrics: [ - { name: 'system.cpu.user.pct', method: 'linear', start: 2.5, end: 2.5 }, - { name: 'system.cpu.total.pct', method: 'linear', start: 0.5, end: 0.5 }, - ], - }, - ], - indexing: { - dataset: 'fake_hosts' as Dataset, - eventsPerCycle: 1, - interval: 10000, - alignEventsToInterval: true, - }, - }; - dataForgeIndices = await generate({ client: esClient, config: dataForgeConfig, logger }); - logger.info(JSON.stringify(dataForgeIndices.join(','))); - await waitForDocumentInIndex({ - esClient, - indexName: DATA_VIEW_TITLE, - docCountTarget: 270, - retryService, - logger, - }); - }); - - after(async () => { - await supertest.delete(`/api/alerting/rule/${ruleId}`).set('kbn-xsrf', 'foo'); - await supertest.delete(`/api/actions/connector/${actionId}`).set('kbn-xsrf', 'foo'); - await esClient.deleteByQuery({ - index: CUSTOM_THRESHOLD_RULE_ALERT_INDEX, - query: { term: { 'kibana.alert.rule.uuid': ruleId } }, - }); - await esClient.deleteByQuery({ - index: '.kibana-event-log-*', - query: { term: { 'kibana.alert.rule.consumer': 'logs' } }, - }); - await esDeleteAllIndices([ALERT_ACTION_INDEX, ...dataForgeIndices]); - await cleanup({ client: esClient, config: dataForgeConfig, logger }); - }); - - describe('Rule creation', () => { - it('creates rule successfully', async () => { - actionId = await createIndexConnector({ - supertest, - name: 'Index Connector: Threshold API test', - indexName: ALERT_ACTION_INDEX, - logger, - }); - - const createdRule = await createRule({ - supertest, - logger, - esClient, - tags: ['observability'], - consumer: 'logs', - name: 'Threshold rule', - ruleTypeId: OBSERVABILITY_THRESHOLD_RULE_TYPE_ID, - params: { - criteria: [ - { - comparator: COMPARATORS.GREATER_THAN, - threshold: [0.5], - timeSize: 5, - timeUnit: 'm', - metrics: [ - { name: 'A', field: 'system.cpu.user.pct', aggType: Aggregators.AVERAGE }, - ], - }, - ], - alertOnNoData: true, - alertOnGroupDisappear: true, - searchConfiguration: { - query: { - query: '', - language: 'kuery', - }, - index: MOCKED_AD_HOC_DATA_VIEW, - }, - }, - actions: [ - { - group: FIRED_ACTIONS_ID, - id: actionId, - params: { - documents: [ - { - ruleType: '{{rule.type}}', - alertDetailsUrl: '{{context.alertDetailsUrl}}', - reason: '{{context.reason}}', - value: '{{context.value}}', - host: '{{context.host}}', - viewInAppUrl: '{{context.viewInAppUrl}}', - }, - ], - }, - frequency: { - notify_when: 'onActionGroupChange', - throttle: null, - summary: false, - }, - }, - ], - }); - ruleId = createdRule.id; - expect(ruleId).not.to.be(undefined); - }); - - it('should be active', async () => { - const executionStatus = await waitForRuleStatus({ - id: ruleId, - expectedStatus: 'active', - supertest, - retryService, - logger, - }); - expect(executionStatus.status).to.be('active'); - }); - - it('should set correct information in the alert document', async () => { - const resp = await waitForAlertInIndex({ - esClient, - indexName: CUSTOM_THRESHOLD_RULE_ALERT_INDEX, - ruleId, - retryService, - logger, - }); - alertId = (resp.hits.hits[0]._source as any)['kibana.alert.uuid']; - - expect(resp.hits.hits[0]._source).property( - 'kibana.alert.rule.category', - 'Custom threshold' - ); - expect(resp.hits.hits[0]._source).property('kibana.alert.rule.consumer', 'logs'); - expect(resp.hits.hits[0]._source).property('kibana.alert.rule.name', 'Threshold rule'); - expect(resp.hits.hits[0]._source).property('kibana.alert.rule.producer', 'observability'); - expect(resp.hits.hits[0]._source).property('kibana.alert.rule.revision', 0); - expect(resp.hits.hits[0]._source).property( - 'kibana.alert.rule.rule_type_id', - 'observability.rules.custom_threshold' - ); - expect(resp.hits.hits[0]._source).property('kibana.alert.rule.uuid', ruleId); - expect(resp.hits.hits[0]._source).property('kibana.space_ids').contain('default'); - expect(resp.hits.hits[0]._source) - .property('kibana.alert.rule.tags') - .contain('observability'); - expect(resp.hits.hits[0]._source).property( - 'kibana.alert.action_group', - 'custom_threshold.fired' - ); - expect(resp.hits.hits[0]._source).property('tags').contain('observability'); - expect(resp.hits.hits[0]._source).property('kibana.alert.instance.id', '*'); - expect(resp.hits.hits[0]._source).property('kibana.alert.workflow_status', 'open'); - expect(resp.hits.hits[0]._source).property('event.kind', 'signal'); - expect(resp.hits.hits[0]._source).property('event.action', 'open'); - expect(resp.hits.hits[0]._source).property('kibana.alert.evaluation.threshold').eql([0.5]); - expect(resp.hits.hits[0]._source) - .property('kibana.alert.rule.parameters') - .eql({ - criteria: [ - { - comparator: '>', - threshold: [0.5], - timeSize: 5, - timeUnit: 'm', - metrics: [{ name: 'A', field: 'system.cpu.user.pct', aggType: 'avg' }], - }, - ], - alertOnNoData: true, - alertOnGroupDisappear: true, - searchConfiguration: { - index: MOCKED_AD_HOC_DATA_VIEW, - query: { query: '', language: 'kuery' }, - }, - }); - }); - - it('should set correct action variables', async () => { - const resp = await waitForDocumentInIndex({ - esClient, - indexName: ALERT_ACTION_INDEX, - retryService, - logger, - }); - - expect(resp.hits.hits[0]._source?.ruleType).eql('observability.rules.custom_threshold'); - expect(resp.hits.hits[0]._source?.alertDetailsUrl).eql( - `https://localhost:5601/app/observability/alerts/${alertId}` - ); - expect(resp.hits.hits[0]._source?.reason).eql( - `Average system.cpu.user.pct is 250%, above the threshold of 50%. (duration: 5 mins, data view: ${DATA_VIEW_NAME})` - ); - expect(resp.hits.hits[0]._source?.value).eql('250%'); - - const parsedViewInAppUrl = parseSearchParams( - new URL(resp.hits.hits[0]._source?.viewInAppUrl || '').search - ); - - expect(resp.hits.hits[0]._source?.viewInAppUrl).contain('LOGS_EXPLORER_LOCATOR'); - expect(omit(parsedViewInAppUrl.params, 'timeRange.from')).eql({ - dataset: DATA_VIEW_TITLE, - timeRange: { to: 'now' }, - query: { query: '', language: 'kuery' }, - filters: [], - }); - expect(parsedViewInAppUrl.params.timeRange.from).match(ISO_DATE_REGEX); - }); - }); - }); -} diff --git a/x-pack/test/alerting_api_integration/observability/index.ts b/x-pack/test/alerting_api_integration/observability/index.ts index 547c05a46bfcd3..8b2f7b5b4c20ed 100644 --- a/x-pack/test/alerting_api_integration/observability/index.ts +++ b/x-pack/test/alerting_api_integration/observability/index.ts @@ -10,7 +10,6 @@ export default function ({ loadTestFile }: any) { describe('Observability Rules', () => { describe('Rules Endpoints', () => { loadTestFile(require.resolve('./metric_threshold_rule')); - loadTestFile(require.resolve('./custom_threshold_rule/avg_pct_fired')); loadTestFile(require.resolve('./custom_threshold_rule/p99_pct_fired')); loadTestFile(require.resolve('./custom_threshold_rule/rate_bytes_fired')); loadTestFile(require.resolve('./custom_threshold_rule/avg_pct_no_data')); diff --git a/x-pack/test/alerting_api_integration/security_and_spaces/group1/tests/alerting/find.ts b/x-pack/test/alerting_api_integration/security_and_spaces/group1/tests/alerting/find.ts index 37d42ceeccb3a1..bf5595e5756c1a 100644 --- a/x-pack/test/alerting_api_integration/security_and_spaces/group1/tests/alerting/find.ts +++ b/x-pack/test/alerting_api_integration/security_and_spaces/group1/tests/alerting/find.ts @@ -6,10 +6,8 @@ */ import expect from '@kbn/expect'; -import { Agent as SuperTestAgent } from 'supertest'; import { chunk, omit } from 'lodash'; import { v4 as uuidv4 } from 'uuid'; -import { SupertestWithoutAuthProviderType } from '@kbn/ftr-common-functional-services'; import { ES_QUERY_ID, ML_ANOMALY_DETECTION_RULE_TYPE_ID, @@ -19,13 +17,14 @@ import { SuperuserAtSpace1, UserAtSpaceScenarios, StackAlertsOnly } from '../../ import { getUrlPrefix, getTestRuleData, ObjectRemover } from '../../../../common/lib'; import { FtrProviderContext } from '../../../../common/ftr_provider_context'; -const findTestUtils = ( - describeType: 'internal' | 'public', - objectRemover: ObjectRemover, - supertest: SuperTestAgent, - supertestWithoutAuth: SupertestWithoutAuthProviderType -) => { - describe(describeType, () => { +// eslint-disable-next-line import/no-default-export +export default function createFindTests({ getService }: FtrProviderContext) { + const supertest = getService('supertest'); + const supertestWithoutAuth = getService('supertestWithoutAuth'); + + describe('find public API', () => { + const objectRemover = new ObjectRemover(supertest); + afterEach(async () => { await objectRemover.removeAll(); }); @@ -71,9 +70,9 @@ const findTestUtils = ( const response = await supertestWithoutAuth .get( - `${getUrlPrefix(space.id)}/${ - describeType === 'public' ? 'api' : 'internal' - }/alerting/rules/_find?search=test.noop&search_fields=alertTypeId` + `${getUrlPrefix( + space.id + )}/api/alerting/rules/_find?search=test.noop&search_fields=alertTypeId` ) .auth(user.username, user.password); @@ -97,8 +96,6 @@ const findTestUtils = ( expect(response.body.per_page).to.be.greaterThan(0); expect(response.body.total).to.be.greaterThan(0); const match = response.body.data.find((obj: any) => obj.id === createdAlert.id); - const activeSnoozes = match.active_snoozes; - const hasActiveSnoozes = !!(activeSnoozes || []).filter((obj: any) => obj).length; expect(match).to.eql({ id: createdAlert.id, name: 'abc', @@ -138,14 +135,6 @@ const findTestUtils = ( execution_status: match.execution_status, ...(match.next_run ? { next_run: match.next_run } : {}), ...(match.last_run ? { last_run: match.last_run } : {}), - ...(describeType === 'internal' - ? { - monitoring: match.monitoring, - snooze_schedule: match.snooze_schedule, - ...(hasActiveSnoozes && { active_snoozes: activeSnoozes }), - is_snoozed_until: null, - } - : {}), }); expect(Date.parse(match.created_at)).to.be.greaterThan(0); expect(Date.parse(match.updated_at)).to.be.greaterThan(0); @@ -195,9 +184,9 @@ const findTestUtils = ( const response = await supertestWithoutAuth .get( - `${getUrlPrefix(space.id)}/${ - describeType === 'public' ? 'api' : 'internal' - }/alerting/rules/_find?per_page=${perPage}&sort_field=createdAt` + `${getUrlPrefix( + space.id + )}/api/alerting/rules/_find?per_page=${perPage}&sort_field=createdAt` ) .auth(user.username, user.password); @@ -244,9 +233,9 @@ const findTestUtils = ( const secondResponse = await supertestWithoutAuth .get( - `${getUrlPrefix(space.id)}/${ - describeType === 'public' ? 'api' : 'internal' - }/alerting/rules/_find?per_page=${perPage}&sort_field=createdAt&page=2` + `${getUrlPrefix( + space.id + )}/api/alerting/rules/_find?per_page=${perPage}&sort_field=createdAt&page=2` ) .auth(user.username, user.password); @@ -291,9 +280,9 @@ const findTestUtils = ( const response = await supertestWithoutAuth .get( - `${getUrlPrefix(space.id)}/${ - describeType === 'public' ? 'api' : 'internal' - }/alerting/rules/_find?filter=alert.attributes.actions:{ actionTypeId: test.noop }` + `${getUrlPrefix( + space.id + )}/api/alerting/rules/_find?filter=alert.attributes.actions:{ actionTypeId: test.noop }` ) .auth(user.username, user.password); @@ -317,8 +306,6 @@ const findTestUtils = ( expect(response.body.per_page).to.be.greaterThan(0); expect(response.body.total).to.be.greaterThan(0); const match = response.body.data.find((obj: any) => obj.id === createdAlert.id); - const activeSnoozes = match.active_snoozes; - const hasActiveSnoozes = !!(activeSnoozes || []).filter((obj: any) => obj).length; expect(match).to.eql({ id: createdAlert.id, name: 'abc', @@ -352,14 +339,6 @@ const findTestUtils = ( revision: 0, ...(match.next_run ? { next_run: match.next_run } : {}), ...(match.last_run ? { last_run: match.last_run } : {}), - ...(describeType === 'internal' - ? { - monitoring: match.monitoring, - snooze_schedule: match.snooze_schedule, - ...(hasActiveSnoozes && { active_snoozes: activeSnoozes }), - is_snoozed_until: null, - } - : {}), }); expect(Date.parse(match.created_at)).to.be.greaterThan(0); expect(Date.parse(match.updated_at)).to.be.greaterThan(0); @@ -401,9 +380,9 @@ const findTestUtils = ( const response = await supertestWithoutAuth .get( - `${getUrlPrefix(space.id)}/${ - describeType === 'public' ? 'api' : 'internal' - }/alerting/rules/_find?filter=alert.attributes.alertTypeId:test.restricted-noop&fields=["tags"]&sort_field=createdAt` + `${getUrlPrefix( + space.id + )}/api/alerting/rules/_find?filter=alert.attributes.alertTypeId:test.restricted-noop&fields=["tags"]&sort_field=createdAt` ) .auth(user.username, user.password); @@ -434,19 +413,11 @@ const findTestUtils = ( id: createdAlert.id, actions: [], tags: [myTag], - ...(describeType === 'internal' && { - snooze_schedule: [], - is_snoozed_until: null, - }), }); expect(omit(matchSecond, 'updatedAt')).to.eql({ id: createdSecondAlert.id, actions: [], tags: [myTag], - ...(describeType === 'internal' && { - snooze_schedule: [], - is_snoozed_until: null, - }), }); break; default: @@ -486,9 +457,9 @@ const findTestUtils = ( const response = await supertestWithoutAuth .get( - `${getUrlPrefix(space.id)}/${ - describeType === 'public' ? 'api' : 'internal' - }/alerting/rules/_find?filter=alert.attributes.alertTypeId:test.restricted-noop&fields=["tags","executionStatus"]&sort_field=createdAt` + `${getUrlPrefix( + space.id + )}/api/alerting/rules/_find?filter=alert.attributes.alertTypeId:test.restricted-noop&fields=["tags","executionStatus"]&sort_field=createdAt` ) .auth(user.username, user.password); @@ -520,20 +491,12 @@ const findTestUtils = ( actions: [], tags: [myTag], execution_status: matchFirst.execution_status, - ...(describeType === 'internal' && { - snooze_schedule: [], - is_snoozed_until: null, - }), }); expect(omit(matchSecond, 'updatedAt')).to.eql({ id: createdSecondAlert.id, actions: [], tags: [myTag], execution_status: matchSecond.execution_status, - ...(describeType === 'internal' && { - snooze_schedule: [], - is_snoozed_until: null, - }), }); break; default: @@ -551,9 +514,9 @@ const findTestUtils = ( const response = await supertestWithoutAuth .get( - `${getUrlPrefix('other')}/${ - describeType === 'public' ? 'api' : 'internal' - }/alerting/rules/_find?search=test.noop&search_fields=alertTypeId` + `${getUrlPrefix( + 'other' + )}/api/alerting/rules/_find?search=test.noop&search_fields=alertTypeId` ) .auth(user.username, user.password); @@ -586,88 +549,71 @@ const findTestUtils = ( }); }); } - }); - describe('Actions', () => { - const { user, space } = SuperuserAtSpace1; - - it('should return the actions correctly', async () => { - const { body: createdAction } = await supertest - .post(`${getUrlPrefix(space.id)}/api/actions/connector`) - .set('kbn-xsrf', 'foo') - .send({ - name: 'MY action', - connector_type_id: 'test.noop', - config: {}, - secrets: {}, - }) - .expect(200); - - const { body: createdRule1 } = await supertest - .post(`${getUrlPrefix(space.id)}/api/alerting/rule`) - .set('kbn-xsrf', 'foo') - .send( - getTestRuleData({ - enabled: true, - actions: [ - { - id: createdAction.id, - group: 'default', - params: {}, - }, - { - id: 'system-connector-test.system-action', - params: {}, - }, - ], + describe('Actions', () => { + const { user, space } = SuperuserAtSpace1; + + it('should return the actions correctly', async () => { + const { body: createdAction } = await supertest + .post(`${getUrlPrefix(space.id)}/api/actions/connector`) + .set('kbn-xsrf', 'foo') + .send({ + name: 'MY action', + connector_type_id: 'test.noop', + config: {}, + secrets: {}, }) - ) - .expect(200); - - objectRemover.add(space.id, createdRule1.id, 'rule', 'alerting'); - - const response = await supertestWithoutAuth - .get(`${getUrlPrefix(space.id)}/api/alerting/rules/_find`) - .set('kbn-xsrf', 'foo') - .auth(user.username, user.password); - - const action = response.body.data[0].actions[0]; - const systemAction = response.body.data[0].actions[1]; - const { uuid, ...restAction } = action; - const { uuid: systemActionUuid, ...restSystemAction } = systemAction; - - expect([restAction, restSystemAction]).to.eql([ - { - id: createdAction.id, - connector_type_id: 'test.noop', - group: 'default', - params: {}, - }, - { - id: 'system-connector-test.system-action', - connector_type_id: 'test.system-action', - params: {}, - }, - , - ]); - }); - }); -}; + .expect(200); -// eslint-disable-next-line import/no-default-export -export default function createFindTests({ getService }: FtrProviderContext) { - const supertest = getService('supertest'); - const supertestWithoutAuth = getService('supertestWithoutAuth'); + const { body: createdRule1 } = await supertest + .post(`${getUrlPrefix(space.id)}/api/alerting/rule`) + .set('kbn-xsrf', 'foo') + .send( + getTestRuleData({ + enabled: true, + actions: [ + { + id: createdAction.id, + group: 'default', + params: {}, + }, + { + id: 'system-connector-test.system-action', + params: {}, + }, + ], + }) + ) + .expect(200); - describe('find', () => { - const objectRemover = new ObjectRemover(supertest); + objectRemover.add(space.id, createdRule1.id, 'rule', 'alerting'); - afterEach(async () => { - await objectRemover.removeAll(); - }); + const response = await supertestWithoutAuth + .get(`${getUrlPrefix(space.id)}/api/alerting/rules/_find`) + .set('kbn-xsrf', 'foo') + .auth(user.username, user.password); + + const action = response.body.data[0].actions[0]; + const systemAction = response.body.data[0].actions[1]; + const { uuid, ...restAction } = action; + const { uuid: systemActionUuid, ...restSystemAction } = systemAction; - findTestUtils('public', objectRemover, supertest, supertestWithoutAuth); - findTestUtils('internal', objectRemover, supertest, supertestWithoutAuth); + expect([restAction, restSystemAction]).to.eql([ + { + id: createdAction.id, + connector_type_id: 'test.noop', + group: 'default', + params: {}, + }, + { + id: 'system-connector-test.system-action', + connector_type_id: 'test.system-action', + params: {}, + }, + , + ]); + }); + }); describe('stack alerts', () => { const ruleTypes = [ diff --git a/x-pack/test/alerting_api_integration/security_and_spaces/group1/tests/alerting/find_internal.ts b/x-pack/test/alerting_api_integration/security_and_spaces/group1/tests/alerting/find_internal.ts new file mode 100644 index 00000000000000..ee8d49c662ada3 --- /dev/null +++ b/x-pack/test/alerting_api_integration/security_and_spaces/group1/tests/alerting/find_internal.ts @@ -0,0 +1,762 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import expect from '@kbn/expect'; +import { chunk, omit } from 'lodash'; +import { v4 as uuidv4 } from 'uuid'; +import { + ES_QUERY_ID, + ML_ANOMALY_DETECTION_RULE_TYPE_ID, + OBSERVABILITY_THRESHOLD_RULE_TYPE_ID, +} from '@kbn/rule-data-utils'; +import { SuperuserAtSpace1, UserAtSpaceScenarios, StackAlertsOnly } from '../../../scenarios'; +import { getUrlPrefix, getTestRuleData, ObjectRemover } from '../../../../common/lib'; +import { FtrProviderContext } from '../../../../common/ftr_provider_context'; + +// eslint-disable-next-line import/no-default-export +export default function createFindTests({ getService }: FtrProviderContext) { + const supertest = getService('supertest'); + const supertestWithoutAuth = getService('supertestWithoutAuth'); + + describe('find internal API', () => { + const objectRemover = new ObjectRemover(supertest); + + afterEach(async () => { + await objectRemover.removeAll(); + }); + + for (const scenario of UserAtSpaceScenarios) { + const { user, space } = scenario; + describe(scenario.id, () => { + it('should handle find alert request appropriately', async () => { + const { body: createdAction } = await supertest + .post(`${getUrlPrefix(space.id)}/api/actions/connector`) + .set('kbn-xsrf', 'foo') + .send({ + name: 'MY action', + connector_type_id: 'test.noop', + config: {}, + secrets: {}, + }) + .expect(200); + + const { body: createdAlert } = await supertest + .post(`${getUrlPrefix(space.id)}/api/alerting/rule`) + .set('kbn-xsrf', 'foo') + .send( + getTestRuleData({ + actions: [ + { + group: 'default', + id: createdAction.id, + params: {}, + frequency: { + summary: false, + notify_when: 'onThrottleInterval', + throttle: '1m', + }, + }, + ], + notify_when: undefined, + throttle: undefined, + }) + ) + .expect(200); + objectRemover.add(space.id, createdAlert.id, 'rule', 'alerting'); + + const response = await supertestWithoutAuth + .post(`${getUrlPrefix(space.id)}/internal/alerting/rules/_find`) + .set('kbn-xsrf', 'foo') + .auth(user.username, user.password) + .send({ + search: 'test.noop', + search_fields: 'alertTypeId', + }); + + switch (scenario.id) { + case 'no_kibana_privileges at space1': + case 'space_1_all at space2': + expect(response.statusCode).to.eql(403); + expect(response.body).to.eql({ + error: 'Forbidden', + message: `Unauthorized to find rules for any rule types`, + statusCode: 403, + }); + break; + case 'global_read at space1': + case 'superuser at space1': + case 'space_1_all at space1': + case 'space_1_all_alerts_none_actions at space1': + case 'space_1_all_with_restricted_fixture at space1': + expect(response.statusCode).to.eql(200); + expect(response.body.page).to.equal(1); + expect(response.body.per_page).to.be.greaterThan(0); + expect(response.body.total).to.be.greaterThan(0); + const match = response.body.data.find((obj: any) => obj.id === createdAlert.id); + const activeSnoozes = match.active_snoozes; + const hasActiveSnoozes = !!(activeSnoozes || []).filter((obj: any) => obj).length; + expect(match).to.eql({ + id: createdAlert.id, + name: 'abc', + tags: ['foo'], + rule_type_id: 'test.noop', + running: match.running ?? false, + consumer: 'alertsFixture', + schedule: { interval: '1m' }, + enabled: true, + actions: [ + { + group: 'default', + id: createdAction.id, + connector_type_id: 'test.noop', + params: {}, + uuid: match.actions[0].uuid, + frequency: { + summary: false, + notify_when: 'onThrottleInterval', + throttle: '1m', + }, + }, + ], + params: {}, + created_by: 'elastic', + scheduled_task_id: match.scheduled_task_id, + created_at: match.created_at, + updated_at: match.updated_at, + throttle: null, + notify_when: null, + updated_by: 'elastic', + api_key_owner: 'elastic', + api_key_created_by_user: false, + mute_all: false, + muted_alert_ids: [], + revision: 0, + execution_status: match.execution_status, + ...(match.next_run ? { next_run: match.next_run } : {}), + ...(match.last_run ? { last_run: match.last_run } : {}), + + monitoring: match.monitoring, + snooze_schedule: match.snooze_schedule, + ...(hasActiveSnoozes && { active_snoozes: activeSnoozes }), + is_snoozed_until: null, + }); + expect(Date.parse(match.created_at)).to.be.greaterThan(0); + expect(Date.parse(match.updated_at)).to.be.greaterThan(0); + break; + default: + throw new Error(`Scenario untested: ${JSON.stringify(scenario)}`); + } + }); + + it('should filter out types that the user is not authorized to `get` retaining pagination', async () => { + async function createNoOpAlert(overrides = {}) { + const alert = getTestRuleData(overrides); + const { body: createdAlert } = await supertest + .post(`${getUrlPrefix(space.id)}/api/alerting/rule`) + .set('kbn-xsrf', 'foo') + .send(alert) + .expect(200); + objectRemover.add(space.id, createdAlert.id, 'rule', 'alerting'); + return { + id: createdAlert.id, + rule_type_id: alert.rule_type_id, + }; + } + function createRestrictedNoOpAlert() { + return createNoOpAlert({ + rule_type_id: 'test.restricted-noop', + consumer: 'alertsRestrictedFixture', + }); + } + function createUnrestrictedNoOpAlert() { + return createNoOpAlert({ + rule_type_id: 'test.unrestricted-noop', + consumer: 'alertsFixture', + }); + } + const allAlerts = []; + allAlerts.push(await createNoOpAlert()); + allAlerts.push(await createNoOpAlert()); + allAlerts.push(await createRestrictedNoOpAlert()); + allAlerts.push(await createUnrestrictedNoOpAlert()); + allAlerts.push(await createUnrestrictedNoOpAlert()); + allAlerts.push(await createRestrictedNoOpAlert()); + allAlerts.push(await createNoOpAlert()); + allAlerts.push(await createNoOpAlert()); + + const perPage = 4; + + const response = await supertestWithoutAuth + .post(`${getUrlPrefix(space.id)}/internal/alerting/rules/_find`) + .set('kbn-xsrf', 'foo') + .auth(user.username, user.password) + .send({ + per_page: perPage, + sort_field: 'createdAt', + }); + + switch (scenario.id) { + case 'no_kibana_privileges at space1': + case 'space_1_all at space2': + expect(response.statusCode).to.eql(403); + expect(response.body).to.eql({ + error: 'Forbidden', + message: `Unauthorized to find rules for any rule types`, + statusCode: 403, + }); + break; + case 'space_1_all at space1': + case 'space_1_all_alerts_none_actions at space1': + expect(response.statusCode).to.eql(200); + expect(response.body.page).to.equal(1); + expect(response.body.per_page).to.be.equal(perPage); + expect(response.body.total).to.be.equal(6); + { + const [firstPage] = chunk( + allAlerts + .filter((alert) => alert.rule_type_id !== 'test.restricted-noop') + .map((alert) => alert.id), + perPage + ); + expect(response.body.data.map((alert: any) => alert.id)).to.eql(firstPage); + } + break; + case 'global_read at space1': + case 'superuser at space1': + case 'space_1_all_with_restricted_fixture at space1': + expect(response.statusCode).to.eql(200); + expect(response.body.page).to.equal(1); + expect(response.body.per_page).to.be.equal(perPage); + expect(response.body.total).to.be.equal(8); + + { + const [firstPage, secondPage] = chunk( + allAlerts.map((alert) => alert.id), + perPage + ); + expect(response.body.data.map((alert: any) => alert.id)).to.eql(firstPage); + + const secondResponse = await supertestWithoutAuth + .post(`${getUrlPrefix(space.id)}/internal/alerting/rules/_find`) + .set('kbn-xsrf', 'foo') + .auth(user.username, user.password) + .send({ + per_page: perPage, + sort_field: 'createdAt', + page: 2, + }); + + expect(secondResponse.body.data.map((alert: any) => alert.id)).to.eql(secondPage); + } + + break; + default: + throw new Error(`Scenario untested: ${JSON.stringify(scenario)}`); + } + }); + + it('should handle find alert request with filter appropriately', async () => { + const { body: createdAction } = await supertest + .post(`${getUrlPrefix(space.id)}/api/actions/connector`) + .set('kbn-xsrf', 'foo') + .send({ + name: 'My action', + connector_type_id: 'test.noop', + config: {}, + secrets: {}, + }) + .expect(200); + + const { body: createdAlert } = await supertest + .post(`${getUrlPrefix(space.id)}/api/alerting/rule`) + .set('kbn-xsrf', 'foo') + .send( + getTestRuleData({ + enabled: false, + actions: [ + { + id: createdAction.id, + group: 'default', + params: {}, + }, + ], + }) + ) + .expect(200); + objectRemover.add(space.id, createdAlert.id, 'rule', 'alerting'); + + const response = await supertestWithoutAuth + .post(`${getUrlPrefix(space.id)}/internal/alerting/rules/_find`) + .set('kbn-xsrf', 'foo') + .auth(user.username, user.password) + .send({ + filter: 'alert.attributes.actions:{ actionTypeId: test.noop }', + }); + + switch (scenario.id) { + case 'no_kibana_privileges at space1': + case 'space_1_all at space2': + expect(response.statusCode).to.eql(403); + expect(response.body).to.eql({ + error: 'Forbidden', + message: `Unauthorized to find rules for any rule types`, + statusCode: 403, + }); + break; + case 'global_read at space1': + case 'superuser at space1': + case 'space_1_all at space1': + case 'space_1_all_alerts_none_actions at space1': + case 'space_1_all_with_restricted_fixture at space1': + expect(response.statusCode).to.eql(200); + expect(response.body.page).to.equal(1); + expect(response.body.per_page).to.be.greaterThan(0); + expect(response.body.total).to.be.greaterThan(0); + const match = response.body.data.find((obj: any) => obj.id === createdAlert.id); + const activeSnoozes = match.active_snoozes; + const hasActiveSnoozes = !!(activeSnoozes || []).filter((obj: any) => obj).length; + expect(match).to.eql({ + id: createdAlert.id, + name: 'abc', + tags: ['foo'], + rule_type_id: 'test.noop', + running: match.running ?? false, + consumer: 'alertsFixture', + schedule: { interval: '1m' }, + enabled: false, + actions: [ + { + id: createdAction.id, + group: 'default', + connector_type_id: 'test.noop', + params: {}, + uuid: createdAlert.actions[0].uuid, + }, + ], + params: {}, + created_by: 'elastic', + throttle: '1m', + api_key_created_by_user: null, + updated_by: 'elastic', + api_key_owner: null, + mute_all: false, + muted_alert_ids: [], + notify_when: 'onThrottleInterval', + created_at: match.created_at, + updated_at: match.updated_at, + execution_status: match.execution_status, + revision: 0, + ...(match.next_run ? { next_run: match.next_run } : {}), + ...(match.last_run ? { last_run: match.last_run } : {}), + monitoring: match.monitoring, + snooze_schedule: match.snooze_schedule, + ...(hasActiveSnoozes && { active_snoozes: activeSnoozes }), + is_snoozed_until: null, + }); + expect(Date.parse(match.created_at)).to.be.greaterThan(0); + expect(Date.parse(match.updated_at)).to.be.greaterThan(0); + break; + default: + throw new Error(`Scenario untested: ${JSON.stringify(scenario)}`); + } + }); + + it('should handle find alert request with fields appropriately', async () => { + const myTag = uuidv4(); + const { body: createdAlert } = await supertest + .post(`${getUrlPrefix(space.id)}/api/alerting/rule`) + .set('kbn-xsrf', 'foo') + .send( + getTestRuleData({ + enabled: false, + tags: [myTag], + rule_type_id: 'test.restricted-noop', + consumer: 'alertsRestrictedFixture', + }) + ) + .expect(200); + objectRemover.add(space.id, createdAlert.id, 'rule', 'alerting'); + + // create another type with same tag + const { body: createdSecondAlert } = await supertest + .post(`${getUrlPrefix(space.id)}/api/alerting/rule`) + .set('kbn-xsrf', 'foo') + .send( + getTestRuleData({ + tags: [myTag], + rule_type_id: 'test.restricted-noop', + consumer: 'alertsRestrictedFixture', + }) + ) + .expect(200); + objectRemover.add(space.id, createdSecondAlert.id, 'rule', 'alerting'); + + const response = await supertestWithoutAuth + .post(`${getUrlPrefix(space.id)}/internal/alerting/rules/_find`) + .set('kbn-xsrf', 'foo') + .auth(user.username, user.password) + .send({ + filter: 'alert.attributes.alertTypeId:test.restricted-noop', + fields: ['tags'], + sort_field: 'createdAt', + }); + + switch (scenario.id) { + case 'no_kibana_privileges at space1': + case 'space_1_all at space2': + expect(response.statusCode).to.eql(403); + expect(response.body).to.eql({ + error: 'Forbidden', + message: `Unauthorized to find rules for any rule types`, + statusCode: 403, + }); + break; + case 'space_1_all at space1': + case 'space_1_all_alerts_none_actions at space1': + expect(response.statusCode).to.eql(200); + expect(response.body.data).to.eql([]); + break; + case 'global_read at space1': + case 'superuser at space1': + case 'space_1_all_with_restricted_fixture at space1': + expect(response.statusCode).to.eql(200); + expect(response.body.page).to.equal(1); + expect(response.body.per_page).to.be.greaterThan(0); + expect(response.body.total).to.be.greaterThan(0); + const [matchFirst, matchSecond] = response.body.data; + expect(omit(matchFirst, 'updatedAt')).to.eql({ + id: createdAlert.id, + actions: [], + tags: [myTag], + snooze_schedule: [], + is_snoozed_until: null, + }); + expect(omit(matchSecond, 'updatedAt')).to.eql({ + id: createdSecondAlert.id, + actions: [], + tags: [myTag], + snooze_schedule: [], + is_snoozed_until: null, + }); + break; + default: + throw new Error(`Scenario untested: ${JSON.stringify(scenario)}`); + } + }); + + it('should handle find alert request with executionStatus field appropriately', async () => { + const myTag = uuidv4(); + const { body: createdAlert } = await supertest + .post(`${getUrlPrefix(space.id)}/api/alerting/rule`) + .set('kbn-xsrf', 'foo') + .send( + getTestRuleData({ + enabled: false, + tags: [myTag], + rule_type_id: 'test.restricted-noop', + consumer: 'alertsRestrictedFixture', + }) + ) + .expect(200); + objectRemover.add(space.id, createdAlert.id, 'rule', 'alerting'); + + // create another type with same tag + const { body: createdSecondAlert } = await supertest + .post(`${getUrlPrefix(space.id)}/api/alerting/rule`) + .set('kbn-xsrf', 'foo') + .send( + getTestRuleData({ + tags: [myTag], + rule_type_id: 'test.restricted-noop', + consumer: 'alertsRestrictedFixture', + }) + ) + .expect(200); + objectRemover.add(space.id, createdSecondAlert.id, 'rule', 'alerting'); + + const response = await supertestWithoutAuth + .post(`${getUrlPrefix(space.id)}/internal/alerting/rules/_find`) + .set('kbn-xsrf', 'foo') + .auth(user.username, user.password) + .send({ + filter: 'alert.attributes.alertTypeId:test.restricted-noop', + fields: ['tags', 'executionStatus'], + sort_field: 'createdAt', + }); + + switch (scenario.id) { + case 'no_kibana_privileges at space1': + case 'space_1_all at space2': + expect(response.statusCode).to.eql(403); + expect(response.body).to.eql({ + error: 'Forbidden', + message: `Unauthorized to find rules for any rule types`, + statusCode: 403, + }); + break; + case 'space_1_all at space1': + case 'space_1_all_alerts_none_actions at space1': + expect(response.statusCode).to.eql(200); + expect(response.body.data).to.eql([]); + break; + case 'global_read at space1': + case 'superuser at space1': + case 'space_1_all_with_restricted_fixture at space1': + expect(response.statusCode).to.eql(200); + expect(response.body.page).to.equal(1); + expect(response.body.per_page).to.be.greaterThan(0); + expect(response.body.total).to.be.greaterThan(0); + const [matchFirst, matchSecond] = response.body.data; + expect(omit(matchFirst, 'updatedAt')).to.eql({ + id: createdAlert.id, + actions: [], + tags: [myTag], + execution_status: matchFirst.execution_status, + snooze_schedule: [], + is_snoozed_until: null, + }); + expect(omit(matchSecond, 'updatedAt')).to.eql({ + id: createdSecondAlert.id, + actions: [], + tags: [myTag], + execution_status: matchSecond.execution_status, + snooze_schedule: [], + is_snoozed_until: null, + }); + break; + default: + throw new Error(`Scenario untested: ${JSON.stringify(scenario)}`); + } + }); + + it(`shouldn't find alert from another space`, async () => { + const { body: createdAlert } = await supertest + .post(`${getUrlPrefix(space.id)}/api/alerting/rule`) + .set('kbn-xsrf', 'foo') + .send(getTestRuleData()) + .expect(200); + objectRemover.add(space.id, createdAlert.id, 'rule', 'alerting'); + + const response = await supertestWithoutAuth + .post(`${getUrlPrefix('other')}/internal/alerting/rules/_find`) + .set('kbn-xsrf', 'foo') + .auth(user.username, user.password) + .send({ + search: 'test.noop', + search_fields: 'alertTypeId', + }); + + switch (scenario.id) { + case 'no_kibana_privileges at space1': + case 'space_1_all at space2': + case 'space_1_all at space1': + case 'space_1_all_alerts_none_actions at space1': + case 'space_1_all_with_restricted_fixture at space1': + expect(response.statusCode).to.eql(403); + expect(response.body).to.eql({ + error: 'Forbidden', + message: `Unauthorized to find rules for any rule types`, + statusCode: 403, + }); + break; + case 'global_read at space1': + case 'superuser at space1': + expect(response.statusCode).to.eql(200); + expect(response.body).to.eql({ + page: 1, + per_page: 10, + total: 0, + data: [], + }); + break; + default: + throw new Error(`Scenario untested: ${JSON.stringify(scenario)}`); + } + }); + }); + } + + describe('Actions', () => { + const { user, space } = SuperuserAtSpace1; + + it('should return the actions correctly', async () => { + const { body: createdAction } = await supertest + .post(`${getUrlPrefix(space.id)}/api/actions/connector`) + .set('kbn-xsrf', 'foo') + .send({ + name: 'MY action', + connector_type_id: 'test.noop', + config: {}, + secrets: {}, + }) + .expect(200); + + const { body: createdRule1 } = await supertest + .post(`${getUrlPrefix(space.id)}/api/alerting/rule`) + .set('kbn-xsrf', 'foo') + .send( + getTestRuleData({ + enabled: true, + actions: [ + { + id: createdAction.id, + group: 'default', + params: {}, + }, + { + id: 'system-connector-test.system-action', + params: {}, + }, + ], + }) + ) + .expect(200); + + objectRemover.add(space.id, createdRule1.id, 'rule', 'alerting'); + + const response = await supertestWithoutAuth + .get(`${getUrlPrefix(space.id)}/api/alerting/rules/_find`) + .set('kbn-xsrf', 'foo') + .auth(user.username, user.password); + + const action = response.body.data[0].actions[0]; + const systemAction = response.body.data[0].actions[1]; + const { uuid, ...restAction } = action; + const { uuid: systemActionUuid, ...restSystemAction } = systemAction; + + expect([restAction, restSystemAction]).to.eql([ + { + id: createdAction.id, + connector_type_id: 'test.noop', + group: 'default', + params: {}, + }, + { + id: 'system-connector-test.system-action', + connector_type_id: 'test.system-action', + params: {}, + }, + , + ]); + }); + }); + describe('stack alerts', () => { + const ruleTypes = [ + [ + ES_QUERY_ID, + { + searchType: 'esQuery', + timeWindowSize: 5, + timeWindowUnit: 'm', + threshold: [1000], + thresholdComparator: '>', + size: 100, + esQuery: '{\n "query":{\n "match_all" : {}\n }\n }', + aggType: 'count', + groupBy: 'all', + termSize: 5, + excludeHitsFromPreviousRun: false, + sourceFields: [], + index: ['.kibana'], + timeField: 'created_at', + }, + ], + [ + OBSERVABILITY_THRESHOLD_RULE_TYPE_ID, + { + criteria: [ + { + comparator: '>', + metrics: [ + { + name: 'A', + aggType: 'count', + }, + ], + threshold: [100], + timeSize: 1, + timeUnit: 'm', + }, + ], + alertOnNoData: false, + alertOnGroupDisappear: false, + searchConfiguration: { + query: { + query: '', + language: 'kuery', + }, + index: 'kibana-event-log-data-view', + }, + }, + ], + [ + ML_ANOMALY_DETECTION_RULE_TYPE_ID, + { + severity: 75, + resultType: 'bucket', + includeInterim: false, + jobSelection: { + jobIds: ['low_request_rate'], + }, + }, + ], + ]; + + const createRule = async (rule = {}) => { + const { body: createdAlert } = await supertest + .post(`${getUrlPrefix('space1')}/api/alerting/rule`) + .set('kbn-xsrf', 'foo') + .send(getTestRuleData({ ...rule })) + .expect(200); + + objectRemover.add('space1', createdAlert.id, 'rule', 'alerting'); + }; + + for (const [ruleTypeId, params] of ruleTypes) { + it(`should get rules of ${ruleTypeId} rule type ID and stackAlerts consumer`, async () => { + /** + * We create two rules. The first one is a test.noop + * rule with stackAlerts as consumer. The second rule + * is has different rule type ID but with the same consumer as the first rule (stackAlerts). + * This way we can verify that the find API call returns only the rules the user is authorized to. + * Specifically only the second rule because the StackAlertsOnly user does not have + * access to the test.noop rule type. + */ + await createRule({ consumer: 'stackAlerts' }); + await createRule({ rule_type_id: ruleTypeId, params, consumer: 'stackAlerts' }); + + const response = await supertestWithoutAuth + .get(`${getUrlPrefix('space1')}/api/alerting/rules/_find`) + .auth(StackAlertsOnly.username, StackAlertsOnly.password); + + expect(response.statusCode).to.eql(200); + expect(response.body.total).to.equal(1); + expect(response.body.data[0].rule_type_id).to.equal(ruleTypeId); + expect(response.body.data[0].consumer).to.equal('stackAlerts'); + }); + } + + for (const [ruleTypeId, params] of ruleTypes) { + it(`should NOT get rules of ${ruleTypeId} rule type ID and NOT stackAlerts consumer`, async () => { + /** + * We create two rules with logs as consumer. The user is authorized to + * access rules only with the stackAlerts consumers. + */ + await createRule({ consumer: 'logs' }); + await createRule({ rule_type_id: ruleTypeId, params, consumer: 'logs' }); + + const response = await supertestWithoutAuth + .get(`${getUrlPrefix('space1')}/api/alerting/rules/_find`) + .auth(StackAlertsOnly.username, StackAlertsOnly.password); + + expect(response.statusCode).to.eql(200); + expect(response.body.total).to.equal(0); + }); + } + }); + }); +} diff --git a/x-pack/test/alerting_api_integration/security_and_spaces/group1/tests/alerting/find_with_post.ts b/x-pack/test/alerting_api_integration/security_and_spaces/group1/tests/alerting/find_with_post.ts index f221b5869dd6b9..c8afff8fcc4764 100644 --- a/x-pack/test/alerting_api_integration/security_and_spaces/group1/tests/alerting/find_with_post.ts +++ b/x-pack/test/alerting_api_integration/security_and_spaces/group1/tests/alerting/find_with_post.ts @@ -207,12 +207,14 @@ const findTestUtils = ( expect(response.body.data.map((alert: any) => alert.id)).to.eql(firstPage); const secondResponse = await supertestWithoutAuth - .get( - `${getUrlPrefix(space.id)}/${ - describeType === 'public' ? 'api' : 'internal' - }/alerting/rules/_find?per_page=${perPage}&sort_field=createdAt&page=2` - ) - .auth(user.username, user.password); + .post(`${getUrlPrefix(space.id)}/internal/alerting/rules/_find`) + .set('kbn-xsrf', 'kibana') + .auth(user.username, user.password) + .send({ + per_page: perPage, + sort_field: 'createdAt', + page: 2, + }); expect(secondResponse.body.data.map((alert: any) => alert.id)).to.eql(secondPage); } diff --git a/x-pack/test/alerting_api_integration/security_and_spaces/group1/tests/alerting/index.ts b/x-pack/test/alerting_api_integration/security_and_spaces/group1/tests/alerting/index.ts index ec938e8dc4abbb..262fe8af301c8f 100644 --- a/x-pack/test/alerting_api_integration/security_and_spaces/group1/tests/alerting/index.ts +++ b/x-pack/test/alerting_api_integration/security_and_spaces/group1/tests/alerting/index.ts @@ -22,6 +22,7 @@ export default function alertingTests({ loadTestFile, getService }: FtrProviderC loadTestFile(require.resolve('./backfill')); loadTestFile(require.resolve('./find')); + loadTestFile(require.resolve('./find_internal')); loadTestFile(require.resolve('./find_with_post')); loadTestFile(require.resolve('./create')); loadTestFile(require.resolve('./delete')); diff --git a/x-pack/test/alerting_api_integration/spaces_only/tests/alerting/group1/create.ts b/x-pack/test/alerting_api_integration/spaces_only/tests/alerting/group1/create.ts index 9932ee2c11a367..57d41424186b35 100644 --- a/x-pack/test/alerting_api_integration/spaces_only/tests/alerting/group1/create.ts +++ b/x-pack/test/alerting_api_integration/spaces_only/tests/alerting/group1/create.ts @@ -341,13 +341,14 @@ export default function createAlertTests({ getService }: FtrProviderContext) { ) .expect(200); - const response = await supertest.get( - `${getUrlPrefix( - Spaces.space1.id - )}/internal/alerting/rules/_find?filter=alert.attributes.params.risk_score:40` - ); + const response = await supertest + .post(`${getUrlPrefix(Spaces.space1.id)}/internal/alerting/rules/_find`) + .set('kbn-xsrf', 'kibana') + .send({ + filter: `alert.attributes.params.risk_score:40`, + }) + .expect(200); - expect(response.status).to.eql(200); objectRemover.add(Spaces.space1.id, createResponse.body.id, 'rule', 'alerting'); expect(response.body.total).to.equal(1); expect(response.body.data[0].mapped_params).to.eql({ diff --git a/x-pack/test/alerting_api_integration/spaces_only/tests/alerting/group1/find.ts b/x-pack/test/alerting_api_integration/spaces_only/tests/alerting/group1/find.ts index c8aeba2b7e2108..e730dd657d2f10 100644 --- a/x-pack/test/alerting_api_integration/spaces_only/tests/alerting/group1/find.ts +++ b/x-pack/test/alerting_api_integration/spaces_only/tests/alerting/group1/find.ts @@ -26,13 +26,15 @@ async function createAlert( return createdAlert; } -const findTestUtils = ( - describeType: 'internal' | 'public', - supertest: SuperTestAgent, - objectRemover: ObjectRemover -) => { - describe(describeType, () => { +// eslint-disable-next-line import/no-default-export +export default function createFindTests({ getService }: FtrProviderContext) { + const supertest = getService('supertest'); + + describe('find public API', () => { + const objectRemover = new ObjectRemover(supertest); + afterEach(() => objectRemover.removeAll()); + describe('handle find alert request', function () { this.tags('skipFIPS'); it('should handle find alert request appropriately', async () => { @@ -72,9 +74,9 @@ const findTestUtils = ( objectRemover.add(Spaces.space1.id, createdAlert.id, 'rule', 'alerting'); const response = await supertest.get( - `${getUrlPrefix(Spaces.space1.id)}/${ - describeType === 'public' ? 'api' : 'internal' - }/alerting/rules/_find?search=test.noop&search_fields=alertTypeId` + `${getUrlPrefix( + Spaces.space1.id + )}/api/alerting/rules/_find?search=test.noop&search_fields=alertTypeId` ); expect(response.status).to.eql(200); @@ -82,8 +84,6 @@ const findTestUtils = ( expect(response.body.per_page).to.be.greaterThan(0); expect(response.body.total).to.be.greaterThan(0); const match = response.body.data.find((obj: any) => obj.id === createdAlert.id); - const activeSnoozes = match.active_snoozes; - const hasActiveSnoozes = !!(activeSnoozes || []).filter((obj: any) => obj).length; expect(match).to.eql({ id: createdAlert.id, name: 'abc', @@ -123,14 +123,6 @@ const findTestUtils = ( execution_status: match.execution_status, ...(match.next_run ? { next_run: match.next_run } : {}), ...(match.last_run ? { last_run: match.last_run } : {}), - ...(describeType === 'internal' - ? { - monitoring: match.monitoring, - snooze_schedule: match.snooze_schedule, - ...(hasActiveSnoozes && { active_snoozes: activeSnoozes }), - is_snoozed_until: null, - } - : {}), }); expect(Date.parse(match.created_at)).to.be.greaterThan(0); expect(Date.parse(match.updated_at)).to.be.greaterThan(0); @@ -147,9 +139,9 @@ const findTestUtils = ( await supertest .get( - `${getUrlPrefix(Spaces.other.id)}/${ - describeType === 'public' ? 'api' : 'internal' - }/alerting/rules/_find?search=test.noop&search_fields=alertTypeId` + `${getUrlPrefix( + Spaces.other.id + )}/api/alerting/rules/_find?search=test.noop&search_fields=alertTypeId` ) .expect(200, { page: 1, @@ -186,62 +178,50 @@ const findTestUtils = ( ]); }); - it(`it should${ - describeType === 'public' ? ' NOT' : '' - } allow filter on monitoring attributes`, async () => { + it(`it should NOT allow filter on monitoring attributes`, async () => { const response = await supertest.get( - `${getUrlPrefix(Spaces.space1.id)}/${ - describeType === 'public' ? 'api' : 'internal' - }/alerting/rules/_find?filter=alert.attributes.monitoring.run.calculated_metrics.success_ratio>50` + `${getUrlPrefix( + Spaces.space1.id + )}/api/alerting/rules/_find?filter=alert.attributes.monitoring.run.calculated_metrics.success_ratio>50` ); - expect(response.status).to.eql(describeType === 'internal' ? 200 : 400); - if (describeType === 'public') { - expect(response.body.message).to.eql( - 'Error find rules: Filter is not supported on this field alert.attributes.monitoring.run.calculated_metrics.success_ratio' - ); - } + expect(response.status).to.eql(400); + expect(response.body.message).to.eql( + 'Error find rules: Filter is not supported on this field alert.attributes.monitoring.run.calculated_metrics.success_ratio' + ); }); - it(`it should${ - describeType === 'public' ? ' NOT' : '' - } allow ordering on monitoring attributes`, async () => { + it(`it should NOT allow ordering on monitoring attributes`, async () => { const response = await supertest.get( - `${getUrlPrefix(Spaces.space1.id)}/${ - describeType === 'public' ? 'api' : 'internal' - }/alerting/rules/_find?sort_field=monitoring.run.calculated_metrics.success_ratio` + `${getUrlPrefix( + Spaces.space1.id + )}/api/alerting/rules/_find?sort_field=monitoring.run.calculated_metrics.success_ratio` ); - expect(response.status).to.eql(describeType === 'internal' ? 200 : 400); - if (describeType === 'public') { - expect(response.body.message).to.eql( - 'Error find rules: Sort is not supported on this field monitoring.run.calculated_metrics.success_ratio' - ); - } + expect(response.status).to.eql(400); + expect(response.body.message).to.eql( + 'Error find rules: Sort is not supported on this field monitoring.run.calculated_metrics.success_ratio' + ); }); - it(`it should${ - describeType === 'public' ? ' NOT' : '' - } allow search_fields on monitoring attributes`, async () => { + it(`it should NOT allow search_fields on monitoring attributes`, async () => { const response = await supertest.get( - `${getUrlPrefix(Spaces.space1.id)}/${ - describeType === 'public' ? 'api' : 'internal' - }/alerting/rules/_find?search_fields=monitoring.run.calculated_metrics.success_ratio&search=50` + `${getUrlPrefix( + Spaces.space1.id + )}/api/alerting/rules/_find?search_fields=monitoring.run.calculated_metrics.success_ratio&search=50` ); - expect(response.status).to.eql(describeType === 'internal' ? 200 : 400); - if (describeType === 'public') { - expect(response.body.message).to.eql( - 'Error find rules: Search field monitoring.run.calculated_metrics.success_ratio not supported' - ); - } + expect(response.status).to.eql(400); + expect(response.body.message).to.eql( + 'Error find rules: Search field monitoring.run.calculated_metrics.success_ratio not supported' + ); }); it('should filter on string parameters', async () => { const response = await supertest.get( - `${getUrlPrefix(Spaces.space1.id)}/${ - describeType === 'public' ? 'api' : 'internal' - }/alerting/rules/_find?filter=alert.attributes.params.strValue:"my b"` + `${getUrlPrefix( + Spaces.space1.id + )}/api/alerting/rules/_find?filter=alert.attributes.params.strValue:"my b"` ); expect(response.status).to.eql(200); @@ -251,9 +231,7 @@ const findTestUtils = ( it('should filter on kueryNode parameters', async () => { const response = await supertest.get( - `${getUrlPrefix(Spaces.space1.id)}/${ - describeType === 'public' ? 'api' : 'internal' - }/alerting/rules/_find?filter=${JSON.stringify( + `${getUrlPrefix(Spaces.space1.id)}/api/alerting/rules/_find?filter=${JSON.stringify( fromKueryExpression('alert.attributes.params.strValue:"my b"') )}` ); @@ -265,9 +243,9 @@ const findTestUtils = ( it('should sort by parameters', async () => { const response = await supertest.get( - `${getUrlPrefix(Spaces.space1.id)}/${ - describeType === 'public' ? 'api' : 'internal' - }/alerting/rules/_find?sort_field=params.severity&sort_order=asc` + `${getUrlPrefix( + Spaces.space1.id + )}/api/alerting/rules/_find?sort_field=params.severity&sort_order=asc` ); expect(response.body.data[0].params.severity).to.equal('low'); expect(response.body.data[1].params.severity).to.equal('medium'); @@ -276,9 +254,9 @@ const findTestUtils = ( it('should search by parameters', async () => { const response = await supertest.get( - `${getUrlPrefix(Spaces.space1.id)}/${ - describeType === 'public' ? 'api' : 'internal' - }/alerting/rules/_find?search_fields=params.severity&search=medium` + `${getUrlPrefix( + Spaces.space1.id + )}/api/alerting/rules/_find?search_fields=params.severity&search=medium` ); expect(response.status).to.eql(200); @@ -288,51 +266,31 @@ const findTestUtils = ( it('should filter on parameters', async () => { const response = await supertest.get( - `${getUrlPrefix(Spaces.space1.id)}/${ - describeType === 'public' ? 'api' : 'internal' - }/alerting/rules/_find?filter=alert.attributes.params.risk_score:40` + `${getUrlPrefix( + Spaces.space1.id + )}/api/alerting/rules/_find?filter=alert.attributes.params.risk_score:40` ); expect(response.status).to.eql(200); expect(response.body.total).to.equal(1); expect(response.body.data[0].params.risk_score).to.eql(40); - if (describeType === 'public') { - expect(response.body.data[0].mapped_params).to.eql(undefined); - } + expect(response.body.data[0].mapped_params).to.eql(undefined); }); it('should error if filtering on mapped parameters directly using the public API', async () => { const response = await supertest.get( - `${getUrlPrefix(Spaces.space1.id)}/${ - describeType === 'public' ? 'api' : 'internal' - }/alerting/rules/_find?filter=alert.attributes.mapped_params.risk_score:40` + `${getUrlPrefix( + Spaces.space1.id + )}/api/alerting/rules/_find?filter=alert.attributes.mapped_params.risk_score:40` ); - if (describeType === 'public') { - expect(response.status).to.eql(400); - expect(response.body.message).to.eql( - 'Error find rules: Filter is not supported on this field alert.attributes.mapped_params.risk_score' - ); - } else { - expect(response.status).to.eql(200); - } + expect(response.status).to.eql(400); + expect(response.body.message).to.eql( + 'Error find rules: Filter is not supported on this field alert.attributes.mapped_params.risk_score' + ); }); }); - }); -}; - -// eslint-disable-next-line import/no-default-export -export default function createFindTests({ getService }: FtrProviderContext) { - const supertest = getService('supertest'); - - describe('find', () => { - const objectRemover = new ObjectRemover(supertest); - - afterEach(() => objectRemover.removeAll()); - - findTestUtils('public', supertest, objectRemover); - findTestUtils('internal', supertest, objectRemover); describe('legacy', function () { this.tags('skipFIPS'); diff --git a/x-pack/test/alerting_api_integration/spaces_only/tests/alerting/group1/find_internal.ts b/x-pack/test/alerting_api_integration/spaces_only/tests/alerting/group1/find_internal.ts new file mode 100644 index 00000000000000..25fc54a5229d33 --- /dev/null +++ b/x-pack/test/alerting_api_integration/spaces_only/tests/alerting/group1/find_internal.ts @@ -0,0 +1,355 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import expect from '@kbn/expect'; +import { Agent as SuperTestAgent } from 'supertest'; +import { fromKueryExpression } from '@kbn/es-query'; +import { Spaces } from '../../../scenarios'; +import { getUrlPrefix, getTestRuleData, ObjectRemover } from '../../../../common/lib'; +import { FtrProviderContext } from '../../../../common/ftr_provider_context'; + +async function createAlert( + objectRemover: ObjectRemover, + supertest: SuperTestAgent, + overwrites = {} +) { + const { body: createdAlert } = await supertest + .post(`${getUrlPrefix(Spaces.space1.id)}/api/alerting/rule`) + .set('kbn-xsrf', 'foo') + .send(getTestRuleData(overwrites)) + .expect(200); + objectRemover.add(Spaces.space1.id, createdAlert.id, 'rule', 'alerting'); + return createdAlert; +} + +// eslint-disable-next-line import/no-default-export +export default function createFindTests({ getService }: FtrProviderContext) { + const supertest = getService('supertest'); + + describe('find internal API', () => { + const objectRemover = new ObjectRemover(supertest); + + afterEach(() => objectRemover.removeAll()); + + describe('handle find alert request', function () { + this.tags('skipFIPS'); + it('should handle find alert request appropriately', async () => { + const { body: createdAction } = await supertest + .post(`${getUrlPrefix(Spaces.space1.id)}/api/actions/connector`) + .set('kbn-xsrf', 'foo') + .send({ + name: 'MY action', + connector_type_id: 'test.noop', + config: {}, + secrets: {}, + }) + .expect(200); + + const { body: createdAlert } = await supertest + .post(`${getUrlPrefix(Spaces.space1.id)}/api/alerting/rule`) + .set('kbn-xsrf', 'foo') + .send( + getTestRuleData({ + actions: [ + { + group: 'default', + id: createdAction.id, + params: {}, + frequency: { + summary: false, + notify_when: 'onThrottleInterval', + throttle: '1m', + }, + }, + ], + notify_when: undefined, + throttle: undefined, + }) + ) + .expect(200); + objectRemover.add(Spaces.space1.id, createdAlert.id, 'rule', 'alerting'); + + const response = await supertest + .post(`${getUrlPrefix(Spaces.space1.id)}/internal/alerting/rules/_find`) + .set('kbn-xsrf', 'foo') + .send({ + search: 'test.noop', + search_fields: 'alertTypeId', + }); + + expect(response.status).to.eql(200); + expect(response.body.page).to.equal(1); + expect(response.body.per_page).to.be.greaterThan(0); + expect(response.body.total).to.be.greaterThan(0); + const match = response.body.data.find((obj: any) => obj.id === createdAlert.id); + const activeSnoozes = match.active_snoozes; + const hasActiveSnoozes = !!(activeSnoozes || []).filter((obj: any) => obj).length; + expect(match).to.eql({ + id: createdAlert.id, + name: 'abc', + tags: ['foo'], + rule_type_id: 'test.noop', + revision: 0, + running: false, + consumer: 'alertsFixture', + schedule: { interval: '1m' }, + enabled: true, + actions: [ + { + group: 'default', + id: createdAction.id, + connector_type_id: 'test.noop', + params: {}, + frequency: { + summary: false, + notify_when: 'onThrottleInterval', + throttle: '1m', + }, + uuid: match.actions[0].uuid, + }, + ], + params: {}, + created_by: null, + api_key_owner: null, + api_key_created_by_user: null, + scheduled_task_id: match.scheduled_task_id, + updated_by: null, + throttle: null, + notify_when: null, + mute_all: false, + muted_alert_ids: [], + created_at: match.created_at, + updated_at: match.updated_at, + execution_status: match.execution_status, + ...(match.next_run ? { next_run: match.next_run } : {}), + ...(match.last_run ? { last_run: match.last_run } : {}), + monitoring: match.monitoring, + snooze_schedule: match.snooze_schedule, + ...(hasActiveSnoozes && { active_snoozes: activeSnoozes }), + is_snoozed_until: null, + }); + expect(Date.parse(match.created_at)).to.be.greaterThan(0); + expect(Date.parse(match.updated_at)).to.be.greaterThan(0); + }); + }); + + it(`shouldn't find alert from another space`, async () => { + const { body: createdAlert } = await supertest + .post(`${getUrlPrefix(Spaces.space1.id)}/api/alerting/rule`) + .set('kbn-xsrf', 'foo') + .send(getTestRuleData()) + .expect(200); + objectRemover.add(Spaces.space1.id, createdAlert.id, 'rule', 'alerting'); + + await supertest + .post(`${getUrlPrefix(Spaces.other.id)}/internal/alerting/rules/_find`) + .set('kbn-xsrf', 'foo') + .send({ + search: 'test.noop', + search_fields: 'alertTypeId', + }) + .expect(200, { + page: 1, + per_page: 10, + total: 0, + data: [], + }); + }); + + describe('basic functionality', () => { + beforeEach(async () => { + await Promise.all([ + createAlert(objectRemover, supertest, { params: { strValue: 'my a' } }), + createAlert(objectRemover, supertest, { params: { strValue: 'my b' } }), + createAlert(objectRemover, supertest, { params: { strValue: 'my c' } }), + createAlert(objectRemover, supertest, { + params: { + risk_score: 60, + severity: 'high', + }, + }), + createAlert(objectRemover, supertest, { + params: { + risk_score: 40, + severity: 'medium', + }, + }), + createAlert(objectRemover, supertest, { + params: { + risk_score: 20, + severity: 'low', + }, + }), + ]); + }); + + it(`it should allow filter on monitoring attributes`, async () => { + const response = await supertest + .post(`${getUrlPrefix(Spaces.space1.id)}/internal/alerting/rules/_find`) + .set('kbn-xsrf', 'foo') + .send({ + filter: 'alert.attributes.monitoring.run.calculated_metrics.success_ratio>50', + }); + + expect(response.status).to.eql(200); + }); + + it(`it should allow ordering on monitoring attributes`, async () => { + const response = await supertest + .post(`${getUrlPrefix(Spaces.space1.id)}/internal/alerting/rules/_find`) + .set('kbn-xsrf', 'foo') + .send({ + sort_field: 'monitoring.run.calculated_metrics.success_ratio', + }); + + expect(response.status).to.eql(200); + }); + + it(`it should allow search_fields on monitoring attributes`, async () => { + const response = await supertest + .post(`${getUrlPrefix(Spaces.space1.id)}/internal/alerting/rules/_find`) + .set('kbn-xsrf', 'foo') + .send({ + search_fields: 'monitoring.run.calculated_metrics.success_ratio', + search: '50', + }); + + expect(response.status).to.eql(200); + }); + + it('should filter on string parameters', async () => { + const response = await supertest + .post(`${getUrlPrefix(Spaces.space1.id)}/internal/alerting/rules/_find`) + .set('kbn-xsrf', 'foo') + .send({ + filter: 'alert.attributes.params.strValue:"my b"', + }); + + expect(response.status).to.eql(200); + expect(response.body.total).to.equal(1); + expect(response.body.data[0].params.strValue).to.eql('my b'); + }); + + it('should filter on kueryNode parameters', async () => { + const response = await supertest + .post(`${getUrlPrefix(Spaces.space1.id)}/internal/alerting/rules/_find`) + .set('kbn-xsrf', 'foo') + .send({ + filter: JSON.stringify(fromKueryExpression('alert.attributes.params.strValue:"my b"')), + }); + + expect(response.status).to.eql(200); + expect(response.body.total).to.equal(1); + expect(response.body.data[0].params.strValue).to.eql('my b'); + }); + + it('should sort by parameters', async () => { + const response = await supertest + .post(`${getUrlPrefix(Spaces.space1.id)}/internal/alerting/rules/_find`) + .set('kbn-xsrf', 'foo') + .send({ + sort_field: 'params.severity', + sort_order: 'asc', + }); + expect(response.body.data[0].params.severity).to.equal('low'); + expect(response.body.data[1].params.severity).to.equal('medium'); + expect(response.body.data[2].params.severity).to.equal('high'); + }); + + it('should search by parameters', async () => { + const response = await supertest + .post(`${getUrlPrefix(Spaces.space1.id)}/internal/alerting/rules/_find`) + .set('kbn-xsrf', 'foo') + .send({ + search_fields: 'params.severity', + search: 'medium', + }); + + expect(response.status).to.eql(200); + expect(response.body.total).to.equal(1); + expect(response.body.data[0].params.severity).to.eql('medium'); + }); + + it('should filter on parameters', async () => { + const response = await supertest + .get(`${getUrlPrefix(Spaces.space1.id)}/internal/alerting/rules/_find`) + .set('kbn-xsrf', 'foo') + .send({ + filter: 'alert.attributes.params.risk_score:40', + }); + + expect(response.status).to.eql(200); + expect(response.body.total).to.equal(1); + expect(response.body.data[0].params.risk_score).to.eql(40); + }); + + it('should error if filtering on mapped parameters directly using the public API', async () => { + const response = await supertest + .post(`${getUrlPrefix(Spaces.space1.id)}/internal/alerting/rules/_find`) + .set('kbn-xsrf', 'foo') + .send({ + filter: 'alert.attributes.mapped_params.risk_score:40', + }); + + expect(response.status).to.eql(200); + }); + }); + + describe('legacy', function () { + this.tags('skipFIPS'); + it('should handle find alert request appropriately', async () => { + const { body: createdAlert } = await supertest + .post(`${getUrlPrefix(Spaces.space1.id)}/api/alerting/rule`) + .set('kbn-xsrf', 'foo') + .send(getTestRuleData()) + .expect(200); + objectRemover.add(Spaces.space1.id, createdAlert.id, 'rule', 'alerting'); + + const response = await supertest.get( + `${getUrlPrefix( + Spaces.space1.id + )}/api/alerts/_find?search=test.noop&search_fields=alertTypeId` + ); + + expect(response.status).to.eql(200); + expect(response.body.page).to.equal(1); + expect(response.body.perPage).to.be.greaterThan(0); + expect(response.body.total).to.be.greaterThan(0); + const match = response.body.data.find((obj: any) => obj.id === createdAlert.id); + expect(match).to.eql({ + id: createdAlert.id, + name: 'abc', + tags: ['foo'], + alertTypeId: 'test.noop', + consumer: 'alertsFixture', + schedule: { interval: '1m' }, + enabled: true, + actions: [], + params: {}, + createdBy: null, + apiKeyOwner: null, + apiKeyCreatedByUser: null, + scheduledTaskId: match.scheduledTaskId, + updatedBy: null, + throttle: '1m', + notifyWhen: 'onThrottleInterval', + muteAll: false, + mutedInstanceIds: [], + createdAt: match.createdAt, + updatedAt: match.updatedAt, + executionStatus: match.executionStatus, + revision: 0, + running: false, + ...(match.nextRun ? { nextRun: match.nextRun } : {}), + ...(match.lastRun ? { lastRun: match.lastRun } : {}), + }); + expect(Date.parse(match.createdAt)).to.be.greaterThan(0); + expect(Date.parse(match.updatedAt)).to.be.greaterThan(0); + }); + }); + }); +} diff --git a/x-pack/test/alerting_api_integration/spaces_only/tests/alerting/group2/update.ts b/x-pack/test/alerting_api_integration/spaces_only/tests/alerting/group2/update.ts index 029775fbba383b..025fa3b693dcec 100644 --- a/x-pack/test/alerting_api_integration/spaces_only/tests/alerting/group2/update.ts +++ b/x-pack/test/alerting_api_integration/spaces_only/tests/alerting/group2/update.ts @@ -91,11 +91,10 @@ export default function createUpdateTests({ getService }: FtrProviderContext) { expect(Date.parse(response.body.next_run)).to.be.greaterThan(0); } - response = await supertest.get( - `${getUrlPrefix( - Spaces.space1.id - )}/internal/alerting/rules/_find?filter=alert.attributes.params.risk_score:40` - ); + response = await supertest + .post(`${getUrlPrefix(Spaces.space1.id)}/internal/alerting/rules/_find`) + .set('kbn-xsrf', 'kibana') + .send({ filter: `alert.attributes.params.risk_score:40` }); expect(response.body.data[0].mapped_params).to.eql({ risk_score: 40, diff --git a/x-pack/test/api_integration/apis/entity_manager/definitions.ts b/x-pack/test/api_integration/apis/entity_manager/definitions.ts index 468e53767b4e80..1a68169f6f386e 100644 --- a/x-pack/test/api_integration/apis/entity_manager/definitions.ts +++ b/x-pack/test/api_integration/apis/entity_manager/definitions.ts @@ -101,26 +101,6 @@ export default function ({ getService }: FtrProviderContext) { await uninstallDefinition(supertest, { id: mockDefinition.id }); }); - - it('rejects updates to managed definitions', async () => { - await installDefinition(supertest, { - definition: { ...mockDefinition, managed: true }, - installOnly: true, - }); - - await updateDefinition(supertest, { - id: mockDefinition.id, - update: { - version: '1.0.0', - latest: { - timestampField: '@updatedTimestampField', - }, - }, - expectedCode: 403, - }); - - await uninstallDefinition(supertest, { id: mockDefinition.id }); - }); }); describe('entity data', () => { diff --git a/x-pack/test/api_integration/apis/management/ingest_pipelines/databases.ts b/x-pack/test/api_integration/apis/management/ingest_pipelines/databases.ts index 9bd0ab353e1f52..913e9aeca3c90e 100644 --- a/x-pack/test/api_integration/apis/management/ingest_pipelines/databases.ts +++ b/x-pack/test/api_integration/apis/management/ingest_pipelines/databases.ts @@ -18,9 +18,7 @@ export default function ({ getService }: FtrProviderContext) { const ipinfoDatabaseName = 'asn'; const normalizedIpinfoDatabaseName = 'asn'; - // Failing: See https://github.com/elastic/kibana/issues/196765 - // Failing: See https://github.com/elastic/kibana/issues/196765 - describe.skip('Manage databases', function () { + describe('Manage databases', function () { after(async () => { await ingestPipelines.api.deleteGeoipDatabases(); }); @@ -64,21 +62,20 @@ export default function ({ getService }: FtrProviderContext) { }); }); - // FLAKY: https://github.com/elastic/kibana/issues/196765 - describe.skip('List', () => { + describe('List', () => { it('returns existing databases', async () => { const { body } = await supertest.get(url).set('kbn-xsrf', 'xxx').expect(200); expect(body).to.eql([ - { - id: normalizedIpinfoDatabaseName, - name: ipinfoDatabaseName, - type: 'ipinfo', - }, { id: normalizedMaxmindDatabaseName, name: maxmindDatabaseName, type: 'maxmind', }, + { + id: normalizedIpinfoDatabaseName, + name: ipinfoDatabaseName, + type: 'ipinfo', + }, ]); }); }); diff --git a/x-pack/test/api_integration/apis/ml/anomaly_detectors/forecast_with_spaces.ts b/x-pack/test/api_integration/apis/ml/anomaly_detectors/forecast_with_spaces.ts index 32e82c67e348df..a6bc0b0c99a866 100644 --- a/x-pack/test/api_integration/apis/ml/anomaly_detectors/forecast_with_spaces.ts +++ b/x-pack/test/api_integration/apis/ml/anomaly_detectors/forecast_with_spaces.ts @@ -15,6 +15,7 @@ export default ({ getService }: FtrProviderContext) => { const supertest = getService('supertestWithoutAuth'); const ml = getService('ml'); const spacesService = getService('spaces'); + const retry = getService('retry'); const forecastJobId = 'fq_single_forecast'; const forecastJobDatafeedId = `datafeed-${forecastJobId}`; @@ -45,21 +46,22 @@ export default ({ getService }: FtrProviderContext) => { user: USER, expectedStatusCode: number ) { - const { body, status } = await supertest - .delete( - `${ - space ? `/s/${space}` : '' - }/internal/ml/anomaly_detectors/${jobId}/_forecast/${forecastId}` - ) - .auth(user, ml.securityCommon.getPasswordForUser(user)) - .set(getCommonRequestHeader('1')); - ml.api.assertResponseStatusCode(expectedStatusCode, status, body); - - return body; + await retry.tryForTime(10000, async () => { + const { body, status } = await supertest + .delete( + `${ + space ? `/s/${space}` : '' + }/internal/ml/anomaly_detectors/${jobId}/_forecast/${forecastId}` + ) + .auth(user, ml.securityCommon.getPasswordForUser(user)) + .set(getCommonRequestHeader('1')); + ml.api.assertResponseStatusCode(expectedStatusCode, status, body); + + return body; + }); } - // Failing see: https://github.com/elastic/kibana/issues/195602 - describe.skip('POST anomaly_detectors _forecast with spaces', function () { + describe('POST anomaly_detectors _forecast with spaces', function () { let forecastId: string; before(async () => { await esArchiver.loadIfNeeded('x-pack/test/functional/es_archives/ml/farequote'); @@ -110,11 +112,11 @@ export default ({ getService }: FtrProviderContext) => { }); it('should not delete forecast for user without permissions', async () => { - await await deleteForecast(forecastJobId, forecastId, idSpace1, USER.ML_VIEWER, 403); + await deleteForecast(forecastJobId, forecastId, idSpace1, USER.ML_VIEWER, 403); }); it('should delete forecast for user with permissions', async () => { - await await deleteForecast(forecastJobId, forecastId, idSpace1, USER.ML_POWERUSER, 200); + await deleteForecast(forecastJobId, forecastId, idSpace1, USER.ML_POWERUSER, 200); }); it('should not run forecast for open job with invalid duration', async () => { diff --git a/x-pack/test/api_integration/apis/ml/anomaly_detectors/get_buckets.ts b/x-pack/test/api_integration/apis/ml/anomaly_detectors/get_buckets.ts new file mode 100644 index 00000000000000..46220acf69c598 --- /dev/null +++ b/x-pack/test/api_integration/apis/ml/anomaly_detectors/get_buckets.ts @@ -0,0 +1,110 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { DATAFEED_STATE, JOB_STATE } from '@kbn/ml-plugin/common'; +import expect from '@kbn/expect'; +import { USER } from '../../../../functional/services/ml/security_common'; +import { FtrProviderContext } from '../../../ftr_provider_context'; +import { getCommonRequestHeader } from '../../../../functional/services/ml/common_api'; + +export default ({ getService }: FtrProviderContext) => { + const esArchiver = getService('esArchiver'); + const ml = getService('ml'); + const supertest = getService('supertestWithoutAuth'); + + const jobId = `fq_single_buckets`; + + async function getBuckets({ + _jobId, + timestamp, + expectedStatusCode = 200, + }: { + _jobId: string; + timestamp?: number; + expectedStatusCode?: number; + }) { + const endpoint = `/internal/ml/anomaly_detectors/${_jobId}/results/buckets/${ + timestamp ? `${timestamp}` : '' + }`; + + const { body, status } = await supertest + .post(endpoint) + .auth(USER.ML_VIEWER, ml.securityCommon.getPasswordForUser(USER.ML_VIEWER)) + .set(getCommonRequestHeader('1')) + .send({}); + + ml.api.assertResponseStatusCode(expectedStatusCode, status, body); + + return body; + } + + describe('POST anomaly_detectors results buckets', () => { + before(async () => { + await esArchiver.loadIfNeeded('x-pack/test/functional/es_archives/ml/farequote'); + await ml.testResources.setKibanaTimeZoneToUTC(); + + const jobConfig = ml.commonConfig.getADFqSingleMetricJobConfig(jobId); + const datafeedConfig = ml.commonConfig.getADFqDatafeedConfig(jobId); + + await ml.api.createAnomalyDetectionJob(jobConfig); + + await ml.api.createDatafeed(datafeedConfig); + + await ml.api.openAnomalyDetectionJob(jobId); + await ml.api.startDatafeed(datafeedConfig.datafeed_id, { + start: '0', + end: String(Date.now()), + }); + await ml.api.waitForDatafeedState(datafeedConfig.datafeed_id, DATAFEED_STATE.STOPPED); + await ml.api.waitForJobState(jobId, JOB_STATE.CLOSED); + }); + + after(async () => { + await ml.api.cleanMlIndices(); + }); + + it('should get buckets with correct structure for a job', async () => { + const result = await getBuckets({ _jobId: jobId }); + + expect(result.count).to.be.greaterThan(0); + expect(result.buckets).not.to.be.empty(); + expect(result.buckets[0]).to.have.keys( + 'job_id', + 'timestamp', + 'anomaly_score', + 'bucket_span', + 'initial_anomaly_score', + 'event_count', + 'is_interim', + 'bucket_influencers', + 'processing_time_ms', + 'result_type' + ); + }); + + it('should get a single bucket when timestamp is specified', async () => { + const allBuckets = await getBuckets({ _jobId: jobId }); + const sampleTimestamp = allBuckets.buckets[0].timestamp; + const result = await getBuckets({ _jobId: jobId, timestamp: sampleTimestamp }); + + expect(result.count).to.eql(1); + expect(result.buckets).to.have.length(1); + }); + + it('should fail with non-existent job', async () => { + await getBuckets({ _jobId: 'non-existent-job', expectedStatusCode: 404 }); + }); + + it('should fail with non-existent timestamp', async () => { + await getBuckets({ + _jobId: jobId, + timestamp: 1, + expectedStatusCode: 404, + }); + }); + }); +}; diff --git a/x-pack/test/api_integration/apis/ml/anomaly_detectors/get_overall_buckets.ts b/x-pack/test/api_integration/apis/ml/anomaly_detectors/get_overall_buckets.ts new file mode 100644 index 00000000000000..e0eab2657d6434 --- /dev/null +++ b/x-pack/test/api_integration/apis/ml/anomaly_detectors/get_overall_buckets.ts @@ -0,0 +1,136 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { DATAFEED_STATE, JOB_STATE } from '@kbn/ml-plugin/common'; +import expect from '@kbn/expect'; +import { USER } from '../../../../functional/services/ml/security_common'; +import { FtrProviderContext } from '../../../ftr_provider_context'; +import { getCommonRequestHeader } from '../../../../functional/services/ml/common_api'; + +export default ({ getService }: FtrProviderContext) => { + const esArchiver = getService('esArchiver'); + const ml = getService('ml'); + const supertest = getService('supertestWithoutAuth'); + + const jobId1 = `fq_single_overall_buckets_1`; + const jobId2 = `fq_single_overall_buckets_2`; + + async function getOverallBuckets({ + jobId, + topN = 1, + bucketSpan = '1h', + start = 0, + end = Date.now(), + overallScore, + expectedStatusCode = 200, + }: { + jobId: string; + bucketSpan?: string; + topN?: number; + start?: number; + end?: number; + overallScore?: number; + expectedStatusCode?: number; + }) { + const endpoint = `/internal/ml/anomaly_detectors/${jobId}/results/overall_buckets`; + + const { body, status } = await supertest + .post(endpoint) + .auth(USER.ML_VIEWER, ml.securityCommon.getPasswordForUser(USER.ML_VIEWER)) + .set(getCommonRequestHeader('1')) + .send({ + topN, + bucketSpan, + start, + end, + ...(overallScore !== undefined && { overall_score: overallScore }), + }); + + ml.api.assertResponseStatusCode(expectedStatusCode, status, body); + + return body; + } + + describe('POST anomaly_detectors results overall_buckets', () => { + before(async () => { + await esArchiver.loadIfNeeded('x-pack/test/functional/es_archives/ml/farequote'); + await ml.testResources.setKibanaTimeZoneToUTC(); + + for (const jobId of [jobId1, jobId2]) { + const jobConfig = ml.commonConfig.getADFqSingleMetricJobConfig(jobId); + const datafeedConfig = ml.commonConfig.getADFqDatafeedConfig(jobId); + + await ml.api.createAnomalyDetectionJob(jobConfig); + + await ml.api.createDatafeed(datafeedConfig); + + await ml.api.openAnomalyDetectionJob(jobId); + await ml.api.startDatafeed(datafeedConfig.datafeed_id, { + start: '0', + end: String(Date.now()), + }); + await ml.api.waitForDatafeedState(datafeedConfig.datafeed_id, DATAFEED_STATE.STOPPED); + await ml.api.waitForJobState(jobId, JOB_STATE.CLOSED); + } + }); + + after(async () => { + await ml.api.cleanMlIndices(); + }); + + it('should get overall buckets with correct structure for multiple jobs', async () => { + const result = await getOverallBuckets({ + jobId: `${jobId1},${jobId2}`, + }); + + expect(result.count).to.be.greaterThan(0); + expect(result.overall_buckets).not.to.be.empty(); + expect(result.overall_buckets[0]).to.have.keys( + 'bucket_span', + 'is_interim', + 'jobs', + 'overall_score', + 'result_type', + 'timestamp' + ); + expect(result.overall_buckets[0].jobs.length).to.equal(2); + }); + + it('should respect the bucket_span parameter', async () => { + const result1h = await getOverallBuckets({ + jobId: `${jobId1},${jobId2}`, + bucketSpan: '1h', + }); + const result2h = await getOverallBuckets({ + jobId: `${jobId1},${jobId2}`, + bucketSpan: '2h', + }); + + expect(result1h.overall_buckets[0].bucket_span).to.not.equal( + result2h.overall_buckets[0].bucket_span + ); + }); + + it('should filter results based on overall_score', async () => { + const result = await getOverallBuckets({ + jobId: `${jobId1},${jobId2}`, + overallScore: 5, + }); + + for (const bucket of result.overall_buckets) { + expect(bucket.overall_score).to.be.greaterThan(5); + } + }); + + it('should fail with non-existent job', async () => { + await getOverallBuckets({ + jobId: 'non-existent-job', + expectedStatusCode: 404, + }); + }); + }); +}; diff --git a/x-pack/test/api_integration/apis/ml/anomaly_detectors/index.ts b/x-pack/test/api_integration/apis/ml/anomaly_detectors/index.ts index 89a12cb7f9a76e..8176c3cb775f10 100644 --- a/x-pack/test/api_integration/apis/ml/anomaly_detectors/index.ts +++ b/x-pack/test/api_integration/apis/ml/anomaly_detectors/index.ts @@ -19,5 +19,7 @@ export default function ({ loadTestFile }: FtrProviderContext) { loadTestFile(require.resolve('./create_with_spaces')); loadTestFile(require.resolve('./forecast_with_spaces')); loadTestFile(require.resolve('./create_with_datafeed')); + loadTestFile(require.resolve('./get_buckets')); + loadTestFile(require.resolve('./get_overall_buckets')); }); } diff --git a/x-pack/test/api_integration/apis/ml/system/has_privileges.ts b/x-pack/test/api_integration/apis/ml/system/has_privileges.ts new file mode 100644 index 00000000000000..2e705240b403eb --- /dev/null +++ b/x-pack/test/api_integration/apis/ml/system/has_privileges.ts @@ -0,0 +1,143 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import expect from '@kbn/expect'; + +import { MlHasPrivilegesResponse } from '@kbn/ml-plugin/public/application/services/ml_api_service'; +import { FtrProviderContext } from '../../../ftr_provider_context'; +import { getCommonRequestHeader } from '../../../../functional/services/ml/common_api'; +import { USER } from '../../../../functional/services/ml/security_common'; + +export default ({ getService }: FtrProviderContext) => { + const esArchiver = getService('esArchiver'); + const supertest = getService('supertestWithoutAuth'); + const ml = getService('ml'); + + async function runRequest( + user: USER, + index: any, + expectedStatusCode = 200 + ): Promise { + const { body, status } = await supertest + .post(`/internal/ml/_has_privileges`) + .auth(user, ml.securityCommon.getPasswordForUser(user)) + .set(getCommonRequestHeader('1')) + .send({ index }); + ml.api.assertResponseStatusCode(expectedStatusCode, status, body); + + return body; + } + + const testData = [ + { + user: USER.ML_POWERUSER, + index: [ + { + names: ['ft_farequote_small'], + privileges: ['read'], + }, + { + names: ['ft_farequote_small'], + privileges: ['write'], + }, + ], + expectedResponse: { + hasPrivileges: { + username: 'ft_ml_poweruser', + has_all_requested: false, + cluster: {}, + index: { + ft_farequote_small: { + read: true, + write: false, + }, + }, + application: {}, + }, + upgradeInProgress: false, + }, + expectedStatusCode: 200, + }, + { + user: USER.ML_VIEWER, + index: [ + { + names: ['ft_farequote_small'], + privileges: ['read'], + }, + { + names: ['ft_farequote_small'], + privileges: ['write'], + }, + ], + expectedResponse: { + hasPrivileges: { + username: 'ft_ml_viewer', + has_all_requested: false, + cluster: {}, + index: { + ft_farequote_small: { + read: true, + write: false, + }, + }, + application: {}, + }, + upgradeInProgress: false, + }, + + expectedStatusCode: 200, + }, + { + user: USER.ML_UNAUTHORIZED, + index: [ + { + names: ['ft_farequote_small'], + privileges: ['read'], + }, + { + names: ['ft_farequote_small'], + privileges: ['write'], + }, + ], + expectedResponse: { statusCode: 403, error: 'Forbidden', message: 'Forbidden' }, + expectedStatusCode: 403, + }, + ]; + + describe("ML's _has_privileges", () => { + before(async () => { + await esArchiver.loadIfNeeded('x-pack/test/functional/es_archives/ml/farequote_small'); + }); + after(async () => { + await ml.api.setUpgradeMode(false); + }); + + it('should return correct privileges for test data', async () => { + for (const { user, index, expectedResponse, expectedStatusCode } of testData) { + const response = await runRequest(user, index, expectedStatusCode); + expect(response).to.eql( + expectedResponse, + `expected ${JSON.stringify(expectedResponse)}, got ${JSON.stringify(response)}` + ); + } + }); + + it('should return correct upgrade in progress', async () => { + const index = testData[0].index; + const expectedResponse = { ...testData[0].expectedResponse, upgradeInProgress: true }; + await ml.api.setUpgradeMode(true); + await ml.api.assertUpgradeMode(true); + + const response = await runRequest(USER.ML_POWERUSER, index); + expect(response).to.eql( + expectedResponse, + `expected ${JSON.stringify(expectedResponse)}, got ${JSON.stringify(response)}` + ); + }); + }); +}; diff --git a/x-pack/test/api_integration/apis/ml/system/index.ts b/x-pack/test/api_integration/apis/ml/system/index.ts index 0ddd4b80a0ee52..42e02b5fbb8081 100644 --- a/x-pack/test/api_integration/apis/ml/system/index.ts +++ b/x-pack/test/api_integration/apis/ml/system/index.ts @@ -14,5 +14,6 @@ export default function ({ loadTestFile }: FtrProviderContext) { loadTestFile(require.resolve('./index_exists')); loadTestFile(require.resolve('./info')); loadTestFile(require.resolve('./node_count')); + loadTestFile(require.resolve('./has_privileges')); }); } diff --git a/x-pack/test_serverless/api_integration/test_suites/observability/custom_threshold_rule/avg_pct_fired.ts b/x-pack/test/api_integration/deployment_agnostic/apis/observability/alerting/custom_threshold/avg_pct_fired.ts similarity index 88% rename from x-pack/test_serverless/api_integration/test_suites/observability/custom_threshold_rule/avg_pct_fired.ts rename to x-pack/test/api_integration/deployment_agnostic/apis/observability/alerting/custom_threshold/avg_pct_fired.ts index 358fabd7956ef1..63530c98c26df0 100644 --- a/x-pack/test_serverless/api_integration/test_suites/observability/custom_threshold_rule/avg_pct_fired.ts +++ b/x-pack/test/api_integration/deployment_agnostic/apis/observability/alerting/custom_threshold/avg_pct_fired.ts @@ -5,33 +5,35 @@ * 2.0. */ +import expect from '@kbn/expect'; +import { omit } from 'lodash'; import { cleanup, generate, Dataset, PartialConfig } from '@kbn/data-forge'; import { Aggregators } from '@kbn/observability-plugin/common/custom_threshold_rule/types'; import { FIRED_ACTIONS_ID } from '@kbn/observability-plugin/server/lib/rules/custom_threshold/constants'; -import expect from '@kbn/expect'; import { OBSERVABILITY_THRESHOLD_RULE_TYPE_ID } from '@kbn/rule-data-utils'; import { parseSearchParams } from '@kbn/share-plugin/common/url_service'; -import { omit } from 'lodash'; import { COMPARATORS } from '@kbn/alerting-comparators'; import { kbnTestConfig } from '@kbn/test'; -import { FtrProviderContext } from '../../../ftr_provider_context'; +import type { InternalRequestHeader, RoleCredentials } from '@kbn/ftr-common-functional-services'; +import { DeploymentAgnosticFtrProviderContext } from '../../../../ftr_provider_context'; import { ISO_DATE_REGEX } from './constants'; -import { ActionDocument, LogsExplorerLocatorParsedParams } from './typings'; -import type { InternalRequestHeader, RoleCredentials } from '../../../../shared/services'; +import { ActionDocument, LogsExplorerLocatorParsedParams } from './types'; -export default function ({ getService }: FtrProviderContext) { +export default function ({ getService }: DeploymentAgnosticFtrProviderContext) { const esClient = getService('es'); - const supertest = getService('supertest'); + const samlAuth = getService('samlAuth'); + const supertestWithoutAuth = getService('supertestWithoutAuth'); const esDeleteAllIndices = getService('esDeleteAllIndices'); const alertingApi = getService('alertingApi'); const dataViewApi = getService('dataViewApi'); const logger = getService('log'); - const svlCommonApi = getService('svlCommonApi'); - const svlUserManager = getService('svlUserManager'); let roleAuthc: RoleCredentials; let internalReqHeader: InternalRequestHeader; + const config = getService('config'); + const isServerless = config.get('serverless'); + const expectedConsumer = isServerless ? 'observability' : 'logs'; - describe('Custom Threshold rule - AVG - PCT - FIRED', () => { + describe('AVG - PCT - FIRED', () => { const CUSTOM_THRESHOLD_RULE_ALERT_INDEX = '.alerts-observability.threshold.alerts-default'; const ALERT_ACTION_INDEX = 'alert-action-threshold'; const DATA_VIEW_TITLE = 'kbn-data-forge-fake_hosts.fake_hosts-*'; @@ -44,8 +46,8 @@ export default function ({ getService }: FtrProviderContext) { let alertId: string; before(async () => { - roleAuthc = await svlUserManager.createM2mApiKeyWithRoleScope('admin'); - internalReqHeader = svlCommonApi.getInternalRequestHeader(); + roleAuthc = await samlAuth.createM2mApiKeyWithRoleScope('admin'); + internalReqHeader = samlAuth.getInternalRequestHeader(); dataForgeConfig = { schedule: [ { @@ -71,12 +73,19 @@ export default function ({ getService }: FtrProviderContext) { name: DATA_VIEW_NAME, id: DATA_VIEW_ID, title: DATA_VIEW_TITLE, + roleAuthc, }); }); after(async () => { - await supertest.delete(`/api/alerting/rule/${ruleId}`).set(internalReqHeader); - await supertest.delete(`/api/actions/connector/${actionId}`).set(internalReqHeader); + await supertestWithoutAuth + .delete(`/api/alerting/rule/${ruleId}`) + .set(roleAuthc.apiKeyHeader) + .set(internalReqHeader); + await supertestWithoutAuth + .delete(`/api/actions/connector/${actionId}`) + .set(roleAuthc.apiKeyHeader) + .set(internalReqHeader); await esClient.deleteByQuery({ index: CUSTOM_THRESHOLD_RULE_ALERT_INDEX, query: { term: { 'kibana.alert.rule.uuid': ruleId } }, @@ -89,10 +98,11 @@ export default function ({ getService }: FtrProviderContext) { }); await dataViewApi.delete({ id: DATA_VIEW_ID, + roleAuthc, }); await esDeleteAllIndices([ALERT_ACTION_INDEX, ...dataForgeIndices]); await cleanup({ client: esClient, config: dataForgeConfig, logger }); - await svlUserManager.invalidateM2mApiKeyWithRoleScope(roleAuthc); + await samlAuth.invalidateM2mApiKeyWithRoleScope(roleAuthc); }); describe('Rule creation', () => { @@ -106,7 +116,7 @@ export default function ({ getService }: FtrProviderContext) { const createdRule = await alertingApi.createRule({ roleAuthc, tags: ['observability'], - consumer: 'observability', + consumer: expectedConsumer, name: 'Threshold rule', ruleTypeId: OBSERVABILITY_THRESHOLD_RULE_TYPE_ID, params: { @@ -171,7 +181,7 @@ export default function ({ getService }: FtrProviderContext) { it('should find the created rule with correct information about the consumer', async () => { const match = await alertingApi.findInRules(roleAuthc, ruleId); expect(match).not.to.be(undefined); - expect(match.consumer).to.be('observability'); + expect(match.consumer).to.be(expectedConsumer); }); it('should set correct information in the alert document', async () => { @@ -185,7 +195,7 @@ export default function ({ getService }: FtrProviderContext) { 'kibana.alert.rule.category', 'Custom threshold' ); - expect(resp.hits.hits[0]._source).property('kibana.alert.rule.consumer', 'observability'); + expect(resp.hits.hits[0]._source).property('kibana.alert.rule.consumer', expectedConsumer); expect(resp.hits.hits[0]._source).property('kibana.alert.rule.name', 'Threshold rule'); expect(resp.hits.hits[0]._source).property('kibana.alert.rule.producer', 'observability'); expect(resp.hits.hits[0]._source).property('kibana.alert.rule.revision', 0); @@ -232,7 +242,7 @@ export default function ({ getService }: FtrProviderContext) { docCountTarget: 1, }); - const { protocol, hostname, port } = kbnTestConfig.getUrlParts(); + const { protocol, hostname, port } = kbnTestConfig.getUrlPartsWithStrippedDefaultPort(); expect(resp.hits.hits[0]._source?.ruleType).eql('observability.rules.custom_threshold'); expect(resp.hits.hits[0]._source?.alertDetailsUrl).eql( `${protocol}://${hostname}${port ? `:${port}` : ''}/app/observability/alerts/${alertId}` diff --git a/x-pack/test/api_integration/deployment_agnostic/apis/observability/alerting/custom_threshold/constants.ts b/x-pack/test/api_integration/deployment_agnostic/apis/observability/alerting/custom_threshold/constants.ts new file mode 100644 index 00000000000000..5cf1e0b4d66145 --- /dev/null +++ b/x-pack/test/api_integration/deployment_agnostic/apis/observability/alerting/custom_threshold/constants.ts @@ -0,0 +1,8 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +export const ISO_DATE_REGEX = /^\d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}\.\d{3}Z$/; diff --git a/x-pack/test/api_integration/deployment_agnostic/apis/observability/alerting/custom_threshold/index.ts b/x-pack/test/api_integration/deployment_agnostic/apis/observability/alerting/custom_threshold/index.ts new file mode 100644 index 00000000000000..505cbba20eb7c6 --- /dev/null +++ b/x-pack/test/api_integration/deployment_agnostic/apis/observability/alerting/custom_threshold/index.ts @@ -0,0 +1,14 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { DeploymentAgnosticFtrProviderContext } from '../../../../ftr_provider_context'; + +export default function ({ loadTestFile }: DeploymentAgnosticFtrProviderContext) { + describe('Custom Threshold rule', () => { + loadTestFile(require.resolve('./avg_pct_fired')); + }); +} diff --git a/x-pack/test/api_integration/deployment_agnostic/apis/observability/alerting/custom_threshold/types.ts b/x-pack/test/api_integration/deployment_agnostic/apis/observability/alerting/custom_threshold/types.ts new file mode 100644 index 00000000000000..9002e9991292f6 --- /dev/null +++ b/x-pack/test/api_integration/deployment_agnostic/apis/observability/alerting/custom_threshold/types.ts @@ -0,0 +1,25 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { Query, TimeRange } from '@kbn/es-query'; +import { SerializableRecord } from '@kbn/utility-types'; + +export interface ActionDocument { + ruleType: string; + alertDetailsUrl: string; + reason: string; + value: string; + viewInAppUrl: string; + host?: string; + group?: string; +} + +export interface LogsExplorerLocatorParsedParams extends SerializableRecord { + dataset: string; + timeRange: TimeRange; + query: Query; +} diff --git a/x-pack/test_serverless/api_integration/test_suites/observability/es_query_rule/es_query_rule.ts b/x-pack/test/api_integration/deployment_agnostic/apis/observability/alerting/es_query_rule.ts similarity index 69% rename from x-pack/test_serverless/api_integration/test_suites/observability/es_query_rule/es_query_rule.ts rename to x-pack/test/api_integration/deployment_agnostic/apis/observability/alerting/es_query_rule.ts index caaecd9f3332a0..81527f552a928b 100644 --- a/x-pack/test_serverless/api_integration/test_suites/observability/es_query_rule/es_query_rule.ts +++ b/x-pack/test/api_integration/deployment_agnostic/apis/observability/alerting/es_query_rule.ts @@ -4,24 +4,22 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ + import expect from '@kbn/expect'; -import { FtrProviderContext } from '../../../ftr_provider_context'; -import { InternalRequestHeader, RoleCredentials } from '../../../../shared/services'; +import { RoleCredentials, InternalRequestHeader } from '@kbn/ftr-common-functional-services'; +import { DeploymentAgnosticFtrProviderContext } from '../../../ftr_provider_context'; -export default function ({ getService }: FtrProviderContext) { +export default function ({ getService }: DeploymentAgnosticFtrProviderContext) { const esClient = getService('es'); - const supertest = getService('supertest'); + const samlAuth = getService('samlAuth'); + const supertestWithoutAuth = getService('supertestWithoutAuth'); const esDeleteAllIndices = getService('esDeleteAllIndices'); const alertingApi = getService('alertingApi'); - const svlCommonApi = getService('svlCommonApi'); - const svlUserManager = getService('svlUserManager'); - let roleAuthc: RoleCredentials; + const config = getService('config'); + const isServerless = config.get('serverless'); + const expectedConsumer = isServerless ? 'observability' : 'logs'; + + let adminRoleAuthc: RoleCredentials; let internalReqHeader: InternalRequestHeader; describe('ElasticSearch query rule', () => { @@ -31,13 +29,19 @@ export default function ({ getService }: FtrProviderContext) { let ruleId: string; before(async () => { - roleAuthc = await svlUserManager.createM2mApiKeyWithRoleScope('admin'); - internalReqHeader = svlCommonApi.getInternalRequestHeader(); + adminRoleAuthc = await samlAuth.createM2mApiKeyWithRoleScope('admin'); + internalReqHeader = samlAuth.getInternalRequestHeader(); }); after(async () => { - await supertest.delete(`/api/alerting/rule/${ruleId}`).set(internalReqHeader); - await supertest.delete(`/api/actions/connector/${actionId}`).set(internalReqHeader); + await supertestWithoutAuth + .delete(`/api/alerting/rule/${ruleId}`) + .set(adminRoleAuthc.apiKeyHeader) + .set(internalReqHeader); + await supertestWithoutAuth + .delete(`/api/actions/connector/${actionId}`) + .set(adminRoleAuthc.apiKeyHeader) + .set(internalReqHeader); await esClient.deleteByQuery({ index: '.kibana-event-log-*', @@ -45,20 +49,20 @@ export default function ({ getService }: FtrProviderContext) { conflicts: 'proceed', }); await esDeleteAllIndices([ALERT_ACTION_INDEX]); - await svlUserManager.invalidateM2mApiKeyWithRoleScope(roleAuthc); + await samlAuth.invalidateM2mApiKeyWithRoleScope(adminRoleAuthc); }); describe('Rule creation', () => { it('creates rule successfully', async () => { actionId = await alertingApi.createIndexConnector({ - roleAuthc, + roleAuthc: adminRoleAuthc, name: 'Index Connector: Alerting API test', indexName: ALERT_ACTION_INDEX, }); const createdRule = await alertingApi.helpers.createEsQueryRule({ - roleAuthc, - consumer: 'observability', + roleAuthc: adminRoleAuthc, + consumer: expectedConsumer, name: 'always fire', ruleTypeId: RULE_TYPE_ID, params: { @@ -104,7 +108,7 @@ export default function ({ getService }: FtrProviderContext) { it('should be active', async () => { const executionStatus = await alertingApi.waitForRuleStatus({ - roleAuthc, + roleAuthc: adminRoleAuthc, ruleId, expectedStatus: 'active', }); @@ -112,9 +116,9 @@ export default function ({ getService }: FtrProviderContext) { }); it('should find the created rule with correct information about the consumer', async () => { - const match = await alertingApi.findInRules(roleAuthc, ruleId); + const match = await alertingApi.findInRules(adminRoleAuthc, ruleId); expect(match).not.to.be(undefined); - expect(match.consumer).to.be('observability'); + expect(match.consumer).to.be(expectedConsumer); }); }); }); diff --git a/x-pack/test/api_integration/deployment_agnostic/apis/observability/alerting/index.ts b/x-pack/test/api_integration/deployment_agnostic/apis/observability/alerting/index.ts index 336fcf65c830ff..e425aa1010a6db 100644 --- a/x-pack/test/api_integration/deployment_agnostic/apis/observability/alerting/index.ts +++ b/x-pack/test/api_integration/deployment_agnostic/apis/observability/alerting/index.ts @@ -8,7 +8,9 @@ import { DeploymentAgnosticFtrProviderContext } from '../../../ftr_provider_context'; export default function ({ loadTestFile }: DeploymentAgnosticFtrProviderContext) { - describe('SLO - Burn rate rule', () => { + describe('Observability Alerting', () => { loadTestFile(require.resolve('./burn_rate_rule')); + loadTestFile(require.resolve('./es_query_rule')); + loadTestFile(require.resolve('./custom_threshold')); }); } diff --git a/x-pack/test/api_integration/deployment_agnostic/services/data_view_api.ts b/x-pack/test/api_integration/deployment_agnostic/services/data_view_api.ts index c22db40882b605..33e829d8c9e394 100644 --- a/x-pack/test/api_integration/deployment_agnostic/services/data_view_api.ts +++ b/x-pack/test/api_integration/deployment_agnostic/services/data_view_api.ts @@ -50,7 +50,7 @@ export function DataViewApiProvider({ getService }: DeploymentAgnosticFtrProvide async delete({ roleAuthc, id }: { roleAuthc: RoleCredentials; id: string }) { const { body } = await supertestWithoutAuth - .post(`/api/content_management/rpc/create`) + .post(`/api/content_management/rpc/delete`) .set(roleAuthc.apiKeyHeader) .set(samlAuth.getInternalRequestHeader()) .set(samlAuth.getCommonRequestHeader()) diff --git a/x-pack/test/api_integration/services/security_solution_api.gen.ts b/x-pack/test/api_integration/services/security_solution_api.gen.ts index 7e1e532806a6c0..3503f07fec5740 100644 --- a/x-pack/test/api_integration/services/security_solution_api.gen.ts +++ b/x-pack/test/api_integration/services/security_solution_api.gen.ts @@ -32,6 +32,7 @@ import { CopyTimelineRequestBodyInput } from '@kbn/security-solution-plugin/comm import { CreateAlertsMigrationRequestBodyInput } from '@kbn/security-solution-plugin/common/api/detection_engine/signals_migration/create_signals_migration/create_signals_migration.gen'; import { CreateAssetCriticalityRecordRequestBodyInput } from '@kbn/security-solution-plugin/common/api/entity_analytics/asset_criticality/create_asset_criticality.gen'; import { CreateRuleRequestBodyInput } from '@kbn/security-solution-plugin/common/api/detection_engine/rule_management/crud/create_rule/create_rule_route.gen'; +import { CreateRuleMigrationRequestBodyInput } from '@kbn/security-solution-plugin/common/siem_migrations/model/api/rules/rules_migration.gen'; import { CreateTimelinesRequestBodyInput } from '@kbn/security-solution-plugin/common/api/timeline/create_timelines/create_timelines_route.gen'; import { CreateUpdateProtectionUpdatesNoteRequestParamsInput, @@ -340,6 +341,17 @@ If a record already exists for the specified entity, that record is overwritten .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .send(props.body as object); }, + /** + * Creates a new SIEM rules migration using the original vendor rules provided + */ + createRuleMigration(props: CreateRuleMigrationProps, kibanaSpace: string = 'default') { + return supertest + .post(routeWithNamespace('/internal/siem_migrations/rules', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') + .send(props.body as object); + }, /** * Create a new Timeline or Timeline template. */ @@ -919,6 +931,16 @@ finalize it. .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana') .query(props.query); }, + /** + * Retrieves the rule migrations stored in the system + */ + getRuleMigration(kibanaSpace: string = 'default') { + return supertest + .get(routeWithNamespace('/internal/siem_migrations/rules', kibanaSpace)) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .set(X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'kibana'); + }, /** * Get the details of an existing saved Timeline or Timeline template. */ @@ -1382,6 +1404,9 @@ export interface CreateAssetCriticalityRecordProps { export interface CreateRuleProps { body: CreateRuleRequestBodyInput; } +export interface CreateRuleMigrationProps { + body: CreateRuleMigrationRequestBodyInput; +} export interface CreateTimelinesProps { body: CreateTimelinesRequestBodyInput; } diff --git a/x-pack/test_serverless/functional/test_suites/security/cypress/security_config.base.ts b/x-pack/test/defend_workflows_cypress/serverless_config.base.ts similarity index 93% rename from x-pack/test_serverless/functional/test_suites/security/cypress/security_config.base.ts rename to x-pack/test/defend_workflows_cypress/serverless_config.base.ts index 515ea0c52efee2..07d514687e9540 100644 --- a/x-pack/test_serverless/functional/test_suites/security/cypress/security_config.base.ts +++ b/x-pack/test/defend_workflows_cypress/serverless_config.base.ts @@ -9,7 +9,7 @@ import { FtrConfigProviderContext } from '@kbn/test'; export default async function ({ readConfigFile }: FtrConfigProviderContext) { const svlSharedConfig = await readConfigFile( - require.resolve('../../../../shared/config.base.ts') + require.resolve('@kbn/test-suites-serverless/shared/config.base') ); return { diff --git a/x-pack/test/defend_workflows_cypress/serverless_config.ts b/x-pack/test/defend_workflows_cypress/serverless_config.ts index 38c9c5040e8d3c..c8dde0ebcff5db 100644 --- a/x-pack/test/defend_workflows_cypress/serverless_config.ts +++ b/x-pack/test/defend_workflows_cypress/serverless_config.ts @@ -14,9 +14,7 @@ import { DefendWorkflowsCypressCliTestRunner } from './runner'; export default async function ({ readConfigFile }: FtrConfigProviderContext) { const defendWorkflowsCypressConfig = await readConfigFile( - require.resolve( - '@kbn/test-suites-serverless/functional/test_suites/security/cypress/security_config.base' - ) + require.resolve('./serverless_config.base.ts') ); const config = defendWorkflowsCypressConfig.getAll(); const hostIp = getLocalhostRealIp(); diff --git a/x-pack/test/functional/apps/ml/anomaly_detection_result_views/forecasts.ts b/x-pack/test/functional/apps/ml/anomaly_detection_result_views/forecasts.ts index 3a60e8fca97c27..a43d9e2cb0e2fc 100644 --- a/x-pack/test/functional/apps/ml/anomaly_detection_result_views/forecasts.ts +++ b/x-pack/test/functional/apps/ml/anomaly_detection_result_views/forecasts.ts @@ -87,6 +87,7 @@ export default function ({ getService }: FtrProviderContext) { await ml.forecast.assertForecastButtonExists(); await ml.forecast.assertForecastButtonEnabled(true); await ml.forecast.openForecastModal(); + await ml.forecast.assertForecastNeverExpireSwitchExists(); await ml.forecast.assertForecastModalRunButtonEnabled(true); await ml.testExecution.logTestStep('should run the forecast and close the modal'); diff --git a/x-pack/test/functional/es_archives/security_solution/entity_store/data.json b/x-pack/test/functional/es_archives/security_solution/entity_store/data.json index a7804bd132d20e..4f55a18acfd366 100644 --- a/x-pack/test/functional/es_archives/security_solution/entity_store/data.json +++ b/x-pack/test/functional/es_archives/security_solution/entity_store/data.json @@ -4,6 +4,7 @@ "id": "a4cf452c1e0375c3d4412cb550ad1783358468a3b3b777da4829d72c7d6fb74f", "index": ".entities.v1.latest.security_user_default", "source": { + "@timestamp": "2024-09-11T11:24:15.588Z", "event": { "ingested": "2024-09-11T11:26:49.706875Z" }, @@ -17,17 +18,10 @@ "hash": [] }, "entity": { - "lastSeenTimestamp": "2024-09-11T11:24:15.588Z", - "schemaVersion": "v1", - "definitionVersion": "1.0.0", - "displayName": "hinamatsumoto", - "identityFields": [ - "user.name" - ], - "id": "LBQAgKHGmpup0Kg9nlKmeQ==", - "type": "node", - "firstSeenTimestamp": "2024-09-11T10:46:00.000Z", - "definitionId": "security_user_default" + "name": "hinamatsumoto", + "id": "hinamatsumoto", + "type": "user", + "source": ".ds-logs-endpoint.alerts-default-2024.10.23-000001" } } } @@ -39,6 +33,7 @@ "id": "a2cf452c1e0375c3d4412cb550bd1783358468a3b3b777da4829d72c7d6fb71f", "index": ".entities.v1.latest.security_host_default", "source": { + "@timestamp": "2024-09-11T11:24:15.591Z", "event": { "ingested": "2024-09-11T11:26:49.641707Z" }, @@ -68,17 +63,10 @@ ] }, "entity": { - "lastSeenTimestamp": "2024-09-11T11:24:15.591Z", - "schemaVersion": "v1", - "definitionVersion": "1.0.0", - "displayName": "ali-ubuntu-server", - "identityFields": [ - "host.name" - ], - "id": "ZXKm6GEcUJY6NHkMgPPmGQ==", - "type": "node", - "firstSeenTimestamp": "2024-09-11T10:46:00.000Z", - "definitionId": "security_host_default" + "name": "ali-ubuntu-server", + "id": "ali-ubuntu-server", + "type": "host", + "source": ".ds-logs-endpoint.events.process-default-2024.10.23-000001" } } } diff --git a/x-pack/test/functional/es_archives/security_solution/entity_store/mappings.json b/x-pack/test/functional/es_archives/security_solution/entity_store/mappings.json index bb0df169f6588b..364ced91dc0b63 100644 --- a/x-pack/test/functional/es_archives/security_solution/entity_store/mappings.json +++ b/x-pack/test/functional/es_archives/security_solution/entity_store/mappings.json @@ -33,6 +33,16 @@ } ], "properties": { + "@timestamp": { + "type": "date" + }, + "asset": { + "properties": { + "criticality": { + "type": "keyword" + } + } + }, "entity": { "properties": { "definitionId": { @@ -65,10 +75,21 @@ "lastSeenTimestamp": { "type": "date" }, + "name": { + "type": "text", + "fields": { + "text": { + "type": "keyword" + } + } + }, "schemaVersion": { "type": "keyword", "ignore_above": 1024 }, + "source": { + "type": "keyword" + }, "type": { "type": "keyword", "ignore_above": 1024 @@ -85,58 +106,41 @@ "host": { "properties": { "architecture": { - "type": "keyword", - "ignore_above": 1024, - "fields": { - "text": { - "type": "text" - } - } + "type": "keyword" + }, + "domain": { + "type": "keyword" }, "hostname": { - "type": "keyword", - "ignore_above": 1024, - "fields": { - "text": { - "type": "text" - } - } + "type": "keyword" }, "id": { - "type": "keyword", - "ignore_above": 1024, - "fields": { - "text": { - "type": "text" - } - } + "type": "keyword" }, "ip": { - "type": "keyword", - "ignore_above": 1024, - "fields": { - "text": { - "type": "text" - } - } + "type": "ip" }, "mac": { - "type": "keyword", - "ignore_above": 1024, - "fields": { - "text": { - "type": "text" - } - } + "type": "keyword" }, "name": { - "type": "keyword", - "ignore_above": 1024, - "fields": { - "text": { - "type": "text" + "type": "keyword" + }, + "risk": { + "properties": { + "calculated_level": { + "type": "keyword" + }, + "calculated_score": { + "type": "float" + }, + "calculated_score_norm": { + "type": "float" } } + }, + "type": { + "type": "keyword" } } }, @@ -194,6 +198,16 @@ } ], "properties": { + "@timestamp": { + "type": "date" + }, + "asset": { + "properties": { + "criticality": { + "type": "keyword" + } + } + }, "entity": { "properties": { "definitionId": { @@ -226,10 +240,21 @@ "lastSeenTimestamp": { "type": "date" }, + "name": { + "type": "text", + "fields": { + "text": { + "type": "keyword" + } + } + }, "schemaVersion": { "type": "keyword", "ignore_above": 1024 }, + "source": { + "type": "keyword" + }, "type": { "type": "keyword", "ignore_above": 1024 @@ -253,40 +278,38 @@ "user": { "properties": { "domain": { - "type": "keyword", - "ignore_above": 1024, - "fields": { - "text": { - "type": "text" - } - } + "type": "keyword" }, "email": { - "type": "keyword", - "ignore_above": 1024, - "fields": { - "text": { - "type": "text" - } - } + "type": "keyword" + }, + "full_name": { + "type": "keyword" + }, + "hash": { + "type": "keyword" }, "id": { - "type": "keyword", - "ignore_above": 1024, - "fields": { - "text": { - "type": "text" - } - } + "type": "keyword" }, "name": { - "type": "keyword", - "ignore_above": 1024, - "fields": { - "text": { - "type": "text" + "type": "keyword" + }, + "risk": { + "properties": { + "calculated_level": { + "type": "keyword" + }, + "calculated_score": { + "type": "float" + }, + "calculated_score_norm": { + "type": "float" } } + }, + "roles": { + "type": "keyword" } } } diff --git a/x-pack/test/functional/page_objects/index_management_page.ts b/x-pack/test/functional/page_objects/index_management_page.ts index 848c7c9e5b0e32..f257f76cbfc5ba 100644 --- a/x-pack/test/functional/page_objects/index_management_page.ts +++ b/x-pack/test/functional/page_objects/index_management_page.ts @@ -12,6 +12,7 @@ export function IndexManagementPageProvider({ getService }: FtrProviderContext) const find = getService('find'); const testSubjects = getService('testSubjects'); + const browser = getService('browser'); return { async sectionHeadingText() { return await testSubjects.getVisibleText('appTitle'); @@ -154,6 +155,10 @@ export function IndexManagementPageProvider({ getService }: FtrProviderContext) await testSubjects.existOrFail('indexDetailsContent'); await testSubjects.existOrFail('indexDetailsBackToIndicesButton'); }, + async expectUrlShouldChangeTo(tabId: string) { + const url = await browser.getCurrentUrl(); + expect(url).to.contain(`tab=${tabId}`); + }, }, async clickCreateIndexButton() { await testSubjects.click('createIndexButton'); @@ -181,23 +186,9 @@ export function IndexManagementPageProvider({ getService }: FtrProviderContext) expect(indexNames.some((i) => i === indexName)).to.be(true); }, - async selectIndex(indexName: string) { - const id = `checkboxSelectIndex-${indexName}`; - const checkbox = await find.byCssSelector(`input[id="${id}"]`); - if (!(await checkbox.isSelected())) { - await find.clickByCssSelector(`input[id="${id}"]`); - } - }, - async clickManageButton() { - await testSubjects.existOrFail('indexActionsContextMenuButton'); - await testSubjects.click('indexActionsContextMenuButton'); - }, - async contextMenuIsVisible() { - await testSubjects.existOrFail('indexContextMenu'); + async confirmDeleteModalIsVisible() { await testSubjects.existOrFail('deleteIndexMenuButton'); await testSubjects.click('deleteIndexMenuButton'); - }, - async confirmDeleteModalIsVisible() { await testSubjects.existOrFail('confirmModalTitleText'); const modalText: string = await testSubjects.getVisibleText('confirmModalTitleText'); expect(modalText).to.be('Delete index'); @@ -217,5 +208,37 @@ export function IndexManagementPageProvider({ getService }: FtrProviderContext) ); expect(indexNames.includes(indexName)).to.be(false); }, + async manageIndex(indexName: string) { + const id = `checkboxSelectIndex-${indexName}`; + const checkbox = await find.byCssSelector(`input[id="${id}"]`); + if (!(await checkbox.isSelected())) { + await find.clickByCssSelector(`input[id="${id}"]`); + } + await retry.waitFor('manage index to show up ', async () => { + return (await testSubjects.isDisplayed('indexActionsContextMenuButton')) === true; + }); + const contextMenuButton = await testSubjects.find('indexActionsContextMenuButton'); + await contextMenuButton.click(); + await retry.waitFor('manage index context menu to show ', async () => { + return (await testSubjects.isDisplayed('indexContextMenu')) === true; + }); + }, + async manageIndexContextMenuExists() { + await testSubjects.existOrFail('showOverviewIndexMenuButton'); + await testSubjects.existOrFail('showSettingsIndexMenuButton'); + await testSubjects.existOrFail('showMappingsIndexMenuButton'); + await testSubjects.existOrFail('deleteIndexMenuButton'); + }, + async changeManageIndexTab( + manageIndexTab: + | 'showOverviewIndexMenuButton' + | 'showSettingsIndexMenuButton' + | 'showMappingsIndexMenuButton' + | 'deleteIndexMenuButton' + ) { + await testSubjects.existOrFail(manageIndexTab); + const manageIndexComponent = await testSubjects.find(manageIndexTab); + await manageIndexComponent.click(); + }, }; } diff --git a/x-pack/test/functional/services/ml/api.ts b/x-pack/test/functional/services/ml/api.ts index 8b2c46d474c0c0..0a3d988fd750ce 100644 --- a/x-pack/test/functional/services/ml/api.ts +++ b/x-pack/test/functional/services/ml/api.ts @@ -1696,5 +1696,33 @@ export function MachineLearningAPIProvider({ getService }: FtrProviderContext) { this.assertResponseStatusCode(200, status, module); return module; }, + + async setUpgradeMode(enabled: boolean) { + log.debug(`Setting upgrade mode to "${enabled}"`); + const { body, status } = await esSupertest.post(`/_ml/set_upgrade_mode?enabled=${enabled}`); + this.assertResponseStatusCode(200, status, body); + + log.debug(`Upgrade mode set to "${enabled}"`); + }, + + async assertUpgradeMode(expectedMode: boolean) { + log.debug(`Asserting upgrade mode is "${expectedMode}"`); + const { body, status } = await esSupertest.get('/_ml/info'); + this.assertResponseStatusCode(200, status, body); + + expect(body.upgrade_mode).to.eql( + expectedMode, + `Expected upgrade mode to be ${expectedMode}, got ${body.upgrade_mode}` + ); + }, + + async getMlInfo() { + log.debug(`Getting ML info`); + const { body, status } = await kbnSupertest + .get(`/internal/ml/info`) + .set(getCommonRequestHeader('1')); + this.assertResponseStatusCode(200, status, body); + return body; + }, }; } diff --git a/x-pack/test/functional/services/ml/forecast.ts b/x-pack/test/functional/services/ml/forecast.ts index ab0664b0f077fb..9bb5a2f6ed770e 100644 --- a/x-pack/test/functional/services/ml/forecast.ts +++ b/x-pack/test/functional/services/ml/forecast.ts @@ -102,6 +102,11 @@ export function MachineLearningForecastProvider({ getPageObject, getService }: F }); }, + async assertForecastNeverExpireSwitchExists() { + await testSubjects.existOrFail('mlModalForecastNeverExpireSwitch'); + expect(await testSubjects.isChecked('mlModalForecastNeverExpireSwitch')).to.be(false); + }, + async assertForecastModalRunButtonEnabled(expectedValue: boolean) { await headerPage.waitUntilLoadingHasFinished(); const isEnabled = await testSubjects.isEnabled('mlModalForecast > mlModalForecastButtonRun'); diff --git a/x-pack/test/functional_search/tests/solution_navigation.ts b/x-pack/test/functional_search/tests/solution_navigation.ts index 8a06ad11933723..66bf8369b668fd 100644 --- a/x-pack/test/functional_search/tests/solution_navigation.ts +++ b/x-pack/test/functional_search/tests/solution_navigation.ts @@ -47,6 +47,7 @@ export default function searchSolutionNavigation({ await solutionNavigation.sidenav.expectLinkExists({ text: 'Playground' }); await solutionNavigation.sidenav.expectLinkExists({ text: 'Search applications' }); await solutionNavigation.sidenav.expectLinkExists({ text: 'Behavioral Analytics' }); + await solutionNavigation.sidenav.expectLinkExists({ text: 'Inference Endpoints' }); await solutionNavigation.sidenav.expectLinkExists({ text: 'App Search' }); await solutionNavigation.sidenav.expectLinkExists({ text: 'Workplace Search' }); await solutionNavigation.sidenav.expectLinkExists({ text: 'Other tools' }); @@ -184,20 +185,19 @@ export default function searchSolutionNavigation({ // check Relevance // > Inference Endpoints - // TODO: FTRs don't have enterprise license, so inference endpoints not shown - // await solutionNavigation.sidenav.clickLink({ - // deepLinkId: 'enterpriseSearchRelevance:inferenceEndpoints', - // }); - // await solutionNavigation.sidenav.expectLinkActive({ - // deepLinkId: 'enterpriseSearchRelevance:inferenceEndpoints', - // }); - // await solutionNavigation.breadcrumbs.expectBreadcrumbExists({ text: 'Relevance' }); - // await solutionNavigation.breadcrumbs.expectBreadcrumbExists({ - // text: 'Inference Endpoints', - // }); - // await solutionNavigation.breadcrumbs.expectBreadcrumbExists({ - // deepLinkId: 'enterpriseSearchRelevance:inferenceEndpoints', - // }); + await solutionNavigation.sidenav.clickLink({ + deepLinkId: 'searchInferenceEndpoints:inferenceEndpoints', + }); + await solutionNavigation.sidenav.expectLinkActive({ + deepLinkId: 'searchInferenceEndpoints:inferenceEndpoints', + }); + await solutionNavigation.breadcrumbs.expectBreadcrumbExists({ text: 'Relevance' }); + await solutionNavigation.breadcrumbs.expectBreadcrumbExists({ + text: 'Inference Endpoints', + }); + await solutionNavigation.breadcrumbs.expectBreadcrumbExists({ + deepLinkId: 'searchInferenceEndpoints:inferenceEndpoints', + }); // check Enterprise Search // > App Search @@ -296,8 +296,8 @@ export default function searchSolutionNavigation({ 'enterpriseSearchApplications:playground', 'enterpriseSearchApplications:searchApplications', 'enterpriseSearchAnalytics', - // 'relevance', - // 'enterpriseSearchRelevance:inferenceEndpoints', + 'relevance', + 'searchInferenceEndpoints:inferenceEndpoints', 'entsearch', 'appSearch:engines', 'workplaceSearch', diff --git a/x-pack/test/observability_ai_assistant_api_integration/tests/chat/chat.spec.ts b/x-pack/test/observability_ai_assistant_api_integration/tests/chat/chat.spec.ts index e0e67066b47774..d514d6ddb70255 100644 --- a/x-pack/test/observability_ai_assistant_api_integration/tests/chat/chat.spec.ts +++ b/x-pack/test/observability_ai_assistant_api_integration/tests/chat/chat.spec.ts @@ -59,7 +59,7 @@ export default function ApiTest({ getService }: FtrProviderContext) { messages, connectorId: 'does not exist', functions: [], - scope: 'all', + scopes: ['all'], }) .expect(404); }); @@ -88,7 +88,7 @@ export default function ApiTest({ getService }: FtrProviderContext) { messages, connectorId, functions: [], - scope: 'all', + scopes: ['all'], }) .pipe(passThrough); @@ -146,7 +146,7 @@ export default function ApiTest({ getService }: FtrProviderContext) { messages, connectorId, functions: [], - scope: 'all', + scopes: ['all'], }) .expect(200) .pipe(passThrough); diff --git a/x-pack/test/observability_ai_assistant_api_integration/tests/complete/complete.spec.ts b/x-pack/test/observability_ai_assistant_api_integration/tests/complete/complete.spec.ts index aaba5fbc7ba999..a7606d21408c51 100644 --- a/x-pack/test/observability_ai_assistant_api_integration/tests/complete/complete.spec.ts +++ b/x-pack/test/observability_ai_assistant_api_integration/tests/complete/complete.spec.ts @@ -84,7 +84,7 @@ export default function ApiTest({ getService }: FtrProviderContext) { connectorId, persist: true, screenContexts: params.screenContexts || [], - scope: 'all', + scopes: ['all'], }) .then((response) => resolve(response)) .catch((err) => reject(err)); @@ -137,7 +137,7 @@ export default function ApiTest({ getService }: FtrProviderContext) { connectorId, persist: false, screenContexts: [], - scope: 'all', + scopes: ['all'], }) .pipe(passThrough); @@ -404,7 +404,7 @@ export default function ApiTest({ getService }: FtrProviderContext) { connectorId, persist: true, screenContexts: [], - scope: 'observability', + scopes: ['observability'], }, }, }) @@ -447,7 +447,7 @@ export default function ApiTest({ getService }: FtrProviderContext) { persist: true, screenContexts: [], conversationId, - scope: 'observability', + scopes: ['observability'], }, }, }) diff --git a/x-pack/test/observability_ai_assistant_api_integration/tests/complete/functions/helpers.ts b/x-pack/test/observability_ai_assistant_api_integration/tests/complete/functions/helpers.ts index dadf270f0df418..b83221869baece 100644 --- a/x-pack/test/observability_ai_assistant_api_integration/tests/complete/functions/helpers.ts +++ b/x-pack/test/observability_ai_assistant_api_integration/tests/complete/functions/helpers.ts @@ -33,14 +33,14 @@ export async function invokeChatCompleteWithFunctionRequest({ connectorId, observabilityAIAssistantAPIClient, functionCall, - scope, + scopes, }: { connectorId: string; observabilityAIAssistantAPIClient: Awaited< ReturnType >; functionCall: Message['message']['function_call']; - scope?: AssistantScope; + scopes?: AssistantScope[]; }) { const { body } = await observabilityAIAssistantAPIClient .editorUser({ @@ -60,7 +60,7 @@ export async function invokeChatCompleteWithFunctionRequest({ connectorId, persist: false, screenContexts: [], - scope: scope || 'observability', + scopes: scopes || ['observability' as AssistantScope], }, }, }) diff --git a/x-pack/test/observability_ai_assistant_api_integration/tests/knowledge_base/knowledge_base_user_instructions.spec.ts b/x-pack/test/observability_ai_assistant_api_integration/tests/knowledge_base/knowledge_base_user_instructions.spec.ts index 04e05fc9ad31b3..dc0f991c66ee22 100644 --- a/x-pack/test/observability_ai_assistant_api_integration/tests/knowledge_base/knowledge_base_user_instructions.spec.ts +++ b/x-pack/test/observability_ai_assistant_api_integration/tests/knowledge_base/knowledge_base_user_instructions.spec.ts @@ -250,7 +250,7 @@ export default function ApiTest({ getService }: FtrProviderContext) { connectorId, persist: true, screenContexts: [], - scope: 'observability', + scopes: ['observability'], }, }, }).expect(200); diff --git a/x-pack/test/observability_functional/apps/observability/pages/alerts/custom_threshold.ts b/x-pack/test/observability_functional/apps/observability/pages/alerts/custom_threshold.ts index 38d308a17e7b04..91cb7eec19ef61 100644 --- a/x-pack/test/observability_functional/apps/observability/pages/alerts/custom_threshold.ts +++ b/x-pack/test/observability_functional/apps/observability/pages/alerts/custom_threshold.ts @@ -209,7 +209,10 @@ export default ({ getService }: FtrProviderContext) => { }); it('saved the rule correctly', async () => { - const { body: rules } = await supertest.get('/internal/alerting/rules/_find'); + const { body: rules } = await supertest + .post('/internal/alerting/rules/_find') + .set('kbn-xsrf', 'kibana') + .send({}); expect(rules.data.length).toEqual(1); expect(rules.data[0]).toEqual( diff --git a/x-pack/test/observability_functional/apps/observability/pages/rules_page.ts b/x-pack/test/observability_functional/apps/observability/pages/rules_page.ts index abc2534efaf8a6..4ec0f412e1f03b 100644 --- a/x-pack/test/observability_functional/apps/observability/pages/rules_page.ts +++ b/x-pack/test/observability_functional/apps/observability/pages/rules_page.ts @@ -29,7 +29,12 @@ export default ({ getService, getPageObjects }: FtrProviderContext) => { const { body: { data: rules }, } = await supertest - .get(`${INTERNAL_RULE_ENDPOINT}/_find?search=${name}&search_fields=name`) + .post(`${INTERNAL_RULE_ENDPOINT}/_find`) + .set('kbn-xsrf', 'kibana') + .send({ + search: name, + search_fields: ['name'], + }) .expect(200); return rules.find((rule: any) => rule.name === name); } diff --git a/x-pack/test/osquery_cypress/cli_config.ts b/x-pack/test/osquery_cypress/cli_config.ts index a61951e405960d..711bbe266db9fb 100644 --- a/x-pack/test/osquery_cypress/cli_config.ts +++ b/x-pack/test/osquery_cypress/cli_config.ts @@ -6,14 +6,14 @@ */ import { FtrConfigProviderContext } from '@kbn/test'; - +import { services } from './services'; import { startOsqueryCypress } from './runner'; export default async function ({ readConfigFile }: FtrConfigProviderContext) { const osqueryCypressConfig = await readConfigFile(require.resolve('./config.ts')); return { ...osqueryCypressConfig.getAll(), - + services, testRunner: startOsqueryCypress, }; } diff --git a/x-pack/test/osquery_cypress/serverless_cli_config.ts b/x-pack/test/osquery_cypress/serverless_cli_config.ts index 0ed1be5e332d32..67df33aa34a680 100644 --- a/x-pack/test/osquery_cypress/serverless_cli_config.ts +++ b/x-pack/test/osquery_cypress/serverless_cli_config.ts @@ -12,9 +12,7 @@ import { startOsqueryCypress } from './runner'; export default async function ({ readConfigFile }: FtrConfigProviderContext) { const securitySolutionCypressConfig = await readConfigFile( - require.resolve( - '@kbn/test-suites-serverless/functional/test_suites/security/cypress/security_config.base' - ) + require.resolve('./serverless_config.base.ts') ); return { diff --git a/x-pack/test/osquery_cypress/serverless_config.base.ts b/x-pack/test/osquery_cypress/serverless_config.base.ts new file mode 100644 index 00000000000000..07d514687e9540 --- /dev/null +++ b/x-pack/test/osquery_cypress/serverless_config.base.ts @@ -0,0 +1,35 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { FtrConfigProviderContext } from '@kbn/test'; + +export default async function ({ readConfigFile }: FtrConfigProviderContext) { + const svlSharedConfig = await readConfigFile( + require.resolve('@kbn/test-suites-serverless/shared/config.base') + ); + + return { + ...svlSharedConfig.getAll(), + esTestCluster: { + ...svlSharedConfig.get('esTestCluster'), + serverArgs: [ + ...svlSharedConfig.get('esTestCluster.serverArgs'), + // define custom es server here + // API Keys is enabled at the top level + ], + }, + kbnTestServer: { + ...svlSharedConfig.get('kbnTestServer'), + serverArgs: [ + ...svlSharedConfig.get('kbnTestServer.serverArgs'), + '--csp.strict=false', + '--csp.warnLegacyBrowsers=false', + '--serverless=security', + ], + }, + }; +} diff --git a/x-pack/test/osquery_cypress/services.ts b/x-pack/test/osquery_cypress/services.ts index 95fd493e6f6685..272cf7eb8da4e1 100644 --- a/x-pack/test/osquery_cypress/services.ts +++ b/x-pack/test/osquery_cypress/services.ts @@ -5,10 +5,4 @@ * 2.0. */ -import { commonFunctionalServices } from '@kbn/ftr-common-functional-services'; -import { commonFunctionalUIServices } from '@kbn/ftr-common-functional-ui-services'; - -export const services = { - ...commonFunctionalServices, - ...commonFunctionalUIServices, -} as const; +export * from '@kbn/test-suites-src/common/services'; diff --git a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/management/trial_license_complete_tier/upgrade_perform_prebuilt_rules.all_rules_mode.ts b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/management/trial_license_complete_tier/upgrade_perform_prebuilt_rules.all_rules_mode.ts index 2d0fe71e7d5d43..e24e517c934590 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/management/trial_license_complete_tier/upgrade_perform_prebuilt_rules.all_rules_mode.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/management/trial_license_complete_tier/upgrade_perform_prebuilt_rules.all_rules_mode.ts @@ -17,6 +17,9 @@ import { ThreatMatchRule, FIELDS_TO_UPGRADE_TO_CURRENT_VERSION, ModeEnum, + AllFieldsDiff, + DataSourceIndexPatterns, + QueryRule, } from '@kbn/security-solution-plugin/common/api/detection_engine'; import { PrebuiltRuleAsset } from '@kbn/security-solution-plugin/server/lib/detection_engine/prebuilt_rules'; import { FtrProviderContext } from '../../../../../../ftr_provider_context'; @@ -246,6 +249,41 @@ export default ({ getService }: FtrProviderContext): void => { expect(installedRule.tags).toEqual(reviewRuleResponseMap.get(ruleId)?.tags); } }); + + it('correctly upgrades rules with DataSource diffs to their MERGED versions', async () => { + await createHistoricalPrebuiltRuleAssetSavedObjects(es, [queryRule]); + await installPrebuiltRules(es, supertest); + + const targetObject = cloneDeep(queryRule); + targetObject['security-rule'].version += 1; + targetObject['security-rule'].name = TARGET_NAME; + targetObject['security-rule'].tags = TARGET_TAGS; + targetObject['security-rule'].index = ['auditbeat-*']; + await createHistoricalPrebuiltRuleAssetSavedObjects(es, [targetObject]); + + const reviewResponse = await reviewPrebuiltRulesToUpgrade(supertest); + const ruleDiffFields = reviewResponse.rules[0].diff.fields as AllFieldsDiff; + + const performUpgradeResponse = await performUpgradePrebuiltRules(es, supertest, { + mode: ModeEnum.ALL_RULES, + pick_version: 'MERGED', + }); + + expect(performUpgradeResponse.summary.succeeded).toEqual(1); + + const installedRules = await getInstalledRules(supertest); + const installedRule = installedRules.data[0] as QueryRule; + + expect(installedRule.name).toEqual(ruleDiffFields.name.merged_version); + expect(installedRule.tags).toEqual(ruleDiffFields.tags.merged_version); + + // Check that the updated rules has an `index` field which equals the output of the diff algorithm + // for the DataSource diffable field, and that the data_view_id is correspondingly set to undefined. + expect(installedRule.index).toEqual( + (ruleDiffFields.data_source.merged_version as DataSourceIndexPatterns).index_patterns + ); + expect(installedRule.data_view_id).toBe(undefined); + }); }); describe('edge cases and unhappy paths', () => { diff --git a/x-pack/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/init_and_status_apis.ts b/x-pack/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/init_and_status_apis.ts index dd1fe34cd050a8..94833434360183 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/init_and_status_apis.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/init_and_status_apis.ts @@ -27,19 +27,30 @@ export default ({ getService }: FtrProviderContext) => { const es = getService('es'); const supertest = getService('supertest'); const kibanaServer = getService('kibanaServer'); + const spaces = getService('spaces'); + const customSpaceName = 'ea-customspace-it'; const riskEngineRoutes = riskEngineRouteHelpersFactory(supertest); + const riskEngineRoutesWithNamespace = riskEngineRouteHelpersFactory(supertest, customSpaceName); const log = getService('log'); - // Failing: See https://github.com/elastic/kibana/issues/196319 - describe.skip('@ess @serverless @serverlessQA init_and_status_apis', () => { + describe('@ess @serverless @serverlessQA init_and_status_apis', () => { before(async () => { + await spaces.create({ + id: customSpaceName, + name: customSpaceName, + description: 'Space for ${customSpaceName}', + disabledFeatures: [], + }); await riskEngineRoutes.cleanUp(); + await riskEngineRoutesWithNamespace.cleanUp(); }); afterEach(async () => { await riskEngineRoutes.cleanUp(); + await riskEngineRoutesWithNamespace.cleanUp(); await clearLegacyTransforms({ es, log }); await clearLegacyDashboards({ supertest, log }); + await spaces.delete(customSpaceName); }); describe('init api', () => { @@ -54,10 +65,21 @@ export default ({ getService }: FtrProviderContext) => { risk_engine_resources_installed: true, }, }); + + const customNamespaceResponse = await riskEngineRoutesWithNamespace.init(); + expect(customNamespaceResponse.body).to.eql({ + result: { + errors: [], + legacy_risk_engine_disabled: true, + risk_engine_configuration_created: true, + risk_engine_enabled: true, + risk_engine_resources_installed: true, + }, + }); }); - it('should install resources on init call', async () => { - const componentTemplateName = '.risk-score-mappings'; + it('should install resources on init call in the default namespace', async () => { + const componentTemplateName = '.risk-score-mappings-default'; const indexTemplateName = '.risk-score.risk-score-default-index-template'; const dataStreamName = 'risk-score.risk-score-default'; const latestIndexName = 'risk-score.risk-score-latest-default'; @@ -210,7 +232,7 @@ export default ({ getService }: FtrProviderContext) => { expect(indexTemplate.index_template.index_patterns).to.eql([ 'risk-score.risk-score-default', ]); - expect(indexTemplate.index_template.composed_of).to.eql(['.risk-score-mappings']); + expect(indexTemplate.index_template.composed_of).to.eql(['.risk-score-mappings-default']); expect(indexTemplate.index_template.template!.mappings?.dynamic).to.eql(false); expect(indexTemplate.index_template.template!.mappings?._meta?.managed).to.eql(true); expect(indexTemplate.index_template.template!.mappings?._meta?.namespace).to.eql('default'); @@ -267,6 +289,221 @@ export default ({ getService }: FtrProviderContext) => { expect(transformStats.transforms[0].state).to.eql('stopped'); }); + it('should install resources on init call in the custom namespace', async () => { + const componentTemplateName = `.risk-score-mappings-${customSpaceName}`; + const indexTemplateName = `.risk-score.risk-score-${customSpaceName}-index-template`; + const dataStreamName = `risk-score.risk-score-${customSpaceName}`; + const latestIndexName = `risk-score.risk-score-latest-${customSpaceName}`; + const transformId = `risk_score_latest_transform_${customSpaceName}`; + + await riskEngineRoutesWithNamespace.init(); + + const { component_templates: componentTemplates1 } = await es.cluster.getComponentTemplate({ + name: componentTemplateName, + }); + + expect(componentTemplates1.length).to.eql(1); + const componentTemplate = componentTemplates1[0]; + + expect(componentTemplate.name).to.eql(componentTemplateName); + expect(componentTemplate.component_template.template.mappings).to.eql({ + dynamic: 'strict', + properties: { + '@timestamp': { + ignore_malformed: false, + type: 'date', + }, + host: { + properties: { + name: { + type: 'keyword', + }, + risk: { + properties: { + calculated_level: { + type: 'keyword', + }, + calculated_score: { + type: 'float', + }, + calculated_score_norm: { + type: 'float', + }, + category_1_count: { + type: 'long', + }, + category_1_score: { + type: 'float', + }, + id_field: { + type: 'keyword', + }, + id_value: { + type: 'keyword', + }, + notes: { + type: 'keyword', + }, + inputs: { + properties: { + id: { + type: 'keyword', + }, + index: { + type: 'keyword', + }, + category: { + type: 'keyword', + }, + description: { + type: 'keyword', + }, + risk_score: { + type: 'float', + }, + timestamp: { + type: 'date', + }, + }, + type: 'object', + }, + }, + type: 'object', + }, + }, + }, + user: { + properties: { + name: { + type: 'keyword', + }, + risk: { + properties: { + calculated_level: { + type: 'keyword', + }, + calculated_score: { + type: 'float', + }, + calculated_score_norm: { + type: 'float', + }, + category_1_count: { + type: 'long', + }, + category_1_score: { + type: 'float', + }, + id_field: { + type: 'keyword', + }, + id_value: { + type: 'keyword', + }, + notes: { + type: 'keyword', + }, + inputs: { + properties: { + id: { + type: 'keyword', + }, + index: { + type: 'keyword', + }, + category: { + type: 'keyword', + }, + description: { + type: 'keyword', + }, + risk_score: { + type: 'float', + }, + timestamp: { + type: 'date', + }, + }, + type: 'object', + }, + }, + type: 'object', + }, + }, + }, + }, + }); + + const { index_templates: indexTemplates } = await es.indices.getIndexTemplate({ + name: indexTemplateName, + }); + expect(indexTemplates.length).to.eql(1); + const indexTemplate = indexTemplates[0]; + expect(indexTemplate.name).to.eql(indexTemplateName); + expect(indexTemplate.index_template.index_patterns).to.eql([ + `risk-score.risk-score-${customSpaceName}`, + ]); + expect(indexTemplate.index_template.composed_of).to.eql([ + `.risk-score-mappings-${customSpaceName}`, + ]); + expect(indexTemplate.index_template.template!.mappings?.dynamic).to.eql(false); + expect(indexTemplate.index_template.template!.mappings?._meta?.managed).to.eql(true); + expect(indexTemplate.index_template.template!.mappings?._meta?.namespace).to.eql( + customSpaceName + ); + expect(indexTemplate.index_template.template!.mappings?._meta?.kibana?.version).to.be.a( + 'string' + ); + + expect(indexTemplate.index_template.template!.settings).to.eql({ + index: { + mapping: { + total_fields: { + limit: '1000', + }, + }, + }, + }); + + expect(indexTemplate.index_template.template!.lifecycle).to.eql({ + enabled: true, + }); + + const dsResponse = await es.indices.get({ + index: dataStreamName, + }); + + const dataStream = Object.values(dsResponse).find( + (ds) => ds.data_stream === dataStreamName + ); + + expect(dataStream?.mappings?._meta?.managed).to.eql(true); + expect(dataStream?.mappings?._meta?.namespace).to.eql(customSpaceName); + expect(dataStream?.mappings?._meta?.kibana?.version).to.be.a('string'); + expect(dataStream?.mappings?.dynamic).to.eql('false'); + + expect(dataStream?.settings?.index?.mapping).to.eql({ + total_fields: { + limit: '1000', + }, + }); + + expect(dataStream?.settings?.index?.hidden).to.eql('true'); + expect(dataStream?.settings?.index?.number_of_shards).to.eql(1); + + const indexExist = await es.indices.exists({ + index: latestIndexName, + }); + + expect(indexExist).to.eql(true); + + const transformStats = await es.transform.getTransformStats({ + transform_id: transformId, + }); + + expect(transformStats.transforms[0].state).to.eql('stopped'); + }); + it('should create configuration saved object', async () => { await riskEngineRoutes.init(); const response = await kibanaServer.savedObjects.find({ @@ -343,7 +580,9 @@ export default ({ getService }: FtrProviderContext) => { }); }); - describe('status api', () => { + // FLAKY: https://github.com/elastic/kibana/issues/196319 + // FLAKY: https://github.com/elastic/kibana/issues/196166 + describe.skip('status api', () => { it('should disable / enable risk engine', async () => { const status1 = await riskEngineRoutes.getStatus(); diff --git a/x-pack/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/trial_license_complete_tier/entries.ts b/x-pack/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/trial_license_complete_tier/entries.ts index 7cd44a21ce236e..2ecb368c2ba7bc 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/trial_license_complete_tier/entries.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/trial_license_complete_tier/entries.ts @@ -6,6 +6,7 @@ */ import expect from 'expect'; +import { KNOWLEDGE_BASE_ENTRIES_TABLE_MAX_PAGE_SIZE } from '@kbn/elastic-assistant-plugin/common/constants'; import { FtrProviderContext } from '../../../../../ftr_provider_context'; import { createEntry, createEntryForUser } from '../utils/create_entry'; import { findEntries } from '../utils/find_entry'; @@ -18,7 +19,11 @@ import { import { removeServerGeneratedProperties } from '../utils/remove_server_generated_properties'; import { MachineLearningProvider } from '../../../../../../functional/services/ml'; import { documentEntry, indexEntry, globalDocumentEntry } from './mocks/entries'; -import { secOnlySpacesAll } from '../utils/auth/users'; +import { secOnlySpacesAll, secOnlySpacesAllAssistantMinimalAll } from '../utils/auth/users'; +import { + bulkActionKnowledgeBaseEntries, + bulkActionKnowledgeBaseEntriesForUser, +} from '../utils/bulk_actions_entry'; export default ({ getService }: FtrProviderContext) => { const supertest = getService('supertest'); @@ -42,8 +47,6 @@ export default ({ getService }: FtrProviderContext) => { }); describe('Create Entries', () => { - // TODO: KB-RBAC: Added stubbed admin tests for when RBAC is enabled. Hopefully this helps :] - // NOTE: Will need to update each section with the expected user, can use `createEntryForUser()` helper describe('Admin User', () => { it('should create a new document entry for the current user', async () => { const entry = await createEntry({ supertest, log, entry: documentEntry }); @@ -135,16 +138,18 @@ export default ({ getService }: FtrProviderContext) => { expect(removeServerGeneratedProperties(entry)).toEqual(expectedDocumentEntry); }); - // TODO: KB-RBAC: Action not currently limited without RBAC - it.skip('should not be able to create a global entry', async () => { - const entry = await createEntry({ supertest, log, entry: globalDocumentEntry }); - - const expectedDocumentEntry = { - ...globalDocumentEntry, - users: [{ name: 'elastic' }], - }; - - expect(removeServerGeneratedProperties(entry)).toEqual(expectedDocumentEntry); + it('should not be able to create a global entry', async () => { + const response = await createEntryForUser({ + supertestWithoutAuth, + log, + entry: globalDocumentEntry, + user: secOnlySpacesAllAssistantMinimalAll, + expectedHttpCode: 500, + }); + expect(response).toEqual({ + status_code: 500, + message: 'User lacks privileges to create global knowledge base entries', + }); }); }); }); @@ -188,5 +193,444 @@ export default ({ getService }: FtrProviderContext) => { expect(entries.total).toEqual(0); }); }); + + describe('Bulk Actions', () => { + describe('General', () => { + it(`should throw an error for more than ${KNOWLEDGE_BASE_ENTRIES_TABLE_MAX_PAGE_SIZE} actions`, async () => { + const entry = await createEntry({ supertest, log, entry: documentEntry }); + const updatedDocumentEntry = { + id: entry.id, + ...documentEntry, + text: 'This is a sample of updated document entry', + }; + const response = await bulkActionKnowledgeBaseEntries({ + supertest, + log, + payload: { + create: [documentEntry], + update: [updatedDocumentEntry], + delete: { + ids: Array(KNOWLEDGE_BASE_ENTRIES_TABLE_MAX_PAGE_SIZE).fill('fake-document-id'), + }, + }, + expectedHttpCode: 400, + }); + expect(response).toEqual({ + status_code: 400, + message: `More than ${KNOWLEDGE_BASE_ENTRIES_TABLE_MAX_PAGE_SIZE} ids sent for bulk edit action.`, + }); + }); + + it('should perform create, update and delete actions for the current user', async () => { + const entry1 = await createEntry({ supertest, log, entry: documentEntry }); + const entry2 = await createEntry({ supertest, log, entry: globalDocumentEntry }); + + const updatedDocumentEntry = { + id: entry2.id, + ...globalDocumentEntry, + text: 'This is a sample of updated document entry', + }; + const expectedUpdatedDocumentEntry = { + ...globalDocumentEntry, + text: 'This is a sample of updated document entry', + }; + + const response = await bulkActionKnowledgeBaseEntries({ + supertest, + log, + payload: { + create: [indexEntry], + update: [updatedDocumentEntry], + delete: { ids: [entry1.id] }, + }, + }); + + const expectedCreatedIndexEntry = { + ...indexEntry, + users: [{ name: 'elastic' }], + }; + + expect(response.attributes.summary.succeeded).toEqual(3); + expect(response.attributes.summary.total).toEqual(3); + expect(response.attributes.results.created).toEqual( + expect.arrayContaining([expect.objectContaining(expectedCreatedIndexEntry)]) + ); + expect(response.attributes.results.updated).toEqual( + expect.arrayContaining([expect.objectContaining(expectedUpdatedDocumentEntry)]) + ); + expect(response.attributes.results.deleted).toEqual(expect.arrayContaining([entry1.id])); + }); + }); + + describe('Create Entries', () => { + it('should create a new document entry for the current user', async () => { + const response = await bulkActionKnowledgeBaseEntries({ + supertest, + log, + payload: { create: [documentEntry] }, + }); + + const expectedDocumentEntry = { + ...documentEntry, + users: [{ name: 'elastic' }], + }; + + expect(response.attributes.summary.succeeded).toEqual(1); + expect(response.attributes.summary.total).toEqual(1); + expect(response.attributes.results.created).toEqual( + expect.arrayContaining([expect.objectContaining(expectedDocumentEntry)]) + ); + }); + + it('should create a new index entry for the current user', async () => { + const response = await bulkActionKnowledgeBaseEntries({ + supertest, + log, + payload: { create: [indexEntry] }, + }); + + const expectedIndexEntry = { + ...indexEntry, + inputSchema: [], + outputFields: [], + users: [{ name: 'elastic' }], + }; + + expect(response.attributes.summary.succeeded).toEqual(1); + expect(response.attributes.summary.total).toEqual(1); + expect(response.attributes.results.created).toEqual( + expect.arrayContaining([expect.objectContaining(expectedIndexEntry)]) + ); + }); + + it('should create a new global entry for all users', async () => { + const response = await bulkActionKnowledgeBaseEntries({ + supertest, + log, + payload: { create: [globalDocumentEntry] }, + }); + + expect(response.attributes.summary.succeeded).toEqual(1); + expect(response.attributes.summary.total).toEqual(1); + expect(response.attributes.results.created).toEqual( + expect.arrayContaining([expect.objectContaining(globalDocumentEntry)]) + ); + }); + + it('should create a new global entry for all users in another space', async () => { + const response = await bulkActionKnowledgeBaseEntries({ + supertest, + log, + payload: { create: [globalDocumentEntry] }, + space: 'space-x', + }); + + const expectedDocumentEntry = { + ...globalDocumentEntry, + namespace: 'space-x', + }; + + expect(response.attributes.summary.succeeded).toEqual(1); + expect(response.attributes.summary.total).toEqual(1); + expect(response.attributes.results.created).toEqual( + expect.arrayContaining([expect.objectContaining(expectedDocumentEntry)]) + ); + }); + + it('should create own private document even if user does not have `manage_global_knowledge_base` privileges', async () => { + const response = await bulkActionKnowledgeBaseEntriesForUser({ + supertestWithoutAuth, + log, + payload: { create: [documentEntry] }, + user: secOnlySpacesAllAssistantMinimalAll, + }); + + const expectedDocumentEntry = { + ...documentEntry, + users: [{ name: secOnlySpacesAllAssistantMinimalAll.username }], + }; + + expect(response.attributes.summary.succeeded).toEqual(1); + expect(response.attributes.summary.total).toEqual(1); + expect(response.attributes.results.created).toEqual( + expect.arrayContaining([expect.objectContaining(expectedDocumentEntry)]) + ); + }); + + it('should not create global document if user does not have `manage_global_knowledge_base` privileges', async () => { + const response = await bulkActionKnowledgeBaseEntriesForUser({ + supertestWithoutAuth, + log, + payload: { create: [globalDocumentEntry] }, + user: secOnlySpacesAllAssistantMinimalAll, + expectedHttpCode: 500, + }); + expect(response).toEqual({ + status_code: 500, + message: 'User lacks privileges to create global knowledge base entries', + }); + }); + }); + + describe('Update Entries', () => { + it('should update own document entry', async () => { + const entry = await createEntry({ supertest, log, entry: documentEntry }); + const updatedDocumentEntry = { + id: entry.id, + ...documentEntry, + text: 'This is a sample of updated document entry', + }; + const response = await bulkActionKnowledgeBaseEntries({ + supertest, + log, + payload: { update: [updatedDocumentEntry] }, + }); + + const expectedDocumentEntry = { + ...documentEntry, + users: [{ name: 'elastic' }], + text: 'This is a sample of updated document entry', + }; + + expect(response.attributes.summary.succeeded).toEqual(1); + expect(response.attributes.summary.total).toEqual(1); + expect(response.attributes.results.updated).toEqual( + expect.arrayContaining([expect.objectContaining(expectedDocumentEntry)]) + ); + }); + + it('should not update private document entry created by another user', async () => { + const entry = await createEntryForUser({ + supertestWithoutAuth, + log, + entry: documentEntry, + user: secOnlySpacesAll, + }); + + const updatedDocumentEntry = { + id: entry.id, + ...documentEntry, + text: 'This is a sample of updated document entry', + }; + const response = await bulkActionKnowledgeBaseEntries({ + supertest, + log, + payload: { update: [updatedDocumentEntry] }, + expectedHttpCode: 500, + }); + expect(response).toEqual({ + status_code: 500, + message: `Could not find documents to update: ${entry.id}.`, + }); + }); + + it('should update own global document entry', async () => { + const entry = await createEntry({ supertest, log, entry: globalDocumentEntry }); + const updatedDocumentEntry = { + id: entry.id, + ...globalDocumentEntry, + text: 'This is a sample of updated global document entry', + }; + const response = await bulkActionKnowledgeBaseEntries({ + supertest, + log, + payload: { update: [updatedDocumentEntry] }, + }); + + const expectedDocumentEntry = { + ...globalDocumentEntry, + text: 'This is a sample of updated global document entry', + }; + + expect(response.attributes.summary.succeeded).toEqual(1); + expect(response.attributes.summary.total).toEqual(1); + expect(response.attributes.results.updated).toEqual( + expect.arrayContaining([expect.objectContaining(expectedDocumentEntry)]) + ); + }); + + it('should update global document entry created by another user', async () => { + const entry = await createEntryForUser({ + supertestWithoutAuth, + log, + entry: globalDocumentEntry, + user: secOnlySpacesAll, + }); + const updatedDocumentEntry = { + id: entry.id, + ...globalDocumentEntry, + text: 'This is a sample of updated global document entry', + }; + const response = await bulkActionKnowledgeBaseEntries({ + supertest, + log, + payload: { update: [updatedDocumentEntry] }, + }); + + const expectedDocumentEntry = { + ...globalDocumentEntry, + text: 'This is a sample of updated global document entry', + }; + + expect(response.attributes.summary.succeeded).toEqual(1); + expect(response.attributes.summary.total).toEqual(1); + expect(response.attributes.results.updated).toEqual( + expect.arrayContaining([expect.objectContaining(expectedDocumentEntry)]) + ); + }); + + it('should update own private document even if user does not have `manage_global_knowledge_base` privileges', async () => { + const entry = await createEntryForUser({ + supertestWithoutAuth, + log, + entry: documentEntry, + user: secOnlySpacesAllAssistantMinimalAll, + }); + + const updatedDocumentEntry = { + id: entry.id, + ...documentEntry, + text: 'This is a sample of updated document entry', + }; + const response = await bulkActionKnowledgeBaseEntriesForUser({ + supertestWithoutAuth, + log, + payload: { update: [updatedDocumentEntry] }, + user: secOnlySpacesAllAssistantMinimalAll, + }); + + const expectedDocumentEntry = { + ...documentEntry, + users: [{ name: secOnlySpacesAllAssistantMinimalAll.username }], + text: 'This is a sample of updated document entry', + }; + + expect(response.attributes.summary.succeeded).toEqual(1); + expect(response.attributes.summary.total).toEqual(1); + expect(response.attributes.results.updated).toEqual( + expect.arrayContaining([expect.objectContaining(expectedDocumentEntry)]) + ); + }); + + it('should not update global document if user does not have `manage_global_knowledge_base` privileges', async () => { + const entry = await createEntry({ supertest, log, entry: globalDocumentEntry }); + const updatedDocumentEntry = { + id: entry.id, + ...globalDocumentEntry, + text: 'This is a sample of updated global document entry', + }; + const response = await bulkActionKnowledgeBaseEntriesForUser({ + supertestWithoutAuth, + log, + payload: { update: [updatedDocumentEntry] }, + user: secOnlySpacesAllAssistantMinimalAll, + expectedHttpCode: 500, + }); + expect(response).toEqual({ + status_code: 500, + message: 'User lacks privileges to update global knowledge base entries', + }); + }); + }); + + describe('Delete Entries', () => { + it('should delete own document entry', async () => { + const entry = await createEntry({ supertest, log, entry: documentEntry }); + const response = await bulkActionKnowledgeBaseEntries({ + supertest, + log, + payload: { delete: { ids: [entry.id] } }, + }); + + expect(response.attributes.summary.succeeded).toEqual(1); + expect(response.attributes.summary.total).toEqual(1); + expect(response.attributes.results.deleted).toEqual(expect.arrayContaining([entry.id])); + }); + + it('should not delete private document entry created by another user', async () => { + const entry = await createEntryForUser({ + supertestWithoutAuth, + log, + entry: documentEntry, + user: secOnlySpacesAll, + }); + const response = await bulkActionKnowledgeBaseEntries({ + supertest, + log, + payload: { delete: { ids: [entry.id] } }, + expectedHttpCode: 500, + }); + expect(response).toEqual({ + status_code: 500, + message: `Could not find documents to delete: ${entry.id}.`, + }); + }); + + it('should delete own global document entry', async () => { + const entry = await createEntry({ supertest, log, entry: globalDocumentEntry }); + const response = await bulkActionKnowledgeBaseEntries({ + supertest, + log, + payload: { delete: { ids: [entry.id] } }, + }); + + expect(response.attributes.summary.succeeded).toEqual(1); + expect(response.attributes.summary.total).toEqual(1); + expect(response.attributes.results.deleted).toEqual(expect.arrayContaining([entry.id])); + }); + + it('should delete global document entry created by another user', async () => { + const entry = await createEntryForUser({ + supertestWithoutAuth, + log, + entry: globalDocumentEntry, + user: secOnlySpacesAll, + }); + const response = await bulkActionKnowledgeBaseEntries({ + supertest, + log, + payload: { delete: { ids: [entry.id] } }, + }); + + expect(response.attributes.summary.succeeded).toEqual(1); + expect(response.attributes.summary.total).toEqual(1); + expect(response.attributes.results.deleted).toEqual(expect.arrayContaining([entry.id])); + }); + + it('should delete own private document even if user does not have `manage_global_knowledge_base` privileges', async () => { + const entry = await createEntryForUser({ + supertestWithoutAuth, + log, + entry: documentEntry, + user: secOnlySpacesAllAssistantMinimalAll, + }); + const response = await bulkActionKnowledgeBaseEntriesForUser({ + supertestWithoutAuth, + log, + payload: { delete: { ids: [entry.id] } }, + user: secOnlySpacesAllAssistantMinimalAll, + }); + + expect(response.attributes.summary.succeeded).toEqual(1); + expect(response.attributes.summary.total).toEqual(1); + expect(response.attributes.results.deleted).toEqual(expect.arrayContaining([entry.id])); + }); + + it('should not delete global document if user does not have `manage_global_knowledge_base` privileges', async () => { + const entry = await createEntry({ supertest, log, entry: globalDocumentEntry }); + const response = await bulkActionKnowledgeBaseEntriesForUser({ + supertestWithoutAuth, + log, + payload: { delete: { ids: [entry.id] } }, + user: secOnlySpacesAllAssistantMinimalAll, + expectedHttpCode: 500, + }); + expect(response).toEqual({ + status_code: 500, + message: 'User lacks privileges to delete global knowledge base entries', + }); + }); + }); + }); }); }; diff --git a/x-pack/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/utils/auth/roles.ts b/x-pack/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/utils/auth/roles.ts index d83a2791d34097..9e81e7d11fffd5 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/utils/auth/roles.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/utils/auth/roles.ts @@ -179,6 +179,26 @@ export const securitySolutionOnlyReadSpacesAll: Role = { }, }; +export const securitySolutionOnlyAllSpacesAllAssistantMinimalAll: Role = { + name: 'sec_only_all_spaces_all_assistant_minimal_all', + privileges: { + elasticsearch: { + indices: [], + }, + kibana: [ + { + feature: { + siem: ['all'], + securitySolutionAssistant: ['minimal_all'], + securitySolutionAttackDiscovery: ['all'], + aiAssistantManagementSelection: ['all'], + }, + spaces: ['*'], + }, + ], + }, +}; + export const roles = [ noKibanaPrivileges, globalRead, @@ -193,6 +213,7 @@ export const allRoles = [ securitySolutionOnlyRead, securitySolutionOnlyAllSpacesAll, securitySolutionOnlyAllSpacesAllWithReadESIndices, + securitySolutionOnlyAllSpacesAllAssistantMinimalAll, securitySolutionOnlyReadSpacesAll, securitySolutionOnlyAllSpace2, securitySolutionOnlyReadSpace2, diff --git a/x-pack/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/utils/auth/users.ts b/x-pack/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/utils/auth/users.ts index 6e0d790072df16..62fe17bacc76af 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/utils/auth/users.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/utils/auth/users.ts @@ -17,6 +17,7 @@ import { securitySolutionOnlyAllSpace2, securitySolutionOnlyReadSpace2, securitySolutionOnlyAllSpacesAllWithReadESIndices, + securitySolutionOnlyAllSpacesAllAssistantMinimalAll, } from './roles'; import { User } from './types'; @@ -86,6 +87,12 @@ export const secOnlySpacesAllEsReadAll: User = { roles: [securitySolutionOnlyAllSpacesAllWithReadESIndices.name], }; +export const secOnlySpacesAllAssistantMinimalAll: User = { + username: 'sec_only_all_spaces_all_assistant_minimal_all', + password: 'sec_only_all_spaces_all_assistant_minimal_all', + roles: [securitySolutionOnlyAllSpacesAllAssistantMinimalAll.name], +}; + export const allUsers = [ superUser, secOnly, @@ -94,6 +101,7 @@ export const allUsers = [ noKibanaPrivileges, secOnlySpacesAll, secOnlySpacesAllEsReadAll, + secOnlySpacesAllAssistantMinimalAll, secOnlyReadSpacesAll, secOnlySpace2, secOnlyReadSpace2, diff --git a/x-pack/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/utils/bulk_actions_entry.ts b/x-pack/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/utils/bulk_actions_entry.ts new file mode 100644 index 00000000000000..a709070d56fef0 --- /dev/null +++ b/x-pack/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/utils/bulk_actions_entry.ts @@ -0,0 +1,101 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { ELASTIC_HTTP_VERSION_HEADER } from '@kbn/core-http-common'; +import type { ToolingLog } from '@kbn/tooling-log'; +import type SuperTest from 'supertest'; +import { + ELASTIC_AI_ASSISTANT_KNOWLEDGE_BASE_ENTRIES_URL_BULK_ACTION, + KnowledgeBaseEntryCreateProps, + KnowledgeBaseEntryUpdateProps, + PerformKnowledgeBaseEntryBulkActionResponse, +} from '@kbn/elastic-assistant-common'; +import type { User } from './auth/types'; + +import { routeWithNamespace } from '../../../../../../common/utils/security_solution'; + +/** + * Performs bulk actions on Knowledge Base entries + * @param supertest The supertest deps + * @param log The tooling logger + * @param payload The bulk action payload + * @param space The Kibana Space to update the entry in (optional) + * @param expectedHttpCode The expected http status code (optional) + */ +export const bulkActionKnowledgeBaseEntries = async ({ + supertest, + log, + payload, + space, + expectedHttpCode = 200, +}: { + supertest: SuperTest.Agent; + log: ToolingLog; + payload: { + create?: KnowledgeBaseEntryCreateProps[]; + update?: KnowledgeBaseEntryUpdateProps[]; + delete?: { ids: string[] }; + }; + space?: string; + expectedHttpCode?: number; +}): Promise => { + const route = routeWithNamespace( + ELASTIC_AI_ASSISTANT_KNOWLEDGE_BASE_ENTRIES_URL_BULK_ACTION, + space + ); + const response = await supertest + .post(route) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .send(payload) + .expect(expectedHttpCode); + + return response.body; +}; + +/** + * Performs bulk actions on Knowledge Base entries for a given User + * @param supertest The supertest deps + * @param log The tooling logger + * @param payload The bulk action payload + * @param user The user to update the entry on behalf of + * @param space The Kibana Space to update the entry in (optional) + * @param expectedHttpCode The expected http status code (optional) + */ +export const bulkActionKnowledgeBaseEntriesForUser = async ({ + supertestWithoutAuth, + log, + payload, + user, + space, + expectedHttpCode = 200, +}: { + supertestWithoutAuth: SuperTest.Agent; + log: ToolingLog; + payload: { + create?: KnowledgeBaseEntryCreateProps[]; + update?: KnowledgeBaseEntryUpdateProps[]; + delete?: { ids: string[] }; + }; + user: User; + space?: string; + expectedHttpCode?: number; +}): Promise => { + const route = routeWithNamespace( + ELASTIC_AI_ASSISTANT_KNOWLEDGE_BASE_ENTRIES_URL_BULK_ACTION, + space + ); + const response = await supertestWithoutAuth + .post(route) + .auth(user.username, user.password) + .set('kbn-xsrf', 'true') + .set(ELASTIC_HTTP_VERSION_HEADER, '1') + .send(payload) + .expect(expectedHttpCode); + + return response.body; +}; diff --git a/x-pack/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/utils/create_entry.ts b/x-pack/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/utils/create_entry.ts index f69c42dcbd9bd2..3b4507d0c4ba07 100644 --- a/x-pack/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/utils/create_entry.ts +++ b/x-pack/test/security_solution_api_integration/test_suites/genai/knowledge_base/entries/utils/create_entry.ts @@ -23,33 +23,30 @@ import { routeWithNamespace } from '../../../../../../common/utils/security_solu * @param log The tooling logger * @param entry The entry to create * @param space The Kibana Space to create the entry in (optional) + * @param expectedHttpCode The expected http status code (optional) */ export const createEntry = async ({ supertest, log, entry, space, + expectedHttpCode = 200, }: { supertest: SuperTest.Agent; log: ToolingLog; entry: KnowledgeBaseEntryCreateProps; space?: string; + expectedHttpCode?: number; }): Promise => { const route = routeWithNamespace(ELASTIC_AI_ASSISTANT_KNOWLEDGE_BASE_ENTRIES_URL, space); const response = await supertest .post(route) .set('kbn-xsrf', 'true') .set(ELASTIC_HTTP_VERSION_HEADER, '1') - .send(entry); - if (response.status !== 200) { - throw new Error( - `Unexpected non 200 ok when attempting to create entry: ${JSON.stringify( - response.status - )},${JSON.stringify(response, null, 4)}` - ); - } else { - return response.body; - } + .send(entry) + .expect(expectedHttpCode); + + return response.body; }; /** @@ -59,6 +56,7 @@ export const createEntry = async ({ * @param entry The entry to create * @param user The user to create the entry on behalf of * @param space The Kibana Space to create the entry in (optional) + * @param expectedHttpCode The expected http status code (optional) */ export const createEntryForUser = async ({ supertestWithoutAuth, @@ -66,12 +64,14 @@ export const createEntryForUser = async ({ entry, user, space, + expectedHttpCode = 200, }: { supertestWithoutAuth: SuperTest.Agent; log: ToolingLog; entry: KnowledgeBaseEntryCreateProps; user: User; space?: string; + expectedHttpCode?: number; }): Promise => { const route = routeWithNamespace(ELASTIC_AI_ASSISTANT_KNOWLEDGE_BASE_ENTRIES_URL, space); const response = await supertestWithoutAuth @@ -79,14 +79,8 @@ export const createEntryForUser = async ({ .auth(user.username, user.password) .set('kbn-xsrf', 'true') .set(ELASTIC_HTTP_VERSION_HEADER, '1') - .send(entry); - if (response.status !== 200) { - throw new Error( - `Unexpected non 200 ok when attempting to create entry: ${JSON.stringify( - response.status - )},${JSON.stringify(response, null, 4)}` - ); - } else { - return response.body; - } + .send(entry) + .expect(expectedHttpCode); + + return response.body; }; diff --git a/x-pack/test/security_solution_api_integration/tsconfig.json b/x-pack/test/security_solution_api_integration/tsconfig.json index 17d5053c053281..e13f4bd61520db 100644 --- a/x-pack/test/security_solution_api_integration/tsconfig.json +++ b/x-pack/test/security_solution_api_integration/tsconfig.json @@ -51,5 +51,6 @@ "@kbn/security-plugin", "@kbn/ftr-common-functional-ui-services", "@kbn/spaces-plugin", + "@kbn/elastic-assistant-plugin", ] } diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/ai_assistant/conversations.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/ai_assistant/conversations.cy.ts index c91ee7de475e36..4d87cce1fdaa8b 100644 --- a/x-pack/test/security_solution_cypress/cypress/e2e/ai_assistant/conversations.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/ai_assistant/conversations.cy.ts @@ -23,7 +23,6 @@ import { typeAndSendMessage, assertErrorResponse, selectRule, - assertErrorToastShown, updateConversationTitle, } from '../../tasks/assistant'; import { deleteConversations } from '../../tasks/api_calls/assistant'; @@ -146,7 +145,7 @@ describe('AI Assistant Conversations', { tags: ['@ess', '@serverless'] }, () => assertConnectorSelected(bedrockConnectorAPIPayload.name); assertMessageSent('goodbye'); }); - it('Correctly titles new conversations, and only allows one conversation called "New chat" at a time', () => { + it('Correctly creates and titles new conversations, and allows title updates', () => { visitGetStartedPage(); openAssistant(); createNewChat(); @@ -155,14 +154,7 @@ describe('AI Assistant Conversations', { tags: ['@ess', '@serverless'] }, () => typeAndSendMessage('hello'); assertMessageSent('hello'); assertConversationTitle('Unexpected API Error: - Connection error.'); - updateConversationTitle('New chat'); - selectConversation('Welcome'); - createNewChat(); - assertErrorToastShown('Error creating conversation with title New chat'); - selectConversation('New chat'); - updateConversationTitle('My other chat'); - createNewChat(); - assertNewConversation(false, 'New chat'); + updateConversationTitle('Something else'); }); }); }); diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rule_actions/snoozing/rule_snoozing.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rule_actions/snoozing/rule_snoozing.cy.ts index 270a9146f65a9f..9622cb94bdd4f5 100644 --- a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rule_actions/snoozing/rule_snoozing.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_management/rule_actions/snoozing/rule_snoozing.cy.ts @@ -217,7 +217,7 @@ describe('rule snoozing', { tags: ['@ess', '@serverless', '@skipInServerlessMKI' describe('Handling errors', () => { it('shows an error if unable to load snooze settings', () => { createRule(getNewRule({ name: 'Test rule', enabled: false })).then(({ body: rule }) => { - cy.intercept('GET', `${INTERNAL_ALERTING_API_FIND_RULES_PATH}*`, { + cy.intercept('POST', `${INTERNAL_ALERTING_API_FIND_RULES_PATH}*`, { statusCode: 500, }); diff --git a/x-pack/test/security_solution_endpoint/apps/integrations/endpoint_exceptions.ts b/x-pack/test/security_solution_endpoint/apps/integrations/endpoint_exceptions.ts index 42d28132998bf5..eac635ac958ebf 100644 --- a/x-pack/test/security_solution_endpoint/apps/integrations/endpoint_exceptions.ts +++ b/x-pack/test/security_solution_endpoint/apps/integrations/endpoint_exceptions.ts @@ -22,6 +22,7 @@ export default ({ getPageObjects, getService }: FtrProviderContext) => { const endpointTestResources = getService('endpointTestResources'); const endpointArtifactTestResources = getService('endpointArtifactTestResources'); const retry = getService('retry'); + const retryOnStale = getService('retryOnStale'); const esClient = getService('es'); const supertest = getService('supertest'); const find = getService('find'); @@ -30,30 +31,17 @@ export default ({ getPageObjects, getService }: FtrProviderContext) => { const toasts = getService('toasts'); const MINUTES = 60 * 1000 * 10; - // FLAKY: https://github.com/elastic/kibana/issues/173441 - // Failing: See https://github.com/elastic/kibana/issues/173441 - describe.skip('Endpoint Exceptions', function () { + describe('Endpoint Exceptions', function () { targetTags(this, ['@ess', '@serverless']); - this.timeout(10 * MINUTES); - const clearPrefilledEntries = async () => { - const entriesContainer = await testSubjects.find('exceptionEntriesContainer'); - - let deleteButtons: WebElementWrapper[]; - do { - deleteButtons = await testSubjects.findAllDescendant( - 'builderItemEntryDeleteButton', - entriesContainer - ); - - await deleteButtons[0].click(); - } while (deleteButtons.length > 1); - }; + let clearPrefilledEntries: () => Promise; const openNewEndpointExceptionFlyout = async () => { - await testSubjects.scrollIntoView('timeline-context-menu-button'); - await testSubjects.click('timeline-context-menu-button'); + retryOnStale(async () => { + await testSubjects.scrollIntoView('timeline-context-menu-button'); + await testSubjects.click('timeline-context-menu-button'); + }); await testSubjects.click('add-endpoint-exception-menu-item'); await testSubjects.existOrFail('addExceptionFlyout'); @@ -166,10 +154,25 @@ export default ({ getPageObjects, getService }: FtrProviderContext) => { }; await deleteEndpointExceptions(); + + clearPrefilledEntries = retryOnStale.wrap(async () => { + const entriesContainer = await testSubjects.find('exceptionEntriesContainer'); + + let deleteButtons: WebElementWrapper[]; + do { + deleteButtons = await testSubjects.findAllDescendant( + 'builderItemEntryDeleteButton', + entriesContainer + ); + + await deleteButtons[0].click(); + } while (deleteButtons.length > 1); + }); }); it('should add `event.module=endpoint` to entry if only wildcard operator is present', async () => { await pageObjects.common.navigateToUrlWithBrowserHistory('security', `/alerts`); + await pageObjects.header.waitUntilLoadingHasFinished(); await pageObjects.timePicker.setCommonlyUsedTime('Last_24 hours'); await openNewEndpointExceptionFlyout(); @@ -215,6 +218,7 @@ export default ({ getPageObjects, getService }: FtrProviderContext) => { it('should NOT add `event.module=endpoint` to entry if there is another operator', async () => { await pageObjects.common.navigateToUrlWithBrowserHistory('security', `/alerts`); + await pageObjects.header.waitUntilLoadingHasFinished(); await pageObjects.timePicker.setCommonlyUsedTime('Last_24 hours'); await openNewEndpointExceptionFlyout(); diff --git a/x-pack/test/security_solution_endpoint/apps/integrations/index.ts b/x-pack/test/security_solution_endpoint/apps/integrations/index.ts index 7bf73a60499d22..037ee3d60ec3ed 100644 --- a/x-pack/test/security_solution_endpoint/apps/integrations/index.ts +++ b/x-pack/test/security_solution_endpoint/apps/integrations/index.ts @@ -12,7 +12,7 @@ import { FtrProviderContext } from '../../configs/ftr_provider_context'; export default function (providerContext: FtrProviderContext) { const { loadTestFile, getService, getPageObjects } = providerContext; - describe('endpoint', function () { + describe('integrations', function () { const ingestManager = getService('ingestManager'); const log = getService('log'); const endpointTestResources = getService('endpointTestResources'); diff --git a/x-pack/test/tsconfig.json b/x-pack/test/tsconfig.json index 03fbddf161f00f..2ba14ceb1218cc 100644 --- a/x-pack/test/tsconfig.json +++ b/x-pack/test/tsconfig.json @@ -185,6 +185,8 @@ "@kbn/cloud-security-posture-common", "@kbn/saved-objects-management-plugin", "@kbn/alerting-types", - "@kbn/ai-assistant-common" + "@kbn/ai-assistant-common", + "@kbn/core-deprecations-common", + "@kbn/usage-collection-plugin" ] } diff --git a/x-pack/test/ui_capabilities/security_and_spaces/tests/catalogue.ts b/x-pack/test/ui_capabilities/security_and_spaces/tests/catalogue.ts index c8182c4310c33e..ddcc187fad6a48 100644 --- a/x-pack/test/ui_capabilities/security_and_spaces/tests/catalogue.ts +++ b/x-pack/test/ui_capabilities/security_and_spaces/tests/catalogue.ts @@ -93,7 +93,6 @@ export default function catalogueTests({ getService }: FtrProviderContext) { 'enterpriseSearchVectorSearch', 'enterpriseSearchSemanticSearch', 'enterpriseSearchElasticsearch', - 'enterpriseSearchRelevance', 'searchInferenceEndpoints', 'appSearch', 'observabilityAIAssistant', diff --git a/x-pack/test/upgrade_assistant_integration/config.js b/x-pack/test/upgrade_assistant_integration/config.ts similarity index 70% rename from x-pack/test/upgrade_assistant_integration/config.js rename to x-pack/test/upgrade_assistant_integration/config.ts index 9529e4bc568d3e..0794f4d0b9ada1 100644 --- a/x-pack/test/upgrade_assistant_integration/config.js +++ b/x-pack/test/upgrade_assistant_integration/config.ts @@ -6,8 +6,10 @@ */ import { commonFunctionalServices } from '@kbn/ftr-common-functional-services'; +import { FtrConfigProviderContext } from '@kbn/test'; +import path from 'node:path'; -export default async function ({ readConfigFile }) { +export default async function ({ readConfigFile }: FtrConfigProviderContext) { // Read the Kibana API integration tests config file so that we can utilize its services. const kibanaAPITestsConfig = await readConfigFile( require.resolve('@kbn/test-suites-src/api_integration/config') @@ -26,7 +28,14 @@ export default async function ({ readConfigFile }) { junit: { reportName: 'X-Pack Upgrade Assistant Integration Tests', }, - kbnTestServer: xPackFunctionalTestsConfig.get('kbnTestServer'), + kbnTestServer: { + ...xPackFunctionalTestsConfig.get('kbnTestServer'), + serverArgs: [ + ...xPackFunctionalTestsConfig.get('kbnTestServer.serverArgs'), + `--plugin-path=${path.resolve(__dirname, '../../../examples/routing_example')}`, + `--plugin-path=${path.resolve(__dirname, '../../../examples/developer_examples')}`, + ], + }, esTestCluster: { ...xPackFunctionalTestsConfig.get('esTestCluster'), // this archive can not be loaded into 8.0+ diff --git a/x-pack/test/upgrade_assistant_integration/upgrade_assistant/api_deprecations.ts b/x-pack/test/upgrade_assistant_integration/upgrade_assistant/api_deprecations.ts new file mode 100644 index 00000000000000..f146bf38f5f26e --- /dev/null +++ b/x-pack/test/upgrade_assistant_integration/upgrade_assistant/api_deprecations.ts @@ -0,0 +1,162 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import expect from '@kbn/expect'; +import { expect as expectExpect } from 'expect'; +import type { DomainDeprecationDetails } from '@kbn/core-deprecations-common'; +import { ApiDeprecationDetails } from '@kbn/core-deprecations-common/src/types'; +import { setTimeout as setTimeoutAsync } from 'timers/promises'; +import { UsageCountersSavedObject } from '@kbn/usage-collection-plugin/server'; +import _ from 'lodash'; +import { FtrProviderContext } from '../../common/ftr_provider_context'; + +interface DomainApiDeprecationDetails extends ApiDeprecationDetails { + domainId: string; +} + +const getApiDeprecations = (allDeprecations: DomainDeprecationDetails[]) => { + return allDeprecations.filter( + (deprecation) => deprecation.deprecationType === 'api' + ) as unknown as DomainApiDeprecationDetails[]; +}; + +export default function ({ getService }: FtrProviderContext) { + const supertest = getService('supertest'); + const esArchiver = getService('esArchiver'); + const retry = getService('retry'); + const es = getService('es'); + + describe('Kibana API Deprecations', () => { + before(async () => { + // await kibanaServer.savedObjects.cleanStandardList(); + await esArchiver.emptyKibanaIndex(); + }); + it('returns does not return api deprecations if the routes are not called', async () => { + const { deprecations } = (await supertest.get(`/api/deprecations/`).expect(200)).body; + const apiDeprecations = getApiDeprecations(deprecations); + expect(apiDeprecations.length).to.equal(0); + }); + + it('returns deprecated APIs when the api is called', async () => { + await supertest.get(`/api/routing_example/d/removed_route`).expect(200); + + // sleep a little until the usage counter is synced into ES + await setTimeoutAsync(3000); + await retry.tryForTime( + 15 * 1000, + async () => { + const { deprecations } = (await supertest.get(`/api/deprecations/`).expect(200)).body; + const apiDeprecations = getApiDeprecations(deprecations); + expect(apiDeprecations.length).to.equal(1); + + expectExpect(apiDeprecations[0].correctiveActions.mark_as_resolved_api).toEqual({ + routePath: '/api/routing_example/d/removed_route', + routeMethod: 'get', + apiTotalCalls: 1, + totalMarkedAsResolved: 0, + timestamp: expectExpect.any(String), + }); + + expectExpect(apiDeprecations[0].domainId).toEqual('core.api_deprecations'); + expectExpect(apiDeprecations[0].apiId).toEqual( + 'unversioned|get|/api/routing_example/d/removed_route' + ); + expectExpect(apiDeprecations[0].title).toEqual( + 'The "GET /api/routing_example/d/removed_route" route is removed' + ); + }, + undefined, + 2000 + ); + }); + + it('no longer returns deprecated API when it is marked as resolved', async () => { + await supertest + .post(`/api/deprecations/mark_as_resolved`) + .set('kbn-xsrf', 'xxx') + .send({ + domainId: 'core.api_deprecations', + routePath: '/api/routing_example/d/removed_route', + routeMethod: 'get', + incrementBy: 1, + }) + .expect(200); + + // sleep a little until the usage counter is synced into ES + await setTimeoutAsync(5000); + await retry.tryForTime(15 * 1000, async () => { + const { deprecations } = (await supertest.get(`/api/deprecations/`).expect(200)).body; + const apiDeprecations = getApiDeprecations(deprecations); + expect(apiDeprecations.length).to.equal(0); + }); + }); + + it('returns deprecated API when it is called again after resolved, but with a different message', async () => { + await supertest.get(`/api/routing_example/d/removed_route`).expect(200); + + // sleep a little until the usage counter is synced into ES + await setTimeoutAsync(3000); + await retry.tryForTime( + 15 * 1000, + async () => { + const { deprecations } = (await supertest.get(`/api/deprecations/`).expect(200)).body; + const apiDeprecations = getApiDeprecations(deprecations); + expect(apiDeprecations.length).to.equal(1); + + expectExpect(apiDeprecations[0].correctiveActions.mark_as_resolved_api).toEqual({ + routePath: '/api/routing_example/d/removed_route', + routeMethod: 'get', + apiTotalCalls: 2, + totalMarkedAsResolved: 1, + timestamp: expectExpect.any(String), + }); + }, + undefined, + 2000 + ); + }); + + it('keeps track of all counters via saved objects and core usage counters', async () => { + const should = ['total', 'resolved', 'marked_as_resolved'].map((type) => ({ + match: { 'usage-counter.counterType': `deprecated_api_call:${type}` }, + })); + + const { hits } = await es.search<{ 'usage-counter': UsageCountersSavedObject }>({ + index: '.kibana_usage_counters', + body: { + query: { bool: { should } }, + }, + }); + + expect(hits.hits.length).to.equal(3); + const counters = hits.hits.map((hit) => hit._source!['usage-counter']).sort(); + expectExpect(_.sortBy(counters, 'counterType')).toEqual([ + { + count: 1, + counterName: 'unversioned|get|/api/routing_example/d/removed_route', + counterType: 'deprecated_api_call:marked_as_resolved', + domainId: 'core', + source: 'server', + }, + { + count: 1, + counterName: 'unversioned|get|/api/routing_example/d/removed_route', + counterType: 'deprecated_api_call:resolved', + domainId: 'core', + source: 'server', + }, + { + count: 2, + counterName: 'unversioned|get|/api/routing_example/d/removed_route', + counterType: 'deprecated_api_call:total', + domainId: 'core', + source: 'server', + }, + ]); + }); + }); +} diff --git a/x-pack/test/upgrade_assistant_integration/upgrade_assistant/index.js b/x-pack/test/upgrade_assistant_integration/upgrade_assistant/index.ts similarity index 64% rename from x-pack/test/upgrade_assistant_integration/upgrade_assistant/index.js rename to x-pack/test/upgrade_assistant_integration/upgrade_assistant/index.ts index eb09d24b79b6a7..2aaddc7d6f6695 100644 --- a/x-pack/test/upgrade_assistant_integration/upgrade_assistant/index.js +++ b/x-pack/test/upgrade_assistant_integration/upgrade_assistant/index.ts @@ -5,8 +5,11 @@ * 2.0. */ -export default function ({ loadTestFile }) { +import { FtrProviderContext } from '../../common/ftr_provider_context'; + +export default function ({ loadTestFile }: FtrProviderContext) { describe('upgrade assistant', function () { loadTestFile(require.resolve('./reindexing')); + loadTestFile(require.resolve('./api_deprecations')); }); } diff --git a/x-pack/test_serverless/api_integration/test_suites/common/reporting/__snapshots__/csv_v2_esql.snap b/x-pack/test_serverless/api_integration/test_suites/common/reporting/__snapshots__/csv_v2_esql.snap index 83c8c2982c4f58..e6ceffaa3b4abc 100644 --- a/x-pack/test_serverless/api_integration/test_suites/common/reporting/__snapshots__/csv_v2_esql.snap +++ b/x-pack/test_serverless/api_integration/test_suites/common/reporting/__snapshots__/csv_v2_esql.snap @@ -1,21 +1,40 @@ // Jest Snapshot v1, https://goo.gl/fbAQLP -exports[`Reporting CSV Generation from ES|QL export from non-timebased data view csv from es|ql csv file matches 1`] = `"{\\"statusCode\\":404,\\"error\\":\\"Not Found\\",\\"message\\":\\"Not Found\\"}"`; +exports[`Reporting CSV Generation from ES|QL export from non-timebased data view csv from es|ql csv file matches 1`] = ` +"eon,epoch,era,period +Phanerozoic,\\" Pliocene\\",Cenozoic,Neogene +Phanerozoic,\\" Holocene\\",Cenozoic,Quaternary +Phanerozoic,,Mesozoic,Cretaceous +Phanerozoic,,Mesozoic,Jurassic +Phanerozoic,,Paleozoic,Cambrian +Proterozoic,,Paleozoic,Permian +Archean,,, +Hadean,,, +" +`; exports[`Reporting CSV Generation from ES|QL export from non-timebased data view csv from es|ql job response data is correct 1`] = ` Object { - "contentDisposition": undefined, - "contentType": "application/json; charset=utf-8", + "contentDisposition": "attachment; filename=CSV%20Report.csv", + "contentType": "text/csv; charset=utf-8", "title": "CSV Report", } `; -exports[`Reporting CSV Generation from ES|QL export from timebased data view csv from es|ql export with time filter csv file matches 1`] = `"{\\"statusCode\\":404,\\"error\\":\\"Not Found\\",\\"message\\":\\"Not Found\\"}"`; +exports[`Reporting CSV Generation from ES|QL export from timebased data view csv from es|ql export with time filter csv file matches 1`] = ` +"\\"@message\\" +\\"143.84.142.7 - - [2015-09-20T00:00:00.000Z] \\"\\"GET /uploads/steven-hawley.jpg HTTP/1.1\\"\\" 200 1623 \\"\\"-\\"\\" \\"\\"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)\\"\\"\\" +\\"193.164.192.47 - - [2015-09-20T00:30:34.206Z] \\"\\"GET /uploads/michael-foreman.jpg HTTP/1.1\\"\\" 200 8537 \\"\\"-\\"\\" \\"\\"Mozilla/5.0 (X11; Linux x86_64; rv:6.0a1) Gecko/20110421 Firefox/6.0a1\\"\\"\\" +\\"176.7.244.68 - - [2015-09-20T00:32:42.058Z] \\"\\"GET /uploads/james-pawelczyk.jpg HTTP/1.1\\"\\" 200 9196 \\"\\"-\\"\\" \\"\\"Mozilla/5.0 (X11; Linux i686) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.50 Safari/534.24\\"\\"\\" +\\"237.56.90.184 - - [2015-09-20T00:35:21.445Z] \\"\\"GET /uploads/david-leestma.jpg HTTP/1.1\\"\\" 200 9790 \\"\\"-\\"\\" \\"\\"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)\\"\\"\\" +\\"255.56.89.50 - - [2015-09-20T00:43:01.353Z] \\"\\"GET /uploads/michael-r-barratt.jpg HTTP/1.1\\"\\" 200 9583 \\"\\"-\\"\\" \\"\\"Mozilla/5.0 (X11; Linux x86_64; rv:6.0a1) Gecko/20110421 Firefox/6.0a1\\"\\"\\" +" +`; exports[`Reporting CSV Generation from ES|QL export from timebased data view csv from es|ql export with time filter job response data is correct 1`] = ` Object { - "contentDisposition": undefined, - "contentType": "application/json; charset=utf-8", + "contentDisposition": "attachment; filename=Untitled%20discover%20search.csv", + "contentType": "text/csv; charset=utf-8", "title": "Untitled discover search", } `; diff --git a/x-pack/test_serverless/api_integration/test_suites/common/reporting/csv_v2_esql.ts b/x-pack/test_serverless/api_integration/test_suites/common/reporting/csv_v2_esql.ts index e74eb14ac31d76..022f22a144b6e2 100644 --- a/x-pack/test_serverless/api_integration/test_suites/common/reporting/csv_v2_esql.ts +++ b/x-pack/test_serverless/api_integration/test_suites/common/reporting/csv_v2_esql.ts @@ -9,20 +9,20 @@ import expect from '@kbn/expect'; import request from 'supertest'; import { DISCOVER_APP_LOCATOR } from '@kbn/discover-plugin/common'; -import { InternalRequestHeader, RoleCredentials } from '@kbn/ftr-common-functional-services'; +import { CookieCredentials, InternalRequestHeader } from '@kbn/ftr-common-functional-services'; import type { ReportApiJSON } from '@kbn/reporting-common/types'; import type { JobParamsCsvFromSavedObject } from '@kbn/reporting-export-types-csv-common'; import { FtrProviderContext } from '../../../ftr_provider_context'; export default ({ getService }: FtrProviderContext) => { const es = getService('es'); - const supertest = getService('supertest'); + const supertestWithoutAuth = getService('supertestWithoutAuth'); const esArchiver = getService('esArchiver'); const log = getService('log'); const reportingAPI = getService('svlReportingApi'); const svlCommonApi = getService('svlCommonApi'); - const svlUserManager = getService('svlUserManager'); - let roleAuthc: RoleCredentials; + const samlAuth = getService('samlAuth'); + let cookieCredentials: CookieCredentials; let internalReqHeader: InternalRequestHeader; // Helper function @@ -38,7 +38,12 @@ export default ({ getService }: FtrProviderContext) => { }; log.info(`sending request for query: ${JSON.stringify(job.locatorParams[0].params.query)}`); - return await reportingAPI.createReportJobInternal('csv_v2', job, roleAuthc, internalReqHeader); + return await reportingAPI.createReportJobInternal( + 'csv_v2', + job, + cookieCredentials, + internalReqHeader + ); }; describe('CSV Generation from ES|QL', () => { @@ -84,7 +89,7 @@ export default ({ getService }: FtrProviderContext) => { }; before(async () => { await loadTimelessData(); - roleAuthc = await svlUserManager.createM2mApiKeyWithRoleScope('admin'); + cookieCredentials = await samlAuth.getM2MApiCookieCredentialsWithRoleScope('admin'); internalReqHeader = svlCommonApi.getInternalRequestHeader(); }); @@ -112,8 +117,8 @@ export default ({ getService }: FtrProviderContext) => { }, ], })); - await reportingAPI.waitForJobToFinish(path, roleAuthc, internalReqHeader); - response = await supertest.get(path); + await reportingAPI.waitForJobToFinish(path, cookieCredentials, internalReqHeader); + response = await supertestWithoutAuth.get(path).set(cookieCredentials); csvFile = response.text; }); @@ -184,8 +189,8 @@ export default ({ getService }: FtrProviderContext) => { ], title: 'Untitled discover search', })); - await reportingAPI.waitForJobToFinish(path, roleAuthc, internalReqHeader); - response = await supertest.get(path); + await reportingAPI.waitForJobToFinish(path, cookieCredentials, internalReqHeader); + response = await supertestWithoutAuth.get(path).set(cookieCredentials); csvFile = response.text; }); diff --git a/x-pack/test_serverless/api_integration/test_suites/common/reporting/datastream.ts b/x-pack/test_serverless/api_integration/test_suites/common/reporting/datastream.ts index ce9fe313ecf88d..671b42f5a02a3f 100644 --- a/x-pack/test_serverless/api_integration/test_suites/common/reporting/datastream.ts +++ b/x-pack/test_serverless/api_integration/test_suites/common/reporting/datastream.ts @@ -6,8 +6,12 @@ */ import { expect } from 'expect'; +import { + CookieCredentials, + InternalRequestHeader, + RoleCredentials, +} from '@kbn/ftr-common-functional-services'; import { FtrProviderContext } from '../../../ftr_provider_context'; -import { InternalRequestHeader, RoleCredentials } from '../../../../shared/services'; export default function ({ getService }: FtrProviderContext) { const esArchiver = getService('esArchiver'); @@ -16,7 +20,9 @@ export default function ({ getService }: FtrProviderContext) { const svlCommonApi = getService('svlCommonApi'); const supertestWithoutAuth = getService('supertestWithoutAuth'); const svlUserManager = getService('svlUserManager'); + const samlAuth = getService('samlAuth'); let roleAuthc: RoleCredentials; + let cookieCredentials: CookieCredentials; let internalReqHeader: InternalRequestHeader; const archives: Record = { @@ -30,12 +36,13 @@ export default function ({ getService }: FtrProviderContext) { const generatedReports = new Set(); before(async () => { roleAuthc = await svlUserManager.createM2mApiKeyWithRoleScope('admin'); + cookieCredentials = await samlAuth.getM2MApiCookieCredentialsWithRoleScope('admin'); internalReqHeader = svlCommonApi.getInternalRequestHeader(); await esArchiver.load(archives.ecommerce.data); await kibanaServer.importExport.load(archives.ecommerce.savedObjects); - const { job } = await reportingAPI.createReportJobInternal( + const { job, path } = await reportingAPI.createReportJobInternal( 'csv_searchsource', { browserTimezone: 'UTC', @@ -48,16 +55,17 @@ export default function ({ getService }: FtrProviderContext) { title: 'Ecommerce Data', version: '8.15.0', }, - roleAuthc, + cookieCredentials, internalReqHeader ); + await reportingAPI.waitForJobToFinish(path, cookieCredentials, internalReqHeader); generatedReports.add(job.id); }); after(async () => { for (const reportId of generatedReports) { - await reportingAPI.deleteReport(reportId, roleAuthc, internalReqHeader); + await reportingAPI.deleteReport(reportId, cookieCredentials, internalReqHeader); } await esArchiver.unload(archives.ecommerce.data); @@ -69,7 +77,7 @@ export default function ({ getService }: FtrProviderContext) { const { status, body } = await supertestWithoutAuth .get(`/api/index_management/data_streams/.kibana-reporting`) .set(internalReqHeader) - .set(roleAuthc.apiKeyHeader); + .set(roleAuthc.apiKeyHeader); // use API key since the datastream management API is a public endpoint svlCommonApi.assertResponseStatusCode(200, status, body); diff --git a/x-pack/test_serverless/api_integration/test_suites/common/reporting/generate_csv_discover.ts b/x-pack/test_serverless/api_integration/test_suites/common/reporting/generate_csv_discover.ts index dd070d9a84aa24..c654e5e307f865 100644 --- a/x-pack/test_serverless/api_integration/test_suites/common/reporting/generate_csv_discover.ts +++ b/x-pack/test_serverless/api_integration/test_suites/common/reporting/generate_csv_discover.ts @@ -9,7 +9,7 @@ import expect from '@kbn/expect'; import type { SortDirection } from '@kbn/data-plugin/common'; import type { JobParamsCSV } from '@kbn/reporting-export-types-csv-common'; import type { Filter } from '@kbn/es-query'; -import { InternalRequestHeader, RoleCredentials } from '../../../../shared/services'; +import { CookieCredentials, InternalRequestHeader } from '@kbn/ftr-common-functional-services'; import { FtrProviderContext } from '../../../ftr_provider_context'; export default function ({ getService }: FtrProviderContext) { @@ -17,8 +17,8 @@ export default function ({ getService }: FtrProviderContext) { const kibanaServer = getService('kibanaServer'); const reportingAPI = getService('svlReportingApi'); const svlCommonApi = getService('svlCommonApi'); - const svlUserManager = getService('svlUserManager'); - let roleAuthc: RoleCredentials; + const samlAuth = getService('samlAuth'); + let cookieCredentials: CookieCredentials; let internalReqHeader: InternalRequestHeader; /* @@ -79,7 +79,7 @@ export default function ({ getService }: FtrProviderContext) { this.timeout(12 * 60 * 1000); before(async () => { - roleAuthc = await svlUserManager.createM2mApiKeyWithRoleScope('admin'); + cookieCredentials = await samlAuth.getM2MApiCookieCredentialsWithRoleScope('admin'); internalReqHeader = svlCommonApi.getInternalRequestHeader(); }); @@ -90,10 +90,6 @@ export default function ({ getService }: FtrProviderContext) { }); }); - after(async () => { - await svlUserManager.invalidateM2mApiKeyWithRoleScope(roleAuthc); - }); - describe('exported CSV', () => { before(async () => { await esArchiver.load(archives.ecommerce.data); @@ -169,13 +165,13 @@ export default function ({ getService }: FtrProviderContext) { title: 'Ecommerce Data', version: '8.14.0', }), - roleAuthc, + cookieCredentials, internalReqHeader ); - await reportingAPI.waitForJobToFinish(res.path, roleAuthc, internalReqHeader); + await reportingAPI.waitForJobToFinish(res.path, cookieCredentials, internalReqHeader); const csvFile = await reportingAPI.getCompletedJobOutput( res.path, - roleAuthc, + cookieCredentials, internalReqHeader ); expect((csvFile as string).length).to.be(124183); @@ -212,11 +208,11 @@ export default function ({ getService }: FtrProviderContext) { title: 'Untitled discover search', version: '8.14.0', }), - roleAuthc, + cookieCredentials, internalReqHeader ); - await reportingAPI.waitForJobToFinish(res.path, roleAuthc, internalReqHeader); - return reportingAPI.getCompletedJobOutput(res.path, roleAuthc, internalReqHeader); + await reportingAPI.waitForJobToFinish(res.path, cookieCredentials, internalReqHeader); + return reportingAPI.getCompletedJobOutput(res.path, cookieCredentials, internalReqHeader); } it('includes an unmapped field to the report', async () => { @@ -359,13 +355,13 @@ export default function ({ getService }: FtrProviderContext) { }, }, }), - roleAuthc, + cookieCredentials, internalReqHeader ); - await reportingAPI.waitForJobToFinish(res.path, roleAuthc, internalReqHeader); + await reportingAPI.waitForJobToFinish(res.path, cookieCredentials, internalReqHeader); const csvFile = await reportingAPI.getCompletedJobOutput( res.path, - roleAuthc, + cookieCredentials, internalReqHeader ); expect((csvFile as string).length).to.be(1270683); @@ -411,13 +407,13 @@ export default function ({ getService }: FtrProviderContext) { }, }, }), - roleAuthc, + cookieCredentials, internalReqHeader ); - await reportingAPI.waitForJobToFinish(res.path, roleAuthc, internalReqHeader); + await reportingAPI.waitForJobToFinish(res.path, cookieCredentials, internalReqHeader); const csvFile = await reportingAPI.getCompletedJobOutput( res.path, - roleAuthc, + cookieCredentials, internalReqHeader ); expect((csvFile as string).length).to.be(918298); @@ -469,13 +465,13 @@ export default function ({ getService }: FtrProviderContext) { }, columns: ['@timestamp', 'clientip', 'extension'], }), - roleAuthc, + cookieCredentials, internalReqHeader ); - await reportingAPI.waitForJobToFinish(res.path, roleAuthc, internalReqHeader); + await reportingAPI.waitForJobToFinish(res.path, cookieCredentials, internalReqHeader); const csvFile = await reportingAPI.getCompletedJobOutput( res.path, - roleAuthc, + cookieCredentials, internalReqHeader ); expect((csvFile as string).length).to.be(3020); @@ -515,13 +511,13 @@ export default function ({ getService }: FtrProviderContext) { }, columns: ['@timestamp', 'clientip', 'extension'], }), - roleAuthc, + cookieCredentials, internalReqHeader ); - await reportingAPI.waitForJobToFinish(res.path, roleAuthc, internalReqHeader); + await reportingAPI.waitForJobToFinish(res.path, cookieCredentials, internalReqHeader); const csvFile = await reportingAPI.getCompletedJobOutput( res.path, - roleAuthc, + cookieCredentials, internalReqHeader ); expect((csvFile as string).length).to.be(3020); @@ -555,13 +551,13 @@ export default function ({ getService }: FtrProviderContext) { }, columns: ['date', 'message'], }), - roleAuthc, + cookieCredentials, internalReqHeader ); - await reportingAPI.waitForJobToFinish(res.path, roleAuthc, internalReqHeader); + await reportingAPI.waitForJobToFinish(res.path, cookieCredentials, internalReqHeader); const csvFile = await reportingAPI.getCompletedJobOutput( res.path, - roleAuthc, + cookieCredentials, internalReqHeader ); expect((csvFile as string).length).to.be(103); @@ -584,13 +580,13 @@ export default function ({ getService }: FtrProviderContext) { }, columns: ['date', 'message'], }), - roleAuthc, + cookieCredentials, internalReqHeader ); - await reportingAPI.waitForJobToFinish(res.path, roleAuthc, internalReqHeader); + await reportingAPI.waitForJobToFinish(res.path, cookieCredentials, internalReqHeader); const csvFile = await reportingAPI.getCompletedJobOutput( res.path, - roleAuthc, + cookieCredentials, internalReqHeader ); expect((csvFile as string).length).to.be(103); @@ -627,13 +623,13 @@ export default function ({ getService }: FtrProviderContext) { }, columns: ['date', 'message', '_id', '_index'], }), - roleAuthc, + cookieCredentials, internalReqHeader ); - await reportingAPI.waitForJobToFinish(res.path, roleAuthc, internalReqHeader); + await reportingAPI.waitForJobToFinish(res.path, cookieCredentials, internalReqHeader); const csvFile = await reportingAPI.getCompletedJobOutput( res.path, - roleAuthc, + cookieCredentials, internalReqHeader ); expect((csvFile as string).length).to.be(134); @@ -659,13 +655,13 @@ export default function ({ getService }: FtrProviderContext) { }, columns: ['name', 'power'], }), - roleAuthc, + cookieCredentials, internalReqHeader ); - await reportingAPI.waitForJobToFinish(res.path, roleAuthc, internalReqHeader); + await reportingAPI.waitForJobToFinish(res.path, cookieCredentials, internalReqHeader); const csvFile = await reportingAPI.getCompletedJobOutput( res.path, - roleAuthc, + cookieCredentials, internalReqHeader ); expect((csvFile as string).length).to.be(274); @@ -743,13 +739,13 @@ export default function ({ getService }: FtrProviderContext) { }, columns: [], }), - roleAuthc, + cookieCredentials, internalReqHeader ); - await reportingAPI.waitForJobToFinish(res.path, roleAuthc, internalReqHeader); + await reportingAPI.waitForJobToFinish(res.path, cookieCredentials, internalReqHeader); const csvFile = await reportingAPI.getCompletedJobOutput( res.path, - roleAuthc, + cookieCredentials, internalReqHeader ); expect((csvFile as string).length).to.be(356); @@ -809,13 +805,13 @@ export default function ({ getService }: FtrProviderContext) { }, }, }), - roleAuthc, + cookieCredentials, internalReqHeader ); - await reportingAPI.waitForJobToFinish(res.path, roleAuthc, internalReqHeader); + await reportingAPI.waitForJobToFinish(res.path, cookieCredentials, internalReqHeader); const csvFile = await reportingAPI.getCompletedJobOutput( res.path, - roleAuthc, + cookieCredentials, internalReqHeader ); expect((csvFile as string).length).to.be(4845684); diff --git a/x-pack/test_serverless/api_integration/test_suites/common/reporting/management.ts b/x-pack/test_serverless/api_integration/test_suites/common/reporting/management.ts index 62e9f4eaf8acd2..ad1088ae0ebd2f 100644 --- a/x-pack/test_serverless/api_integration/test_suites/common/reporting/management.ts +++ b/x-pack/test_serverless/api_integration/test_suites/common/reporting/management.ts @@ -5,74 +5,79 @@ * 2.0. */ -import { X_ELASTIC_INTERNAL_ORIGIN_REQUEST } from '@kbn/core-http-common/src/constants'; import expect from '@kbn/expect'; import { INTERNAL_ROUTES } from '@kbn/reporting-common'; -import { ReportApiJSON } from '@kbn/reporting-common/types'; -import { FtrProviderContext } from '../../../ftr_provider_context'; -import { InternalRequestHeader, RoleCredentials } from '../../../../shared/services'; +import type { ReportApiJSON } from '@kbn/reporting-common/types'; +import type { CookieCredentials, InternalRequestHeader } from '@kbn/ftr-common-functional-services'; +import type { FtrProviderContext } from '../../../ftr_provider_context'; const API_HEADER: [string, string] = ['kbn-xsrf', 'reporting']; -const INTERNAL_HEADER: [string, string] = [X_ELASTIC_INTERNAL_ORIGIN_REQUEST, 'Kibana']; export default ({ getService }: FtrProviderContext) => { - const log = getService('log'); + const esArchiver = getService('esArchiver'); + const kibanaServer = getService('kibanaServer'); const reportingAPI = getService('svlReportingApi'); const supertestWithoutAuth = getService('supertestWithoutAuth'); - const svlCommonApi = getService('svlCommonApi'); - const svlUserManager = getService('svlUserManager'); - let adminUser: RoleCredentials; + const samlAuth = getService('samlAuth'); + let cookieCredentials: CookieCredentials; let internalReqHeader: InternalRequestHeader; + const archives = { + ecommerce: { + data: 'x-pack/test/functional/es_archives/reporting/ecommerce', + savedObjects: 'x-pack/test/functional/fixtures/kbn_archiver/reporting/ecommerce', + }, + }; + describe('Reporting Management', function () { + let reportJob: ReportApiJSON; + let path: string; + before(async () => { - adminUser = await svlUserManager.createM2mApiKeyWithRoleScope('admin'); - internalReqHeader = svlCommonApi.getInternalRequestHeader(); - }); - after(async () => { - await svlUserManager.invalidateM2mApiKeyWithRoleScope(adminUser); - }); + cookieCredentials = await samlAuth.getM2MApiCookieCredentialsWithRoleScope('admin'); + internalReqHeader = samlAuth.getInternalRequestHeader(); - describe('Deletion', () => { - let reportJob: ReportApiJSON; + await esArchiver.load(archives.ecommerce.data); + await kibanaServer.importExport.load(archives.ecommerce.savedObjects); - const createJob = async (roleAuthc: RoleCredentials): Promise => { - log.info(`request report job with ApiKey ${adminUser.apiKey.name}`); - const { job } = await reportingAPI.createReportJobInternal( - 'csv_searchsource', - { - browserTimezone: 'UTC', - objectType: 'search', - searchSource: { - index: '5193f870-d861-11e9-a311-0fa548c5f953', - query: { language: 'kuery', query: '' }, - version: true, - }, - title: 'Ecommerce Data', - version: '8.15.0', + // generate a report that can be deleted in the test + const result = await reportingAPI.createReportJobInternal( + 'csv_searchsource', + { + browserTimezone: 'UTC', + objectType: 'search', + searchSource: { + index: '5193f870-d861-11e9-a311-0fa548c5f953', + query: { language: 'kuery', query: '' }, + version: true, }, - roleAuthc, - internalReqHeader - ); - log.info(`created report job ${job.id} with ApiKey ${adminUser.apiKey.name}`); - return job; - }; + title: 'Ecommerce Data', + version: '8.15.0', + }, + cookieCredentials, + internalReqHeader + ); - before(async () => { - reportJob = await createJob(adminUser); - }); + path = result.path; + reportJob = result.job; + + await reportingAPI.waitForJobToFinish(path, cookieCredentials, internalReqHeader); + }); + + after(async () => { + await esArchiver.unload(archives.ecommerce.data); + await kibanaServer.importExport.unload(archives.ecommerce.savedObjects); + }); - it(`user can delete a report they've created`, async () => { - // for this test, we don't need to wait for the job to finish or verify the result - const response = await supertestWithoutAuth - .delete(`${INTERNAL_ROUTES.JOBS.DELETE_PREFIX}/${reportJob.id}`) - .set(...API_HEADER) - .set(...INTERNAL_HEADER) - .set(adminUser.apiKeyHeader); + it(`user can delete a report they've created`, async () => { + const response = await supertestWithoutAuth + .delete(`${INTERNAL_ROUTES.JOBS.DELETE_PREFIX}/${reportJob.id}`) + .set(...API_HEADER) + .set(internalReqHeader) + .set(cookieCredentials); - expect(response.status).to.be(200); - expect(response.body).to.eql({ deleted: true }); - }); + expect(response.status).to.be(200); + expect(response.body).to.eql({ deleted: true }); }); }); }; diff --git a/x-pack/test_serverless/api_integration/test_suites/observability/ai_assistant/tests/chat/chat.spec.ts b/x-pack/test_serverless/api_integration/test_suites/observability/ai_assistant/tests/chat/chat.spec.ts index d30839b60b0f12..582f544c7dbfa6 100644 --- a/x-pack/test_serverless/api_integration/test_suites/observability/ai_assistant/tests/chat/chat.spec.ts +++ b/x-pack/test_serverless/api_integration/test_suites/observability/ai_assistant/tests/chat/chat.spec.ts @@ -84,7 +84,7 @@ export default function ApiTest({ getService }: FtrProviderContext) { messages, connectorId: 'does not exist', functions: [], - scope: 'all', + scopes: ['all'], }) .expect(404); }); @@ -114,7 +114,7 @@ export default function ApiTest({ getService }: FtrProviderContext) { messages, connectorId, functions: [], - scope: 'all', + scopes: ['all'], }) .pipe(passThrough); @@ -174,7 +174,7 @@ export default function ApiTest({ getService }: FtrProviderContext) { messages, connectorId, functions: [], - scope: 'all', + scopes: ['all'], }) .expect(200) .pipe(passThrough); diff --git a/x-pack/test_serverless/api_integration/test_suites/observability/ai_assistant/tests/complete/complete.spec.ts b/x-pack/test_serverless/api_integration/test_suites/observability/ai_assistant/tests/complete/complete.spec.ts index 970b99ab356139..a95c07bce0eb9f 100644 --- a/x-pack/test_serverless/api_integration/test_suites/observability/ai_assistant/tests/complete/complete.spec.ts +++ b/x-pack/test_serverless/api_integration/test_suites/observability/ai_assistant/tests/complete/complete.spec.ts @@ -91,7 +91,7 @@ export default function ApiTest({ getService }: FtrProviderContext) { connectorId, persist: true, screenContexts: params.screenContexts || [], - scope: 'all', + scopes: ['all'], }) .then((response: Response) => resolve(response)) .catch((err: Error) => reject(err)); @@ -164,7 +164,7 @@ export default function ApiTest({ getService }: FtrProviderContext) { connectorId, persist: false, screenContexts: [], - scope: 'all', + scopes: ['all'], }) .pipe(passThrough); @@ -436,7 +436,7 @@ export default function ApiTest({ getService }: FtrProviderContext) { connectorId, persist: true, screenContexts: [], - scope: 'all', + scopes: ['all'], }, }, }) @@ -483,7 +483,7 @@ export default function ApiTest({ getService }: FtrProviderContext) { persist: true, screenContexts: [], conversationId, - scope: 'all', + scopes: ['all'], }, }, }) diff --git a/x-pack/test_serverless/api_integration/test_suites/observability/ai_assistant/tests/complete/functions/helpers.ts b/x-pack/test_serverless/api_integration/test_suites/observability/ai_assistant/tests/complete/functions/helpers.ts index 857fa71aac9e66..758046de72f2be 100644 --- a/x-pack/test_serverless/api_integration/test_suites/observability/ai_assistant/tests/complete/functions/helpers.ts +++ b/x-pack/test_serverless/api_integration/test_suites/observability/ai_assistant/tests/complete/functions/helpers.ts @@ -36,12 +36,12 @@ export async function invokeChatCompleteWithFunctionRequest({ functionCall, roleAuthc, internalReqHeader, - scope, + scopes, }: { connectorId: string; observabilityAIAssistantAPIClient: ObservabilityAIAssistantApiClient; functionCall: Message['message']['function_call']; - scope?: AssistantScope; + scopes?: AssistantScope[]; roleAuthc: RoleCredentials; internalReqHeader: InternalRequestHeader; }) { @@ -65,7 +65,7 @@ export async function invokeChatCompleteWithFunctionRequest({ connectorId, persist: false, screenContexts: [], - scope: 'observability', + scopes: scopes || (['observability'] as AssistantScope[]), }, }, }) diff --git a/x-pack/test_serverless/api_integration/test_suites/observability/ai_assistant/tests/knowledge_base/knowledge_base_user_instructions.spec.ts b/x-pack/test_serverless/api_integration/test_suites/observability/ai_assistant/tests/knowledge_base/knowledge_base_user_instructions.spec.ts index 86232035d0c58d..4181b6a14ffde7 100644 --- a/x-pack/test_serverless/api_integration/test_suites/observability/ai_assistant/tests/knowledge_base/knowledge_base_user_instructions.spec.ts +++ b/x-pack/test_serverless/api_integration/test_suites/observability/ai_assistant/tests/knowledge_base/knowledge_base_user_instructions.spec.ts @@ -266,7 +266,7 @@ export default function ApiTest({ getService }: FtrProviderContext) { connectorId, persist: true, screenContexts: [], - scope: 'observability', + scopes: ['observability'], }, }, roleAuthc, diff --git a/x-pack/test_serverless/api_integration/test_suites/observability/custom_threshold_rule/index.ts b/x-pack/test_serverless/api_integration/test_suites/observability/custom_threshold_rule/index.ts index e8246cbe798097..01e91f1d5840b4 100644 --- a/x-pack/test_serverless/api_integration/test_suites/observability/custom_threshold_rule/index.ts +++ b/x-pack/test_serverless/api_integration/test_suites/observability/custom_threshold_rule/index.ts @@ -9,7 +9,6 @@ import { FtrProviderContext } from '../../../ftr_provider_context'; export default function ({ loadTestFile }: FtrProviderContext) { describe('Custom Threshold Rule', function () { - loadTestFile(require.resolve('./avg_pct_fired')); loadTestFile(require.resolve('./avg_pct_no_data')); loadTestFile(require.resolve('./documents_count_fired')); loadTestFile(require.resolve('./custom_eq_avg_bytes_fired')); diff --git a/x-pack/test_serverless/api_integration/test_suites/observability/index.ts b/x-pack/test_serverless/api_integration/test_suites/observability/index.ts index a138c768d43d40..63f8236a335b6b 100644 --- a/x-pack/test_serverless/api_integration/test_suites/observability/index.ts +++ b/x-pack/test_serverless/api_integration/test_suites/observability/index.ts @@ -15,7 +15,6 @@ export default function ({ loadTestFile }: FtrProviderContext) { loadTestFile(require.resolve('./apm_api_integration/service_maps/service_maps')); loadTestFile(require.resolve('./apm_api_integration/traces/critical_path')); loadTestFile(require.resolve('./cases')); - loadTestFile(require.resolve('./es_query_rule/es_query_rule')); loadTestFile(require.resolve('./slos')); loadTestFile(require.resolve('./synthetics')); loadTestFile(require.resolve('./dataset_quality_api_integration')); diff --git a/x-pack/test_serverless/api_integration/test_suites/observability/platform_security/authorization.ts b/x-pack/test_serverless/api_integration/test_suites/observability/platform_security/authorization.ts index 885a34572c1f37..d4cca44448676c 100644 --- a/x-pack/test_serverless/api_integration/test_suites/observability/platform_security/authorization.ts +++ b/x-pack/test_serverless/api_integration/test_suites/observability/platform_security/authorization.ts @@ -655,6 +655,62 @@ export default function ({ getService }: FtrProviderContext) { "alerting:apm.anomaly/observability/rule/runSoon", "alerting:apm.anomaly/observability/rule/scheduleBackfill", "alerting:apm.anomaly/observability/rule/deleteBackfill", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/get", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getRuleState", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getAlertSummary", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getExecutionLog", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getActionErrorLog", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/find", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getRuleExecutionKPI", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getBackfill", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/findBackfill", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/create", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/delete", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/update", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/updateApiKey", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/enable", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/disable", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/muteAll", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/unmuteAll", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/muteAlert", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/unmuteAlert", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/snooze", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/bulkEdit", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/bulkDelete", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/bulkEnable", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/bulkDisable", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/unsnooze", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/runSoon", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/scheduleBackfill", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/deleteBackfill", + "alerting:xpack.synthetics.alerts.tls/observability/rule/get", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getRuleState", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getAlertSummary", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getExecutionLog", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getActionErrorLog", + "alerting:xpack.synthetics.alerts.tls/observability/rule/find", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getRuleExecutionKPI", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getBackfill", + "alerting:xpack.synthetics.alerts.tls/observability/rule/findBackfill", + "alerting:xpack.synthetics.alerts.tls/observability/rule/create", + "alerting:xpack.synthetics.alerts.tls/observability/rule/delete", + "alerting:xpack.synthetics.alerts.tls/observability/rule/update", + "alerting:xpack.synthetics.alerts.tls/observability/rule/updateApiKey", + "alerting:xpack.synthetics.alerts.tls/observability/rule/enable", + "alerting:xpack.synthetics.alerts.tls/observability/rule/disable", + "alerting:xpack.synthetics.alerts.tls/observability/rule/muteAll", + "alerting:xpack.synthetics.alerts.tls/observability/rule/unmuteAll", + "alerting:xpack.synthetics.alerts.tls/observability/rule/muteAlert", + "alerting:xpack.synthetics.alerts.tls/observability/rule/unmuteAlert", + "alerting:xpack.synthetics.alerts.tls/observability/rule/snooze", + "alerting:xpack.synthetics.alerts.tls/observability/rule/bulkEdit", + "alerting:xpack.synthetics.alerts.tls/observability/rule/bulkDelete", + "alerting:xpack.synthetics.alerts.tls/observability/rule/bulkEnable", + "alerting:xpack.synthetics.alerts.tls/observability/rule/bulkDisable", + "alerting:xpack.synthetics.alerts.tls/observability/rule/unsnooze", + "alerting:xpack.synthetics.alerts.tls/observability/rule/runSoon", + "alerting:xpack.synthetics.alerts.tls/observability/rule/scheduleBackfill", + "alerting:xpack.synthetics.alerts.tls/observability/rule/deleteBackfill", "alerting:slo.rules.burnRate/observability/alert/get", "alerting:slo.rules.burnRate/observability/alert/find", "alerting:slo.rules.burnRate/observability/alert/getAuthorizedAlertsIndices", @@ -700,6 +756,16 @@ export default function ({ getService }: FtrProviderContext) { "alerting:apm.anomaly/observability/alert/getAuthorizedAlertsIndices", "alerting:apm.anomaly/observability/alert/getAlertSummary", "alerting:apm.anomaly/observability/alert/update", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/alert/get", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/alert/find", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/alert/getAuthorizedAlertsIndices", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/alert/getAlertSummary", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/alert/update", + "alerting:xpack.synthetics.alerts.tls/observability/alert/get", + "alerting:xpack.synthetics.alerts.tls/observability/alert/find", + "alerting:xpack.synthetics.alerts.tls/observability/alert/getAuthorizedAlertsIndices", + "alerting:xpack.synthetics.alerts.tls/observability/alert/getAlertSummary", + "alerting:xpack.synthetics.alerts.tls/observability/alert/update", ], "minimal_all": Array [ "login:", @@ -1307,6 +1373,62 @@ export default function ({ getService }: FtrProviderContext) { "alerting:apm.anomaly/observability/rule/runSoon", "alerting:apm.anomaly/observability/rule/scheduleBackfill", "alerting:apm.anomaly/observability/rule/deleteBackfill", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/get", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getRuleState", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getAlertSummary", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getExecutionLog", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getActionErrorLog", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/find", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getRuleExecutionKPI", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getBackfill", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/findBackfill", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/create", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/delete", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/update", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/updateApiKey", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/enable", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/disable", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/muteAll", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/unmuteAll", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/muteAlert", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/unmuteAlert", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/snooze", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/bulkEdit", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/bulkDelete", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/bulkEnable", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/bulkDisable", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/unsnooze", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/runSoon", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/scheduleBackfill", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/deleteBackfill", + "alerting:xpack.synthetics.alerts.tls/observability/rule/get", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getRuleState", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getAlertSummary", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getExecutionLog", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getActionErrorLog", + "alerting:xpack.synthetics.alerts.tls/observability/rule/find", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getRuleExecutionKPI", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getBackfill", + "alerting:xpack.synthetics.alerts.tls/observability/rule/findBackfill", + "alerting:xpack.synthetics.alerts.tls/observability/rule/create", + "alerting:xpack.synthetics.alerts.tls/observability/rule/delete", + "alerting:xpack.synthetics.alerts.tls/observability/rule/update", + "alerting:xpack.synthetics.alerts.tls/observability/rule/updateApiKey", + "alerting:xpack.synthetics.alerts.tls/observability/rule/enable", + "alerting:xpack.synthetics.alerts.tls/observability/rule/disable", + "alerting:xpack.synthetics.alerts.tls/observability/rule/muteAll", + "alerting:xpack.synthetics.alerts.tls/observability/rule/unmuteAll", + "alerting:xpack.synthetics.alerts.tls/observability/rule/muteAlert", + "alerting:xpack.synthetics.alerts.tls/observability/rule/unmuteAlert", + "alerting:xpack.synthetics.alerts.tls/observability/rule/snooze", + "alerting:xpack.synthetics.alerts.tls/observability/rule/bulkEdit", + "alerting:xpack.synthetics.alerts.tls/observability/rule/bulkDelete", + "alerting:xpack.synthetics.alerts.tls/observability/rule/bulkEnable", + "alerting:xpack.synthetics.alerts.tls/observability/rule/bulkDisable", + "alerting:xpack.synthetics.alerts.tls/observability/rule/unsnooze", + "alerting:xpack.synthetics.alerts.tls/observability/rule/runSoon", + "alerting:xpack.synthetics.alerts.tls/observability/rule/scheduleBackfill", + "alerting:xpack.synthetics.alerts.tls/observability/rule/deleteBackfill", "alerting:slo.rules.burnRate/observability/alert/get", "alerting:slo.rules.burnRate/observability/alert/find", "alerting:slo.rules.burnRate/observability/alert/getAuthorizedAlertsIndices", @@ -1352,6 +1474,16 @@ export default function ({ getService }: FtrProviderContext) { "alerting:apm.anomaly/observability/alert/getAuthorizedAlertsIndices", "alerting:apm.anomaly/observability/alert/getAlertSummary", "alerting:apm.anomaly/observability/alert/update", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/alert/get", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/alert/find", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/alert/getAuthorizedAlertsIndices", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/alert/getAlertSummary", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/alert/update", + "alerting:xpack.synthetics.alerts.tls/observability/alert/get", + "alerting:xpack.synthetics.alerts.tls/observability/alert/find", + "alerting:xpack.synthetics.alerts.tls/observability/alert/getAuthorizedAlertsIndices", + "alerting:xpack.synthetics.alerts.tls/observability/alert/getAlertSummary", + "alerting:xpack.synthetics.alerts.tls/observability/alert/update", ], "minimal_read": Array [ "login:", @@ -1601,6 +1733,24 @@ export default function ({ getService }: FtrProviderContext) { "alerting:apm.anomaly/observability/rule/getRuleExecutionKPI", "alerting:apm.anomaly/observability/rule/getBackfill", "alerting:apm.anomaly/observability/rule/findBackfill", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/get", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getRuleState", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getAlertSummary", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getExecutionLog", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getActionErrorLog", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/find", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getRuleExecutionKPI", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getBackfill", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/findBackfill", + "alerting:xpack.synthetics.alerts.tls/observability/rule/get", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getRuleState", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getAlertSummary", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getExecutionLog", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getActionErrorLog", + "alerting:xpack.synthetics.alerts.tls/observability/rule/find", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getRuleExecutionKPI", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getBackfill", + "alerting:xpack.synthetics.alerts.tls/observability/rule/findBackfill", "alerting:slo.rules.burnRate/observability/alert/get", "alerting:slo.rules.burnRate/observability/alert/find", "alerting:slo.rules.burnRate/observability/alert/getAuthorizedAlertsIndices", @@ -1637,6 +1787,14 @@ export default function ({ getService }: FtrProviderContext) { "alerting:apm.anomaly/observability/alert/find", "alerting:apm.anomaly/observability/alert/getAuthorizedAlertsIndices", "alerting:apm.anomaly/observability/alert/getAlertSummary", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/alert/get", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/alert/find", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/alert/getAuthorizedAlertsIndices", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/alert/getAlertSummary", + "alerting:xpack.synthetics.alerts.tls/observability/alert/get", + "alerting:xpack.synthetics.alerts.tls/observability/alert/find", + "alerting:xpack.synthetics.alerts.tls/observability/alert/getAuthorizedAlertsIndices", + "alerting:xpack.synthetics.alerts.tls/observability/alert/getAlertSummary", ], "read": Array [ "login:", @@ -1886,6 +2044,24 @@ export default function ({ getService }: FtrProviderContext) { "alerting:apm.anomaly/observability/rule/getRuleExecutionKPI", "alerting:apm.anomaly/observability/rule/getBackfill", "alerting:apm.anomaly/observability/rule/findBackfill", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/get", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getRuleState", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getAlertSummary", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getExecutionLog", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getActionErrorLog", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/find", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getRuleExecutionKPI", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getBackfill", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/findBackfill", + "alerting:xpack.synthetics.alerts.tls/observability/rule/get", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getRuleState", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getAlertSummary", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getExecutionLog", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getActionErrorLog", + "alerting:xpack.synthetics.alerts.tls/observability/rule/find", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getRuleExecutionKPI", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getBackfill", + "alerting:xpack.synthetics.alerts.tls/observability/rule/findBackfill", "alerting:slo.rules.burnRate/observability/alert/get", "alerting:slo.rules.burnRate/observability/alert/find", "alerting:slo.rules.burnRate/observability/alert/getAuthorizedAlertsIndices", @@ -1922,6 +2098,14 @@ export default function ({ getService }: FtrProviderContext) { "alerting:apm.anomaly/observability/alert/find", "alerting:apm.anomaly/observability/alert/getAuthorizedAlertsIndices", "alerting:apm.anomaly/observability/alert/getAlertSummary", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/alert/get", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/alert/find", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/alert/getAuthorizedAlertsIndices", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/alert/getAlertSummary", + "alerting:xpack.synthetics.alerts.tls/observability/alert/get", + "alerting:xpack.synthetics.alerts.tls/observability/alert/find", + "alerting:xpack.synthetics.alerts.tls/observability/alert/getAuthorizedAlertsIndices", + "alerting:xpack.synthetics.alerts.tls/observability/alert/getAlertSummary", ], "settings_save": Array [ "login:", @@ -2851,6 +3035,62 @@ export default function ({ getService }: FtrProviderContext) { "alerting:apm.anomaly/observability/rule/runSoon", "alerting:apm.anomaly/observability/rule/scheduleBackfill", "alerting:apm.anomaly/observability/rule/deleteBackfill", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/get", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getRuleState", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getAlertSummary", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getExecutionLog", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getActionErrorLog", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/find", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getRuleExecutionKPI", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getBackfill", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/findBackfill", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/create", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/delete", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/update", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/updateApiKey", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/enable", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/disable", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/muteAll", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/unmuteAll", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/muteAlert", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/unmuteAlert", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/snooze", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/bulkEdit", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/bulkDelete", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/bulkEnable", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/bulkDisable", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/unsnooze", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/runSoon", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/scheduleBackfill", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/deleteBackfill", + "alerting:xpack.synthetics.alerts.tls/observability/rule/get", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getRuleState", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getAlertSummary", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getExecutionLog", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getActionErrorLog", + "alerting:xpack.synthetics.alerts.tls/observability/rule/find", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getRuleExecutionKPI", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getBackfill", + "alerting:xpack.synthetics.alerts.tls/observability/rule/findBackfill", + "alerting:xpack.synthetics.alerts.tls/observability/rule/create", + "alerting:xpack.synthetics.alerts.tls/observability/rule/delete", + "alerting:xpack.synthetics.alerts.tls/observability/rule/update", + "alerting:xpack.synthetics.alerts.tls/observability/rule/updateApiKey", + "alerting:xpack.synthetics.alerts.tls/observability/rule/enable", + "alerting:xpack.synthetics.alerts.tls/observability/rule/disable", + "alerting:xpack.synthetics.alerts.tls/observability/rule/muteAll", + "alerting:xpack.synthetics.alerts.tls/observability/rule/unmuteAll", + "alerting:xpack.synthetics.alerts.tls/observability/rule/muteAlert", + "alerting:xpack.synthetics.alerts.tls/observability/rule/unmuteAlert", + "alerting:xpack.synthetics.alerts.tls/observability/rule/snooze", + "alerting:xpack.synthetics.alerts.tls/observability/rule/bulkEdit", + "alerting:xpack.synthetics.alerts.tls/observability/rule/bulkDelete", + "alerting:xpack.synthetics.alerts.tls/observability/rule/bulkEnable", + "alerting:xpack.synthetics.alerts.tls/observability/rule/bulkDisable", + "alerting:xpack.synthetics.alerts.tls/observability/rule/unsnooze", + "alerting:xpack.synthetics.alerts.tls/observability/rule/runSoon", + "alerting:xpack.synthetics.alerts.tls/observability/rule/scheduleBackfill", + "alerting:xpack.synthetics.alerts.tls/observability/rule/deleteBackfill", "alerting:slo.rules.burnRate/observability/alert/get", "alerting:slo.rules.burnRate/observability/alert/find", "alerting:slo.rules.burnRate/observability/alert/getAuthorizedAlertsIndices", @@ -2896,6 +3136,16 @@ export default function ({ getService }: FtrProviderContext) { "alerting:apm.anomaly/observability/alert/getAuthorizedAlertsIndices", "alerting:apm.anomaly/observability/alert/getAlertSummary", "alerting:apm.anomaly/observability/alert/update", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/alert/get", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/alert/find", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/alert/getAuthorizedAlertsIndices", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/alert/getAlertSummary", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/alert/update", + "alerting:xpack.synthetics.alerts.tls/observability/alert/get", + "alerting:xpack.synthetics.alerts.tls/observability/alert/find", + "alerting:xpack.synthetics.alerts.tls/observability/alert/getAuthorizedAlertsIndices", + "alerting:xpack.synthetics.alerts.tls/observability/alert/getAlertSummary", + "alerting:xpack.synthetics.alerts.tls/observability/alert/update", ], "generate_report": Array [ "login:", @@ -3228,6 +3478,62 @@ export default function ({ getService }: FtrProviderContext) { "alerting:apm.anomaly/observability/rule/runSoon", "alerting:apm.anomaly/observability/rule/scheduleBackfill", "alerting:apm.anomaly/observability/rule/deleteBackfill", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/get", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getRuleState", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getAlertSummary", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getExecutionLog", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getActionErrorLog", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/find", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getRuleExecutionKPI", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getBackfill", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/findBackfill", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/create", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/delete", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/update", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/updateApiKey", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/enable", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/disable", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/muteAll", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/unmuteAll", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/muteAlert", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/unmuteAlert", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/snooze", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/bulkEdit", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/bulkDelete", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/bulkEnable", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/bulkDisable", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/unsnooze", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/runSoon", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/scheduleBackfill", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/deleteBackfill", + "alerting:xpack.synthetics.alerts.tls/observability/rule/get", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getRuleState", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getAlertSummary", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getExecutionLog", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getActionErrorLog", + "alerting:xpack.synthetics.alerts.tls/observability/rule/find", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getRuleExecutionKPI", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getBackfill", + "alerting:xpack.synthetics.alerts.tls/observability/rule/findBackfill", + "alerting:xpack.synthetics.alerts.tls/observability/rule/create", + "alerting:xpack.synthetics.alerts.tls/observability/rule/delete", + "alerting:xpack.synthetics.alerts.tls/observability/rule/update", + "alerting:xpack.synthetics.alerts.tls/observability/rule/updateApiKey", + "alerting:xpack.synthetics.alerts.tls/observability/rule/enable", + "alerting:xpack.synthetics.alerts.tls/observability/rule/disable", + "alerting:xpack.synthetics.alerts.tls/observability/rule/muteAll", + "alerting:xpack.synthetics.alerts.tls/observability/rule/unmuteAll", + "alerting:xpack.synthetics.alerts.tls/observability/rule/muteAlert", + "alerting:xpack.synthetics.alerts.tls/observability/rule/unmuteAlert", + "alerting:xpack.synthetics.alerts.tls/observability/rule/snooze", + "alerting:xpack.synthetics.alerts.tls/observability/rule/bulkEdit", + "alerting:xpack.synthetics.alerts.tls/observability/rule/bulkDelete", + "alerting:xpack.synthetics.alerts.tls/observability/rule/bulkEnable", + "alerting:xpack.synthetics.alerts.tls/observability/rule/bulkDisable", + "alerting:xpack.synthetics.alerts.tls/observability/rule/unsnooze", + "alerting:xpack.synthetics.alerts.tls/observability/rule/runSoon", + "alerting:xpack.synthetics.alerts.tls/observability/rule/scheduleBackfill", + "alerting:xpack.synthetics.alerts.tls/observability/rule/deleteBackfill", "alerting:slo.rules.burnRate/observability/alert/get", "alerting:slo.rules.burnRate/observability/alert/find", "alerting:slo.rules.burnRate/observability/alert/getAuthorizedAlertsIndices", @@ -3273,6 +3579,16 @@ export default function ({ getService }: FtrProviderContext) { "alerting:apm.anomaly/observability/alert/getAuthorizedAlertsIndices", "alerting:apm.anomaly/observability/alert/getAlertSummary", "alerting:apm.anomaly/observability/alert/update", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/alert/get", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/alert/find", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/alert/getAuthorizedAlertsIndices", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/alert/getAlertSummary", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/alert/update", + "alerting:xpack.synthetics.alerts.tls/observability/alert/get", + "alerting:xpack.synthetics.alerts.tls/observability/alert/find", + "alerting:xpack.synthetics.alerts.tls/observability/alert/getAuthorizedAlertsIndices", + "alerting:xpack.synthetics.alerts.tls/observability/alert/getAlertSummary", + "alerting:xpack.synthetics.alerts.tls/observability/alert/update", ], "minimal_read": Array [ "login:", @@ -3403,6 +3719,24 @@ export default function ({ getService }: FtrProviderContext) { "alerting:apm.anomaly/observability/rule/getRuleExecutionKPI", "alerting:apm.anomaly/observability/rule/getBackfill", "alerting:apm.anomaly/observability/rule/findBackfill", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/get", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getRuleState", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getAlertSummary", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getExecutionLog", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getActionErrorLog", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/find", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getRuleExecutionKPI", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getBackfill", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/findBackfill", + "alerting:xpack.synthetics.alerts.tls/observability/rule/get", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getRuleState", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getAlertSummary", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getExecutionLog", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getActionErrorLog", + "alerting:xpack.synthetics.alerts.tls/observability/rule/find", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getRuleExecutionKPI", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getBackfill", + "alerting:xpack.synthetics.alerts.tls/observability/rule/findBackfill", "alerting:slo.rules.burnRate/observability/alert/get", "alerting:slo.rules.burnRate/observability/alert/find", "alerting:slo.rules.burnRate/observability/alert/getAuthorizedAlertsIndices", @@ -3439,6 +3773,14 @@ export default function ({ getService }: FtrProviderContext) { "alerting:apm.anomaly/observability/alert/find", "alerting:apm.anomaly/observability/alert/getAuthorizedAlertsIndices", "alerting:apm.anomaly/observability/alert/getAlertSummary", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/alert/get", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/alert/find", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/alert/getAuthorizedAlertsIndices", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/alert/getAlertSummary", + "alerting:xpack.synthetics.alerts.tls/observability/alert/get", + "alerting:xpack.synthetics.alerts.tls/observability/alert/find", + "alerting:xpack.synthetics.alerts.tls/observability/alert/getAuthorizedAlertsIndices", + "alerting:xpack.synthetics.alerts.tls/observability/alert/getAlertSummary", ], "read": Array [ "login:", @@ -3577,6 +3919,24 @@ export default function ({ getService }: FtrProviderContext) { "alerting:apm.anomaly/observability/rule/getRuleExecutionKPI", "alerting:apm.anomaly/observability/rule/getBackfill", "alerting:apm.anomaly/observability/rule/findBackfill", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/get", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getRuleState", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getAlertSummary", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getExecutionLog", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getActionErrorLog", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/find", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getRuleExecutionKPI", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getBackfill", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/findBackfill", + "alerting:xpack.synthetics.alerts.tls/observability/rule/get", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getRuleState", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getAlertSummary", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getExecutionLog", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getActionErrorLog", + "alerting:xpack.synthetics.alerts.tls/observability/rule/find", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getRuleExecutionKPI", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getBackfill", + "alerting:xpack.synthetics.alerts.tls/observability/rule/findBackfill", "alerting:slo.rules.burnRate/observability/alert/get", "alerting:slo.rules.burnRate/observability/alert/find", "alerting:slo.rules.burnRate/observability/alert/getAuthorizedAlertsIndices", @@ -3613,6 +3973,14 @@ export default function ({ getService }: FtrProviderContext) { "alerting:apm.anomaly/observability/alert/find", "alerting:apm.anomaly/observability/alert/getAuthorizedAlertsIndices", "alerting:apm.anomaly/observability/alert/getAlertSummary", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/alert/get", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/alert/find", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/alert/getAuthorizedAlertsIndices", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/alert/getAlertSummary", + "alerting:xpack.synthetics.alerts.tls/observability/alert/get", + "alerting:xpack.synthetics.alerts.tls/observability/alert/find", + "alerting:xpack.synthetics.alerts.tls/observability/alert/getAuthorizedAlertsIndices", + "alerting:xpack.synthetics.alerts.tls/observability/alert/getAlertSummary", ], "store_search_session": Array [ "login:", @@ -5333,6 +5701,62 @@ export default function ({ getService }: FtrProviderContext) { "alerting:apm.anomaly/observability/rule/runSoon", "alerting:apm.anomaly/observability/rule/scheduleBackfill", "alerting:apm.anomaly/observability/rule/deleteBackfill", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/get", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getRuleState", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getAlertSummary", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getExecutionLog", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getActionErrorLog", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/find", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getRuleExecutionKPI", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getBackfill", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/findBackfill", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/create", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/delete", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/update", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/updateApiKey", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/enable", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/disable", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/muteAll", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/unmuteAll", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/muteAlert", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/unmuteAlert", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/snooze", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/bulkEdit", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/bulkDelete", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/bulkEnable", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/bulkDisable", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/unsnooze", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/runSoon", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/scheduleBackfill", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/deleteBackfill", + "alerting:xpack.synthetics.alerts.tls/observability/rule/get", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getRuleState", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getAlertSummary", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getExecutionLog", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getActionErrorLog", + "alerting:xpack.synthetics.alerts.tls/observability/rule/find", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getRuleExecutionKPI", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getBackfill", + "alerting:xpack.synthetics.alerts.tls/observability/rule/findBackfill", + "alerting:xpack.synthetics.alerts.tls/observability/rule/create", + "alerting:xpack.synthetics.alerts.tls/observability/rule/delete", + "alerting:xpack.synthetics.alerts.tls/observability/rule/update", + "alerting:xpack.synthetics.alerts.tls/observability/rule/updateApiKey", + "alerting:xpack.synthetics.alerts.tls/observability/rule/enable", + "alerting:xpack.synthetics.alerts.tls/observability/rule/disable", + "alerting:xpack.synthetics.alerts.tls/observability/rule/muteAll", + "alerting:xpack.synthetics.alerts.tls/observability/rule/unmuteAll", + "alerting:xpack.synthetics.alerts.tls/observability/rule/muteAlert", + "alerting:xpack.synthetics.alerts.tls/observability/rule/unmuteAlert", + "alerting:xpack.synthetics.alerts.tls/observability/rule/snooze", + "alerting:xpack.synthetics.alerts.tls/observability/rule/bulkEdit", + "alerting:xpack.synthetics.alerts.tls/observability/rule/bulkDelete", + "alerting:xpack.synthetics.alerts.tls/observability/rule/bulkEnable", + "alerting:xpack.synthetics.alerts.tls/observability/rule/bulkDisable", + "alerting:xpack.synthetics.alerts.tls/observability/rule/unsnooze", + "alerting:xpack.synthetics.alerts.tls/observability/rule/runSoon", + "alerting:xpack.synthetics.alerts.tls/observability/rule/scheduleBackfill", + "alerting:xpack.synthetics.alerts.tls/observability/rule/deleteBackfill", "alerting:slo.rules.burnRate/observability/alert/get", "alerting:slo.rules.burnRate/observability/alert/find", "alerting:slo.rules.burnRate/observability/alert/getAuthorizedAlertsIndices", @@ -5378,6 +5802,16 @@ export default function ({ getService }: FtrProviderContext) { "alerting:apm.anomaly/observability/alert/getAuthorizedAlertsIndices", "alerting:apm.anomaly/observability/alert/getAlertSummary", "alerting:apm.anomaly/observability/alert/update", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/alert/get", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/alert/find", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/alert/getAuthorizedAlertsIndices", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/alert/getAlertSummary", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/alert/update", + "alerting:xpack.synthetics.alerts.tls/observability/alert/get", + "alerting:xpack.synthetics.alerts.tls/observability/alert/find", + "alerting:xpack.synthetics.alerts.tls/observability/alert/getAuthorizedAlertsIndices", + "alerting:xpack.synthetics.alerts.tls/observability/alert/getAlertSummary", + "alerting:xpack.synthetics.alerts.tls/observability/alert/update", ], "minimal_all": Array [ "login:", @@ -6026,6 +6460,62 @@ export default function ({ getService }: FtrProviderContext) { "alerting:apm.anomaly/observability/rule/runSoon", "alerting:apm.anomaly/observability/rule/scheduleBackfill", "alerting:apm.anomaly/observability/rule/deleteBackfill", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/get", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getRuleState", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getAlertSummary", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getExecutionLog", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getActionErrorLog", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/find", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getRuleExecutionKPI", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getBackfill", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/findBackfill", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/create", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/delete", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/update", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/updateApiKey", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/enable", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/disable", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/muteAll", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/unmuteAll", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/muteAlert", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/unmuteAlert", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/snooze", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/bulkEdit", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/bulkDelete", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/bulkEnable", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/bulkDisable", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/unsnooze", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/runSoon", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/scheduleBackfill", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/deleteBackfill", + "alerting:xpack.synthetics.alerts.tls/observability/rule/get", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getRuleState", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getAlertSummary", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getExecutionLog", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getActionErrorLog", + "alerting:xpack.synthetics.alerts.tls/observability/rule/find", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getRuleExecutionKPI", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getBackfill", + "alerting:xpack.synthetics.alerts.tls/observability/rule/findBackfill", + "alerting:xpack.synthetics.alerts.tls/observability/rule/create", + "alerting:xpack.synthetics.alerts.tls/observability/rule/delete", + "alerting:xpack.synthetics.alerts.tls/observability/rule/update", + "alerting:xpack.synthetics.alerts.tls/observability/rule/updateApiKey", + "alerting:xpack.synthetics.alerts.tls/observability/rule/enable", + "alerting:xpack.synthetics.alerts.tls/observability/rule/disable", + "alerting:xpack.synthetics.alerts.tls/observability/rule/muteAll", + "alerting:xpack.synthetics.alerts.tls/observability/rule/unmuteAll", + "alerting:xpack.synthetics.alerts.tls/observability/rule/muteAlert", + "alerting:xpack.synthetics.alerts.tls/observability/rule/unmuteAlert", + "alerting:xpack.synthetics.alerts.tls/observability/rule/snooze", + "alerting:xpack.synthetics.alerts.tls/observability/rule/bulkEdit", + "alerting:xpack.synthetics.alerts.tls/observability/rule/bulkDelete", + "alerting:xpack.synthetics.alerts.tls/observability/rule/bulkEnable", + "alerting:xpack.synthetics.alerts.tls/observability/rule/bulkDisable", + "alerting:xpack.synthetics.alerts.tls/observability/rule/unsnooze", + "alerting:xpack.synthetics.alerts.tls/observability/rule/runSoon", + "alerting:xpack.synthetics.alerts.tls/observability/rule/scheduleBackfill", + "alerting:xpack.synthetics.alerts.tls/observability/rule/deleteBackfill", "alerting:slo.rules.burnRate/observability/alert/get", "alerting:slo.rules.burnRate/observability/alert/find", "alerting:slo.rules.burnRate/observability/alert/getAuthorizedAlertsIndices", @@ -6071,6 +6561,16 @@ export default function ({ getService }: FtrProviderContext) { "alerting:apm.anomaly/observability/alert/getAuthorizedAlertsIndices", "alerting:apm.anomaly/observability/alert/getAlertSummary", "alerting:apm.anomaly/observability/alert/update", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/alert/get", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/alert/find", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/alert/getAuthorizedAlertsIndices", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/alert/getAlertSummary", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/alert/update", + "alerting:xpack.synthetics.alerts.tls/observability/alert/get", + "alerting:xpack.synthetics.alerts.tls/observability/alert/find", + "alerting:xpack.synthetics.alerts.tls/observability/alert/getAuthorizedAlertsIndices", + "alerting:xpack.synthetics.alerts.tls/observability/alert/getAlertSummary", + "alerting:xpack.synthetics.alerts.tls/observability/alert/update", ], "minimal_read": Array [ "login:", @@ -6335,6 +6835,24 @@ export default function ({ getService }: FtrProviderContext) { "alerting:apm.anomaly/observability/rule/getRuleExecutionKPI", "alerting:apm.anomaly/observability/rule/getBackfill", "alerting:apm.anomaly/observability/rule/findBackfill", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/get", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getRuleState", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getAlertSummary", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getExecutionLog", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getActionErrorLog", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/find", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getRuleExecutionKPI", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getBackfill", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/findBackfill", + "alerting:xpack.synthetics.alerts.tls/observability/rule/get", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getRuleState", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getAlertSummary", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getExecutionLog", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getActionErrorLog", + "alerting:xpack.synthetics.alerts.tls/observability/rule/find", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getRuleExecutionKPI", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getBackfill", + "alerting:xpack.synthetics.alerts.tls/observability/rule/findBackfill", "alerting:slo.rules.burnRate/observability/alert/get", "alerting:slo.rules.burnRate/observability/alert/find", "alerting:slo.rules.burnRate/observability/alert/getAuthorizedAlertsIndices", @@ -6371,6 +6889,14 @@ export default function ({ getService }: FtrProviderContext) { "alerting:apm.anomaly/observability/alert/find", "alerting:apm.anomaly/observability/alert/getAuthorizedAlertsIndices", "alerting:apm.anomaly/observability/alert/getAlertSummary", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/alert/get", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/alert/find", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/alert/getAuthorizedAlertsIndices", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/alert/getAlertSummary", + "alerting:xpack.synthetics.alerts.tls/observability/alert/get", + "alerting:xpack.synthetics.alerts.tls/observability/alert/find", + "alerting:xpack.synthetics.alerts.tls/observability/alert/getAuthorizedAlertsIndices", + "alerting:xpack.synthetics.alerts.tls/observability/alert/getAlertSummary", ], "read": Array [ "login:", @@ -6635,6 +7161,24 @@ export default function ({ getService }: FtrProviderContext) { "alerting:apm.anomaly/observability/rule/getRuleExecutionKPI", "alerting:apm.anomaly/observability/rule/getBackfill", "alerting:apm.anomaly/observability/rule/findBackfill", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/get", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getRuleState", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getAlertSummary", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getExecutionLog", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getActionErrorLog", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/find", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getRuleExecutionKPI", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getBackfill", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/findBackfill", + "alerting:xpack.synthetics.alerts.tls/observability/rule/get", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getRuleState", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getAlertSummary", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getExecutionLog", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getActionErrorLog", + "alerting:xpack.synthetics.alerts.tls/observability/rule/find", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getRuleExecutionKPI", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getBackfill", + "alerting:xpack.synthetics.alerts.tls/observability/rule/findBackfill", "alerting:slo.rules.burnRate/observability/alert/get", "alerting:slo.rules.burnRate/observability/alert/find", "alerting:slo.rules.burnRate/observability/alert/getAuthorizedAlertsIndices", @@ -6671,6 +7215,14 @@ export default function ({ getService }: FtrProviderContext) { "alerting:apm.anomaly/observability/alert/find", "alerting:apm.anomaly/observability/alert/getAuthorizedAlertsIndices", "alerting:apm.anomaly/observability/alert/getAlertSummary", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/alert/get", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/alert/find", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/alert/getAuthorizedAlertsIndices", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/alert/getAlertSummary", + "alerting:xpack.synthetics.alerts.tls/observability/alert/get", + "alerting:xpack.synthetics.alerts.tls/observability/alert/find", + "alerting:xpack.synthetics.alerts.tls/observability/alert/getAuthorizedAlertsIndices", + "alerting:xpack.synthetics.alerts.tls/observability/alert/getAlertSummary", ], }, "reporting": Object { @@ -7145,6 +7697,62 @@ export default function ({ getService }: FtrProviderContext) { "alerting:apm.anomaly/observability/rule/runSoon", "alerting:apm.anomaly/observability/rule/scheduleBackfill", "alerting:apm.anomaly/observability/rule/deleteBackfill", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/get", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getRuleState", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getAlertSummary", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getExecutionLog", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getActionErrorLog", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/find", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getRuleExecutionKPI", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getBackfill", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/findBackfill", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/create", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/delete", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/update", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/updateApiKey", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/enable", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/disable", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/muteAll", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/unmuteAll", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/muteAlert", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/unmuteAlert", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/snooze", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/bulkEdit", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/bulkDelete", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/bulkEnable", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/bulkDisable", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/unsnooze", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/runSoon", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/scheduleBackfill", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/deleteBackfill", + "alerting:xpack.synthetics.alerts.tls/observability/rule/get", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getRuleState", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getAlertSummary", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getExecutionLog", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getActionErrorLog", + "alerting:xpack.synthetics.alerts.tls/observability/rule/find", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getRuleExecutionKPI", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getBackfill", + "alerting:xpack.synthetics.alerts.tls/observability/rule/findBackfill", + "alerting:xpack.synthetics.alerts.tls/observability/rule/create", + "alerting:xpack.synthetics.alerts.tls/observability/rule/delete", + "alerting:xpack.synthetics.alerts.tls/observability/rule/update", + "alerting:xpack.synthetics.alerts.tls/observability/rule/updateApiKey", + "alerting:xpack.synthetics.alerts.tls/observability/rule/enable", + "alerting:xpack.synthetics.alerts.tls/observability/rule/disable", + "alerting:xpack.synthetics.alerts.tls/observability/rule/muteAll", + "alerting:xpack.synthetics.alerts.tls/observability/rule/unmuteAll", + "alerting:xpack.synthetics.alerts.tls/observability/rule/muteAlert", + "alerting:xpack.synthetics.alerts.tls/observability/rule/unmuteAlert", + "alerting:xpack.synthetics.alerts.tls/observability/rule/snooze", + "alerting:xpack.synthetics.alerts.tls/observability/rule/bulkEdit", + "alerting:xpack.synthetics.alerts.tls/observability/rule/bulkDelete", + "alerting:xpack.synthetics.alerts.tls/observability/rule/bulkEnable", + "alerting:xpack.synthetics.alerts.tls/observability/rule/bulkDisable", + "alerting:xpack.synthetics.alerts.tls/observability/rule/unsnooze", + "alerting:xpack.synthetics.alerts.tls/observability/rule/runSoon", + "alerting:xpack.synthetics.alerts.tls/observability/rule/scheduleBackfill", + "alerting:xpack.synthetics.alerts.tls/observability/rule/deleteBackfill", "alerting:slo.rules.burnRate/observability/alert/get", "alerting:slo.rules.burnRate/observability/alert/find", "alerting:slo.rules.burnRate/observability/alert/getAuthorizedAlertsIndices", @@ -7190,6 +7798,16 @@ export default function ({ getService }: FtrProviderContext) { "alerting:apm.anomaly/observability/alert/getAuthorizedAlertsIndices", "alerting:apm.anomaly/observability/alert/getAlertSummary", "alerting:apm.anomaly/observability/alert/update", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/alert/get", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/alert/find", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/alert/getAuthorizedAlertsIndices", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/alert/getAlertSummary", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/alert/update", + "alerting:xpack.synthetics.alerts.tls/observability/alert/get", + "alerting:xpack.synthetics.alerts.tls/observability/alert/find", + "alerting:xpack.synthetics.alerts.tls/observability/alert/getAuthorizedAlertsIndices", + "alerting:xpack.synthetics.alerts.tls/observability/alert/getAlertSummary", + "alerting:xpack.synthetics.alerts.tls/observability/alert/update", ], "minimal_all": Array [ "login:", @@ -7544,6 +8162,62 @@ export default function ({ getService }: FtrProviderContext) { "alerting:apm.anomaly/observability/rule/runSoon", "alerting:apm.anomaly/observability/rule/scheduleBackfill", "alerting:apm.anomaly/observability/rule/deleteBackfill", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/get", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getRuleState", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getAlertSummary", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getExecutionLog", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getActionErrorLog", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/find", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getRuleExecutionKPI", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getBackfill", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/findBackfill", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/create", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/delete", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/update", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/updateApiKey", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/enable", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/disable", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/muteAll", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/unmuteAll", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/muteAlert", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/unmuteAlert", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/snooze", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/bulkEdit", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/bulkDelete", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/bulkEnable", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/bulkDisable", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/unsnooze", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/runSoon", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/scheduleBackfill", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/deleteBackfill", + "alerting:xpack.synthetics.alerts.tls/observability/rule/get", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getRuleState", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getAlertSummary", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getExecutionLog", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getActionErrorLog", + "alerting:xpack.synthetics.alerts.tls/observability/rule/find", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getRuleExecutionKPI", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getBackfill", + "alerting:xpack.synthetics.alerts.tls/observability/rule/findBackfill", + "alerting:xpack.synthetics.alerts.tls/observability/rule/create", + "alerting:xpack.synthetics.alerts.tls/observability/rule/delete", + "alerting:xpack.synthetics.alerts.tls/observability/rule/update", + "alerting:xpack.synthetics.alerts.tls/observability/rule/updateApiKey", + "alerting:xpack.synthetics.alerts.tls/observability/rule/enable", + "alerting:xpack.synthetics.alerts.tls/observability/rule/disable", + "alerting:xpack.synthetics.alerts.tls/observability/rule/muteAll", + "alerting:xpack.synthetics.alerts.tls/observability/rule/unmuteAll", + "alerting:xpack.synthetics.alerts.tls/observability/rule/muteAlert", + "alerting:xpack.synthetics.alerts.tls/observability/rule/unmuteAlert", + "alerting:xpack.synthetics.alerts.tls/observability/rule/snooze", + "alerting:xpack.synthetics.alerts.tls/observability/rule/bulkEdit", + "alerting:xpack.synthetics.alerts.tls/observability/rule/bulkDelete", + "alerting:xpack.synthetics.alerts.tls/observability/rule/bulkEnable", + "alerting:xpack.synthetics.alerts.tls/observability/rule/bulkDisable", + "alerting:xpack.synthetics.alerts.tls/observability/rule/unsnooze", + "alerting:xpack.synthetics.alerts.tls/observability/rule/runSoon", + "alerting:xpack.synthetics.alerts.tls/observability/rule/scheduleBackfill", + "alerting:xpack.synthetics.alerts.tls/observability/rule/deleteBackfill", "alerting:slo.rules.burnRate/observability/alert/get", "alerting:slo.rules.burnRate/observability/alert/find", "alerting:slo.rules.burnRate/observability/alert/getAuthorizedAlertsIndices", @@ -7589,6 +8263,16 @@ export default function ({ getService }: FtrProviderContext) { "alerting:apm.anomaly/observability/alert/getAuthorizedAlertsIndices", "alerting:apm.anomaly/observability/alert/getAlertSummary", "alerting:apm.anomaly/observability/alert/update", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/alert/get", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/alert/find", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/alert/getAuthorizedAlertsIndices", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/alert/getAlertSummary", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/alert/update", + "alerting:xpack.synthetics.alerts.tls/observability/alert/get", + "alerting:xpack.synthetics.alerts.tls/observability/alert/find", + "alerting:xpack.synthetics.alerts.tls/observability/alert/getAuthorizedAlertsIndices", + "alerting:xpack.synthetics.alerts.tls/observability/alert/getAlertSummary", + "alerting:xpack.synthetics.alerts.tls/observability/alert/update", ], "minimal_read": Array [ "login:", @@ -7728,6 +8412,24 @@ export default function ({ getService }: FtrProviderContext) { "alerting:apm.anomaly/observability/rule/getRuleExecutionKPI", "alerting:apm.anomaly/observability/rule/getBackfill", "alerting:apm.anomaly/observability/rule/findBackfill", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/get", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getRuleState", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getAlertSummary", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getExecutionLog", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getActionErrorLog", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/find", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getRuleExecutionKPI", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getBackfill", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/findBackfill", + "alerting:xpack.synthetics.alerts.tls/observability/rule/get", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getRuleState", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getAlertSummary", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getExecutionLog", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getActionErrorLog", + "alerting:xpack.synthetics.alerts.tls/observability/rule/find", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getRuleExecutionKPI", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getBackfill", + "alerting:xpack.synthetics.alerts.tls/observability/rule/findBackfill", "alerting:slo.rules.burnRate/observability/alert/get", "alerting:slo.rules.burnRate/observability/alert/find", "alerting:slo.rules.burnRate/observability/alert/getAuthorizedAlertsIndices", @@ -7764,6 +8466,14 @@ export default function ({ getService }: FtrProviderContext) { "alerting:apm.anomaly/observability/alert/find", "alerting:apm.anomaly/observability/alert/getAuthorizedAlertsIndices", "alerting:apm.anomaly/observability/alert/getAlertSummary", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/alert/get", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/alert/find", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/alert/getAuthorizedAlertsIndices", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/alert/getAlertSummary", + "alerting:xpack.synthetics.alerts.tls/observability/alert/get", + "alerting:xpack.synthetics.alerts.tls/observability/alert/find", + "alerting:xpack.synthetics.alerts.tls/observability/alert/getAuthorizedAlertsIndices", + "alerting:xpack.synthetics.alerts.tls/observability/alert/getAlertSummary", ], "read": Array [ "login:", @@ -7903,6 +8613,24 @@ export default function ({ getService }: FtrProviderContext) { "alerting:apm.anomaly/observability/rule/getRuleExecutionKPI", "alerting:apm.anomaly/observability/rule/getBackfill", "alerting:apm.anomaly/observability/rule/findBackfill", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/get", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getRuleState", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getAlertSummary", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getExecutionLog", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getActionErrorLog", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/find", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getRuleExecutionKPI", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getBackfill", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/findBackfill", + "alerting:xpack.synthetics.alerts.tls/observability/rule/get", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getRuleState", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getAlertSummary", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getExecutionLog", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getActionErrorLog", + "alerting:xpack.synthetics.alerts.tls/observability/rule/find", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getRuleExecutionKPI", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getBackfill", + "alerting:xpack.synthetics.alerts.tls/observability/rule/findBackfill", "alerting:slo.rules.burnRate/observability/alert/get", "alerting:slo.rules.burnRate/observability/alert/find", "alerting:slo.rules.burnRate/observability/alert/getAuthorizedAlertsIndices", @@ -7939,6 +8667,14 @@ export default function ({ getService }: FtrProviderContext) { "alerting:apm.anomaly/observability/alert/find", "alerting:apm.anomaly/observability/alert/getAuthorizedAlertsIndices", "alerting:apm.anomaly/observability/alert/getAlertSummary", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/alert/get", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/alert/find", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/alert/getAuthorizedAlertsIndices", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/alert/getAlertSummary", + "alerting:xpack.synthetics.alerts.tls/observability/alert/get", + "alerting:xpack.synthetics.alerts.tls/observability/alert/find", + "alerting:xpack.synthetics.alerts.tls/observability/alert/getAuthorizedAlertsIndices", + "alerting:xpack.synthetics.alerts.tls/observability/alert/getAlertSummary", ], }, "uptime": Object { @@ -8515,6 +9251,62 @@ export default function ({ getService }: FtrProviderContext) { "alerting:apm.anomaly/observability/rule/runSoon", "alerting:apm.anomaly/observability/rule/scheduleBackfill", "alerting:apm.anomaly/observability/rule/deleteBackfill", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/get", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getRuleState", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getAlertSummary", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getExecutionLog", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getActionErrorLog", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/find", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getRuleExecutionKPI", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getBackfill", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/findBackfill", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/create", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/delete", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/update", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/updateApiKey", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/enable", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/disable", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/muteAll", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/unmuteAll", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/muteAlert", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/unmuteAlert", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/snooze", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/bulkEdit", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/bulkDelete", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/bulkEnable", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/bulkDisable", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/unsnooze", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/runSoon", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/scheduleBackfill", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/deleteBackfill", + "alerting:xpack.synthetics.alerts.tls/observability/rule/get", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getRuleState", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getAlertSummary", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getExecutionLog", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getActionErrorLog", + "alerting:xpack.synthetics.alerts.tls/observability/rule/find", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getRuleExecutionKPI", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getBackfill", + "alerting:xpack.synthetics.alerts.tls/observability/rule/findBackfill", + "alerting:xpack.synthetics.alerts.tls/observability/rule/create", + "alerting:xpack.synthetics.alerts.tls/observability/rule/delete", + "alerting:xpack.synthetics.alerts.tls/observability/rule/update", + "alerting:xpack.synthetics.alerts.tls/observability/rule/updateApiKey", + "alerting:xpack.synthetics.alerts.tls/observability/rule/enable", + "alerting:xpack.synthetics.alerts.tls/observability/rule/disable", + "alerting:xpack.synthetics.alerts.tls/observability/rule/muteAll", + "alerting:xpack.synthetics.alerts.tls/observability/rule/unmuteAll", + "alerting:xpack.synthetics.alerts.tls/observability/rule/muteAlert", + "alerting:xpack.synthetics.alerts.tls/observability/rule/unmuteAlert", + "alerting:xpack.synthetics.alerts.tls/observability/rule/snooze", + "alerting:xpack.synthetics.alerts.tls/observability/rule/bulkEdit", + "alerting:xpack.synthetics.alerts.tls/observability/rule/bulkDelete", + "alerting:xpack.synthetics.alerts.tls/observability/rule/bulkEnable", + "alerting:xpack.synthetics.alerts.tls/observability/rule/bulkDisable", + "alerting:xpack.synthetics.alerts.tls/observability/rule/unsnooze", + "alerting:xpack.synthetics.alerts.tls/observability/rule/runSoon", + "alerting:xpack.synthetics.alerts.tls/observability/rule/scheduleBackfill", + "alerting:xpack.synthetics.alerts.tls/observability/rule/deleteBackfill", "alerting:slo.rules.burnRate/observability/alert/get", "alerting:slo.rules.burnRate/observability/alert/find", "alerting:slo.rules.burnRate/observability/alert/getAuthorizedAlertsIndices", @@ -8560,6 +9352,16 @@ export default function ({ getService }: FtrProviderContext) { "alerting:apm.anomaly/observability/alert/getAuthorizedAlertsIndices", "alerting:apm.anomaly/observability/alert/getAlertSummary", "alerting:apm.anomaly/observability/alert/update", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/alert/get", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/alert/find", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/alert/getAuthorizedAlertsIndices", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/alert/getAlertSummary", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/alert/update", + "alerting:xpack.synthetics.alerts.tls/observability/alert/get", + "alerting:xpack.synthetics.alerts.tls/observability/alert/find", + "alerting:xpack.synthetics.alerts.tls/observability/alert/getAuthorizedAlertsIndices", + "alerting:xpack.synthetics.alerts.tls/observability/alert/getAlertSummary", + "alerting:xpack.synthetics.alerts.tls/observability/alert/update", ], "elastic_managed_locations_enabled": Array [ "login:", @@ -9137,6 +9939,62 @@ export default function ({ getService }: FtrProviderContext) { "alerting:apm.anomaly/observability/rule/runSoon", "alerting:apm.anomaly/observability/rule/scheduleBackfill", "alerting:apm.anomaly/observability/rule/deleteBackfill", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/get", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getRuleState", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getAlertSummary", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getExecutionLog", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getActionErrorLog", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/find", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getRuleExecutionKPI", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getBackfill", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/findBackfill", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/create", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/delete", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/update", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/updateApiKey", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/enable", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/disable", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/muteAll", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/unmuteAll", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/muteAlert", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/unmuteAlert", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/snooze", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/bulkEdit", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/bulkDelete", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/bulkEnable", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/bulkDisable", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/unsnooze", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/runSoon", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/scheduleBackfill", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/deleteBackfill", + "alerting:xpack.synthetics.alerts.tls/observability/rule/get", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getRuleState", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getAlertSummary", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getExecutionLog", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getActionErrorLog", + "alerting:xpack.synthetics.alerts.tls/observability/rule/find", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getRuleExecutionKPI", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getBackfill", + "alerting:xpack.synthetics.alerts.tls/observability/rule/findBackfill", + "alerting:xpack.synthetics.alerts.tls/observability/rule/create", + "alerting:xpack.synthetics.alerts.tls/observability/rule/delete", + "alerting:xpack.synthetics.alerts.tls/observability/rule/update", + "alerting:xpack.synthetics.alerts.tls/observability/rule/updateApiKey", + "alerting:xpack.synthetics.alerts.tls/observability/rule/enable", + "alerting:xpack.synthetics.alerts.tls/observability/rule/disable", + "alerting:xpack.synthetics.alerts.tls/observability/rule/muteAll", + "alerting:xpack.synthetics.alerts.tls/observability/rule/unmuteAll", + "alerting:xpack.synthetics.alerts.tls/observability/rule/muteAlert", + "alerting:xpack.synthetics.alerts.tls/observability/rule/unmuteAlert", + "alerting:xpack.synthetics.alerts.tls/observability/rule/snooze", + "alerting:xpack.synthetics.alerts.tls/observability/rule/bulkEdit", + "alerting:xpack.synthetics.alerts.tls/observability/rule/bulkDelete", + "alerting:xpack.synthetics.alerts.tls/observability/rule/bulkEnable", + "alerting:xpack.synthetics.alerts.tls/observability/rule/bulkDisable", + "alerting:xpack.synthetics.alerts.tls/observability/rule/unsnooze", + "alerting:xpack.synthetics.alerts.tls/observability/rule/runSoon", + "alerting:xpack.synthetics.alerts.tls/observability/rule/scheduleBackfill", + "alerting:xpack.synthetics.alerts.tls/observability/rule/deleteBackfill", "alerting:slo.rules.burnRate/observability/alert/get", "alerting:slo.rules.burnRate/observability/alert/find", "alerting:slo.rules.burnRate/observability/alert/getAuthorizedAlertsIndices", @@ -9182,6 +10040,16 @@ export default function ({ getService }: FtrProviderContext) { "alerting:apm.anomaly/observability/alert/getAuthorizedAlertsIndices", "alerting:apm.anomaly/observability/alert/getAlertSummary", "alerting:apm.anomaly/observability/alert/update", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/alert/get", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/alert/find", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/alert/getAuthorizedAlertsIndices", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/alert/getAlertSummary", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/alert/update", + "alerting:xpack.synthetics.alerts.tls/observability/alert/get", + "alerting:xpack.synthetics.alerts.tls/observability/alert/find", + "alerting:xpack.synthetics.alerts.tls/observability/alert/getAuthorizedAlertsIndices", + "alerting:xpack.synthetics.alerts.tls/observability/alert/getAlertSummary", + "alerting:xpack.synthetics.alerts.tls/observability/alert/update", ], "minimal_read": Array [ "login:", @@ -9411,6 +10279,24 @@ export default function ({ getService }: FtrProviderContext) { "alerting:apm.anomaly/observability/rule/getRuleExecutionKPI", "alerting:apm.anomaly/observability/rule/getBackfill", "alerting:apm.anomaly/observability/rule/findBackfill", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/get", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getRuleState", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getAlertSummary", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getExecutionLog", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getActionErrorLog", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/find", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getRuleExecutionKPI", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getBackfill", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/findBackfill", + "alerting:xpack.synthetics.alerts.tls/observability/rule/get", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getRuleState", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getAlertSummary", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getExecutionLog", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getActionErrorLog", + "alerting:xpack.synthetics.alerts.tls/observability/rule/find", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getRuleExecutionKPI", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getBackfill", + "alerting:xpack.synthetics.alerts.tls/observability/rule/findBackfill", "alerting:slo.rules.burnRate/observability/alert/get", "alerting:slo.rules.burnRate/observability/alert/find", "alerting:slo.rules.burnRate/observability/alert/getAuthorizedAlertsIndices", @@ -9447,6 +10333,14 @@ export default function ({ getService }: FtrProviderContext) { "alerting:apm.anomaly/observability/alert/find", "alerting:apm.anomaly/observability/alert/getAuthorizedAlertsIndices", "alerting:apm.anomaly/observability/alert/getAlertSummary", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/alert/get", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/alert/find", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/alert/getAuthorizedAlertsIndices", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/alert/getAlertSummary", + "alerting:xpack.synthetics.alerts.tls/observability/alert/get", + "alerting:xpack.synthetics.alerts.tls/observability/alert/find", + "alerting:xpack.synthetics.alerts.tls/observability/alert/getAuthorizedAlertsIndices", + "alerting:xpack.synthetics.alerts.tls/observability/alert/getAlertSummary", ], "read": Array [ "login:", @@ -9676,6 +10570,24 @@ export default function ({ getService }: FtrProviderContext) { "alerting:apm.anomaly/observability/rule/getRuleExecutionKPI", "alerting:apm.anomaly/observability/rule/getBackfill", "alerting:apm.anomaly/observability/rule/findBackfill", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/get", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getRuleState", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getAlertSummary", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getExecutionLog", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getActionErrorLog", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/find", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getRuleExecutionKPI", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/getBackfill", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/rule/findBackfill", + "alerting:xpack.synthetics.alerts.tls/observability/rule/get", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getRuleState", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getAlertSummary", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getExecutionLog", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getActionErrorLog", + "alerting:xpack.synthetics.alerts.tls/observability/rule/find", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getRuleExecutionKPI", + "alerting:xpack.synthetics.alerts.tls/observability/rule/getBackfill", + "alerting:xpack.synthetics.alerts.tls/observability/rule/findBackfill", "alerting:slo.rules.burnRate/observability/alert/get", "alerting:slo.rules.burnRate/observability/alert/find", "alerting:slo.rules.burnRate/observability/alert/getAuthorizedAlertsIndices", @@ -9712,6 +10624,14 @@ export default function ({ getService }: FtrProviderContext) { "alerting:apm.anomaly/observability/alert/find", "alerting:apm.anomaly/observability/alert/getAuthorizedAlertsIndices", "alerting:apm.anomaly/observability/alert/getAlertSummary", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/alert/get", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/alert/find", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/alert/getAuthorizedAlertsIndices", + "alerting:xpack.synthetics.alerts.monitorStatus/observability/alert/getAlertSummary", + "alerting:xpack.synthetics.alerts.tls/observability/alert/get", + "alerting:xpack.synthetics.alerts.tls/observability/alert/find", + "alerting:xpack.synthetics.alerts.tls/observability/alert/getAuthorizedAlertsIndices", + "alerting:xpack.synthetics.alerts.tls/observability/alert/getAlertSummary", ], }, } diff --git a/x-pack/test_serverless/functional/page_objects/svl_search_elasticsearch_start_page.ts b/x-pack/test_serverless/functional/page_objects/svl_search_elasticsearch_start_page.ts index 0e3bc4b82a298b..1f4294d4c8f415 100644 --- a/x-pack/test_serverless/functional/page_objects/svl_search_elasticsearch_start_page.ts +++ b/x-pack/test_serverless/functional/page_objects/svl_search_elasticsearch_start_page.ts @@ -85,8 +85,8 @@ export function SvlSearchElasticsearchStartPageProvider({ getService }: FtrProvi }, async expectO11yTrialLink() { await testSubjects.existOrFail('startO11yTrialBtn'); - expect(await testSubjects.getAttribute('startO11yTrialBtn', 'href')).equal( - 'https://fake-cloud.elastic.co/projects/create/observability/start' + expect(await testSubjects.getAttribute('startO11yTrialBtn', 'href')).match( + /^https?\:\/\/.*\/projects\/create\/observability\/start/ ); expect(await testSubjects.getAttribute('startO11yTrialBtn', 'target')).equal('_blank'); }, diff --git a/x-pack/test_serverless/functional/page_objects/svl_search_index_detail_page.ts b/x-pack/test_serverless/functional/page_objects/svl_search_index_detail_page.ts index 656c75fb308bc8..277b4d2c7ada27 100644 --- a/x-pack/test_serverless/functional/page_objects/svl_search_index_detail_page.ts +++ b/x-pack/test_serverless/functional/page_objects/svl_search_index_detail_page.ts @@ -27,8 +27,8 @@ export function SvlSearchIndexDetailPageProvider({ getService }: FtrProviderCont }, async expectConnectionDetails() { await testSubjects.existOrFail('connectionDetailsEndpoint', { timeout: 2000 }); - expect(await (await testSubjects.find('connectionDetailsEndpoint')).getVisibleText()).to.be( - 'https://fakeprojectid.es.fake-domain.cld.elstc.co:443' + expect(await (await testSubjects.find('connectionDetailsEndpoint')).getVisibleText()).match( + /^https?\:\/\/.*(\:\d+)?/ ); }, async expectQuickStats() { @@ -136,9 +136,6 @@ export function SvlSearchIndexDetailPageProvider({ getService }: FtrProviderCont await testSubjects.existOrFail('mappingsTab', { timeout: 2000 }); await testSubjects.existOrFail('dataTab', { timeout: 2000 }); }, - async expectShouldDefaultToDataTab() { - expect(await browser.getCurrentUrl()).contain('/data'); - }, async withDataChangeTabs(tab: 'dataTab' | 'mappingsTab' | 'settingsTab') { await testSubjects.click(tab); }, @@ -202,7 +199,6 @@ export function SvlSearchIndexDetailPageProvider({ getService }: FtrProviderCont return (await testSubjects.isDisplayed('searchIndexDetailsHeader')) === true; }); }, - async expectSearchIndexDetailsTabsExists() { await testSubjects.existOrFail('dataTab'); await testSubjects.existOrFail('mappingsTab'); diff --git a/x-pack/test_serverless/functional/test_suites/common/management/index_management/indices.ts b/x-pack/test_serverless/functional/test_suites/common/management/index_management/indices.ts index fe5938109d7b85..e98fcc09e97d1b 100644 --- a/x-pack/test_serverless/functional/test_suites/common/management/index_management/indices.ts +++ b/x-pack/test_serverless/functional/test_suites/common/management/index_management/indices.ts @@ -12,6 +12,9 @@ export default ({ getPageObjects, getService }: FtrProviderContext) => { const pageObjects = getPageObjects(['svlCommonPage', 'common', 'indexManagement', 'header']); const browser = getService('browser'); const security = getService('security'); + const esDeleteAllIndices = getService('esDeleteAllIndices'); + const testIndexName = `index-ftr-test-${Math.random()}`; + const es = getService('es'); describe('Indices', function () { before(async () => { @@ -22,7 +25,7 @@ export default ({ getPageObjects, getService }: FtrProviderContext) => { await pageObjects.indexManagement.changeTabs('indicesTab'); await pageObjects.header.waitUntilLoadingHasFinished(); }); - const testIndexName = `index-ftr-test-${Math.random()}`; + it('renders the indices tab', async () => { const url = await browser.getCurrentUrl(); expect(url).to.contain(`/indices`); @@ -33,14 +36,45 @@ export default ({ getPageObjects, getService }: FtrProviderContext) => { await pageObjects.indexManagement.clickCreateIndexSaveButton(); await pageObjects.indexManagement.expectIndexToExist(testIndexName); }); - it('can manage index', async () => { - await pageObjects.indexManagement.selectIndex(testIndexName); - await pageObjects.indexManagement.clickManageButton(); - await pageObjects.indexManagement.contextMenuIsVisible(); - }); - it('can delete index', async () => { - await pageObjects.indexManagement.confirmDeleteModalIsVisible(); - await pageObjects.indexManagement.expectIndexIsDeleted(testIndexName); + + describe('manage index', function () { + beforeEach(async () => { + await pageObjects.common.navigateToApp('indexManagement'); + // Navigate to the indices tab + await pageObjects.indexManagement.changeTabs('indicesTab'); + await pageObjects.header.waitUntilLoadingHasFinished(); + await pageObjects.indexManagement.manageIndex(testIndexName); + await pageObjects.indexManagement.manageIndexContextMenuExists(); + }); + describe('navigate to index detail tabs', function () { + before(async () => { + await es.indices.create({ index: testIndexName }); + }); + after(async () => { + await esDeleteAllIndices(testIndexName); + }); + this.tags('skipSvlSearch'); + it('navigates to overview', async () => { + await pageObjects.indexManagement.changeManageIndexTab('showOverviewIndexMenuButton'); + await pageObjects.indexManagement.indexDetailsPage.expectIndexDetailsPageIsLoaded(); + await pageObjects.indexManagement.indexDetailsPage.expectUrlShouldChangeTo('overview'); + }); + + it('navigates to settings tab', async () => { + await pageObjects.indexManagement.changeManageIndexTab('showSettingsIndexMenuButton'); + await pageObjects.indexManagement.indexDetailsPage.expectIndexDetailsPageIsLoaded(); + await pageObjects.indexManagement.indexDetailsPage.expectUrlShouldChangeTo('settings'); + }); + it('navigates to mappings tab', async () => { + await pageObjects.indexManagement.changeManageIndexTab('showMappingsIndexMenuButton'); + await pageObjects.indexManagement.indexDetailsPage.expectIndexDetailsPageIsLoaded(); + await pageObjects.indexManagement.indexDetailsPage.expectUrlShouldChangeTo('mappings'); + }); + }); + it('can delete index', async () => { + await pageObjects.indexManagement.confirmDeleteModalIsVisible(); + await pageObjects.indexManagement.expectIndexIsDeleted(testIndexName); + }); }); }); }; diff --git a/x-pack/test_serverless/functional/test_suites/common/reporting/management.ts b/x-pack/test_serverless/functional/test_suites/common/reporting/management.ts index 2ea17190ee8684..35a1d1ec1872fd 100644 --- a/x-pack/test_serverless/functional/test_suites/common/reporting/management.ts +++ b/x-pack/test_serverless/functional/test_suites/common/reporting/management.ts @@ -8,10 +8,11 @@ import { DISCOVER_APP_LOCATOR } from '@kbn/discover-plugin/common'; import { CSV_REPORT_TYPE_V2, - JobParamsCsvFromSavedObject, + type JobParamsCsvFromSavedObject, } from '@kbn/reporting-export-types-csv-common'; -import { FtrProviderContext } from '../../../ftr_provider_context'; -import { InternalRequestHeader, RoleCredentials } from '../../../../shared/services'; +import type { CookieCredentials, InternalRequestHeader } from '@kbn/ftr-common-functional-services'; +import { ReportApiJSON } from '@kbn/reporting-common/types'; +import type { FtrProviderContext } from '../../../ftr_provider_context'; export default ({ getPageObjects, getService }: FtrProviderContext) => { const kibanaServer = getService('kibanaServer'); @@ -20,10 +21,8 @@ export default ({ getPageObjects, getService }: FtrProviderContext) => { const retry = getService('retry'); const PageObjects = getPageObjects(['common', 'svlCommonPage', 'header']); const reportingAPI = getService('svlReportingApi'); - const svlUserManager = getService('svlUserManager'); - const svlCommonApi = getService('svlCommonApi'); - let roleAuthc: RoleCredentials; - let roleName: string; + const samlAuth = getService('samlAuth'); + let cookieCredentials: CookieCredentials; let internalReqHeader: InternalRequestHeader; const navigateToReportingManagement = async () => { @@ -39,6 +38,10 @@ export default ({ getPageObjects, getService }: FtrProviderContext) => { describe('Reporting Management app', function () { // security_exception: action [indices:admin/create] is unauthorized for user [elastic] with effective roles [superuser] on restricted indices [.reporting-2020.04.19], this action is granted by the index privileges [create_index,manage,all] this.tags('failsOnMKI'); + + let reportJob: ReportApiJSON; + let path: string; + const savedObjectsArchive = 'test/functional/fixtures/kbn_archiver/discover'; const job: JobParamsCsvFromSavedObject = { @@ -57,31 +60,31 @@ export default ({ getPageObjects, getService }: FtrProviderContext) => { // Kibana CI and MKI use different users before('initialize saved object archive', async () => { - roleName = 'admin'; - roleAuthc = await svlUserManager.createM2mApiKeyWithRoleScope(roleName); - internalReqHeader = svlCommonApi.getInternalRequestHeader(); + cookieCredentials = await samlAuth.getM2MApiCookieCredentialsWithRoleScope('admin'); + internalReqHeader = samlAuth.getInternalRequestHeader(); // add test saved search object await kibanaServer.importExport.load(savedObjectsArchive); + + // generate a report that can be tested to show in the listing + const result = await reportingAPI.createReportJobInternal( + CSV_REPORT_TYPE_V2, + job, + cookieCredentials, + internalReqHeader + ); + + path = result.path; + reportJob = result.job; }); after('clean up archives', async () => { await kibanaServer.importExport.unload(savedObjectsArchive); - await svlUserManager.invalidateM2mApiKeyWithRoleScope(roleAuthc); - await svlUserManager.invalidateM2mApiKeyWithRoleScope(roleAuthc); + await reportingAPI.waitForJobToFinish(path, cookieCredentials, internalReqHeader); }); it(`user sees a job they've created`, async () => { - const { - job: { id: jobId }, - } = await reportingAPI.createReportJobInternal( - CSV_REPORT_TYPE_V2, - job, - roleAuthc, - internalReqHeader - ); - await navigateToReportingManagement(); - await testSubjects.existOrFail(`viewReportingLink-${jobId}`); + await testSubjects.existOrFail(`viewReportingLink-${reportJob.id}`); }); }); }; diff --git a/x-pack/test_serverless/functional/test_suites/search/elasticsearch_start.ts b/x-pack/test_serverless/functional/test_suites/search/elasticsearch_start.ts index 7ff1505304761d..129f769283b348 100644 --- a/x-pack/test_serverless/functional/test_suites/search/elasticsearch_start.ts +++ b/x-pack/test_serverless/functional/test_suites/search/elasticsearch_start.ts @@ -27,9 +27,6 @@ export default function ({ getPageObjects, getService }: FtrProviderContext) { }; describe('Elasticsearch Start [Onboarding Empty State]', function () { - // fails on MKI, see https://github.com/elastic/kibana/issues/196981 - this.tags(['failsOnMKI']); - describe('developer', function () { before(async () => { await pageObjects.svlCommonPage.loginWithRole('developer'); diff --git a/x-pack/test_serverless/functional/test_suites/search/getting_started.ts b/x-pack/test_serverless/functional/test_suites/search/getting_started.ts index dac9b2d7dae943..4a2c34d98eebc5 100644 --- a/x-pack/test_serverless/functional/test_suites/search/getting_started.ts +++ b/x-pack/test_serverless/functional/test_suites/search/getting_started.ts @@ -15,7 +15,7 @@ export default function ({ getPageObjects, getService }: FtrProviderContext) { describe('getting started', function () { before(async () => { - await pageObjects.svlCommonPage.loginAsAdmin(); + await pageObjects.svlCommonPage.loginWithRole('developer'); }); it('has serverless side nav', async () => { diff --git a/x-pack/test_serverless/functional/test_suites/search/navigation.ts b/x-pack/test_serverless/functional/test_suites/search/navigation.ts index 88f327d6f1ac2c..a6da7b1467e9a0 100644 --- a/x-pack/test_serverless/functional/test_suites/search/navigation.ts +++ b/x-pack/test_serverless/functional/test_suites/search/navigation.ts @@ -130,21 +130,6 @@ export default function ({ getPageObject, getService }: FtrProviderContext) { await solutionNavigation.breadcrumbs.expectBreadcrumbExists({ deepLinkId: 'dashboards', }); - // check Other tools - // > Maps - await solutionNavigation.sidenav.clickLink({ - deepLinkId: 'maps', - }); - await solutionNavigation.sidenav.expectLinkActive({ - deepLinkId: 'maps', - }); - await solutionNavigation.breadcrumbs.expectBreadcrumbExists({ text: 'Other tools' }); - await solutionNavigation.breadcrumbs.expectBreadcrumbExists({ - text: 'Maps', - }); - await solutionNavigation.breadcrumbs.expectBreadcrumbExists({ - deepLinkId: 'maps', - }); // check Getting Started await solutionNavigation.sidenav.clickLink({ diff --git a/x-pack/test_serverless/functional/test_suites/search/search_index_detail.ts b/x-pack/test_serverless/functional/test_suites/search/search_index_detail.ts index e7831d1f91b3a6..0070ce7e2cb437 100644 --- a/x-pack/test_serverless/functional/test_suites/search/search_index_detail.ts +++ b/x-pack/test_serverless/functional/test_suites/search/search_index_detail.ts @@ -25,9 +25,6 @@ export default function ({ getPageObjects, getService }: FtrProviderContext) { const indexName = 'test-my-index'; describe('Search index detail page', function () { - // fails on MKI, see https://github.com/elastic/kibana/issues/196981 - this.tags(['failsOnMKI']); - before(async () => { await pageObjects.svlCommonPage.loginWithRole('developer'); await pageObjects.svlApiKeys.deleteAPIKeys(); @@ -110,7 +107,8 @@ export default function ({ getPageObjects, getService }: FtrProviderContext) { await pageObjects.embeddedConsole.clickEmbeddedConsoleControlBar(); }); - describe('With data', () => { + // FLAKY: https://github.com/elastic/kibana/issues/197144 + describe.skip('With data', () => { before(async () => { await es.index({ index: indexName, @@ -120,6 +118,9 @@ export default function ({ getPageObjects, getService }: FtrProviderContext) { }); await svlSearchNavigation.navigateToIndexDetailPage(indexName); }); + it('should have index documents', async () => { + await pageObjects.svlSearchIndexDetailPage.expectHasIndexDocuments(); + }); it('menu action item should be replaced with playground', async () => { await pageObjects.svlSearchIndexDetailPage.expectActionItemReplacedWhenHasDocs(); }); @@ -127,15 +128,12 @@ export default function ({ getPageObjects, getService }: FtrProviderContext) { await pageObjects.svlSearchIndexDetailPage.clickMoreOptionsActionsButton(); await pageObjects.svlSearchIndexDetailPage.expectAPIReferenceDocLinkExistsInMoreOptions(); }); - it('should have index documents', async () => { - await pageObjects.svlSearchIndexDetailPage.expectHasIndexDocuments(); - }); it('should have one document in quick stats', async () => { await pageObjects.svlSearchIndexDetailPage.expectQuickStatsToHaveDocumentCount(1); }); it('should have with data tabs', async () => { await pageObjects.svlSearchIndexDetailPage.expectWithDataTabsExists(); - await pageObjects.svlSearchIndexDetailPage.expectShouldDefaultToDataTab(); + await pageObjects.svlSearchIndexDetailPage.expectUrlShouldChangeTo('data'); }); it('should be able to change tabs to mappings and mappings is shown', async () => { await pageObjects.svlSearchIndexDetailPage.withDataChangeTabs('mappingsTab'); @@ -190,11 +188,38 @@ export default function ({ getPageObjects, getService }: FtrProviderContext) { before(async () => { await es.indices.create({ index: indexName }); await security.testUser.setRoles(['index_management_user']); + }); + beforeEach(async () => { await pageObjects.common.navigateToApp('indexManagement'); // Navigate to the indices tab await pageObjects.indexManagement.changeTabs('indicesTab'); await pageObjects.header.waitUntilLoadingHasFinished(); }); + after(async () => { + await esDeleteAllIndices(indexName); + }); + describe('manage index action', () => { + beforeEach(async () => { + await pageObjects.indexManagement.manageIndex(indexName); + await pageObjects.indexManagement.manageIndexContextMenuExists(); + }); + it('navigates to overview tab', async () => { + await pageObjects.indexManagement.changeManageIndexTab('showOverviewIndexMenuButton'); + await pageObjects.svlSearchIndexDetailPage.expectIndexDetailPageHeader(); + await pageObjects.svlSearchIndexDetailPage.expectUrlShouldChangeTo('data'); + }); + + it('navigates to settings tab', async () => { + await pageObjects.indexManagement.changeManageIndexTab('showSettingsIndexMenuButton'); + await pageObjects.svlSearchIndexDetailPage.expectIndexDetailPageHeader(); + await pageObjects.svlSearchIndexDetailPage.expectUrlShouldChangeTo('settings'); + }); + it('navigates to mappings tab', async () => { + await pageObjects.indexManagement.changeManageIndexTab('showMappingsIndexMenuButton'); + await pageObjects.svlSearchIndexDetailPage.expectIndexDetailPageHeader(); + await pageObjects.svlSearchIndexDetailPage.expectUrlShouldChangeTo('mappings'); + }); + }); describe('can view search index details', function () { it('renders search index details with no documents', async () => { await pageObjects.svlSearchIndexDetailPage.openIndicesDetailFromIndexManagementIndicesListTable( diff --git a/x-pack/test_serverless/functional/test_suites/security/cypress/.eslintrc.json b/x-pack/test_serverless/functional/test_suites/security/cypress/.eslintrc.json deleted file mode 100644 index 22a4d052afdc5d..00000000000000 --- a/x-pack/test_serverless/functional/test_suites/security/cypress/.eslintrc.json +++ /dev/null @@ -1,13 +0,0 @@ -{ - "plugins": ["cypress"], - "extends": [ - "plugin:cypress/recommended" - ], - "env": { - "cypress/globals": true - }, - "rules": { - "cypress/no-force": "warn", - "import/no-extraneous-dependencies": "off" - } -} diff --git a/x-pack/test_serverless/functional/test_suites/security/cypress/.gitignore b/x-pack/test_serverless/functional/test_suites/security/cypress/.gitignore deleted file mode 100644 index c23080c54def25..00000000000000 --- a/x-pack/test_serverless/functional/test_suites/security/cypress/.gitignore +++ /dev/null @@ -1,3 +0,0 @@ -videos -screenshots -downloads \ No newline at end of file diff --git a/x-pack/test_serverless/functional/test_suites/security/cypress/README.md b/x-pack/test_serverless/functional/test_suites/security/cypress/README.md deleted file mode 100644 index da13d4e99ce857..00000000000000 --- a/x-pack/test_serverless/functional/test_suites/security/cypress/README.md +++ /dev/null @@ -1,65 +0,0 @@ -# Security Serverless Tests - -Before considering adding a new Cypress tests, please make sure you have added unit and API tests first and the behaviour can only be exercised with Cypress. - -Note that, the aim of Cypress is to test that the user interface operates as expected, hence, you should not be using this tool to test REST API or data contracts. - -## Folder Structure - -Below you can find the folder structure used on our Cypress tests. - -### e2e/ - -Cypress convention starting version 10 (previously known as integration). Contains the specs that are going to be executed. - -### fixtures/ - -Cypress convention. Fixtures are used as external pieces of static data when we stub responses. - -### screens/ - -Contains the elements we want to interact with in our tests. - -Each file inside the screens folder represents a screen in our application. When the screens are complex, e.g. Hosts with its multiple tabs, the page is represented by a folder and the different important parts are represented by files. - -Example: - -- screens -- hosts -- all_hosts.ts -- authentications.ts -- events.ts -- main.ts -- uncommon_processes.ts - -### tasks/ - -_Tasks_ are functions that may be reused across tests. - -Each file inside the tasks folder represents a screen of our application. When the screens are complex, e.g. Hosts with its multiple tabs, the page is represented by a folder and the different important parts are represented by files. - -Example: -- tasks -- hosts -- all_hosts.ts -- authentications.ts -- events.ts -- main.ts -- uncommon_processes.ts - -## Run tests - -Currently serverless tests are not included in any pipeline, so the execution for now should be done in our local machines. - -### Visual mode - -- Navigate to `x-pack/test_serverless/functional/test_suites/security/cypress` -- Execute `yarn cypress:serverless:open` -- Select `E2E testing` -- Click on `Start E2E testing in chrome` -- Click on the test - -### Headless mode - -- Navigate to `x-pack/test_serverless/functional/test_suites/security/cypress` -- Execute `yarn cypress:serverless:run` diff --git a/x-pack/test_serverless/functional/test_suites/security/cypress/cypress.config.ts b/x-pack/test_serverless/functional/test_suites/security/cypress/cypress.config.ts deleted file mode 100644 index 1db2cc6e0119f9..00000000000000 --- a/x-pack/test_serverless/functional/test_suites/security/cypress/cypress.config.ts +++ /dev/null @@ -1,40 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { defineCypressConfig } from '@kbn/cypress-config'; -import { dataLoaders as setupEndpointDataLoaders } from '@kbn/security-solution-plugin/public/management/cypress/support/data_loaders'; -import { setupUserDataLoader } from './support/setup_data_loader_tasks'; - -export default defineCypressConfig({ - defaultCommandTimeout: 60000, - execTimeout: 60000, - pageLoadTimeout: 60000, - responseTimeout: 60000, - screenshotsFolder: '../../../../../../target/kibana-security-solution/cypress/screenshots', - trashAssetsBeforeRuns: false, - video: false, - viewportHeight: 946, - viewportWidth: 1680, - numTestsKeptInMemory: 10, - env: { - KIBANA_USERNAME: 'system_indices_superuser', - KIBANA_PASSWORD: 'changeme', - ELASTICSEARCH_USERNAME: 'system_indices_superuser', - ELASTICSEARCH_PASSWORD: 'changeme', - }, - e2e: { - experimentalRunAllSpecs: true, - experimentalMemoryManagement: true, - supportFile: './support/e2e.js', - specPattern: './e2e/**/*.cy.ts', - setupNodeEvents: (on, config) => { - // Reuse data loaders from endpoint management cypress setup - setupEndpointDataLoaders(on, config); - setupUserDataLoader(on, config, {}); - }, - }, -}); diff --git a/x-pack/test_serverless/functional/test_suites/security/cypress/cypress.d.ts b/x-pack/test_serverless/functional/test_suites/security/cypress/cypress.d.ts deleted file mode 100644 index a3e6066621aa10..00000000000000 --- a/x-pack/test_serverless/functional/test_suites/security/cypress/cypress.d.ts +++ /dev/null @@ -1,207 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -// / - -import { SecuritySolutionDescribeBlockFtrConfig } from '@kbn/security-solution-plugin/scripts/run_cypress/utils'; -import { - DeleteIndexedFleetEndpointPoliciesResponse, - IndexedFleetEndpointPolicyResponse, -} from '@kbn/security-solution-plugin/common/endpoint/data_loaders/index_fleet_endpoint_policy'; -import { CasePostRequest } from '@kbn/cases-plugin/common/api'; -import { - DeletedIndexedCase, - IndexedCase, -} from '@kbn/security-solution-plugin/common/endpoint/data_loaders/index_case'; -import { - HostActionResponse, - IndexEndpointHostsCyTaskOptions, -} from '@kbn/security-solution-plugin/public/management/cypress/types'; -import { IndexedHostsAndAlertsResponse } from '@kbn/security-solution-plugin/common/endpoint/index_data'; -import { DeleteIndexedEndpointHostsResponse } from '@kbn/security-solution-plugin/common/endpoint/data_loaders/index_endpoint_hosts'; -import { - DeletedIndexedEndpointRuleAlerts, - IndexedEndpointRuleAlerts, -} from '@kbn/security-solution-plugin/common/endpoint/data_loaders/index_endpoint_rule_alerts'; -import { - HostPolicyResponse, - LogsEndpointActionResponse, -} from '@kbn/security-solution-plugin/common/endpoint/types'; -import { IndexedEndpointPolicyResponse } from '@kbn/security-solution-plugin/common/endpoint/data_loaders/index_endpoint_policy_response'; -import { DeleteAllEndpointDataResponse } from '@kbn/security-solution-plugin/scripts/endpoint/common/delete_all_endpoint_data'; -import { LoadedRoleAndUser, ServerlessRoleName } from '../../../../shared/lib'; - -export interface LoadUserAndRoleCyTaskOptions { - name: ServerlessRoleName; -} - -declare global { - namespace Cypress { - interface SuiteConfigOverrides { - env?: { - ftrConfig: SecuritySolutionDescribeBlockFtrConfig; - }; - } - - interface Chainable { - /** - * Get Elements by `data-test-subj`. Note that his is a parent query and can only be used - * from `cy` - * - * @param args - * - * @example - * // Correct: - * cy.getByTestSubj('some-subject); - * - * // Incorrect: - * cy.get('someElement').getByTestSubj('some-subject); - */ - getByTestSubj( - ...args: Parameters['get']> - ): Chainable>; - - /** - * Finds elements by `data-test-subj` from within another. Can not be used directly from `cy`. - * - * @example - * // Correct: - * cy.get('someElement').findByTestSubj('some-subject); - * - * // Incorrect: - * cy.findByTestSubj('some-subject); - */ - findByTestSubj( - ...args: Parameters['find']> - ): Chainable>; - - /** - * Continuously call provided callback function until it either return `true` - * or fail if `timeout` is reached. - * @param fn - * @param options - */ - waitUntil( - fn: (subject?: any) => boolean | Promise | Chainable, - options?: Partial<{ - interval: number; - timeout: number; - }> - ): Chainable; - - // ---------------------------------------------------- - // - // TASKS - // - // ---------------------------------------------------- - task( - name: 'loadUserAndRole', - arg: LoadUserAndRoleCyTaskOptions, - options?: Partial - ): Chainable; - - task( - name: 'indexFleetEndpointPolicy', - arg: { - policyName: string; - endpointPackageVersion: string; - }, - options?: Partial - ): Chainable; - - task( - name: 'deleteIndexedFleetEndpointPolicies', - arg: IndexedFleetEndpointPolicyResponse, - options?: Partial - ): Chainable; - - task( - name: 'indexCase', - arg?: Partial, - options?: Partial - ): Chainable; - - task( - name: 'deleteIndexedCase', - arg: IndexedCase['data'], - options?: Partial - ): Chainable; - - task( - name: 'indexEndpointHosts', - arg?: IndexEndpointHostsCyTaskOptions, - options?: Partial - ): Chainable; - - task( - name: 'deleteIndexedEndpointHosts', - arg: IndexedHostsAndAlertsResponse, - options?: Partial - ): Chainable; - - task( - name: 'indexEndpointRuleAlerts', - arg?: { endpointAgentId: string; count?: number }, - options?: Partial - ): Chainable; - - task( - name: 'deleteIndexedEndpointRuleAlerts', - arg: IndexedEndpointRuleAlerts['alerts'], - options?: Partial - ): Chainable; - - task( - name: 'indexEndpointPolicyResponse', - arg: HostPolicyResponse, - options?: Partial - ): Chainable; - - task( - name: 'deleteIndexedEndpointPolicyResponse', - arg: IndexedEndpointPolicyResponse, - options?: Partial - ): Chainable; - - task( - name: 'sendHostActionResponse', - arg: HostActionResponse, - options?: Partial - ): Chainable; - - task( - name: 'deleteAllEndpointData', - arg: { endpointAgentIds: string[] }, - options?: Partial - ): Chainable; - - task( - name: 'createFileOnEndpoint', - arg: { hostname: string; path: string; content: string }, - options?: Partial - ): Chainable; - - task( - name: 'uploadFileToEndpoint', - arg: { hostname: string; srcPath: string; destPath: string }, - options?: Partial - ): Chainable; - - task( - name: 'installPackagesOnEndpoint', - arg: { hostname: string; packages: string[] }, - options?: Partial - ): Chainable; - - task( - name: 'readZippedFileContentOnEndpoint', - arg: { hostname: string; path: string; password?: string }, - options?: Partial - ): Chainable; - } - } -} diff --git a/x-pack/test_serverless/functional/test_suites/security/cypress/e2e/serverless.cy.ts b/x-pack/test_serverless/functional/test_suites/security/cypress/e2e/serverless.cy.ts deleted file mode 100644 index 7000fe8ecca16c..00000000000000 --- a/x-pack/test_serverless/functional/test_suites/security/cypress/e2e/serverless.cy.ts +++ /dev/null @@ -1,22 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { LEFT_NAVIGATION } from '../screens/landing_page'; -import { navigatesToLandingPage } from '../tasks/navigation'; - -describe('Serverless', () => { - it('Should navigate to the landing page', () => { - cy.visit('/', { - auth: { - username: 'elastic_serverless', - password: 'changeme', - }, - }); - navigatesToLandingPage(); - cy.get(LEFT_NAVIGATION).should('exist'); - }); -}); diff --git a/x-pack/test_serverless/functional/test_suites/security/cypress/package.json b/x-pack/test_serverless/functional/test_suites/security/cypress/package.json deleted file mode 100644 index ef8534585d4d00..00000000000000 --- a/x-pack/test_serverless/functional/test_suites/security/cypress/package.json +++ /dev/null @@ -1,13 +0,0 @@ -{ - "author": "Elastic", - "name": "@kbn/security-solution-serverless", - "version": "1.0.0", - "private": true, - "license": "Elastic License 2.0", - "scripts": { - "cypress": "NODE_OPTIONS=--openssl-legacy-provider node ../../../../../../node_modules/.bin/cypress", - "cypress:open": "NODE_OPTIONS=--openssl-legacy-provider node ../../../../../plugins/security_solution/scripts/start_cypress_parallel open --config-file ../../../x-pack/test_serverless/functional/test_suites/security/cypress/cypress.config.ts --ftr-config-file ../../../../../../x-pack/test_serverless/functional/test_suites/security/cypress/security_config", - "cypress:run": "NODE_OPTIONS=--openssl-legacy-provider node ../../../../../plugins/security_solution/scripts/start_cypress_parallel run --browser chrome --config-file ../../../x-pack/test_serverless/functional/test_suites/security/cypress/cypress.config.ts --ftr-config-file ../../../../../../x-pack/test_serverless/functional/test_suites/security/cypress/security_config --reporter ../../../../../../node_modules/cypress-multi-reporters --reporter-options configFile=./reporter_config.json; status=$?; yarn junit:merge && exit $status", - "junit:merge": "../../../../../../node_modules/.bin/mochawesome-merge ../../../../../../target/kibana-security-serverless/cypress/results/mochawesome*.json > ../../../../../../target/kibana-security-serverless/cypress/results/output.json && ../../../../../../node_modules/.bin/marge ../../../../../../target/kibana-security-serverless/cypress/results/output.json --reportDir ../../../../../../target/kibana-security-serverless/cypress/results && mkdir -p ../../../../../../target/junit && cp ../../../../../../target/kibana-security-serverless/cypress/results/*.xml ../../../../../../target/junit/" - } -} \ No newline at end of file diff --git a/x-pack/test_serverless/functional/test_suites/security/cypress/reporter_config.json b/x-pack/test_serverless/functional/test_suites/security/cypress/reporter_config.json deleted file mode 100644 index 616e2382a85168..00000000000000 --- a/x-pack/test_serverless/functional/test_suites/security/cypress/reporter_config.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "reporterEnabled": "mochawesome, mocha-junit-reporter", - "reporterOptions": { - "html": false, - "json": true, - "mochaFile": "../../../../../../target/kibana-security-serverless/cypress/results/TEST-security-solution-cypress-[hash].xml", - "overwrite": false, - "reportDir": "../../../../../../target/kibana-security-serverless/cypress/results" - } -} diff --git a/x-pack/test_serverless/functional/test_suites/security/cypress/runner.ts b/x-pack/test_serverless/functional/test_suites/security/cypress/runner.ts deleted file mode 100644 index a83d8afbaefdce..00000000000000 --- a/x-pack/test_serverless/functional/test_suites/security/cypress/runner.ts +++ /dev/null @@ -1,24 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { FtrProviderContext } from '../../../ftr_provider_context'; - -export type { FtrProviderContext } from '../../../ftr_provider_context'; - -export async function SecuritySolutionCypressTestRunner( - { getService }: FtrProviderContext, - envVars?: Record -) { - const config = getService('config'); - - return { - FORCE_COLOR: '1', - ELASTICSEARCH_USERNAME: config.get('servers.elasticsearch.username'), - ELASTICSEARCH_PASSWORD: config.get('servers.elasticsearch.password'), - ...envVars, - }; -} diff --git a/x-pack/test_serverless/functional/test_suites/security/cypress/security_config.ts b/x-pack/test_serverless/functional/test_suites/security/cypress/security_config.ts deleted file mode 100644 index e9b8a16c0b9c7c..00000000000000 --- a/x-pack/test_serverless/functional/test_suites/security/cypress/security_config.ts +++ /dev/null @@ -1,31 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { FtrConfigProviderContext } from '@kbn/test'; - -import { ES_RESOURCES } from '@kbn/security-solution-plugin/scripts/endpoint/common/roles_users/serverless'; -import type { FtrProviderContext } from './runner'; -import { SecuritySolutionCypressTestRunner } from './runner'; - -export default async function ({ readConfigFile }: FtrConfigProviderContext) { - const securitySolutionCypressConfig = await readConfigFile( - require.resolve('./security_config.base.ts') - ); - - return { - ...securitySolutionCypressConfig.getAll(), - - esServerlessOptions: { - ...(securitySolutionCypressConfig.has('esServerlessOptions') - ? securitySolutionCypressConfig.get('esServerlessOptions') ?? {} - : {}), - resources: Object.values(ES_RESOURCES), - }, - - testRunner: (context: FtrProviderContext) => SecuritySolutionCypressTestRunner(context), - }; -} diff --git a/x-pack/test_serverless/functional/test_suites/security/cypress/support/commands.js b/x-pack/test_serverless/functional/test_suites/security/cypress/support/commands.js deleted file mode 100644 index 73895fbbec5892..00000000000000 --- a/x-pack/test_serverless/functional/test_suites/security/cypress/support/commands.js +++ /dev/null @@ -1,32 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -// *********************************************** -// This example commands.js shows you how to -// create various custom commands and overwrite -// existing commands. -// -// For more comprehensive examples of custom -// commands please read more here: -// https://on.cypress.io/custom-commands -// *********************************************** -// -// -// -- This is a parent command -- -// Cypress.Commands.add("login", (email, password) => { ... }) -// -// -// -- This is a child command -- -// Cypress.Commands.add("drag", { prevSubject: 'element'}, (subject, options) => { ... }) -// -// -// -- This is a dual command -- -// Cypress.Commands.add("dismiss", { prevSubject: 'optional'}, (subject, options) => { ... }) -// -// -// -- This is will overwrite an existing command -- -// Cypress.Commands.overwrite("visit", (originalFn, url, options) => { ... }) diff --git a/x-pack/test_serverless/functional/test_suites/security/cypress/support/e2e.js b/x-pack/test_serverless/functional/test_suites/security/cypress/support/e2e.js deleted file mode 100644 index 6095b2ada6c816..00000000000000 --- a/x-pack/test_serverless/functional/test_suites/security/cypress/support/e2e.js +++ /dev/null @@ -1,29 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -// *********************************************************** -// This example support/index.js is processed and -// loaded automatically before your test files. -// -// This is a great place to put global configuration and -// behavior that modifies Cypress. -// -// You can change the location of this file or turn off -// automatically serving support files with the -// 'supportFile' configuration option. -// -// You can read more here: -// https://on.cypress.io/configuration -// *********************************************************** - -import './commands'; -import 'cypress-real-events/support'; -import '@kbn/security-solution-plugin/public/management/cypress/support/e2e'; - -Cypress.on('uncaught:exception', () => { - return false; -}); diff --git a/x-pack/test_serverless/functional/test_suites/security/cypress/support/index.d.ts b/x-pack/test_serverless/functional/test_suites/security/cypress/support/index.d.ts deleted file mode 100644 index 6928ba89a56f0d..00000000000000 --- a/x-pack/test_serverless/functional/test_suites/security/cypress/support/index.d.ts +++ /dev/null @@ -1,52 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -declare namespace Cypress { - interface Chainable { - promisify(): Promise; - attachFile(fileName: string, fileType?: string): Chainable; - waitUntil( - fn: (subject: Subject) => boolean | Chainable, - options?: { - interval: number; - timeout: number; - } - ): Chainable; - } -} - -declare namespace Mocha { - interface SuiteFunction { - (title: string, ftrConfig: Record, fn: (this: Suite) => void): Suite; - ( - title: string, - ftrConfig?: Record, - config: Cypress.TestConfigOverrides, - fn: (this: Suite) => void - ): Suite; - } - - interface ExclusiveSuiteFunction { - (title: string, ftrConfig: Record, fn: (this: Suite) => void): Suite; - ( - title: string, - ftrConfig?: Record, - config: Cypress.TestConfigOverrides, - fn: (this: Suite) => void - ): Suite; - } - - interface PendingSuiteFunction { - (title: string, ftrConfig: Record, fn: (this: Suite) => void): Suite; - ( - title: string, - ftrConfig?: Record, - config: Cypress.TestConfigOverrides, - fn: (this: Suite) => void - ): Suite | void; - } -} diff --git a/x-pack/test_serverless/functional/test_suites/security/cypress/tasks/endpoint_management/index_endpoint_hosts.ts b/x-pack/test_serverless/functional/test_suites/security/cypress/tasks/endpoint_management/index_endpoint_hosts.ts deleted file mode 100644 index 81ea6d009814da..00000000000000 --- a/x-pack/test_serverless/functional/test_suites/security/cypress/tasks/endpoint_management/index_endpoint_hosts.ts +++ /dev/null @@ -1,35 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { - DeleteIndexedHostsAndAlertsResponse, - IndexedHostsAndAlertsResponse, -} from '@kbn/security-solution-plugin/common/endpoint/index_data'; -import { IndexEndpointHostsCyTaskOptions } from '@kbn/security-solution-plugin/public/management/cypress/types'; - -export interface CyIndexEndpointHosts { - data: IndexedHostsAndAlertsResponse; - cleanup: () => Cypress.Chainable; -} - -export const indexEndpointHosts = ( - options: IndexEndpointHostsCyTaskOptions = {} -): Cypress.Chainable => { - return cy.task('indexEndpointHosts', options, { timeout: 240000 }).then((indexHosts) => { - return { - data: indexHosts, - cleanup: () => { - cy.log( - 'Deleting Endpoint Host data', - indexHosts.hosts.map((host) => `${host.host.name} (${host.host.id})`) - ); - - return cy.task('deleteIndexedEndpointHosts', indexHosts); - }, - }; - }); -}; diff --git a/x-pack/test_serverless/functional/test_suites/security/cypress/tasks/login.ts b/x-pack/test_serverless/functional/test_suites/security/cypress/tasks/login.ts deleted file mode 100644 index 7ff366ea2cd14c..00000000000000 --- a/x-pack/test_serverless/functional/test_suites/security/cypress/tasks/login.ts +++ /dev/null @@ -1,87 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { request } from '@kbn/security-solution-plugin/public/management/cypress/tasks/common'; -import { LoginState } from '@kbn/security-plugin/common/login_state'; -import type { ServerlessRoleName } from '../../../../../shared/lib'; -import { ServerlessRoleName as RoleName } from '../../../../../shared/lib/security/types'; -import { STANDARD_HTTP_HEADERS } from '../../../../../shared/lib/security/default_http_headers'; - -/** - * Send login via API - * @param username - * @param password - * - * @private - */ -const sendApiLoginRequest = ( - username: string, - password: string -): Cypress.Chainable<{ username: string; password: string }> => { - const baseUrl = Cypress.config().baseUrl; - - cy.log(`Authenticating [${username}] via ${baseUrl}`); - - const headers = { ...STANDARD_HTTP_HEADERS }; - return request({ headers, url: `${baseUrl}/internal/security/login_state` }) - .then((loginState) => { - const basicProvider = loginState.body.selector.providers.find( - (provider) => provider.type === 'basic' - ); - return request({ - url: `${baseUrl}/internal/security/login`, - method: 'POST', - headers, - body: { - providerType: basicProvider?.type, - providerName: basicProvider?.name, - currentURL: '/', - params: { username, password }, - }, - }); - }) - .then(() => ({ username, password })); -}; - -interface CyLoginTask { - (user?: ServerlessRoleName | 'elastic'): ReturnType; - - /** - * Login using any username/password - * @param username - * @param password - */ - with(username: string, password: string): ReturnType; -} - -/** - * Login to Kibana using API (not login page). By default, user will be logged in using - * the username and password defined via `KIBANA_USERNAME` and `KIBANA_PASSWORD` cypress env - * variables. - * @param user Defaults to `soc_manager` - */ -export const login: CyLoginTask = ( - user: ServerlessRoleName | 'elastic' = RoleName.SOC_MANAGER -): ReturnType => { - let username = Cypress.env('KIBANA_USERNAME'); - let password = Cypress.env('KIBANA_PASSWORD'); - - if (user && user !== 'elastic') { - return cy.task('loadUserAndRole', { name: user }).then((loadedUser) => { - username = loadedUser.username; - password = loadedUser.password; - - return sendApiLoginRequest(username, password); - }); - } else { - return sendApiLoginRequest(username, password); - } -}; - -login.with = (username: string, password: string): ReturnType => { - return sendApiLoginRequest(username, password); -}; diff --git a/x-pack/test_serverless/functional/test_suites/security/ftr/cloud_security_posture/agentless_api/create_agent.ts b/x-pack/test_serverless/functional/test_suites/security/ftr/cloud_security_posture/agentless_api/create_agent.ts index 8164fd39a81de0..b26581fb46dfd5 100644 --- a/x-pack/test_serverless/functional/test_suites/security/ftr/cloud_security_posture/agentless_api/create_agent.ts +++ b/x-pack/test_serverless/functional/test_suites/security/ftr/cloud_security_posture/agentless_api/create_agent.ts @@ -25,9 +25,6 @@ export default function ({ getPageObjects, getService }: FtrProviderContext) { const AWS_SINGLE_ACCOUNT_TEST_ID = 'awsSingleTestId'; describe('Agentless API Serverless', function () { - // fails on MKI, see https://github.com/elastic/kibana/issues/196245 - this.tags(['failsOnMKI']); - let mockApiServer: http.Server; let cisIntegration: typeof pageObjects.cisAddIntegration; diff --git a/x-pack/test_serverless/functional/test_suites/security/ftr/landing_page.ts b/x-pack/test_serverless/functional/test_suites/security/ftr/landing_page.ts deleted file mode 100644 index 94c298601a83d4..00000000000000 --- a/x-pack/test_serverless/functional/test_suites/security/ftr/landing_page.ts +++ /dev/null @@ -1,25 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { FtrProviderContext } from '../../../ftr_provider_context'; - -export default function ({ getPageObject, getService }: FtrProviderContext) { - const svlSecLandingPage = getPageObject('svlSecLandingPage'); - const svlSecNavigation = getService('svlSecNavigation'); - const svlCommonPage = getPageObject('svlCommonPage'); - - describe('landing page', function () { - before(async () => { - await svlCommonPage.loginAsViewer(); - }); - - it('has serverless side nav', async () => { - await svlSecNavigation.navigateToLandingPage(); - await svlSecLandingPage.assertSvlSecSideNavExists(); - }); - }); -} diff --git a/x-pack/test_serverless/functional/test_suites/security/index.ts b/x-pack/test_serverless/functional/test_suites/security/index.ts index daa34ff0c1e73e..833df2edb78cd0 100644 --- a/x-pack/test_serverless/functional/test_suites/security/index.ts +++ b/x-pack/test_serverless/functional/test_suites/security/index.ts @@ -13,7 +13,6 @@ export default function ({ loadTestFile }: FtrProviderContext) { describe('serverless security UI', function () { this.tags(['esGate']); - loadTestFile(require.resolve('./ftr/landing_page')); loadTestFile(require.resolve('./ftr/navigation')); loadTestFile(require.resolve('./ftr/cases')); loadTestFile(require.resolve('./ftr/advanced_settings')); diff --git a/x-pack/test_serverless/shared/lib/security/kibana_roles/project_controller_security_roles.yml b/x-pack/test_serverless/shared/lib/security/kibana_roles/project_controller_security_roles.yml index 0c60ac2aa0427d..2d80c9d3982102 100644 --- a/x-pack/test_serverless/shared/lib/security/kibana_roles/project_controller_security_roles.yml +++ b/x-pack/test_serverless/shared/lib/security/kibana_roles/project_controller_security_roles.yml @@ -34,6 +34,7 @@ viewer: - ".fleet-actions*" - "risk-score.risk-score-*" - ".asset-criticality.asset-criticality-*" + - ".entities.v1.latest.security_*" - ".ml-anomalies-*" privileges: - read @@ -98,6 +99,7 @@ editor: - "maintenance" - names: - ".asset-criticality.asset-criticality-*" + - ".entities.v1.latest.security_*" privileges: - "read" - "write" @@ -162,6 +164,7 @@ t1_analyst: - ".fleet-actions*" - risk-score.risk-score-* - .asset-criticality.asset-criticality-* + - .entities.v1.latest.security_* - ".ml-anomalies-*" privileges: - read @@ -212,6 +215,7 @@ t2_analyst: - .fleet-agents* - .fleet-actions* - risk-score.risk-score-* + - .entities.v1.latest.security_* - ".ml-anomalies-*" privileges: - read @@ -276,6 +280,7 @@ t3_analyst: - .fleet-agents* - .fleet-actions* - risk-score.risk-score-* + - .entities.v1.latest.security_* - ".ml-anomalies-*" privileges: - read @@ -344,6 +349,7 @@ threat_intelligence_analyst: - .fleet-agents* - .fleet-actions* - risk-score.risk-score-* + - .entities.v1.latest.security_* - ".ml-anomalies-*" privileges: - read @@ -405,6 +411,7 @@ rule_author: - .fleet-agents* - .fleet-actions* - risk-score.risk-score-* + - .entities.v1.latest.security_* - ".ml-anomalies-*" privileges: - read @@ -449,6 +456,7 @@ soc_manager: - packetbeat-* - winlogbeat-* - .asset-criticality.asset-criticality-* + - .entities.v1.latest.security_* privileges: - read - write @@ -472,6 +480,7 @@ soc_manager: - .fleet-agents* - .fleet-actions* - risk-score.risk-score-* + - .asset-criticality.asset-criticality-* - ".ml-anomalies-*" privileges: - read @@ -544,6 +553,7 @@ detections_admin: - all - names: - .asset-criticality.asset-criticality-* + - .entities.v1.latest.security_* privileges: - read - write @@ -592,6 +602,7 @@ platform_engineer: - all - names: - .asset-criticality.asset-criticality-* + - .entities.v1.latest.security_* privileges: - read - write @@ -651,6 +662,7 @@ endpoint_operations_analyst: - .lists* - .items* - risk-score.risk-score-* + - .entities.v1.latest.security_* - ".ml-anomalies-*" privileges: - read @@ -721,6 +733,7 @@ endpoint_policy_manager: - packetbeat-* - winlogbeat-* - risk-score.risk-score-* + - .entities.v1.latest.security_* - ".ml-anomalies-*" privileges: - read diff --git a/x-pack/test_serverless/shared/services/svl_reporting.ts b/x-pack/test_serverless/shared/services/svl_reporting.ts index f056543e72e23b..305b3086588879 100644 --- a/x-pack/test_serverless/shared/services/svl_reporting.ts +++ b/x-pack/test_serverless/shared/services/svl_reporting.ts @@ -5,18 +5,17 @@ * 2.0. */ -import expect from '@kbn/expect'; import { INTERNAL_ROUTES } from '@kbn/reporting-common'; import type { ReportingJobResponse } from '@kbn/reporting-plugin/server/types'; import rison from '@kbn/rison'; +import { CookieCredentials } from '@kbn/ftr-common-functional-services'; import { FtrProviderContext } from '../../functional/ftr_provider_context'; -import { RoleCredentials } from '.'; import { InternalRequestHeader } from '.'; const API_HEADER: [string, string] = ['kbn-xsrf', 'reporting']; /** - * Services to create roles and users for security testing + * Services to handle report job lifecycle phases for tests */ export function SvlReportingServiceProvider({ getService }: FtrProviderContext) { const log = getService('log'); @@ -31,32 +30,34 @@ export function SvlReportingServiceProvider({ getService }: FtrProviderContext) async createReportJobInternal( jobType: string, job: object, - roleAuthc: RoleCredentials, + cookieCredentials: CookieCredentials, internalReqHeader: InternalRequestHeader ) { const requestPath = `${INTERNAL_ROUTES.GENERATE_PREFIX}/${jobType}`; log.debug(`POST request to ${requestPath}`); - const { status, body } = await supertestWithoutAuth + const { body }: { status: number; body: ReportingJobResponse } = await supertestWithoutAuth .post(requestPath) .set(internalReqHeader) - .set(roleAuthc.apiKeyHeader) - .send({ jobParams: rison.encode(job) }); + .set(cookieCredentials) + .send({ jobParams: rison.encode(job) }) + .expect(200); - expect(status).to.be(200); + log.info(`ReportingAPI.createReportJobInternal created report job` + ` ${body.job.id}`); return { - job: (body as ReportingJobResponse).job, - path: (body as ReportingJobResponse).path, + job: body.job, + path: body.path, }; }, /* - * This function is only used in the API tests + * If a test requests a report, it must wait for the job to finish before deleting the report. + * Otherwise, report task success metrics will be affected. */ async waitForJobToFinish( downloadReportPath: string, - roleAuthc: RoleCredentials, + cookieCredentials: CookieCredentials, internalReqHeader: InternalRequestHeader, options?: { timeout?: number } ) { @@ -69,7 +70,7 @@ export function SvlReportingServiceProvider({ getService }: FtrProviderContext) .responseType('blob') .set(...API_HEADER) .set(internalReqHeader) - .set(roleAuthc.apiKeyHeader); + .set(cookieCredentials); if (response.status === 500) { throw new Error(`Report at path ${downloadReportPath} has failed`); @@ -101,13 +102,13 @@ export function SvlReportingServiceProvider({ getService }: FtrProviderContext) */ async getCompletedJobOutput( downloadReportPath: string, - roleAuthc: RoleCredentials, + cookieCredentials: CookieCredentials, internalReqHeader: InternalRequestHeader ) { const response = await supertestWithoutAuth .get(`${downloadReportPath}?elasticInternalOrigin=true`) .set(internalReqHeader) - .set(roleAuthc.apiKeyHeader); + .set(cookieCredentials); return response.text as unknown; }, @@ -116,14 +117,14 @@ export function SvlReportingServiceProvider({ getService }: FtrProviderContext) */ async deleteReport( reportId: string, - roleAuthc: RoleCredentials, + cookieCredentials: CookieCredentials, internalReqHeader: InternalRequestHeader ) { log.debug(`ReportingAPI.deleteReport ${INTERNAL_ROUTES.JOBS.DELETE_PREFIX}/${reportId}`); const response = await supertestWithoutAuth .delete(INTERNAL_ROUTES.JOBS.DELETE_PREFIX + `/${reportId}`) .set(internalReqHeader) - .set(roleAuthc.apiKeyHeader) + .set(cookieCredentials) .set('kbn-xsrf', 'xxx') .expect(200); return response.text as unknown; diff --git a/x-pack/test_serverless/tsconfig.json b/x-pack/test_serverless/tsconfig.json index 92048160cb6220..388a4732fdd9eb 100644 --- a/x-pack/test_serverless/tsconfig.json +++ b/x-pack/test_serverless/tsconfig.json @@ -40,7 +40,6 @@ "@kbn/server-route-repository", "@kbn/core-chrome-browser", "@kbn/security-plugin", - "@kbn/security-solution-plugin", "@kbn/security-solution-plugin/public/management/cypress", "@kbn/tooling-log", "@kbn/cases-plugin", diff --git a/yarn.lock b/yarn.lock index b5b1294c39f7ef..c59fb7f412fe54 100644 --- a/yarn.lock +++ b/yarn.lock @@ -435,7 +435,7 @@ js-tokens "^4.0.0" picocolors "^1.0.0" -"@babel/parser@^7.1.0", "@babel/parser@^7.10.3", "@babel/parser@^7.12.11", "@babel/parser@^7.12.7", "@babel/parser@^7.14.7", "@babel/parser@^7.20.7", "@babel/parser@^7.21.8", "@babel/parser@^7.23.0", "@babel/parser@^7.23.9", "@babel/parser@^7.24.7": +"@babel/parser@^7.1.0", "@babel/parser@^7.10.3", "@babel/parser@^7.12.11", "@babel/parser@^7.12.7", "@babel/parser@^7.14.7", "@babel/parser@^7.21.8", "@babel/parser@^7.23.0", "@babel/parser@^7.23.9", "@babel/parser@^7.24.7": version "7.24.7" resolved "https://registry.yarnpkg.com/@babel/parser/-/parser-7.24.7.tgz#9a5226f92f0c5c8ead550b750f5608e766c8ce85" integrity sha512-9uUYRm6OqQrCqQdG1iCBwBPZgN8ciDBro2nIOFaiRz1/BCxaI7CNvQbDHvsArAC7Tw9Hda/B3U+6ui9u4HWXPw== @@ -1366,7 +1366,7 @@ debug "^4.3.1" globals "^11.1.0" -"@babel/types@7.21.2", "@babel/types@^7.0.0", "@babel/types@^7.10.3", "@babel/types@^7.12.11", "@babel/types@^7.12.7", "@babel/types@^7.20.7", "@babel/types@^7.3.0", "@babel/types@^7.3.3", "@babel/types@^7.4.4": +"@babel/types@7.21.2", "@babel/types@^7.0.0", "@babel/types@^7.10.3", "@babel/types@^7.12.11", "@babel/types@^7.12.7", "@babel/types@^7.3.0", "@babel/types@^7.3.3", "@babel/types@^7.4.4": version "7.21.2" resolved "https://registry.yarnpkg.com/@babel/types/-/types-7.21.2.tgz#92246f6e00f91755893c2876ad653db70c8310d1" integrity sha512-3wRZSs7jiFaB8AjxiiD+VqN5DTG2iRvJGQ+qYFrs/654lg6kGTQWIOFjlBo5RaXuAZjBmP3+OQH4dmhqiiyYxw== @@ -1460,11 +1460,6 @@ react-is "^18.2.0" react-shallow-renderer "^16.15.0" -"@cfworker/json-schema@^1.12.7": - version "1.12.7" - resolved "https://registry.yarnpkg.com/@cfworker/json-schema/-/json-schema-1.12.7.tgz#064d082a11881f684300bc7e6d3021e9d98f9a59" - integrity sha512-KEJUW22arGRQVoS6Ti8SvgXnme6NNMMcGBugdir1hf32ofWUXC8guwrFbepO2+YtqxNBUo5oO0pLYM5d4pyjOg== - "@cnakazawa/watch@^1.0.3": version "1.0.3" resolved "https://registry.yarnpkg.com/@cnakazawa/watch/-/watch-1.0.3.tgz#099139eaec7ebf07a27c1786a3ff64f39464d2ef" @@ -1655,10 +1650,10 @@ dependencies: object-hash "^1.3.0" -"@elastic/charts@68.0.0": - version "68.0.0" - resolved "https://registry.yarnpkg.com/@elastic/charts/-/charts-68.0.0.tgz#a61cc39d6b139006946a134f372c6af5e09fbadb" - integrity sha512-qtlI5U9olt9Y5ZkVUwy9VT2uvU8WzmCTYLjCM+l3b1g4ek0WW1ehZxaJha2Esqe5+QPSBH9LrVzBTayQbbprUA== +"@elastic/charts@68.0.1": + version "68.0.1" + resolved "https://registry.yarnpkg.com/@elastic/charts/-/charts-68.0.1.tgz#3dd698da2385fe0baf2d48056f3bdc97b1ed5ae9" + integrity sha512-6JOwPiZcSLF25+ydFUw+bgO/y0Wxd7P3Z/lbnYsYUVRA3LBu0xuapFmf59linP7PRZWMLOtOfmymhgPa3gAR0A== dependencies: "@popperjs/core" "^2.11.8" bezier-easing "^2.1.0" @@ -2377,31 +2372,6 @@ resolved "https://registry.yarnpkg.com/@foliojs-fork/restructure/-/restructure-2.0.2.tgz#73759aba2aff1da87b7c4554e6839c70d43c92b4" integrity sha512-59SgoZ3EXbkfSX7b63tsou/SDGzwUEK6MuB5sKqgVK1/XE0fxmpsOb9DQI8LXW3KfGnAjImCGhhEb7uPPAUVNA== -"@formatjs/cli-lib@^6.3.8": - version "6.3.8" - resolved "https://registry.yarnpkg.com/@formatjs/cli-lib/-/cli-lib-6.3.8.tgz#10b685cf833c870d342f24de0f324acd7b02d31b" - integrity sha512-7+40WfAs9UE1BcjpUvtAkWk0REGchANpJZdHhXcMEVcKeDQKk0+OPhlueTnvFmYwENcJ+m7Leb26CRZDzGsc+Q== - dependencies: - "@formatjs/icu-messageformat-parser" "2.7.6" - "@formatjs/ts-transformer" "3.13.12" - "@types/estree" "^1.0.0" - "@types/fs-extra" "^9.0.1" - "@types/json-stable-stringify" "^1.0.32" - "@types/node" "14 || 16 || 17" - chalk "^4.0.0" - commander "8" - fast-glob "^3.2.7" - fs-extra "10" - json-stable-stringify "^1.0.1" - loud-rejection "^2.2.0" - tslib "^2.4.0" - typescript "5" - -"@formatjs/cli@^6.2.8": - version "6.2.8" - resolved "https://registry.yarnpkg.com/@formatjs/cli/-/cli-6.2.8.tgz#df471f79b30935d6c5e5956ad1e8321076ade767" - integrity sha512-sGtFehlHpNL5xbCkP5/zz5lgIVPPdQFqhY6Pcc9+whpBawln6VDzbaGA5ttWjtBDVVKZbEukiCFk8HW2H0OVxQ== - "@formatjs/ecma402-abstract@1.18.2": version "1.18.2" resolved "https://registry.yarnpkg.com/@formatjs/ecma402-abstract/-/ecma402-abstract-1.18.2.tgz#bf103712a406874eb1e387858d5be2371ab3aa14" @@ -4823,6 +4793,10 @@ version "0.0.0" uid "" +"@kbn/discover-contextual-components@link:packages/kbn-discover-contextual-components": + version "0.0.0" + uid "" + "@kbn/discover-customization-examples-plugin@link:examples/discover_customization_examples": version "0.0.0" uid "" @@ -6199,6 +6173,10 @@ version "0.0.0" uid "" +"@kbn/response-ops-rule-params@link:packages/response-ops/rule_params": + version "0.0.0" + uid "" + "@kbn/response-stream-plugin@link:examples/response_stream": version "0.0.0" uid "" @@ -8491,12 +8469,12 @@ require-from-string "^2.0.2" uri-js-replace "^1.0.1" -"@redocly/cli@^1.25.5": - version "1.25.5" - resolved "https://registry.yarnpkg.com/@redocly/cli/-/cli-1.25.5.tgz#258f6d23e8298814518ec4d24d023c1e21e3b081" - integrity sha512-sFh4A8wqwuig7mF/nYNVIyxSfKKZikWC+uVH6OB1IepYQXNsHFaLAU1VaNI9gS5mMvWmYx5SEuSCVB9LaNFBhw== +"@redocly/cli@^1.25.7": + version "1.25.8" + resolved "https://registry.yarnpkg.com/@redocly/cli/-/cli-1.25.8.tgz#fecd62d9ee1d564e6f0e1522f2c5648f514ce02b" + integrity sha512-oVFN3rpGFqupx57ZS0mF2B8grnk3i0xjTQrrMm1oftF3GEf7yTg5JzwnWi8KKRWuxin4qI7j+Id5AKgNQNmTKA== dependencies: - "@redocly/openapi-core" "1.25.5" + "@redocly/openapi-core" "1.25.8" abort-controller "^3.0.0" chokidar "^3.5.1" colorette "^1.2.0" @@ -8510,7 +8488,7 @@ pluralize "^8.0.0" react "^17.0.0 || ^18.2.0" react-dom "^17.0.0 || ^18.2.0" - redoc "~2.1.5" + redoc "~2.2.0" semver "^7.5.2" simple-websocket "^9.0.0" styled-components "^6.0.7" @@ -8521,10 +8499,10 @@ resolved "https://registry.yarnpkg.com/@redocly/config/-/config-0.12.1.tgz#7b905a17d710244550ef826542d0db164d5ace02" integrity sha512-RW3rSirfsPdr0uvATijRDU3f55SuZV3m7/ppdTDvGw4IB0cmeZRkFmqTrchxMqWP50Gfg1tpHnjdxUCNo0E2qg== -"@redocly/openapi-core@1.25.5", "@redocly/openapi-core@^1.4.0": - version "1.25.5" - resolved "https://registry.yarnpkg.com/@redocly/openapi-core/-/openapi-core-1.25.5.tgz#443b1488c8ef1ddcb8f407c3e7dd8cb7b388b427" - integrity sha512-BNgXjqesJu4L5f8F73c2hkkH5IdvjYCKYFgIl+m9oNgqGRIPBJjtiEGOx7jkQ6nElN4311z7Z4aTECtklaaHwg== +"@redocly/openapi-core@1.25.8", "@redocly/openapi-core@^1.4.0": + version "1.25.8" + resolved "https://registry.yarnpkg.com/@redocly/openapi-core/-/openapi-core-1.25.8.tgz#a3aff052b1d9d2db8ba86263ec994bbc85f6b8f1" + integrity sha512-eKKRqo2RYo7UIoDvIgcUB9ynhOjIWJnILXFz+VDevYeOBKd/CxvC0KbNRnuOrFqG3ip6363R/ONal2MyvuVrjg== dependencies: "@redocly/ajv" "^8.11.2" "@redocly/config" "^0.12.1" @@ -10165,7 +10143,7 @@ dependencies: "@types/node" "*" -"@types/babel__core@*", "@types/babel__core@^7.1.14": +"@types/babel__core@^7.1.14": version "7.1.20" resolved "https://registry.yarnpkg.com/@types/babel__core/-/babel__core-7.1.20.tgz#e168cdd612c92a2d335029ed62ac94c95b362359" integrity sha512-PVb6Bg2QuscZ30FvOU7z4guG6c926D9YRvOxEaelzndpMsvP+YM74Q/dAFASpg2l6+XLalxSGxcq/lrgYWZtyQ== @@ -10176,17 +10154,6 @@ "@types/babel__template" "*" "@types/babel__traverse" "*" -"@types/babel__core@^7.20.5": - version "7.20.5" - resolved "https://registry.yarnpkg.com/@types/babel__core/-/babel__core-7.20.5.tgz#3df15f27ba85319caa07ba08d0721889bb39c017" - integrity sha512-qoQprZvz5wQFJwMDqeseRXWv3rqMvhgpbXFfVyWhbx9X47POIA6i/+dXefEmZKoAgOaTdaIgNSMqMIU61yRyzA== - dependencies: - "@babel/parser" "^7.20.7" - "@babel/types" "^7.20.7" - "@types/babel__generator" "*" - "@types/babel__template" "*" - "@types/babel__traverse" "*" - "@types/babel__generator@*": version "7.0.2" resolved "https://registry.yarnpkg.com/@types/babel__generator/-/babel__generator-7.0.2.tgz#d2112a6b21fad600d7674274293c85dce0cb47fc" @@ -10194,20 +10161,6 @@ dependencies: "@babel/types" "^7.0.0" -"@types/babel__generator@^7.6.4": - version "7.6.4" - resolved "https://registry.yarnpkg.com/@types/babel__generator/-/babel__generator-7.6.4.tgz#1f20ce4c5b1990b37900b63f050182d28c2439b7" - integrity sha512-tFkciB9j2K755yrTALxD44McOrk+gfpIpvC3sxHjRawj6PfnQxrse4Clq5y/Rq+G3mrBurMax/lG8Qn2t9mSsg== - dependencies: - "@babel/types" "^7.0.0" - -"@types/babel__helper-plugin-utils@^7.10.0": - version "7.10.0" - resolved "https://registry.yarnpkg.com/@types/babel__helper-plugin-utils/-/babel__helper-plugin-utils-7.10.0.tgz#dcd2416f9c189d5837ab2a276368cf67134efe78" - integrity sha512-60YtHzhQ9HAkToHVV+TB4VLzBn9lrfgrsOjiJMtbv/c1jPdekBxaByd6DMsGBzROXWoIL6U3lEFvvbu69RkUoA== - dependencies: - "@types/babel__core" "*" - "@types/babel__template@*": version "7.0.2" resolved "https://registry.yarnpkg.com/@types/babel__template/-/babel__template-7.0.2.tgz#4ff63d6b52eddac1de7b975a5223ed32ecea9307" @@ -10537,13 +10490,6 @@ resolved "https://registry.yarnpkg.com/@types/estree/-/estree-1.0.5.tgz#a6ce3e556e00fd9895dd872dd172ad0d4bd687f4" integrity sha512-/kYRxGDLWzHOB7q+wtSUQlFrtcdUccpfy+X+9iMBpHK8QLLhx2wIPYuS5DYtR9Wa/YlZAbIovy7qVdB1Aq6Lyw== -"@types/event-stream@^4.0.5": - version "4.0.5" - resolved "https://registry.yarnpkg.com/@types/event-stream/-/event-stream-4.0.5.tgz#29f1be5f4c0de2e0312cf3b5f7146c975c08d918" - integrity sha512-pQ/RR/iuBW8K8WmwYaaC1nkZH0cHonNAIw6ktG8BCNrNuqNeERfBzNIAOq6Z7tvLzpjcMV02SZ5pxAekAYQpWA== - dependencies: - "@types/node" "*" - "@types/expect@^1.20.4": version "1.20.4" resolved "https://registry.yarnpkg.com/@types/expect/-/expect-1.20.4.tgz#8288e51737bf7e3ab5d7c77bfa695883745264e5" @@ -10589,11 +10535,6 @@ resolved "https://registry.yarnpkg.com/@types/file-saver/-/file-saver-2.0.0.tgz#cbb49815a5e1129d5f23836a98d65d93822409af" integrity sha512-dxdRrUov2HVTbSRFX+7xwUPlbGYVEZK6PrSqClg2QPos3PNe0bCajkDDkDeeC1znjSH03KOEqVbXpnJuWa2wgQ== -"@types/flat@^5.0.5": - version "5.0.5" - resolved "https://registry.yarnpkg.com/@types/flat/-/flat-5.0.5.tgz#2304df0b2b1e6dde50d81f029593e0a1bc2474d3" - integrity sha512-nPLljZQKSnac53KDUDzuzdRfGI0TDb5qPrb+SrQyN3MtdQrOnGsKniHN1iYZsJEBIVQve94Y6gNz22sgISZq+Q== - "@types/flot@^0.0.31": version "0.0.31" resolved "https://registry.yarnpkg.com/@types/flot/-/flot-0.0.31.tgz#0daca37c6c855b69a0a7e2e37dd0f84b3db8c8c1" @@ -10606,13 +10547,6 @@ resolved "https://registry.yarnpkg.com/@types/fnv-plus/-/fnv-plus-1.3.0.tgz#0f43f0b7e7b4b24de3a1cab69bfa009508f4c084" integrity sha512-ijls8MsO6Q9JUSd5w1v4y2ijM6S4D/nmOyI/FwcepvrZfym0wZhLdYGFD5TJID7tga0O3I7SmtK69RzpSJ1Fcw== -"@types/fs-extra@^9.0.1": - version "9.0.13" - resolved "https://registry.yarnpkg.com/@types/fs-extra/-/fs-extra-9.0.13.tgz#7594fbae04fe7f1918ce8b3d213f74ff44ac1f45" - integrity sha512-nEnwB++1u5lVDM2UI4c1+5R+FYaKfaAzS4OococimjVm3nQw3TuzH5UNsocrcTBbhnerblyHj4A49qXbIiZdpA== - dependencies: - "@types/node" "*" - "@types/geojson@*", "@types/geojson@^7946.0.10", "@types/geojson@^7946.0.7": version "7946.0.10" resolved "https://registry.yarnpkg.com/@types/geojson/-/geojson-7946.0.10.tgz#6dfbf5ea17142f7f9a043809f1cd4c448cb68249" @@ -10918,13 +10852,6 @@ "@types/linkify-it" "*" "@types/mdurl" "*" -"@types/md5@^2.2.0": - version "2.2.0" - resolved "https://registry.yarnpkg.com/@types/md5/-/md5-2.2.0.tgz#cd82e16b95973f94bb03dee40c5b6be4a7fb7fb4" - integrity sha512-JN8OVL/wiDlCWTPzplsgMPu0uE9Q6blwp68rYsfk2G8aokRUQ8XD9MEhZwihfAiQvoyE+m31m6i3GFXwYWomKQ== - dependencies: - "@types/node" "*" - "@types/md5@^2.3.2": version "2.3.5" resolved "https://registry.yarnpkg.com/@types/md5/-/md5-2.3.5.tgz#481cef0a896e3a5dcbfc5a8a8b02c05958af48a5" @@ -11156,11 +11083,6 @@ "@types/node" "*" "@types/pdfkit" "*" -"@types/pegjs@^0.10.1": - version "0.10.1" - resolved "https://registry.yarnpkg.com/@types/pegjs/-/pegjs-0.10.1.tgz#9a2f3961dc62430fdb21061eb0ddbd890f9e3b94" - integrity sha512-ra8IchO9odGQmYKbm+94K58UyKCEKdZh9y0vxhG4pIpOJOBlC1C+ZtBVr6jLs+/oJ4pl+1p/4t3JtBA8J10Vvw== - "@types/picomatch@^2.3.0": version "2.3.0" resolved "https://registry.yarnpkg.com/@types/picomatch/-/picomatch-2.3.0.tgz#75db5e75a713c5a83d5b76780c3da84a82806003" @@ -11525,7 +11447,7 @@ "@types/methods" "^1.1.4" "@types/superagent" "^8.1.0" -"@types/tapable@^1", "@types/tapable@^1.0.5", "@types/tapable@^1.0.6": +"@types/tapable@^1", "@types/tapable@^1.0.5": version "1.0.6" resolved "https://registry.yarnpkg.com/@types/tapable/-/tapable-1.0.6.tgz#a9ca4b70a18b270ccb2bc0aaafefd1d486b7ea74" integrity sha512-W+bw9ds02rAQaMvaLYxAbJ6cvguW/iJXNT6lTssS1ps6QdrMKttqEAMEG/b5CR8TZl3/L7/lH0ZV5nNR1LXikA== @@ -11747,11 +11669,6 @@ dependencies: "@types/node" "*" -"@types/zen-observable@^0.8.0": - version "0.8.0" - resolved "https://registry.yarnpkg.com/@types/zen-observable/-/zen-observable-0.8.0.tgz#8b63ab7f1aa5321248aad5ac890a485656dcea4d" - integrity sha512-te5lMAWii1uEJ4FwLjzdlbw3+n0FZNOvFXHxQDKeT0dilh7HOzdMzV2TrJVUzq8ep7J4Na8OUYPRLSQkJHAlrg== - "@typescript-eslint/eslint-plugin@^5.62.0": version "5.62.0" resolved "https://registry.yarnpkg.com/@typescript-eslint/eslint-plugin/-/eslint-plugin-5.62.0.tgz#aeef0328d172b9e37d9bab6dbc13b87ed88977db" @@ -13406,11 +13323,6 @@ bare-path@^2.0.0, bare-path@^2.1.0: dependencies: bare-os "^2.1.0" -base64-arraybuffer@^1.0.2: - version "1.0.2" - resolved "https://registry.yarnpkg.com/base64-arraybuffer/-/base64-arraybuffer-1.0.2.tgz#1c37589a7c4b0746e34bd1feb951da2df01c1bdc" - integrity sha512-I3yl4r9QB5ZRY3XuJVEPfc2XhZO6YweFPI+UovAzn+8/hb3oJ6lnysaFcjVpkCPfVWFUDvoZ8kmVDP7WyRtYtQ== - base64-js@1.3.1: version "1.3.1" resolved "https://registry.yarnpkg.com/base64-js/-/base64-js-1.3.1.tgz#58ece8cb75dd07e71ed08c736abc5fac4dbf8df1" @@ -14772,11 +14684,6 @@ commander@7, commander@^7.0.0, commander@^7.2.0: resolved "https://registry.yarnpkg.com/commander/-/commander-7.2.0.tgz#a36cb57d0b501ce108e4d20559a150a391d97ab7" integrity sha512-QrWXB+ZQSVPmIWIhtEO9H+gwHaMGYiF5ChvoJ+K9ZGHG/sVsa6yiesAD1GC/x46sET00Xlwo1u49RVVVzvcSkw== -commander@8: - version "8.3.0" - resolved "https://registry.yarnpkg.com/commander/-/commander-8.3.0.tgz#4837ea1b2da67b9c616a67afbb0fafee567bca66" - integrity sha512-OkTL9umf+He2DZkUq8f8J9of7yL6RJKI24dVITBmNfZBmri9zYZQrKkuXiKhyfPSu8tUhnVBB1iKXevvnlR4Ww== - commander@^10.0.1: version "10.0.1" resolved "https://registry.yarnpkg.com/commander/-/commander-10.0.1.tgz#881ee46b4f77d1c1dccc5823433aa39b022cbe06" @@ -14878,7 +14785,7 @@ concat-map@0.0.1: resolved "https://registry.yarnpkg.com/concat-map/-/concat-map-0.0.1.tgz#d8a96bd77fd68df7793a73036a3ba0d5405d477b" integrity sha512-/Srv4dswyQNBfohGpz9o6Yb3Gz3SrUDqBH5rTuhGR7ahtlbYKnVxw2bCFMRljaA7EXHaXZ8wsHdodFvbkhKmqg== -concat-stream@^1.4.7, concat-stream@^1.5.0, concat-stream@~1.6.0: +concat-stream@^1.5.0, concat-stream@~1.6.0: version "1.6.2" resolved "https://registry.yarnpkg.com/concat-stream/-/concat-stream-1.6.2.tgz#904bdf194cd3122fc675c77fc4ac3d4ff0fd1a34" integrity sha512-27HBghJxjiZtIk3Ycvn/4kbJk/1uZuJFfuPEns6LaEvpvG1f0hTea8lilrouyo9mVc2GWdcEZ8OLoGmSADlrCw== @@ -15278,13 +15185,6 @@ css-in-js-utils@^2.0.0: hyphenate-style-name "^1.0.2" isobject "^3.0.1" -css-line-break@^2.1.0: - version "2.1.0" - resolved "https://registry.yarnpkg.com/css-line-break/-/css-line-break-2.1.0.tgz#bfef660dfa6f5397ea54116bb3cb4873edbc4fa0" - integrity sha512-FHcKFCZcAha3LwfVBhCQbW2nCNbkZXn7KVUJcsT5/P8YmfsVja0FMPJr0B903j/E69HUphKiV9iQArX8SDYA4w== - dependencies: - utrie "^1.0.2" - css-loader@^3.4.2, css-loader@^3.6.0: version "3.6.0" resolved "https://registry.yarnpkg.com/css-loader/-/css-loader-3.6.0.tgz#2e4b2c7e6e2d27f8c8f28f61bffcd2e6c91ef645" @@ -15940,7 +15840,7 @@ dayjs@^1.10.4: resolved "https://registry.yarnpkg.com/dayjs/-/dayjs-1.11.10.tgz#68acea85317a6e164457d6d6947564029a6a16a0" integrity sha512-vjAczensTgRcqDERK0SR2XMwsF/tSvnvlv6VcF2GIhg6Sx4yOIt/irsr1RDJsKiIyBzJDpCoXiWWq28MqH2cnQ== -debug@2.6.9, debug@^2.2.0, debug@^2.3.3, debug@^2.6.0, debug@^2.6.9: +debug@2.6.9, debug@^2.2.0, debug@^2.3.3, debug@^2.6.0: version "2.6.9" resolved "https://registry.yarnpkg.com/debug/-/debug-2.6.9.tgz#5d128515df134ff327e90a4c93f4e077a536341f" integrity sha512-bC7ElrdJaJnPbAP+1EotYvqZsb3ecl5wi6Bfi6BJTUcNowp6cvspg0jXznRTKDjm/E7AdgFBVeAPVMNcKGsHMA== @@ -18118,7 +18018,7 @@ fast-glob@^2.2.6: merge2 "^1.2.3" micromatch "^3.1.10" -fast-glob@^3.0.3, fast-glob@^3.2.11, fast-glob@^3.2.7, fast-glob@^3.2.9, fast-glob@^3.3.2: +fast-glob@^3.0.3, fast-glob@^3.2.11, fast-glob@^3.2.9, fast-glob@^3.3.2: version "3.3.2" resolved "https://registry.yarnpkg.com/fast-glob/-/fast-glob-3.3.2.tgz#a904501e57cfdd2ffcded45e99a54fef55e46129" integrity sha512-oX2ruAFQwf/Orj8m737Y5adxDQO0LAB7/S5MnxCdTNDd4p6BsyIVsv9JQsATbTSq8KHRpLwIHbVlUNatxd+1Ow== @@ -18465,7 +18365,7 @@ flat-cache@^3.0.4: flatted "^3.1.0" rimraf "^3.0.2" -flat@5, flat@^5.0.2: +flat@^5.0.2: version "5.0.2" resolved "https://registry.yarnpkg.com/flat/-/flat-5.0.2.tgz#8ca6fe332069ffa9d324c327198c598259ceb241" integrity sha512-b6suED+5/3rTpUBdG1gupIl8MPFCAMA0QXwmljLhvCUKcUvdE4gWky9zpuGCcXHOsz4J9wPGNWq6OKpmIzz3hQ== @@ -18510,11 +18410,6 @@ follow-redirects@^1.0.0, follow-redirects@^1.15.6: resolved "https://registry.yarnpkg.com/follow-redirects/-/follow-redirects-1.15.6.tgz#7f815c0cda4249c74ff09e95ef97c23b5fd0399b" integrity sha512-wWN62YITEaOpSK584EZXJafH1AGpO8RVgElfkuXbTOrPX4fIfOyEpW/CsiNd8JdYrAoOvafRTOEnvsO++qCqFA== -font-awesome@4.7.0: - version "4.7.0" - resolved "https://registry.yarnpkg.com/font-awesome/-/font-awesome-4.7.0.tgz#8fa8cf0411a1a31afd07b06d2902bb9fc815a133" - integrity sha1-j6jPBBGhoxr9B7BtKQK7n8gVoTM= - for-each@^0.3.3: version "0.3.3" resolved "https://registry.yarnpkg.com/for-each/-/for-each-0.3.3.tgz#69b447e88a0a5d32c3e7084f3f1710034b21376e" @@ -18710,15 +18605,6 @@ fs-constants@^1.0.0: resolved "https://registry.yarnpkg.com/fs-constants/-/fs-constants-1.0.0.tgz#6be0de9be998ce16af8afc24497b9ee9b7ccd9ad" integrity sha512-y6OAwoSIf7FyjMIv94u+b5rdheZEjzR63GTyZJm5qh4Bi+2YgwLCcI/fPFZkL5PSixOt6ZNKm+w+Hfp/Bciwow== -fs-extra@10, fs-extra@^10.0.0: - version "10.1.0" - resolved "https://registry.yarnpkg.com/fs-extra/-/fs-extra-10.1.0.tgz#02873cfbc4084dde127eaa5f9905eef2325d1abf" - integrity sha512-oRXApq54ETRj4eMiFzGnHWGy+zo5raudjuxN0b8H7s/RU2oW0Wvsx9O0ACRN/kRq9E8Vu/ReskGB5o3ji+FzHQ== - dependencies: - graceful-fs "^4.2.0" - jsonfile "^6.0.1" - universalify "^2.0.0" - fs-extra@^0.30.0: version "0.30.0" resolved "https://registry.yarnpkg.com/fs-extra/-/fs-extra-0.30.0.tgz#f233ffcc08d4da7d432daa449776989db1df93f0" @@ -18730,6 +18616,15 @@ fs-extra@^0.30.0: path-is-absolute "^1.0.0" rimraf "^2.2.8" +fs-extra@^10.0.0: + version "10.1.0" + resolved "https://registry.yarnpkg.com/fs-extra/-/fs-extra-10.1.0.tgz#02873cfbc4084dde127eaa5f9905eef2325d1abf" + integrity sha512-oRXApq54ETRj4eMiFzGnHWGy+zo5raudjuxN0b8H7s/RU2oW0Wvsx9O0ACRN/kRq9E8Vu/ReskGB5o3ji+FzHQ== + dependencies: + graceful-fs "^4.2.0" + jsonfile "^6.0.1" + universalify "^2.0.0" + fs-extra@^7.0.1: version "7.0.1" resolved "https://registry.yarnpkg.com/fs-extra/-/fs-extra-7.0.1.tgz#4f189c44aa123b895f722804f55ea23eadc348e9" @@ -19946,21 +19841,6 @@ html-webpack-plugin@^4.0.0: tapable "^1.1.3" util.promisify "1.0.0" -html2canvas@^1.4.1: - version "1.4.1" - resolved "https://registry.yarnpkg.com/html2canvas/-/html2canvas-1.4.1.tgz#7cef1888311b5011d507794a066041b14669a543" - integrity sha512-fPU6BHNpsyIhr8yyMpTLLxAbkaK8ArIBcmZIRiBLiDhjeqvXolaEmDGmELFuX9I4xDcaKKcJl+TKZLqruBbmWA== - dependencies: - css-line-break "^2.1.0" - text-segmentation "^1.0.3" - -html@1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/html/-/html-1.0.0.tgz#a544fa9ea5492bfb3a2cca8210a10be7b5af1f61" - integrity sha1-pUT6nqVJK/s6LMqCEKEL57WvH2E= - dependencies: - concat-stream "^1.4.7" - htmlparser2@^4.1.0: version "4.1.0" resolved "https://registry.yarnpkg.com/htmlparser2/-/htmlparser2-4.1.0.tgz#9a4ef161f2e4625ebf7dfbe6c0a2f52d18a59e78" @@ -22816,14 +22696,6 @@ loud-rejection@^1.0.0: currently-unhandled "^0.4.1" signal-exit "^3.0.0" -loud-rejection@^2.2.0: - version "2.2.0" - resolved "https://registry.yarnpkg.com/loud-rejection/-/loud-rejection-2.2.0.tgz#4255eb6e9c74045b0edc021fa7397ab655a8517c" - integrity sha512-S0FayMXku80toa5sZ6Ro4C+s+EtFDCsyJNG/AzFMfX3AxD5Si4dZsgzm/kKnbOxHl5Cv8jBlno8+3XYIh2pNjQ== - dependencies: - currently-unhandled "^0.4.1" - signal-exit "^3.0.2" - lower-case@^2.0.2: version "2.0.2" resolved "https://registry.yarnpkg.com/lower-case/-/lower-case-2.0.2.tgz#6fa237c63dbdc4a82ca0fd882e4722dc5e634e28" @@ -27464,10 +27336,10 @@ redent@^3.0.0: indent-string "^4.0.0" strip-indent "^3.0.0" -redoc@~2.1.5: - version "2.1.5" - resolved "https://registry.yarnpkg.com/redoc/-/redoc-2.1.5.tgz#421307b22036b244171095bfc7ea3cfd419563c8" - integrity sha512-POSbVg+7WLf+/5/c6GWLxL7+9t2D+1WlZdLN0a6qaCQc+ih3XYzteRBkXEN5kjrYrRNjdspfxTZkDLN5WV3Tzg== +redoc@~2.2.0: + version "2.2.0" + resolved "https://registry.yarnpkg.com/redoc/-/redoc-2.2.0.tgz#1043812696683f23e4b0fbe66fb50236fbe8b5bb" + integrity sha512-52rz/xJtpUBc3Y/GAkaX03czKhQXTxoU7WnkXNzRLuGwiGb/iEO4OgwcgQqtwHWrYNaZXTyqZ4MAVXpi/e1gAg== dependencies: "@cfaester/enzyme-adapter-react-18" "^0.8.0" "@redocly/openapi-core" "^1.4.0" @@ -30500,13 +30372,6 @@ text-hex@1.0.x: resolved "https://registry.yarnpkg.com/text-hex/-/text-hex-1.0.0.tgz#69dc9c1b17446ee79a92bf5b884bb4b9127506f5" integrity sha512-uuVGNWzgJ4yhRaNSiubPY7OjISw4sw4E5Uv0wbjp+OzcbmVU/rsT8ujgcXJhn9ypzsgr5vlzpPqP+MBBKcGvbg== -text-segmentation@^1.0.3: - version "1.0.3" - resolved "https://registry.yarnpkg.com/text-segmentation/-/text-segmentation-1.0.3.tgz#52a388159efffe746b24a63ba311b6ac9f2d7943" - integrity sha512-iOiPUo/BGnZ6+54OsWxZidGCsdU8YbE4PSpdPinp7DeMtUJNJBoJ/ouUSTJjHkh1KntHaltHl/gDs2FC4i5+Nw== - dependencies: - utrie "^1.0.2" - text-table@^0.2.0: version "0.2.0" resolved "https://registry.yarnpkg.com/text-table/-/text-table-0.2.0.tgz#7f5ee823ae805207c00af2df4a84ec3fcfa570b4" @@ -30794,10 +30659,10 @@ tr46@~0.0.3: resolved "https://registry.yarnpkg.com/tr46/-/tr46-0.0.3.tgz#8184fd347dac9cdc185992f3a6622e14b9d9ab6a" integrity sha1-gYT9NH2snNwYWZLzpmIuFLnZq2o= -trace@^3.1.1: - version "3.1.1" - resolved "https://registry.yarnpkg.com/trace/-/trace-3.1.1.tgz#061eebf012805611cb02138440bc716979b0eb11" - integrity sha512-iVxFnDKps8bCRQ6kXj66rHYFJY3fNkoYPHeFTFZn89YdwmmQ9Hz97IFPf3NdfbCF3zuqUqFpRNTu6N9+eZR2qg== +trace@^3.2.0: + version "3.2.0" + resolved "https://registry.yarnpkg.com/trace/-/trace-3.2.0.tgz#7ae270f75107acf24e3137988d83c6a9da944015" + integrity sha512-o5sIvza+ygxvws5TAtDX/SwMzgyS5YaeGpNkPd0TFVtYTNQp2nRpC/o7YU4A/zP6Hp4hDrLOgaZUKNc3c4huMQ== dependencies: stack-chain "^2.0.0" @@ -31631,13 +31496,6 @@ utils-merge@1.0.1: resolved "https://registry.yarnpkg.com/utils-merge/-/utils-merge-1.0.1.tgz#9f95710f50a267947b2ccc124741c1028427e713" integrity sha1-n5VxD1CiZ5R7LMwSR0HBAoQn5xM= -utrie@^1.0.2: - version "1.0.2" - resolved "https://registry.yarnpkg.com/utrie/-/utrie-1.0.2.tgz#d42fe44de9bc0119c25de7f564a6ed1b2c87a645" - integrity sha512-1MLa5ouZiOmQzUbjbu9VmjLzn1QLXBhwpUa7kdLUQK+KQ5KA9I1vk5U4YHe/X2Ch7PYnJfWuWT+VbuxbGwljhw== - dependencies: - base64-arraybuffer "^1.0.2" - uuid-browser@^3.1.0: version "3.1.0" resolved "https://registry.yarnpkg.com/uuid-browser/-/uuid-browser-3.1.0.tgz#0f05a40aef74f9e5951e20efbf44b11871e56410"